Auditing User Access in Postgres Databases for Security Compliance 🔍
In this video, I conducted an audit of four GCP Cloud SQL Postgres instances to assess user access and permissions. I utilized PgTools to review schema-level permissions and identified that the only superuser is the Cloud SQL Admin, while the Postgres role is intentionally excluded from superuser status. I discovered some high-risk security definers and unnecessary tables that I plan to drop. I also addressed a critical issue where an application user was mistakenly granted Cloud SQL Superuser privileges, which I promptly revoked. Please ensure to review your own database permissions and take necessary actions to maintain security.