Open
Description
When we increased replicas from 2 to 3, The operator is trying to create the DB and tables in the new pod.
But we see below error in the operator logs.
E0606 06:15:17.638981 1 connection.go:194] Exec():FAILED Exec(http://clickhouse_operator/:***@chi-app-ch-cluster-appcluster-0-2.clickhouse.svc.cluster.local:8123/) Code: 497, Message: clickhouse_operator: Not enough privileges. To execute this query, it's necessary to have the grant NAMED COLLECTION ON postgres_connection for SQL:
CREATE TABLE IF NOT EXISTS testdb.policy_findings_postgres UUID '32f11dfc-9133-413d-b5e8-f17786a601dc' (`policy_id` String, `policy_uuid` String, `job_uuid` String, `cloud_type` String, `evaluation_timestamp` DateTime64(6, 'UTC'), `resource_id` String, `resource_name` String, `resource_type` String, `resource_impact` UInt8, `region` String, `account_id` String, `tags` String, `attack_paths` String, `dlp_engines` Array(String), `status` String) ENGINE = PostgreSQL(postgres_connection, `table` = 'policy_findings', schema = testdb)
When I checked the Grants for this clickhouse_operator user.
SHOW GRANTS FOR clickhouse_operator;
GRANT CHECK, SHOW, SELECT, INSERT, ALTER, CREATE, DROP, UNDROP TABLE, TRUNCATE, OPTIMIZE, BACKUP, KILL QUERY, KILL TRANSACTION, MOVE PARTITION BETWEEN SHARDS, SYSTEM, dictGet, displaySecretsInShowAndSelect, INTROSPECTION, SOURCES, CLUSTER ON *.* TO clickhouse_operator
GRANT TABLE ENGINE ON * TO clickhouse_operator
GRANT SET DEFINER ON * TO clickhouse_operator
How to modify the grants for this user? This user is created by default by the operator itself.
Metadata
Metadata
Assignees
Labels
No labels