[resource_postgresql_default_privileges] add support for types and fu…

…nctions default privileges
hashicorp · Jun 22, 2020 · dfcd06c · dfcd06c
1 parent 7d6a284
commit dfcd06c
Show file tree

Hide file tree

Showing 4 changed files with 7 additions and 1 deletion.
diff --git a/postgresql/helpers.go b/postgresql/helpers.go
@@ -103,6 +103,7 @@ var allowedPrivileges = map[string][]string{
 	"table":    []string{"ALL", "SELECT", "INSERT", "UPDATE", "DELETE", "TRUNCATE", "REFERENCES", "TRIGGER"},
 	"sequence": []string{"ALL", "USAGE", "SELECT", "UPDATE"},
 	"function": []string{"ALL", "EXECUTE"},
+	"type":     []string{"ALL", "USAGE"},
 }
 
 // validatePrivileges checks that privileges to apply are allowed for this object type.

diff --git a/postgresql/resource_postgresql_default_privileges.go b/postgresql/resource_postgresql_default_privileges.go
@@ -55,6 +55,10 @@ func resourcePostgreSQLDefaultPrivileges() *schema.Resource {
 					"function",
 				}, false),
 				Description: "The PostgreSQL object type to set the default privileges on (one of: table, sequence, function)",
+					"type",
+					"function",
+				}, false),
+				Description: "The PostgreSQL object type to set the default privileges on (one of: table, sequence, function, type)",
 			},
 			"privileges": &schema.Schema{
 				Type:        schema.TypeSet,

diff --git a/postgresql/resource_postgresql_grant.go b/postgresql/resource_postgresql_grant.go
@@ -24,6 +24,7 @@ var objectTypes = map[string]string{
 	"table":    "r",
 	"sequence": "S",
 	"function": "f",
+	"type":     "T",
 }
 
 func resourcePostgreSQLGrant() *schema.Resource {

diff --git a/website/docs/r/postgresql_default_privileges.html.markdown b/website/docs/r/postgresql_default_privileges.html.markdown
@@ -32,5 +32,5 @@ resource "postgresql_default_privileges" "read_only_tables" {
 * `database` - (Required) The database to grant default privileges for this role.
 * `owner` - (Required) Role for which apply default privileges (You can change default privileges only for objects that will be created by yourself or by roles that you are a member of).
 * `schema` - (Required) The database schema to set default privileges for this role.
-* `object_type` - (Required) The PostgreSQL object type to set the default privileges on (one of: table, sequence,function).
+* `object_type` - (Required) The PostgreSQL object type to set the default privileges on (one of: table, sequence, function, type).
 * `privileges` - (Required) The list of privileges to apply as default privileges.