1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
191
192
193
194
195
196
197
198
199
200
201
202
203
204
205
206
207
208
209
210
211
212
213
214
215
216
217
218
219
220
221
222
223
224
225
226
227
228
229
230
231
232
233
234
235
236
237
238
239
240
241
242
243
244
245
|
syntax = "proto3";
package yandex.cloud.mdb.postgresql.v1;
import "google/api/annotations.proto";
import "google/protobuf/field_mask.proto";
import "google/protobuf/wrappers.proto";
import "yandex/cloud/operation/operation.proto";
import "yandex/cloud/validation.proto";
import "yandex/cloud/mdb/postgresql/v1/user.proto";
import "yandex/cloud/api/operation.proto";
option go_package = "github.com/yandex-cloud/go-genproto/yandex/cloud/mdb/postgresql/v1;postgresql";
option java_package = "yandex.cloud.api.mdb.postgresql.v1";
// A set of methods for managing PostgreSQL User resources.
service UserService {
// Returns the specified PostgreSQL User resource.
//
// To get the list of available PostgreSQL User resources, make a [List] request.
rpc Get (GetUserRequest) returns (User) {
option (google.api.http) = { get: "/managed-postgresql/v1/clusters/{cluster_id}/users/{user_name}" };
}
// Retrieves the list of PostgreSQL User resources in the specified cluster.
rpc List (ListUsersRequest) returns (ListUsersResponse) {
option (google.api.http) = { get: "/managed-postgresql/v1/clusters/{cluster_id}/users" };
}
// Creates a PostgreSQL user in the specified cluster.
rpc Create (CreateUserRequest) returns (operation.Operation) {
option (google.api.http) = { post: "/managed-postgresql/v1/clusters/{cluster_id}/users" body: "*" };
option (yandex.cloud.api.operation) = {
metadata: "CreateUserMetadata"
response: "User"
};
}
// Updates the specified PostgreSQL user.
rpc Update (UpdateUserRequest) returns (operation.Operation) {
option (google.api.http) = { patch: "/managed-postgresql/v1/clusters/{cluster_id}/users/{user_name}" body: "*" };
option (yandex.cloud.api.operation) = {
metadata: "UpdateUserMetadata"
response: "User"
};
}
// Deletes the specified PostgreSQL user.
rpc Delete (DeleteUserRequest) returns (operation.Operation) {
option (google.api.http) = { delete: "/managed-postgresql/v1/clusters/{cluster_id}/users/{user_name}" };
option (yandex.cloud.api.operation) = {
metadata: "DeleteUserMetadata"
response: "google.protobuf.Empty"
};
}
// Grants permission to the specified PostgreSQL user.
rpc GrantPermission (GrantUserPermissionRequest) returns (operation.Operation) {
option (google.api.http) = { post: "/managed-postgresql/v1/clusters/{cluster_id}/users/{user_name}:grantPermission" body: "*" };
option (yandex.cloud.api.operation) = {
metadata: "GrantUserPermissionMetadata"
response: "User"
};
}
// Revokes permission from the specified PostgreSQL user.
rpc RevokePermission (RevokeUserPermissionRequest) returns (operation.Operation) {
option (google.api.http) = { post: "/managed-postgresql/v1/clusters/{cluster_id}/users/{user_name}:revokePermission" body: "*" };
option (yandex.cloud.api.operation) = {
metadata: "RevokeUserPermissionMetadata"
response: "User"
};
}
}
message GetUserRequest {
// ID of the PostgreSQL cluster the user belongs to.
// To get the cluster ID, use a [ClusterService.List] request.
string cluster_id = 1 [(required) = true, (length) = "<=50"];
// Name of the PostgreSQL User resource to return.
// To get the name of the user, use a [UserService.List] request.
string user_name = 2 [(required) = true, (length) = "<=63", (pattern) = "[a-zA-Z0-9_-]*"];
}
message ListUsersRequest {
// ID of the cluster to list PostgreSQL users in.
// To get the cluster ID, use a [ClusterService.List] request.
string cluster_id = 1 [(required) = true, (length) = "<=50"];
// The maximum number of results per page to return. If the number of available
// results is larger than `page_size`, the service returns a [ListUsersResponse.next_page_token]
// that can be used to get the next page of results in subsequent list requests.
int64 page_size = 2 [(value) = "<=1000"];
// Page token. To get the next page of results, set `page_token` to the [ListUsersResponse.next_page_token]
// returned by the previous list request.
string page_token = 3 [(length) = "<=100"];
}
message ListUsersResponse {
// List of PostgreSQL User resources.
repeated User users = 1;
// This token allows you to get the next page of results for list requests. If the number of results
// is larger than [ListUsersRequest.page_size], use the `next_page_token` as the value
// for the [ListUsersRequest.page_token] parameter in the next list request. Each subsequent
// list request will have its own `next_page_token` to continue paging through the results.
string next_page_token = 2;
}
message CreateUserRequest {
// ID of the PostgreSQL cluster to create a user in.
