As more PostgreSQL deployments move to the cloud and integrate with external services, traditional password-based access is no longer enough. How do you ensure secure, granular, and auditable access in modern environments? What if your users are external applications, pipelines, or cloud services and not just humans?
This session dives into the practical security challenges faced by PostgreSQL users and offers modern solutions. We’ll start with foundational concepts like PostgreSQL roles and SCRAM-SHA-256 password authentication. From there, we’ll explore advanced scenarios, including how to use Azure SAS tokens to manage access securely and how impersonation patterns can help when building multi-tenant and cloud-native systems.
You’ll walk away with:
1) A clear understanding of PostgreSQL access control using roles (latest release features)
2) How and why to upgrade to SCRAM for secure password storage
3) Practical guidance on integrating Azure SAS tokens with PostgreSQL workflows
4) Real-world use cases for impersonation and delegated access
Whether you’re running PostgreSQL on-premise or in the cloud, this talk will help you improve your authentication strategy and secure your data more effectively.
