Hi! I see the
web_access user is assigned global read/write permissions via
pg_data_all_data. This is awesome for getting started with the web interface + development environments, but probably not what we want for sensitive data in production. (Principle of least privilege etc)
Is there a (recommended) way to revoke this access to the
web_access user - now or expected in the future?
Also curious as to the broader story how you envisage recommending best practice for securing access to production data in future, in the light of features like the
web_access user, support for Teams rather than the current project accessible only to a single Neon user login, etc.