Audit Module for Postgres¶
- class kaititu.audit.postgres.PostgresACR¶
Bases:
kaititu.audit.AccessControlReportPostgres access control report. Tested on postgres version >= 8.4
Note
The INSTANCE column is the database where the queries are executed.
- __init__(conx: sqlalchemy.engine.base.Connection) None¶
Initializer
- Parameters:
conx (sqlalchemy.engine.Connection) – Connection instance with postgresql dialect
- Raises:
TypeError – when conx is not a class or subclass of
sqlalchemy.engine.ConnectionValueError – when connection’s dialect is not postgresql
- profile_undue_table_privileges() polars.dataframe.frame.DataFrame¶
Get undue privileges for tables per profile if any. Undue privilege for tables happens when a profile isn’t owner of a table and can do any DML or DDL operation on it, except select.
- Returns:
DataFrame – 6-columns dataframe with undue privileges per role
PROFILE => Role name or User name
TABLE_SCHEMA => The schema’s name of tables
TABLE_NAME => The name of table
PRIVILEGE => All role’s privilege separated by ‘|’. eg. “INSERT | UPDATE | GRANT”
INSTANCE => Database name or Service name
SOCKET => Database Host and port as string
- profile_with_login() polars.dataframe.frame.DataFrame¶
Get users or roles that can connect (login)
- Returns:
DataFrame – a 3-columns dataframe as below
PROFILE => Role name or User name
INSTANCE => Database name or Service name
SOCKET => Database Host and port as string
- role_without_members() polars.dataframe.frame.DataFrame¶
Get roles without members
- Returns:
DataFrame – 3-columns dataframe with roles that don’t have members
ROLE => Role name
INSTANCE => Database name or Service name
SOCKET => Database Host and port as string