Skip to Content
SourcesPostgreSQL

PostgreSQL

Required
Fields required for a valid configuration.
PathTypeRequiredDescriptionDefaultConstraints
requiredobjectYesno extra properties
required.hoststringYesPostgreSQL hostlocalhost
required.portintegerYesPostgreSQL port5432min 1, max 65535
Masked
Sensitive fields under(secrets/credentials).
PathTypeRequiredDescriptionDefaultConstraints
maskedobjectYesno extra properties
masked.passwordstringYesDatabase password
masked.usernamestringYesDatabase username
Optional
Optional configuration fields.
PathTypeRequiredDescriptionDefaultConstraints
optionalobjectNono extra properties
optional.connectionobjectNoConnection tuning and SSL behavior.no extra properties
optional.connection.connect_timeout_secondsintegerNoConnection timeout in seconds10min 1, max 120
optional.connection.ssl_modeenumNoSSL mode for PostgreSQL connection Allowed values: disable, allow, prefer, require, verify-ca, verify-fullprefer
optional.scopeobjectNoDatabase, schema, and table selection scope.no extra properties
optional.scope.databasestringNoSingle database to scan (optional when include_all_databases is true)
optional.scope.exclude_schemasarrayNoSchema denylist (exact schema names)["information_schema","pg_catalog","pg_toast"]
optional.scope.exclude_schemas[]stringNo
optional.scope.include_all_databasesbooleanNoScan all non-template databases visible to this userfalse
optional.scope.include_schemasarrayNoOptional schema allowlist (exact schema names)
optional.scope.include_schemas[]stringNo
optional.scope.include_tablesarrayNoOptional table allowlist. Accepted forms: schema.table or database.schema.table
optional.scope.include_tables[]stringNo
optional.scope.maintenance_databasestringNoDatabase used for database enumeration when include_all_databases is truepostgres
optional.scope.table_limitintegerNoOptional cap on number of table assets extractedmin 1
Extracted Metadata

Table

FieldTypeRequiredDescription
databasestringYesDatabase or catalog name
table_namestringYesTable name
table_typestringYesObject type (TABLE/VIEW)
schemastringNoSchema name
columnsobject[]NoColumns as {name, type} objects
row_countintegerNoEstimated number of rows
Examples
Quick discovery scan
Discover all tables across all schemas with random row sampling — works out of the box on any PostgreSQL instance

Config Payload

{
  "type": "POSTGRESQL",
  "required": {
    "host": "your-host",
    "port": 5432
  },
  "masked": {
    "username": "your-username",
    "password": "your-password"
  },
  "optional": {},
  "sampling": {
    "strategy": "AUTOMATIC",
    "rows_per_page": 50
  }
}

Schedule

{
  "enabled": true,
  "preset": "weekday_business",
  "cron": "33 14 * * 1-5",
  "timezone": "UTC"
}
All databases scan with latest sampling
Enumerate all visible databases and prioritize recent rows — ideal for nightly data governance sweeps

Config Payload

{
  "type": "POSTGRESQL",
  "required": {
    "host": "your-host",
    "port": 5432
  },
  "masked": {
    "username": "your-username",
    "password": "your-password"
  },
  "optional": {
    "scope": {
      "include_all_databases": true
    }
  },
  "sampling": {
    "strategy": "AUTOMATIC",
    "fallback_to_random": true,
    "rows_per_page": 50
  }
}

Schedule

{
  "enabled": true,
  "preset": "nightly",
  "cron": "56 0 * * *",
  "timezone": "UTC"
}
PII and secrets compliance scan
Scan specific schemas for PII and hardcoded secrets — typical for pre-audit compliance checks

Config Payload

{
  "type": "POSTGRESQL",
  "required": {
    "host": "your-host",
    "port": 5432
  },
  "masked": {
    "username": "your-username",
    "password": "your-password"
  },
  "optional": {
    "scope": {
      "include_schemas": [
        "public"
      ]
    }
  },
  "sampling": {
    "strategy": "AUTOMATIC",
    "rows_per_page": 30
  },
  "detectors": [
    {
      "type": "SECRETS",
      "enabled": true
    },
    {
      "type": "PII",
      "enabled": true
    }
  ]
}

Schedule

{
  "enabled": true,
  "preset": "weekday_morning",
  "cron": "22 7 * * 1-5",
  "timezone": "UTC"
}