- 最新
- 最多得票
- 最多評論
There are a few important things to know about user access to PostgreSQL read replicas in Amazon RDS. By default, user accounts created on the primary RDS PostgreSQL instance are not automatically replicated to read replicas. This is for security reasons, to allow controlling access separately.
To allow users to connect to the read replica, you generally need to manually create those user accounts on the read replica as well. However, you should not directly create/modify users on a read replica since it's read-only.
A possible approach is to use the PostgreSQL replication mechanisms to replicate the user accounts. Specifically: On the primary instance, create the users inside a publication On the read replica, create a subscription to that publication
For administrative access, RDS provides a special rdsadmin
user that can connect to read replicas. You can use this to perform necessary setup.
Make sure the security group and network ACLs allow connections from your application/users to the read replica endpoint.
Users connecting to the read replica need to be granted appropriate SELECT permissions on the tables they need to query.
If you modify the master password of the read replica, it does not impact the primary db master password, however it is not recommended to change anything on the read replica only, as it should stay as an exact copy of the primary Hope this helps
相關內容
- 已提問 1 年前
- AWS 官方已更新 4 年前
- AWS 官方已更新 2 年前
- AWS 官方已更新 10 個月前