Managed Service for PostgreSQL API, REST: User.create
Creates a PostgreSQL user in the specified cluster.
HTTP request
POST https://mdb.api.cloud.yandex.net/managed-postgresql/v1/clusters/{clusterId}/users
Path parameters
Parameter | Description |
---|---|
clusterId | Required. ID of the PostgreSQL cluster to create a user in. To get the cluster ID, use a list request. The maximum string length in characters is 50. |
Body parameters
{
"userSpec": {
"name": "string",
"password": "string",
"permissions": [
{
"databaseName": "string"
}
],
"connLimit": "integer",
"settings": {
"defaultTransactionIsolation": "string",
"lockTimeout": "integer",
"logMinDurationStatement": "integer",
"synchronousCommit": "string",
"tempFileLimit": "integer",
"logStatement": "string",
"poolMode": "string",
"preparedStatementsPooling": true,
"catchupTimeout": "integer",
"walSenderTimeout": "integer",
"idleInTransactionSessionTimeout": "integer",
"statementTimeout": "integer",
"pgaudit": {
"log": [
"string"
]
}
},
"login": true,
"grants": [
"string"
],
"deletionProtection": true,
"userPasswordEncryption": "string"
}
}
Field | Description |
---|---|
userSpec | object Required. Properties of the user to be created. |
userSpec. name |
string Required. Name of the PostgreSQL user. The maximum string length in characters is 63. Value must match the regular expression |
userSpec. password |
string Required. Password of the PostgreSQL user. The string length in characters must be 8-128. |
userSpec. permissions[] |
object Set of permissions to grant to the user to access specific databases. |
userSpec. permissions[]. databaseName |
string Name of the database that the permission grants access to. |
userSpec. connLimit |
integer (int64) Maximum number of database connections that should be available to the user. When used in session pooling, this setting limits the number of connections to every single host in PostgreSQL cluster. In this case, the setting's value must be greater than the total number of connections that backend services can open to access the PostgreSQL cluster. The setting's value should not exceed the value of the Cluster.config.postgresqlConfig_12.effectiveConfig.maxConnections setting. When used in transaction pooling, this setting limits the number of user's active transactions; therefore, in this mode user can open thousands of connections, but only Minimum value: The minimum value is 10. |
userSpec. settings |
object PostgreSQL settings for the user. PostgreSQL user settings. |
userSpec. settings. defaultTransactionIsolation |
string SQL sets an isolation level for each transaction. This setting defines the default isolation level to be set for all new SQL transactions. For more information, see the PostgreSQL documentation.
|
userSpec. settings. lockTimeout |
integer (int64) The maximum time (in milliseconds) for any statement to wait for acquiring a lock on an table, index, row or other database object. If the wait time is longer than the specified amount, then this statement is aborted. Default value: |
userSpec. settings. logMinDurationStatement |
integer (int64) This setting controls logging of the duration of statements. The duration of each completed statement will be logged if the statement ran for at least the specified amount of time (in milliseconds). E.g., if this setting's value is set to Value of Value of For more information, see the PostgreSQL documentation. |
userSpec. settings. synchronousCommit |
string This setting defines whether DBMS will commit transaction in a synchronous way. When synchronization is enabled, cluster waits for the synchronous operations to be completed prior to reporting For more information, see the PostgreSQL documentation.
|
userSpec. settings. tempFileLimit |
integer (int64) The maximum storage space size (in kilobytes) that a single process can use to create temporary files. If a transaction exceeds this limit during execution, it will be aborted. A huge query may not fit into a server's RAM, therefore PostgreSQL will use some storage to store and execute such a query. Too big queries can make excessive use of the storage system, effectively making other quieries to run slow. This setting prevents execution of a big queries that can influence other queries by limiting size of temporary files. |
userSpec. settings. logStatement |
string This setting specifies which SQL statements should be logged (on the user level). For more information, see the PostgreSQL documentation.
|
userSpec. settings. poolMode |
string Mode that the connection pooler is working in with specified user. For more information, see the Odyssey documentation.