// To get the cluster ID, use a [ClusterService.List] request.
string cluster_id = 1 [(required) = true, (length) = "<=50"];
// Properties of the user to be created.
UserSpec user_spec = 2 [(required) = true];
}
message CreateUserMetadata {
// ID of the PostgreSQL cluster the user is being created in.
string cluster_id = 1;
// Name of the user that is being created.
string user_name = 2;
}
message UpdateUserRequest {
// ID of the PostgreSQL cluster the user belongs to.
// To get the cluster ID use a [ClusterService.List] request.
string cluster_id = 1 [(required) = true, (length) = "<=50"];
// Name of the user to be updated.
// To get the name of the user use a [UserService.List] request.
string user_name = 2 [(required) = true, (length) = "<=63", (pattern) = "[a-zA-Z0-9_-]*"];
// Field mask that specifies which fields of the PostgreSQL User resource should be updated.
google.protobuf.FieldMask update_mask = 3;
// New password for the user.
string password = 4 [(length) = "8-128"];
// Set of permissions granted to the user to access specific databases.
repeated Permission permissions = 5;
// Maximum number of database connections available to the user.
//
// When used in session pooling, this setting limits the number of connections to every single host in PostgreSQL cluster. In this case, the setting's value must be greater than the total number of connections that backend services can open to access the PostgreSQL cluster. The setting's value should not exceed the value of the [Cluster.config.postgresql_config.max_connections] setting.
//
// When used in transaction pooling, this setting limits the number of user's active transactions; therefore, in this mode user can open thousands of connections, but only `N` concurrent connections will be opened, where `N` is the value of the setting.
//
// Minimum value: `10` (default: `50`), when used in session pooling.
int64 conn_limit = 6 [(value) = ">=10"];
UserSettings settings = 7;
// This flag defines whether the user can login to a PostgreSQL database.
//
// Default value: `true` (login is allowed).
google.protobuf.BoolValue login = 8;
// A set of roles and privileges that are granted to the user.
//
// For more information, see [the documentation](/docs/managed-postgresql/operations/grant).
repeated string grants = 9 [(length) = "<=63", (pattern) = "[a-zA-Z0-9_]*"];
// Deletion Protection inhibits deletion of the user
//
// Default value: `unspecified` (inherits cluster's deletion_protection)
google.protobuf.BoolValue deletion_protection = 10;
// New password-based authentication method for user.
// Possible values are `` USER_PASSWORD_ENCRYPTION_MD5 `` or `` USER_PASSWORD_ENCRYPTION_SCRAM_SHA_256 ``.
UserPasswordEncryption user_password_encryption = 11;
}
message UpdateUserMetadata {
// ID of the PostgreSQL cluster the user belongs to.
string cluster_id = 1;
// Name of the user that is being updated.
string user_name = 2;
}
message DeleteUserRequest {
// ID of the PostgreSQL cluster the user belongs to.
// To get the cluster ID, use a [ClusterService.List] request.
string cluster_id = 1 [(required) = true, (length) = "<=50"];
// Name of the user to delete.
// To get the name of the user, use a [UserService.List] request.
string user_name = 2 [(required) = true, (length) = "<=63", (pattern) = "[a-zA-Z0-9_-]*"];
}
message DeleteUserMetadata {
// ID of the PostgreSQL cluster the user belongs to.
string cluster_id = 1;
// Name of the user that is being deleted.
string user_name = 2;
}
message GrantUserPermissionRequest {
// ID of the PostgreSQL cluster the user belongs to.
// To get the cluster ID, use a [ClusterService.List] request.
string cluster_id = 1 [(required) = true, (length) = "<=50"];
// Name of the user to grant the permission to.
// To get the name of the user, use a [UserService.List] request.
string user_name = 2 [(required) = true, (length) = "<=63", (pattern) = "[a-zA-Z0-9_-]*"];
// Permission that should be granted to the specified user.
Permission permission = 3 [(required) = true];
}
message GrantUserPermissionMetadata {
// ID of the PostgreSQL cluster the user belongs to.
// To get the cluster ID, use a [ClusterService.List] request.
string cluster_id = 1;
// Name of the user that is being granted a permission.
string user_name = 2;
}
message RevokeUserPermissionRequest {
// ID of the PostgreSQL cluster the user belongs to.
// To get the cluster ID, use a [ClusterService.List] request.
string cluster_id = 1 [(required) = true, (length) = "<=50"];
// Name of the user to revoke a permission from.
// To get the name of the user, use a [UserService.List] request.
string user_name = 2 [(required) = true, (length) = "<=63", (pattern) = "[a-zA-Z0-9_-]*"];
// Name of the database that the user should lose access to.
string database_name = 3 [(required) = true, (length) = "<=63", (pattern) = "[a-zA-Z0-9_-]*"];
}
message RevokeUserPermissionMetadata {
// ID of the PostgreSQL cluster the user belongs to.
string cluster_id = 1;
// Name of the user whose permission is being revoked.
string user_name = 2;
}
|
