How can I immediately take ownership of an Azure PostgreSQL table without AZURESU superuser permissions?

Question

A developer created a PostgreSQL table and now has ownership, causing my PGADMIN backup task to fail. They could fix the issue when they return from vacation, but how can I immediately take ownership without AZURESU superuser permissions? Since AZURE does not provide me with superuser permissions (seemingly) and I am not the owner of the table, I am unable to user the "ALTER TABLE" command to take ownership.

Answer 1

@Greg Lowell

PostgreSQL has BYPASSRLS and NOBYPASSRLS permissions, which can be assigned to a role; NOBYPASSRLS is assigned by default. With newly provisioned servers in Azure Database for PostgreSQL - Flexible Server bypassing row level security privilege (BYPASSRLS) is implemented as follows:

• For Postgres 16 and above versioned servers we follow standard PostgreSQL 16 behavior. Nonadministrative users created by azure_pg_admin administrator role allows you to create roles with BYPASSRLS attribute\privilege as necessary.
• For Postgres 15 and below versioned servers. , you can use azure_pg_admin user to do administrative tasks that require BYPASSRLS privilege, but can't create nonadmin users with BypassRLS privilege, since administrator role has no superuser privileges, as common in cloud based PaaS PostgreSQL services.

Update passwords

For better security, it's a good practice to periodically rotate your admin password and database users passwords. It's recommended to use strong passwords using upper and lower cases, numbers, and special characters.

Please read the below article for more details.

https://learn.microsoft.com/en-us/azure/postgresql/flexible-server/concepts-security#postgresql-16-changes-with-role-based-security

Regards,

Oury