A system table storing information about individual GUC privileges

pg_parameter_acl is a system catalogue table which stores information about configuration parameters for which privileges have been explicilty granted to one or more roles.

pg_parameter_acl was added in PostgreSQL 15.


From PostgreSQL 15, permissions on individual configuration parameters can be explicitly granted to individual database users, using the syntax GRANT SET ON PARAMETER or GRANT ALTER SYSTEM ON PARAMETER (and correspondingly removed with rEVOKE). These permissions are tracked via pg_parameter_acl.

Change history


Example usage for pg_parameter_acl:

postgres=> SET SESSION track_activities = off;
ERROR:  permission denied to set parameter "track_activities"

postgres=> \c - postgres
You are now connected to database "postgres" as user "postgres".

postgres=# SELECT * FROM pg_parameter_acl ;
 oid | parname | paracl
(0 rows)

postgres=# GRANT SET ON PARAMETER track_activities TO foo;

postgres=# SELECT * FROM pg_parameter_acl;
  oid  |     parname      |                paracl
 16393 | track_activities | {postgres=sA/postgres,foo=s/postgres}
(1 row)

postgres=# \dconfig+ track_activities
                  List of configuration parameters
    Parameter     | Value | Type |  Context  |  Access privileges
 track_activities | on    | bool | superuser | postgres=sA/postgres+
                  |       |      |           | foo=s/postgres
(1 row)

postgres=# \c - foo
You are now connected to database "postgres" as user "foo".

postgres=> SET SESSION track_activities = off;


Configuration, System catalogue

See also