This topic describes an issue with object ownership for PostgreSQL when you use VMware Tanzu Service Broker for AWS.
When a developer binds a PostgreSQL service instance to an application, the broker creates a distinct role with unique credentials. The broker ensures that all the distinct roles are members of a group named
Members of this group have full privileges to objects created by other members. However, this does not include the ability to
For more information about defining access privileges, see GRANT in the PostgreSQL documentation.
So that members of
DROP an object, you must assign the group’s role before creating an object.
To do this, do the following:
Set your role to
# SET ROLE binding_group;
Create the object:
\# CREATE TABLE data
After this is done, you can continue with your actions to modify the object.
For more information about setting the current user identifier of the current session, see SET ROLE in the PostgreSQL documentation.