grant 0.0.1-beta.1

Manage database roles and privileges in GitOps style
Documentation
grant-0.0.1-beta.1 has been yanked.

grant.rs

Manage Redshift database roles and privileges in GitOps style.

Usage

Install binary from crates.io

cargo install grant

Using grant tool:

$ grant --help

Manage database roles and privileges in GitOps style

USAGE:
    grant <SUBCOMMAND>

FLAGS:
    -h, --help       Prints help information
    -V, --version    Prints version information

SUBCOMMANDS:
    apply    Apply changes
    gen      Generate project
    help     Prints this message or the help of the given subcommand(s)

Generate project structure

grant gen --target duyet-cluster

# or
mkdir duyet-cluster && cd $_
grant gen --target .

Apply privilege changes

Dry run:

export DB_URL="postgres://postgres:postgres@localhost:5439/postgres"
grant apply --dryrun -f ./examples/example.yaml --conn=$DB_URL

Apply to cluster:

grant apply -f ./examples/example.yaml

# [2021-11-15T03:37:38Z INFO  grant::apply] Try to apply definition from "./examples/example.yaml", dryrun=false, conn=None
# [2021-11-15T03:37:38Z INFO  grant::apply] SQL = GRANT CREATE, TEMP ON DATABASE db1, db2 TO duyet;
# [2021-11-15T03:37:38Z INFO  grant::apply] SQL = GRANT CREATE, USAGE ON SCHEMA  TO duyet;
# [2021-11-15T03:37:38Z INFO  grant::apply] SQL = GRANT CREATE, USAGE ON SCHEMA common, dwh1, dwh2 TO duyet;
# [2021-11-15T03:37:38Z INFO  grant::apply] SQL = GRANT CREATE, TEMP ON DATABASE db1, db2 TO duyet2;
# [2021-11-15T03:37:38Z INFO  grant::apply] SQL = GRANT CREATE, USAGE ON SCHEMA  TO duyet2;
# [2021-11-15T03:37:38Z INFO  grant::apply] SQL = GRANT CREATE, USAGE ON SCHEMA common, dwh1, dwh2 TO duyet2;

Generate random password

$ grant gen-pass

Generated password: q)ItTjN$EXlkF@Tl

Developement

Clone the repo:

git clone https://github.com/duyet/grant.rs && cd grant.rs

Postgres is required for testing, you might need to use the docker-compose.yaml:

docker-compose up -d

Make sure you have connection to postgres://postgres:postgres@localhost:5432/postgres.

To run the unittest:

cargo test

TODO

  • Support store encrypted password in Git
  • Support Postgres
  • Visuallization (who can see what?)

LICENSE

MIT