Database Setup

Required application databse

A PostgreSQL compatible databse is needed to store application configuration information. By default, Privacy Dynamics will create an on-cluster database using CloudNativePG. If you wish to separately manage the database, Privacy Dynamics recommends using one of the managed database services, below.

  • AWS RDS
  • AWS Aurora
  • GCP Cloud SQL

Tip

The cluster and database instance should live within the same VPC. If that is not possible, VPC peering can be set up.

Create the database instance

Create an AWS RDS instance in the same VPC as the cluster.

Select Cloud Provider

Connect to the database

Start a temporary container in the cluster to use as a PostgreSQL client.

$ kubectl run -i --tty debug --image=postgres:14 --restart=Never -- bash
# Run inside the container
root@debug:/# psql -h instance.region.rds.amazonaws.com -p 5432 -U postgres

Configure user and role

The following commands can be run as the postgres user from the command line psql tool.

CREATE USER pvcyuser WITH PASSWORD 'YH*****';
create database pvcydb;
create role pvcyrole;

ALTER DEFAULT PRIVILEGES GRANT ALL ON TABLES TO pvcyrole WITH GRANT OPTION;
ALTER DEFAULT PRIVILEGES GRANT ALL ON SEQUENCES TO pvcyrole WITH GRANT OPTION;
ALTER DEFAULT PRIVILEGES GRANT EXECUTE ON FUNCTIONS TO pvcyrole WITH GRANT OPTION;

ALTER DEFAULT PRIVILEGES GRANT USAGE ON TYPES TO pvcyrole WITH GRANT OPTION;

GRANT pvcyrole TO pvcyuser;

Cleanup temporary container

You should remove the temporary container that was created in the previous step.

# Exit the container, and clean it up
root@debug:/# exit

$ kubectl delete pod debug
Next
What is Privacy Dynamics?