{"id":24998991,"url":"https://github.com/tomasfarias/redtape","last_synced_at":"2025-03-29T18:12:08.613Z","repository":{"id":44698091,"uuid":"444173889","full_name":"tomasfarias/redtape","owner":"tomasfarias","description":"A permission management tool for AWS Redshift","archived":false,"fork":false,"pushed_at":"2024-03-25T23:19:44.000Z","size":200,"stargazers_count":1,"open_issues_count":4,"forks_count":1,"subscribers_count":2,"default_branch":"master","last_synced_at":"2025-02-04T18:52:33.760Z","etag":null,"topics":["cli","database-management","python","redshift"],"latest_commit_sha":null,"homepage":"https://tomasfarias.github.io/redtape/","language":"Python","has_issues":true,"has_wiki":null,"has_pages":null,"mirror_url":null,"source_name":null,"license":"mit","status":null,"scm":"git","pull_requests_enabled":true,"icon_url":"https://github.com/tomasfarias.png","metadata":{"files":{"readme":"README.md","changelog":null,"contributing":null,"funding":null,"license":"LICENSE","code_of_conduct":null,"threat_model":null,"audit":null,"citation":null,"codeowners":null,"security":null,"support":null,"governance":null,"roadmap":null,"authors":null,"dei":null}},"created_at":"2022-01-03T19:18:04.000Z","updated_at":"2022-03-14T23:08:19.000Z","dependencies_parsed_at":"2024-03-30T23:46:37.410Z","dependency_job_id":null,"html_url":"https://github.com/tomasfarias/redtape","commit_stats":null,"previous_names":[],"tags_count":10,"template":false,"template_full_name":null,"repository_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/tomasfarias%2Fredtape","tags_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/tomasfarias%2Fredtape/tags","releases_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/tomasfarias%2Fredtape/releases","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/tomasfarias%2Fredtape/manifests","owner_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners/tomasfarias","download_url":"https://codeload.github.com/tomasfarias/redtape/tar.gz/refs/heads/master","host":{"name":"GitHub","url":"https://github.com","kind":"github","repositories_count":246223331,"owners_count":20743167,"icon_url":"https://github.com/github.png","version":null,"created_at":"2022-05-30T11:31:42.601Z","updated_at":"2022-07-04T15:15:14.044Z","host_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub","repositories_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories","repository_names_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repository_names","owners_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners"}},"keywords":["cli","database-management","python","redshift"],"created_at":"2025-02-04T18:52:44.200Z","updated_at":"2025-03-29T18:12:08.568Z","avatar_url":"https://github.com/tomasfarias.png","language":"Python","funding_links":[],"categories":[],"sub_categories":[],"readme":"# Redtape\n\nA permission management tool for AWS Redshift, with plans to extend it to other database systems. Inspired by [permifrost](https://gitlab.com/gitlab-data/permifrost/), and [pgbedrock](https://github.com/Squarespace/pgbedrock).\n\n## Installing\n\n### Repo\n\nClone this repo and install with `poetry`:\n\n```sh\ngit clone git@github.com:tomasfarias/redtape.git redtape\ncd redtape\npoetry install\n```\n\n### PyPI\n\nInstall with `pip`:\n\n```sh\npython -m pip install redtape-py\n```\n\n## Usage\n\n``` sh\n❯ redtape run --help\nUsage: redtape run [OPTIONS] [SPEC_FILE]\n\n Run the queries necessary to apply a specification file.\n\nArguments:\n [SPEC_FILE] A specification or a path to a file containing it.\n\nOptions:\n --dry / --no-dry Print changes but do not run them.\n [default: no-dry]\n --skip-validate / --no-skip-validate\n Skip specification file validation.\n [default: no-skip-validate]\n --user TEXT Apply operations only to users named as\n provided.\n --group TEXT Apply operations only to groups named as\n provided.\n --operation [CREATE|DROP|DROP_FROM_GROUP|GRANT|REVOKE|ADD_TO_GROUP]\n Apply only provided operations.\n --dbname TEXT A Redshift database name to connect to.\n --host TEXT The host where a Redshift cluster is\n located.\n --port TEXT The port where a Redshift cluster is\n located.\n --database-user TEXT A user to connect to Redshift. The user\n should have user-management permissions.\n --password TEXT The passaword of the given Redshift\n username.\n --connection-string TEXT A connection string to connect to Redshift.\n --quiet / --no-quiet Show no output except of validation errors,\n run errors, and queries. [default: no-\n quiet]\n --help Show this message and exit.\n```\n\n## Specification file\n\nA YAML specification file is used to define groups, users, and their corresponding privileges.\n\nSample:\n\n``` yaml\ngroups:\n - name: group_name\n privileges:\n table:\n select:\n - table_name\n - ...\n insert:\n - table_name\n - ...\n update:\n - table_name\n - ...\n drop:\n - table_name\n - ...\n delete:\n - table_name\n - ...\n references:\n - table_name\n - ...\n\n database:\n create:\n - database_name\n - ...\n temporary:\n - database_name\n - ...\n temp:\n - database_name\n - ...\n\n schema:\n create:\n - schema_name\n - ...\n usage:\n - schema_name\n - ...\n\n function:\n execute:\n - function_name\n - ...\n\n procedure:\n execute:\n - function_name\n - ...\n\n language:\n usage:\n - language_name\n - ...\n\nusers:\n - name: group_name\n is_superuser: boolean\n member_of:\n - group_name\n - ...\n password:\n type: str\n value: str\n privileges:\n table:\n select:\n - table_name\n - ...\n insert:\n - table_name\n - ...\n update:\n - table_name\n - ...\n drop:\n - table_name\n - ...\n delete:\n - table_name\n - ...\n references:\n - table_name\n - ...\n\n database:\n create:\n - database_name\n - ...\n temporary:\n - database_name\n - ...\n temp:\n - database_name\n - ...\n\n schema:\n create:\n - schema_name\n - ...\n usage:\n - schema_name\n - ...\n\n function:\n execute:\n - function_name\n - ...\n\n procedure:\n execute:\n - function_name\n - ...\n\n language:\n usage:\n - language_name\n - ...\n```\n\n# To do\n\n`redtape` should be considered in Alpha status: things may break, and test coverage is low. The following tasks are planned for a 1.0.0 release:\n\n- [ ] Meaningfully increase test coverage:\n - [ ] Integration tests against PostgreSQL 8.1 (should closely mimic Redshift).\n - [ ] Unit testing of queries generated.\n- [ ] CI/CD:\n - [ ] Get auto-deployment working again.\n - [ ] Remove codecov.\n- [ ] Documentation.\n- [ ] Missing features:\n - [ ] Support for wildcard (`*`) in specification file.\n - [ ] Support for ownership (`ALTER TABLE ... OWNER TO ...`).\n - [ ] Support for ownership.\n - [ ] Support for roles (`CREATE ROLE`, `GRANT ROLE`, `ASSUMEROLE`, etc...).\n - [ ] Support for role management (`ASSUMEROLE`, `CREATE ROLE`, `DROP ROLE`, etc...).\n - [ ] Support for permissions related to `EXTERNAL` objects.\n- [ ] Complete support for `mypy` static type-checking.\n\n# License\n\nMIT\n","project_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Ftomasfarias%2Fredtape","html_url":"https://awesome.ecosyste.ms/projects/github.com%2Ftomasfarias%2Fredtape","lists_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Ftomasfarias%2Fredtape/lists"}