PolarDB for PostgreSQL is a managed database service. Unlike a standalone PostgreSQL installation, it does not expose a native superuser account. Instead, it uses a role-based access control (RBAC) model with two account types—privileged accounts and standard accounts—each granted a specific set of permissions that balance operational flexibility with platform security.
Privileged account permissions
A privileged account can perform the following operations:
Create, modify, access, and delete non-system objects — tables, indexes, types, views, functions, and procedures. Object permissions are shared among all privileged users, so any privileged user can access objects owned by another privileged user.
Create databases — see Create a database.
Create extensions — see Extensions.
Create users — with permissions no greater than the creating account's own. See Create a user.
Create and use event triggers — see Create a trigger.
Create and modify types — see Create an object type.
Invoke garbage collection — see Garbage collection mechanism.
Create and modify foreign data wrappers (FDWs) — see Use oss_fdw to read and write external text files.
Create publications and subscriptions for logical replication.
Use two-phase transactions.
Send signals to non-superuser backend processes.
View background process statuses.
Create publications and subscriptions
-- Create a publication
CREATE PUBLICATION my_publication FOR TABLE test_t;
-- Create a subscription
CREATE SUBSCRIPTION my_subscription
CONNECTION 'channel_name=XXXX dbname=XXXX user=XXXX password=XXXX'
PUBLICATION my_publication;Subscriptions require a channel. To create a channel, see Network channels. If an error occurs when creating the subscription, contact us.
Use two-phase transactions
-- session_1
BEGIN;
INSERT INTO t VALUES (1,'a');
PREPARE TRANSACTION 'test_1';
-- session_2
COMMIT PREPARED 'test_1';
-- Or roll back
ROLLBACK PREPARED 'test_1';Send signals
-- Cancel or terminate a non-superuser backend process (PID 4300)
SELECT pg_cancel_backend(4300);
SELECT pg_terminate_backend(4300);View background process statuses
SELECT * FROM pg_stat_activity;Standard account permissions
A standard account can:
Connect to all databases.
Query objects for which the account has been granted PUBLIC permissions.
Permissions unavailable to all users
The following operations are blocked for all accounts—both privileged and standard—because they pose security risks in a managed environment:
| Operation | Details |
|---|---|
| Modify system parameters | Not available to any account type |
| Create tablespaces | Not available to any account type |
| Kill superuser processes | Not available to any account type |
| Execute untrusted languages | plpgsql is a trusted language and can be executed. All other languages are untrusted and are blocked |
User group permissions
PolarDB for PostgreSQL inherits several predefined PostgreSQL roles. These roles are combined with privileged account permissions—the final permission set is the union of both.
| Role | Status | What it grants |
|---|---|---|
pg_read_all_stats and pg_stat_scan_tables | Full | Read access to all statistics views (for example, pg_stat_activity and pg_stat_user_tables) and the ability to scan tables to collect statistics |
pg_signal_backend | Full | Send signals (pg_cancel_backend, pg_terminate_backend) to backend processes owned by non-superuser roles |
pg_polar_superuser | Full | PolarDB-specific privileged user group. Grants the complete set of privileged user permissions described in this document |
pg_polar_replication | Full | Use streaming replication. Fully owned |
pg_monitor | Full | Read monitoring data from statistics views and functions. Read and write access to local files is blocked |
pg_read_all_data and pg_write_all_data | Restricted | Read and write any user table, and read most system tables. Access to some system tables is blocked for security reasons |
pg_read_all_settings | Restricted | Read parameter values within the account's permission scope. Access to some parameters is blocked for security reasons |
pg_read_server_files and pg_write_server_files | Blocked | Not supported. Read and write access to local server files is unavailable in PolarDB for PostgreSQL |
pg_execute_server_program | Blocked | Not supported. Executing binary commands on the server is unavailable in PolarDB for PostgreSQL |