# Required Permissions

When creating a Postgres sync on the Stacksync Dashboard, you will need to provide a DB user. Here is a guide to creating a user with the least permissions while still enabling Stacksync Syncs from/to your Postgres DB.

Here is the list of queries you need to execute in your Postgres DB to create and grant the DB user `stacksync_user` the necessary permissions.

You need to replace the following fields in the query:

* `'<PROVIDE_STRONG_PASSWORD>'`
* `` `<DATABASE_NAME_CONTAINING_THE_TABLES_YOU_WANT_TO_SYNC>' ``
* `'<SCHEMA_NAME_CONTAINING_THE_TABLES_YOU_WANT_TO_SYNC>'`
* `'<NAMES_OF_TABLES_YOU_WANT_TO_SYNC>'`

```plsql
CREATE USER stacksync_user WITH PASSWORD '<PROVIDE_STRONG_PASSWORD>';
--necessary to create tables
CREATE SCHEMA IF NOT EXISTS stacksync_logging;
GRANT ALL PRIVILEGES ON SCHEMA stacksync_logging TO stacksync_user;

--necessary to create triggers on the table you want to sync
GRANT CREATE ON DATABASE '<DATABASE_NAME_CONTAINING_THE_TABLES_YOU_WANT_TO_SYNC>' TO stacksync_user;
GRANT USAGE, CREATE ON SCHEMA '<SCHEMA_NAME_CONTAINING_THE_TABLES_YOU_WANT_TO_SYNC>' TO stacksync_user;
GRANT USAGE ON LANGUAGE plpgsql TO stacksync_user;
GRANT SELECT, INSERT, UPDATE, DELETE, TRIGGER ON TABLE '<NAMES_OF_TABLES_YOU_WANT_TO_SYNC>' TO stacksync_user;

-- necessary to detect which tables can be synced by Stacksync
GRANT SELECT ON pg_class TO stacksync_user;
GRANT SELECT ON pg_namespace TO stacksync_user;
GRANT SELECT ON pg_constraint TO stacksync_user;
GRANT SELECT ON pg_attribute TO stacksync_user;
GRANT SELECT ON pg_attrdef TO stacksync_user;
GRANT SELECT ON information_schema.sequences TO stacksync_user;
```

### Additional permissions required for PostgreSQL partitioned tables

In PostgreSQL, permissions are managed per partition table.

If your partitioned tables already had **existing partitions before granting permissions to Stacksync** on the parent table, you must also grant permissions on those existing partitions manually.

Future partitions created afterward will automatically inherit the parent table permissions.

Run the following query to grant the required permissions on all existing partitions in your database:

```sql
DO $$
DECLARE
    r RECORD;
BEGIN
    FOR r IN
        SELECT c.oid::regclass AS partition_table
        FROM pg_class c
        JOIN pg_inherits i ON i.inhrelid = c.oid
    LOOP
        EXECUTE format(
            'GRANT SELECT, INSERT, UPDATE, DELETE, TRIGGER ON TABLE %s TO stacksync_user;',
            r.partition_table
        );
    END LOOP;
END $$;
```


---

# Agent Instructions: Querying This Documentation

If you need additional information that is not directly available in this page, you can query the documentation dynamically by asking a question.

Perform an HTTP GET request on the current page URL with the `ask` query parameter:

```
GET https://docs.stacksync.com/two-way-sync/connectors/postgres/required-permissions.md?ask=<question>
```

The question should be specific, self-contained, and written in natural language.
The response will contain a direct answer to the question and relevant excerpts and sources from the documentation.

Use this mechanism when the answer is not explicitly present in the current page, you need clarification or additional context, or you want to retrieve related documentation sections.