PostgreSQL Connection

Infisical supports connecting to PostgreSQL using a database role.

Configure a PostgreSQL Role for Infisical

Create a Role

Infisical recommends creating a designated role in your PostgreSQL database for your connection.

-- create user role
CREATE ROLE infisical_role WITH LOGIN PASSWORD 'my-password';

-- grant login access to the specified database
GRANT CONNECT ON DATABASE my_database TO infisical_role;

Grant Relevant Permissions

Depending on how you intend to use your PostgreSQL connection, you’ll need to grant one or more of the following permissions.

To learn more about PostgreSQL’s permission system, please visit their documentation.

For Secret Rotations, your Infisical user will require the ability to alter other users’ passwords:

-- enable permissions to alter login credentials
ALTER ROLE infisical_role WITH CREATEROLE;

For Secret Rotations, your Infisical user will require the ability to alter other users’ passwords:

-- enable permissions to alter login credentials
ALTER ROLE infisical_role WITH CREATEROLE;

Get Connection Details

You’ll need the following information to create your PostgreSQL connection:

host - The hostname or IP address of your PostgreSQL server
port - The port number your PostgreSQL server is listening on (default: 5432)
database - The name of the specific database you want to connect to
username - The role name of the login created in the steps above
password - The role password of the login created in the steps above
sslCertificate (optional) - The SSL certificate required for connection (if configured)

If you are self-hosting Infisical and intend to connect to an internal/private IP address, be sure to set the ALLOW_INTERNAL_IP_CONNECTIONS environment variable to true.

Create Connection in Infisical

Navigate to the App Connections tab on the Organization Settings page.
Select the PostgreSQL Connection option.
Select the Username & Password method option and provide the details obtained from the previous section and press Connect to PostgreSQL.

Optionally, if you’d like Infisical to manage the credentials of this connection, you can enable the Platform Managed Credentials option. If enabled, Infisical will update the password of the connection on creation to prevent external access to this database role.

Your PostgreSQL Connection is now available for use.

Navigate to the App Connections tab on the Organization Settings page.
Select the PostgreSQL Connection option.
Select the Username & Password method option and provide the details obtained from the previous section and press Connect to PostgreSQL.

Your PostgreSQL Connection is now available for use.

To create a PostgreSQL Connection, make an API request to the Create PostgreSQL Connection API endpoint.

Optionally, if you’d like Infisical to manage the credentials of this connection, you can set the isPlatformManagedCredentials option to true. If enabled, Infisical will update the password of the connection on creation to prevent external access to this database role.

Sample request

Request

curl    --request POST \
--url https://app.infisical.com/api/v1/app-connections/postgres \
--header 'Content-Type: application/json' \
--data '{
    "name": "my-pg-connection",
    "method": "username-and-password",
    "isPlatformManagedCredentials": true,
    "credentials": {
        "host": "123.4.5.6",
        "port": 5432,
        "database": "default",
        "username": "infisical_role",
        "password": "my-password",
        "sslEnabled": true,
        "sslRejectUnauthorized": true
    },
}'

Sample response

Response

{
    "appConnection": {
        "id": "3c90c3cc-0d44-4b50-8888-8dd25736052a",
        "name": "my-pg-connection",
        "version": 1,
        "orgId": "3c90c3cc-0d44-4b50-8888-8dd25736052a",
        "createdAt": "2023-11-07T05:31:56Z",
        "updatedAt": "2023-11-07T05:31:56Z",
        "app": "postgres",
        "method": "username-and-password",
        "isPlatformManagedCredentials": true,
        "credentials": {
            "host": "123.4.5.6",
            "port": 5432,
            "database": "default",
            "username": "infisical_role",
            "sslEnabled": true,
            "sslRejectUnauthorized": true
        }
    }
}

OracleDB Connection Render Connection

On this page

Configure a PostgreSQL Role for Infisical
Create Connection in Infisical

Infrastructure Integrations

App Connections

Secret Syncs

Native Integrations

CI/CD Integrations

Framework Integrations

Build Tool Integrations

Others

PostgreSQL Connection

Configure a PostgreSQL Role for Infisical

Create Connection in Infisical

Sample request

Sample response

Infrastructure Integrations

App Connections

Secret Syncs

Native Integrations

CI/CD Integrations

Framework Integrations

Build Tool Integrations

Others

​Configure a PostgreSQL Role for Infisical

​Create Connection in Infisical

​Sample request

​Sample response

Configure a PostgreSQL Role for Infisical

Create Connection in Infisical

Sample request

Sample response