Skip to main content

Other and Self-managed PostgreSQL

Overview

BemiDB requires a connection to your PostgreSQL database. You can use your existing credentials to connect, or you can create dedicated read-only credentials. BemiDB will securely connect and, after you select your tables, automatically provision an encrypted, analytics-optimized database.

Enter Connection Credentials

You can specify the same regular database credentials you use to connect to PostgreSQL from your code. And that's it, everything should just work!

  • Host
  • Port
  • Database Name
  • Username
  • Password

Read-only credentials

Alternatively, you can manually create read-only PostgreSQL database credentials. At a high level, you need to run these commands that are safe to execute without any downtime or performance issues:

CREATE USER bemidb_user WITH PASSWORD 'your_secure_password';

Grant read access to all relevant schemas:

GRANT USAGE ON SCHEMA public TO bemidb_user;
GRANT SELECT ON ALL TABLES IN SCHEMA public TO bemidb_user;
ALTER DEFAULT PRIVILEGES IN SCHEMA public GRANT SELECT ON TABLES TO bemidb_user;

Advanced Settings

BemiDB Static IPs

If you restrict access to your databases by IP addresses, contact us. We will share our static IP addresses, which you can add to an allowlist, so we can connect to your PostgreSQL database.

SSH Tunnel

If your PostgreSQL source database is not accessible over the internet, you can specify SSH credentials to enable an SSH tunnel via your public jump host:

dashboard

Once the source database connection settings are submitted, we'll generate a public SSH key:

Add this public SSH key to your SSH host to allow BemiDB to connect and SSH-tunnel to the PostgreSQL database:

touch ~/.ssh/authorized_keys && chmod 600 ~/.ssh/authorized_keys
echo 'ssh-ed25519 AAAAC3Nz...' >> ~/.ssh/authorized_keys

Note: if you need a public SSH Key before you know the SSH host address, just specify any address and later reach out to us to update it.

VPN Tunnel

If your PostgreSQL source database and SSH jump host can't be accessible over the internet, contact us for how you can establish a secure VPN tunnel to our VPN server.