For security, create a dedicated read-only user for Reeflow rather than using an admin account. This limits the potential impact if credentials are compromised.
PostgreSQL 14 introduced the pg_read_all_data role, which grants read access to all tables across all schemas on the instance:
-- Create the user
CREATE USER reeflow_reader WITH PASSWORD 'your-secure-password';
-- Grant read access to all data
GRANT pg_read_all_data TO reeflow_reader;
For older PostgreSQL versions, grant permissions manually on each schema:
-- Create the user
CREATE USER reeflow_reader WITH PASSWORD 'your-secure-password';
-- Grant connection access
GRANT CONNECT ON DATABASE your_database TO reeflow_reader;
-- Grant schema access (repeat for each schema)
GRANT USAGE ON SCHEMA public TO reeflow_reader;
-- Grant SELECT on all existing tables
GRANT SELECT ON ALL TABLES IN SCHEMA public TO reeflow_reader;
-- Grant SELECT on future tables (run as the table owner)
ALTER DEFAULT PRIVILEGES IN SCHEMA public
GRANT SELECT ON TABLES TO reeflow_reader;