Nais Docs
Search

Type to search the documentation

↑↓ to navigate Enter to select Esc to close
  • Home
  • Explanations
    • What is Nais?
    • What is a team?
    • Under the hood
  • Tutorials
    • Hello Nais
  • Workloads
    • 💡 Explanations
      • The runtime environment
      • Good practices
      • Image repository
      • Migrating to GCP
      • The workload image
      • Zero Trust
    • 🎯 How-To
      • Set up access policies
      • Communicate with other workloads
      • Debugging workloads
      • Disable read-only file system
      • Overriding user and group that runs container process
      • Troubleshooting
      • Upload third-party image to image repository
    • 📚 Reference
      • Access policy reference
      • Container security
      • Default workload variables
      • Environments
      • Validation and autocompletion in editors
      • Webproxy
    • Application
      • 💡 Explanations
        • Exposing your application
      • 🎯 How-To
        • Create application
        • Delete your application
        • Expose an application
        • Redirect a client
      • 📚 Reference
        • Nais Application example YAML
        • Nais Application reference
        • Automatic Scaling
        • Ingress reference
    • Nais job
      • 🎯 How-To
        • Create job
        • Delete your job
      • 📚 Reference
        • Nais Job example YAML
        • Nais Job reference
  • Build and deploy
    • 🎯 How-To
      • Build and deploy with GitHub Actions
      • Dependabot with auto-merge
      • Templating
      • Set up tracing for your pipeline
      • Using the image outside of Nais
    • 📚 Reference
      • Deploy action configuration
  • Authentication and authorization
    • 💡 Explanations
    • 🎯 How-To
      • Log in users
    • 📚 Reference
    • Entra ID
      • 💡 Explanations
      • 🎯 How-To
        • Consume internal API as an application
        • Consume internal API on behalf of an employee
        • Generate a token from Entra ID for development
        • Log in an employee
        • Secure your API with Entra ID
      • 📚 Reference
    • ID-porten
      • 🎯 How-To
        • Log in a citizen
      • 📚 Reference
    • Maskinporten
      • 🎯 How-To
        • Consume external API using Maskinporten
        • Secure your API with Maskinporten
        • Expose FSS apps with KrakenD
      • 📚 Reference
    • TokenX
      • 🎯 How-To
        • Consume internal API on behalf of a citizen
        • Generate a token from TokenX for development
        • Secure your API with TokenX
      • 📚 Reference
  • Observability
    • 🎯 How-To
      • Get started with auto-instrumentation
    • 📚 Reference
      • OpenTelemetry Auto-Instrumentation Configuration
      • Observability Glossary
    • Alerting
      • 🎯 How-To
        • Create alert in Grafana
        • Customize Prometheus alerts
        • Create alert with Prometheus
      • 📚 Reference
        • Prometheus Alerting Rule Reference
    • Frontend apps
    • Logging
      • 🎯 How-To
        • Access secure logs
        • Audit logs
        • Disable persistent application logs
        • Enable secure logs
        • View logs from the command line
        • Adding logs to your Grafana dashboard
        • Metrics and alerts for logs
        • Get started with Grafana Loki
        • Create alerts in nav-logs (OpenSearch Dashboards)
        • Get started with nav-logs
        • Get started with Team Logs
      • 📚 Reference
        • Log Destinations
        • DQL Reference
        • LogQL Reference
        • Loki Labels Reference
        • Loki Metrics Reference
    • Metrics
      • 🎯 How-To
        • Create a dashboard in Grafana
        • Expose metrics from your application
        • Show Grafana on infoscreen
        • Push metrics to Prometheus
      • 📚 Reference
        • Global Metrics
        • Grafana Glossary
        • Metrics reference
        • OpenTelemetry Metrics
        • PromQL Reference
    • Distributed Tracing
      • 🎯 How-To
        • Trace context propagation
        • Correlate traces and logs
        • Tracing data in Elastic APM
        • Get started with Grafana Tempo
      • 📚 Reference
        • Span Metrics
        • OpenTelemetry Trace Semantic Conventions
        • TraceQL Reference
    • Tutorials
      • Getting Started with Observability in Nais
      • Instrumenting Your Application with OpenTelemetry
  • Persistent Data Overview
    • 💡 Explanations
      • Responsibilities
    • Google Cloud BigQuery Dataset
      • 🎯 How-To
        • Using BigQuery from your application
        • Create an instance of BigQuery
    • Buckets
