diff --git a/postgresql/resource_postgresql_default_privileges.go b/postgresql/resource_postgresql_default_privileges.go index d7eb066d..675cb3de 100644 --- a/postgresql/resource_postgresql_default_privileges.go +++ b/postgresql/resource_postgresql_default_privileges.go @@ -53,10 +53,11 @@ func resourcePostgreSQLDefaultPrivileges() *schema.Resource { "table", "sequence", "function", + "routine", "type", "schema", }, false), - Description: "The PostgreSQL object type to set the default privileges on (one of: table, sequence, function, type, schema)", + Description: "The PostgreSQL object type to set the default privileges on (one of: table, sequence, function, routine, type, schema)", }, "privileges": { Type: schema.TypeSet, @@ -87,6 +88,13 @@ func resourcePostgreSQLDefaultPrivilegesRead(db *DBConnection, d *schema.Resourc ) } + if objectType == "routine" && !db.featureSupported(featureRoutine) { + return fmt.Errorf( + "object type ROUTINE is not supported for this Postgres version (%s)", + db.version, + ) + } + exists, err := checkRoleDBSchemaExists(db, d) if err != nil { return err @@ -119,6 +127,13 @@ func resourcePostgreSQLDefaultPrivilegesCreate(db *DBConnection, d *schema.Resou return fmt.Errorf("cannot specify `schema` when `object_type` is `schema`") } + if objectType == "routine" && !db.featureSupported(featureRoutine) { + return fmt.Errorf( + "object type ROUTINE is not supported for this Postgres version (%s)", + db.version, + ) + } + if d.Get("with_grant_option").(bool) && strings.ToLower(d.Get("role").(string)) == "public" { return fmt.Errorf("with_grant_option cannot be true for role 'public'") } diff --git a/website/docs/r/postgresql_default_privileges.html.markdown b/website/docs/r/postgresql_default_privileges.html.markdown index 9bd36828..8046c340 100644 --- a/website/docs/r/postgresql_default_privileges.html.markdown +++ b/website/docs/r/postgresql_default_privileges.html.markdown @@ -32,7 +32,7 @@ resource "postgresql_default_privileges" "read_only_tables" { * `database` - (Required) The database to grant default privileges for this role. * `owner` - (Required) Specifies the role that creates objects for which the default privileges will be applied. * `schema` - (Optional) The database schema to set default privileges for this role. -* `object_type` - (Required) The PostgreSQL object type to set the default privileges on (one of: table, sequence, function, type, schema). +* `object_type` - (Required) The PostgreSQL object type to set the default privileges on (one of: table, sequence, function, routine, type, schema). * `privileges` - (Required) List of privileges (e.g., SELECT, INSERT, UPDATE, DELETE) to grant on new objects created by the owner. An empty list could be provided to revoke all default privileges for this role.