Re: role to access all information_schema.*?

On Tue, 2025-10-07 at 15:24 +0200, Ruben Laguna wrote:
>
> From what I see a user can only see in `select * from information_schema.tables`
> the tables that the user has been granted SELECT privilege. 
>
> So, my question is:  Is  there is some other way to get a user to be a
> "metadata viewer"  without been a user that also has access to the data in
> those tables? 
>
> Do you know if there is any plan to add such a role? Has it been discuss
> before and deemed a bad idea?

That is not for PostgreSQL to decide.

The information_schema is specified by the SQL standard, and the standard
decrees that you can only see the metadata of objects on which you have
access privileges.

This is quite different from the PostgreSQL approach, which is to make
all metadata public (with the exception of password hashes etc.).

> My use case is to have OpenMetadata to read the information_schema.* and
> publish the table name, column names, etc in the OM user interface.
> I would prefer keeping the privileges of the OM user to a minimum but it
> seems that right now the minimum would be `pg_read_all_data`

You should use the PostgreSQL catalog tables like pg_class and pg_attribute.
They are more cumbersome to use, and they may change from version to version,
but at least everybody can see all their data.

Yours,
Laurenz Albe