I have a redshift database with many schemas and tables. I created a group of users and granted them with permissions to view (select) tables in some particular schema:
CREATE GROUP data_viewers;
GRANT USAGE ON SCHEMA accounts TO GROUP data_viewers;
GRANT SELECT ON ALL TABLES IN SCHEMA accounts TO GROUP data_viewers;
GRANT USAGE ON SCHEMA geo_data TO GROUP data_viewers;
GRANT SELECT ON ALL TABLES IN SCHEMA geo_data TO GROUP data_viewers;
I also created a user in a data_viewers group. The problem is that a database has many many more schemas (as well as pg_temp_) and all of them are seen by my new user (although he can’t see the data in these tables).
So how can I ensure that the group can see only tables from which it can select the data?