Limiting access for the `web_access` user?

Hi! I see the web_access user is assigned global read/write permissions via pg_read_all_data / pg_data_all_data. This is awesome for getting started with the web interface + development environments, but probably not what we want for sensitive data in production. (Principle of least privilege etc)

Is there a (recommended) way to revoke this access to the web_access user - now or expected in the future?

Also curious as to the broader story how you envisage recommending best practice for securing access to production data in future, in the light of features like the web_access user, support for Teams rather than the current project accessible only to a single Neon user login, etc.


Future plans for user management outlined in this RFC:

(thanks Stas for the pointer)