- There are two levels to configure network access. In postgresql.conf (listen_addresses), you can configure the bind addresses, and open remote connections. In pg_hba.conf, you can tell PostgreSQL how to authenticate network connections. Depending on the IP range that a request comes from, different rules can be applied.
- Basically, the difference between a user and a role is academic. When creating a role, the default value is NOLOGIN, which is not the case when you use CREATE USER. Otherwise, roles and users can be considered to be the same.
- This is simple. You can use ALTER USER to do the job, as shown in the following example:
test=# ALTER USER hs PASSWORD 'abc';
ALTER ROLE
Keep in mind that passwords are not necessarily stored in PostgreSQL. If you are using LDAP authentication, or some other external method, the password stored in PostgreSQL won't be changed on the LDAP side.
- RLS is a feature that allows you to limit the access of users to the content of a table. Here is an example: the joe user might only be allowed to see women, while the jane user is only allowed to see men. RLS is, therefore, a mandatory filter that's applied on a table to limit the scope of a user for a table.