pg_read_all_stats

pg_groups pg_read_all_stats#

What is pg_read_all_stats?#

pg_read_all_stats is a built-in role that allows a user to read all PostgreSQL runtime statistics.

In simple words:

πŸ‘€ β€œI can see what the database is doing right now and what it has been doing.”

What pg_read_all_stats CAN do#

A role with this privilege can read all statistics views, even for objects it does not own.

Access to key system views

Including (but not limited to):

Session & activity

pg_stat_activity

  • Active queries

  • Idle connections

  • Long-running queries

  • Blocked sessions

Table statistics

pg_stat_user_tables
pg_stat_all_tables

  • Sequential scans

  • Index scans

  • Dead tuples

  • Vacuum / analyze counts

Index statistics

pg_stat_user_indexes
pg_stat_all_indexes

  • Index usage

  • Index hit ratios

I/O and background writer

pg_stat_bgwriter

  • Checkpoints

  • Buffer writes

  • WAL activity

WAL & replication

pg_stat_replication
pg_stat_wal

  • Replication lag

  • Streaming status

Functions & statements (if enabled)

pg_stat_user_functions
pg_stat_statements
What it CANNOT do

  • ❌ Read table data

  • ❌ Modify anything

  • ❌ Kill queries

  • ❌ Change config

  • ❌ Access files

This role is read-only telemetry.

Why this role exists

Without it:

  • You only see stats for objects you own

With it:

  • You can monitor the entire cluster

Essential for:

  • DBAs

  • SREs

  • Monitoring tools

  • Performance analysis

Mental model

pg_read_all_stats = β€œDatabase CCTV camera”

You see:

  • Who is doing what

  • When

  • How often

  • How expensive

But you cannot interfere.

Example

Without role

SELECT * FROM pg_stat_activity;
-- limited rows

Grant role

GRANT pg_read_all_stats TO monitor_user;

After grant

SELECT pid, usename, query, state
FROM pg_stat_activity;

βœ” Full visibility

Relationship with other roles

Role

Purpose

pg_read_all_settings

βš™οΈ Read config

pg_read_all_stats

πŸ“Š Read stats

pg_monitor

πŸ‘€ Both + more

pg_signal_backend

πŸ”ͺ Control sessions
Important:

pg_monitor includes pg_read_all_stats.

Security considerations

Risk

Level

Data exposure

🟒 None

Query visibility

🟑 Medium

Business logic exposure

🟑 Medium

Server control

🟒 None
It can expose:

  • Query text

  • Table names

  • Access patterns

Best practices

  • βœ” Grant to monitoring users

  • βœ” Grant to observability tools

  • βœ” Use with pg_read_all_settings

  • ❌ Avoid granting to app users

Typical real-world users

  • Datadog / Prometheus agents

  • Grafana dashboards

  • DBA read-only accounts

  • Incident response teams

Summary

Feature

Allowed

Read stats

βœ…

View all sessions

βœ…

Read data

❌

Modify server

❌

Kill queries

❌
Contents