Settings
Postgresus is suitable both for single users and teams. This section is dedicated to the access management for teams. So if you are the only user in your Postgresus instance, you can skip this section.
Postgresus does not have a lot of settings. Actually, it only allows you to control:
- Who can sign up in your Postgresus instance
- Who can create workspaces
- Who can manage databases, notifiers and storages within workspaces
Workspaces
Workspace is a place where you group databases, notifiers and storages. You can add members to workspaces (and create multiple workspaces).
You can manage access management per workspace. For example:
- you have a DevOps team responsible for 10 DBs of the project (so a couple of users inside a workspace);
- you have 3 different projects with different DBs and storages (so a couple of workspaces with different users);
- you have 5 independent DBs where different users can access each one (so user A has access to DB1, user B has access to DB2, user C has access to DB3, etc.).
If you allow users to sign up for your Postgresus and create their own workspaces (see global settings), they will be able to create their own workspaces.
Users never see other workspaces than their own until they are invited to join.
Audit logs
Audit logs are messages about actions performed by users. They are needed to track changes and actions performed by users, as well as to detect any suspicious activity.
For example:
- user created a new database
- user deleted a database
- user initiated a new backup
- user downloaded a backup
- user created a new notifier
- user created a workspace
- user deleted a workspace
- etc.
You can view audit logs with filters:
- per workspace;
- per user (within multiple workspaces);
User roles
All users in Postgresus have roles within the system:
| Feature | Admin | Member |
|---|---|---|
| Manage all settings and users | ✅ | ❌ |
| Create workspaces | ✅ | ✅ (if allowed by settings) |
Usually, there is only one admin user in the system which you create when you first launch Postgresus.
Within a workspace there are also roles:
| Feature | Viewer | Member | Admin | Owner |
|---|---|---|---|---|
| View databases, notifiers, storages | ✅ | ✅ | ✅ | ✅ |
| Initiate and download backups | ✅ | ✅ | ✅ | ✅ |
| Manage databases, notifiers, storages | ❌ | ✅ | ✅ | ✅ |
| Manage users | ❌ | ❌ | ✅ | ✅ |
| Manage admins | ❌ | ❌ | ❌ | ✅ |
Keep in mind: sensitive data (passwords, tokens, etc.) of DBs, storages and notifiers is always hidden from any user. Nobody can see secrets after creation.
Global settings
In global settings there are 3 properties:
- Allow external registrations - by default, all users can sign up for your Postgresus (but they still do not have access to any workspaces until they are invited or create their own workspaces).
If you want to allow only invited users to sign up, you can disable this option. In this case, the sign up form will be closed until you invite the user to any of workspaces.
To invite users to the workspace, you need to click "Add user" and enter an email. After this, the user with this email will be able to complete sign up. - Allow member invitations - this setting is needed when external registrations are disabled.
Imagine you already have some users and you know they are reliable (for example, your team). You want to allow them to invite other users to join Postgresus. In this case, you can enable this option and they will be able to invite other users to join workspaces via invitations.
If it is disabled, only admins can invite users. - Allow member workspace creation - by default, all members can create their own workspaces. If you want to allow only admins to create workspaces, you can disable this option.