[google-cloud-sql-discuss] Re: Cannot delete created role (Postgres 11)

Oh, I could be happy to have the superuser privileges once you only give it to me!

Following to https://cloud.google.com/sql/docs/postgres/users 

Because Cloud SQL for PostgreSQL is a managed service, it restricts access to certain system procedures and tables that require advanced privileges. In Cloud SQL, customers cannot create or have access to users with superuser attributes.

That's why I cant revoke CONNECT privileges off the PUBLIC - because cloudsqlsuperuser owns it as well as observer somehow got it from cloudsqlsuperuser - I can't explain! And I have no access to cloudsqlsuperuser account, because:

The postgres user is part of the cloudsqlsuperuser role, and has the following attributes (privileges): CREATEROLE, CREATEDB, and LOGIN. It does not have the SUPERUSER or REPLICATION attributes.

On Tuesday, April 21, 2020 at 11:50:12 PM UTC+3, David (Google Cloud Support) wrote:

Since the issue seems to be with the connect privilege, this StackOverflow post may be worth reading as it explains how to revoke the connect privilege. That specific privilege  seems to be given by default upon some object creation to PUBLIC, which may be why you are having difficulties removing it.

If you are having difficulties with the superuser, you should consider using that user, and keep in mind that you can always change its password in the GCP console.

If the recommendation made in StackOverflow does not help and you still believe that this is a bug, as well as further investigation, I suggest that you make a StackOverflow post yourself to perhaps get some support from other users, as well as create an Issue Tracker entry following instructions.

Polybius Tech OÜ is a limited liability company registered in Estonia. Registered number: 14420450. Registered office: Tartu mnt. 43, Tallinn 10128, Estonia.

Any information sent by e-mail by Polybius Tech OÜ ("Polybius") or any of its affiliates is confidential and intended solely for the use of the individual or entity to whom it is addressed. If you are not the named addressee you should not disseminate, distribute or copy this email. If you have received this message in error please delete it and any copies of it and notify the sender immediately. Note that the contents of an attachment to this e-mail may contain software viruses, which could damage your computer system. While Polybius has taken every reasonable precaution to minimise this risk, we cannot accept liability for any damage which you sustain as a result of software viruses. You should carry out your own virus checks before opening the attachment.

--
You received this message because you are subscribed to the Google Groups "Google Cloud SQL discuss" group.
To unsubscribe from this group and stop receiving emails from it, send an email to google-cloud-sql-discuss+unsubscribe@googlegroups.com.
To view this discussion on the web visit https://groups.google.com/d/msgid/google-cloud-sql-discuss/6cf61165-ddba-4055-8aba-8d385470539a%40googlegroups.com.