0

There is role sequence_owner. This is special tech role for working with sequence only.

create role sequence_owner;
GRANT sequence_owner TO administrator;
GRANT USAGE, SELECT, UPDATE  ON ALL SEQUENCES IN SCHEMA schema1 TO sequence_owner;

Also there are several users with role administrator: user1,...user42

GRANT administrator TO user1;
GRANT administrator TO user42;

Using user1 I can create sequence:

create sequence schema1.test_sequence;

but I can't change owner to special sequence_owner role

alter sequence schema1.test_sequence owner to sequence_owner;

There is error: ERROR: permission denied for schema schema1

I don't wont to use:

GRANT CREATE, USAGE ON SCHEMA schema1 to sequence_owner

Because in this case this role sequence_owner will have more priviligies than it must have.

yazabara
  • 1,253
  • 4
  • 21
  • 39

1 Answers1

0

https://www.postgresql.org/docs/11/sql-altersequence.html

It's impossible: You must own the sequence to use ALTER SEQUENCE. To change a sequence's schema, you must also have CREATE privilege on the new schema. To alter the owner, you must also be a direct or indirect member of the new owning role, and that role must have CREATE privilege on the sequence's schema.

yazabara
  • 1,253
  • 4
  • 21
  • 39