From 2a70f9ec542805e4a3706adfb2338fa2bb3d8a66 Mon Sep 17 00:00:00 2001
From: Steve Smith <ssmith@atlassian.com>
Date: Wed, 17 Apr 2019 12:05:41 +1000
Subject: [PATCH] DCD-224: Grant the created DB roles to postgres root user for
 DB creation.

---
 roles/database_config/tasks/main.yml | 12 ++++++++++--
 1 file changed, 10 insertions(+), 2 deletions(-)

diff --git a/roles/database_config/tasks/main.yml b/roles/database_config/tasks/main.yml
index 2a3015b..b291ea5 100644
--- a/roles/database_config/tasks/main.yml
+++ b/roles/database_config/tasks/main.yml
@@ -9,7 +9,16 @@
     name: "{{ atl_jdbc_user }}"
     password: "{{ atl_jdbc_password }}"
     expires: 'infinity'
-  tags: db_interaction
+
+- name: Update root privs for new user
+  postgresql_privs:
+    login_host: "{{ atl_db_host }}"
+    login_user: "{{ atl_db_root_user }}"
+    login_password: "{{ atl_db_root_password }}"
+    database: postgres
+    roles: "{{ atl_db_root_user }}"
+    objs: "{{ atl_jdbc_user }}"
+    type: group
 
 - name: Create application database
   postgresql_db:
@@ -23,4 +32,3 @@
     lc_collate: "{{ atl_jdbc_collation }}"
     lc_ctype: "{{ atl_jdbc_ctype }}"
     template: "{{ atl_jdbc_template }}"
-  tags: db_interaction