|
userSpec. settings. preparedStatementsPooling |
boolean (boolean) User can use prepared statements with transaction pooling. For more information, see the PostgreSQL documentation. |
userSpec. settings. catchupTimeout |
integer (int64) The connection pooler setting. It determines the maximum allowed replication lag (in seconds). Pooler will reject connections to the replica with a lag above this threshold. It can be useful to prevent application from reading stale data. Default value: 0 Value of |
userSpec. settings. walSenderTimeout |
integer (int64) The maximum time (in milliseconds) to wait for WAL replication (can be set only for PostgreSQL 12+) Terminate replication connections that are inactive for longer than this amount of time. Default value: Value of For more information, see the PostgreSQL documentation. |
userSpec. settings. idleInTransactionSessionTimeout |
integer (int64) Sets the maximum allowed idle time, in milliseconds, between queries while in a transaction. The default value is For more information, see the PostgreSQL documentation. Acceptable values are 0 to 2147483647, inclusive. |
userSpec. settings. statementTimeout |
integer (int64) The maximum time (in milliseconds) to wait for statement. The timeout is measured from the time a command arrives at the server until it is completed by the server. If Value of For more information, see the PostgreSQL documentation. |
userSpec. settings. pgaudit |
object Settings of the PostgreSQL Audit Extension (pgaudit). |
userSpec. settings. pgaudit. log[] |
string Defines which user queries will be written to the audit log. Corresponds to the Pg audit log user setting. The possible values are the following:
The default value is PG_AUDIT_SETTINGS_LOG_UNSPECIFIED. In this case, the parameter is not configured. |
userSpec. login |
boolean (boolean) This flag defines whether the user can login to a PostgreSQL database. Default value: |
userSpec. grants[] |
string A set of roles and privileges that are granted to the user. For more information, see the documentation. The maximum string length in characters for each value is 63. Each value must match the regular expression |
userSpec. deletionProtection |
boolean (boolean) Deletion Protection inhibits deletion of the user Default value: |
userSpec. userPasswordEncryption |
string Password-based authentication method for user. Possible values are |
Response
HTTP Code: 200 - OK
{
"id": "string",
"description": "string",
"createdAt": "string",
"createdBy": "string",
"modifiedAt": "string",
"done": true,
"metadata": "object",
// includes only one of the fields `error`, `response`
"error": {
"code": "integer",
"message": "string",
"details": [
"object"
]
},
"response": "object",
// end of the list of possible fields
}
An Operation resource. For more information, see Operation.
Field | Description |
---|---|
id | string ID of the operation. |
description | string Description of the operation. 0-256 characters long. |
createdAt | string (date-time) Creation timestamp. String in RFC3339 text format. The range of possible values is from To work with values in this field, use the APIs described in the Protocol Buffers reference. In some languages, built-in datetime utilities do not support nanosecond precision (9 digits). |
createdBy | string ID of the user or service account who initiated the operation. |
modifiedAt | string (date-time) The time when the Operation resource was last modified. String in RFC3339 text format. The range of possible values is from To work with values in this field, use the APIs described in the Protocol Buffers reference. In some languages, built-in datetime utilities do not support nanosecond precision (9 digits). |
done | boolean (boolean) If the value is |
metadata | object Service-specific metadata associated with the operation. It typically contains the ID of the target resource that the operation is performed on. Any method that returns a long-running operation should document the metadata type, if any. |
error | object The error result of the operation in case of failure or cancellation. includes only one of the fields error , response |
error. code |
integer (int32) Error code. An enum value of google.rpc.Code. |
error. message |
string An error message. |
error. details[] |
object A list of messages that carry the error details. |
response | object includes only one of the fields error , response The normal response of the operation in case of success. If the original method returns no data on success, such as Delete, the response is google.protobuf.Empty. If the original method is the standard Create/Update, the response should be the target resource of the operation. Any method that returns a long-running operation should document the response type, if any. |