diff --git a/builtin/providers/postgresql/resource_postgresql_database.go b/builtin/providers/postgresql/resource_postgresql_database.go index d236b02d75..66f59fca13 100644 --- a/builtin/providers/postgresql/resource_postgresql_database.go +++ b/builtin/providers/postgresql/resource_postgresql_database.go @@ -122,6 +122,12 @@ func resourcePostgreSQLDatabaseCreate(d *schema.ResourceData, meta interface{}) b := bytes.NewBufferString("CREATE DATABASE ") fmt.Fprint(b, pq.QuoteIdentifier(dbName)) + //needed in order to set the owner of the db if the connection user is not a superuser + err = grantRoleMembership(conn, d.Get(dbOwnerAttr).(string), c.username) + if err != nil { + return errwrap.Wrapf(fmt.Sprintf("Error granting role membership on database %s: {{err}}", dbName), err) + } + // Handle each option individually and stream results into the query // buffer. @@ -464,3 +470,18 @@ func doSetDBIsTemplate(conn *sql.DB, dbName string, isTemplate bool) error { return nil } + +func grantRoleMembership(conn *sql.DB, dbOwner string, connUsername string) error { + if dbOwner != "" && dbOwner != connUsername { + query := fmt.Sprintf("GRANT %s TO %s", pq.QuoteIdentifier(dbOwner), pq.QuoteIdentifier(connUsername)) + _, err := conn.Query(query) + if err != nil { + // is already member or role + if strings.Contains(err.Error(), "duplicate key value violates unique constraint") { + return nil + } + return errwrap.Wrapf("Error granting membership: {{err}}", err) + } + } + return nil +}