pg_auth_membersでロールのメンバーを確認する
以下SQLはスーパーユーザで実行する事を前提としていますが、Aurora PostgreSQLでの利用等ではpg_authidへアクセスできないので、代わりにpg_rolesを使う事で代用できます。
確認SQL
select a.rolname as rolname ,b.rolname as menber ,c.rolname as grantor ,m.admin_option from pg_auth_members m inner join pg_authid a on m.roleid = a.oid inner join pg_authid b on m.member = b.oid inner join pg_authid c on m.grantor = c.oid order by 1,2 ;
確認例
-- sooniユーザ(ロール)にudonmanロールとramanmanロールを付与します
--
postgres=# grant udonman to sooni;
GRANT ROLE
postgres=> grant ramenman to sooni with admin option;
GRANT ROLE
postgres=>
--
-- 確認SQLの実行
--
postgres=# select
postgres-# a.rolname as rolname
postgres-# ,b.rolname as menber
postgres-# ,c.rolname as grantor
postgres-# ,m.admin_option
postgres-# from pg_auth_members m
postgres-# inner join pg_authid a on m.roleid = a.oid
postgres-# inner join pg_authid b on m.member = b.oid
postgres-# inner join pg_authid c on m.grantor = c.oid
postgres-# order by 1,2
postgres-# ;
rolname | menber | grantor | admin_option
----------------------+------------+----------+--------------
pg_read_all_settings | pg_monitor | postgres | f
pg_read_all_stats | pg_monitor | postgres | f
pg_stat_scan_tables | pg_monitor | postgres | f
ramenman | sooni | sooni | t
udonman | sooni | sooni | f
(5 行)
postgres=#