1. Add the white list to avoid the read-only data in the development of colleagues the wrong modify the database, but they always want to query the database.
The easiest way is to modify pg_hba.conf add read-only users.
2. Add read-only users.
Log pg database using psql
psql -U gscloud -d gscloud
Effect:
[root@centos76 zhaobsh]# psql -U gscloud -d gscloud Password for user gscloud: psql (10.7) Type "help" for help. gscloud=#
Add user
create role gscloudreader with password 'Test6530';
Adding usage rights to the user and read-only access
Given usage rights grant usage on schema gscloud to gscloudreader; given query permissions Grant the SELECT ON All the Tables in Schema gscloud to gscloudreader;
given login privileges
alter user gscloudreader with login;
4. Modify pg_hba.conf ip address add any user access
# TYPE DATABASE USER ADDRESS METHOD # "local" is for Unix domain socket connections only local all all md5 # IPv4 local connections: host all all 127.0.0.1/32 md5 #host all all 0.0.0.0/0 md5 host gscloud gscloudreader 0.0.0.0/0 md5
5. Restart service verification
systemctl restart postgresql-10
6. Verify able to log tests are normal.
7. Verify can not be deleted and modified.