      • 🎯 How-To
        • Create a bucket
        • Deleting a bucket
      • 📚 Reference
    • Google Cloud SQL / PostgreSQL
      • 💡 Explanations
        • Cloud SQL credentials
        • Cloud SQL Instance
        • Cloud SQL Proxy
        • Grants and privileges
        • Migrate to new instance
      • 🎯 How-To
        • Additional users
        • Certification sync issues
        • Change the tier of your database instance
        • Connect to a cloned database
        • Postgres database metrics
        • Debugging
        • Deleting the database
        • Enable audit logging
        • Failing to assign private IP to an existing Cloud SQL instance
        • Migrate to new instance
        • Migrating databases to GCP
        • Workaround for password synchronization issues
        • Personal database access
        • Reset database credentials
        • Upgrade major version
      • 📚 Reference
    • Kafka
      • 💡 Explanations
        • Working with Kafka Offsets
        • Tiered storage
      • 🎯 How-To
        • Accessing topics from an application outside Nais
        • Accessing topics from an application
        • Create a Kafka topic
        • Delete Kafka topic and data
        • Using Kafka Streams with internal topics
        • Manage access
        • Remove access to topics from an application
        • Renew credentials for non-Nais applications
        • Avro and schema
        • How to turn on Tiered Storage for your Kafka topic
        • Troubleshooting
      • 📚 Reference
        • Environment variables for Kafka
        • Nais Topic example YAML
        • Nais Topic reference
        • Kafka metrics
        • Kafka Pools
    • OpenSearch
      • 🎯 How-To
        • Create OpenSearch
        • Use OpenSearch in your workload
        • Delete OpenSearch
        • Accessing OpenSearch from an application outside Nais
        • Create an OpenSearch instance (legacy)
        • Get access to the dashboard
        • Migrate OpenSearch management to Nais Console
        • Upgrade major version
      • 📚 Reference
    • PostgreSQL
      • 💡 Explanations
        • Postgres cluster
      • 🎯 How-To
        • Postgres database metrics
        • Debugging
        • Deleting the database
        • Upgrade major version
      • 📚 Reference
        • Nais Postgres example YAML
        • Nais Postgres reference
    • Valkey
      • 🎯 How-To
        • Create Valkey
        • Use Valkey in your workload
        • Delete Valkey
        • Create a Valkey instance explicitly (legacy)
        • Migrate Valkey management to Nais Console
      • 📚 Reference
  • Other services
    • CDN
      • 🎯 How-To
        • Upload assets to the CDN
        • Manage CDN assets
      • 📚 Reference
        • CDN Upload Action
    • Secrets
      • 🎯 How-To
        • Create and manage secrets in Console
        • Use a secret in your workload
        • Advanced: Secrets with binary data
      • 📚 Reference
    • Feature Toggling
    • Anti-Virus Scanning
    • Leader Election
      • 🎯 How-To
        • Enable Leader Election
    • Vulnerability insights and management
      • 🎯 How-To
        • Generate SBOM
      • 📚 Reference
  • Manage your workloads and services
    • 🎯 How-To
      • Setup command line access
      • Create a Nais team
    • Console
    • CLI
      • 🎯 How-To
        • Install nais-cli
        • Troubleshooting nais-cli
      • 📚 Reference
        • aiven command
        • debug command
        • device command
        • kubeconfig command
        • postgres command
        • validate command
    • naisdevice
      • Explanations
        • Just In Time Access (JITA)
      • How To
        • Install Kolide
        • Install naisdevice
        • Troubleshooting naisdevice
        • Uninstall Kolide
        • Uninstall naisdevice
        • Update naisdevice
  • Tags
  • Legal
    • Application privacy impact assessments (PVK)
    • Application risk assessments (ROS)
    • Arkivloven
    • Vendor Data Processor Agreements
      • Aiven Data Processor Agreement
      • Azure Data Processor Agreement
      • GCP Data Processor Agreement
    • Platform privacy impact assessments (PVK)
    • Platform risk assessments (ROS)
    • Responsibilities - Nais and teams
All tags

access

2 pages

  • Grants and privileges

    When using the nais postgres prepare command, the user is granted some privileges in the database. By default, the user is granted SELECT privileges on all tables and sequences in the default schema.

  • Personal database access

    Databases should always be accessed using a personal account, and the access should ideally be temporary.