For AI agents: a documentation index is available at the root level at /llms.txt and /llms-full.txt. Append /llms.txt to any URL for a page-level index, or .md for the markdown version of any page.
      • AstroFully-managed data operations, powered by Apache Airflow.
      • Astro Private CloudRun Airflow-as-a-service in your environment.
      • Professional ServicesExpert Airflow services for your enterprise's success.
    • Tools
      • Cosmos
      • Orbiter
      • CLI
      • AI SDK
      • Agents
      • Blueprint
      • UpdatesThe State of Airflow 2026See the insights from over 5,800 data practitioners in the full report. Download Now ➔
  • Customers
  • Docs
    • Insights
      • Blog
      • Webinars
      • Resource Library
      • Events
    • Education
      • Academy
      • What is Airflow?
  • Pricing
Get Started Free
    • Astro Private Cloud overview
    • Astro Private Cloud features
      • Config governance
      • Manage Workspaces
      • Configure Astro Private Cloud
      • Apply a config change
      • Configure cleanup jobs
      • Use kubectl
        • Data plane failover
        • Enable data plane failover
        • Trigger a data plane failover
        • Customer-created database users

Product

  • Platform Overview
  • Astro
  • Astro Observe
  • Astro Private Cloud
  • Security & Trust
  • Pricing

Tools & Services

  • Cosmos
  • Docs
  • Professional Services
  • Product Updates

Use Cases

  • AI Ops
  • Data Observability
  • ETL/ELT
  • ML Ops
  • Operational Analytics
  • All Use Cases

Industries

  • Financial Services
  • Gaming
  • Retail
  • Manufacturing
  • Healthcare
  • All Industries

Resources

  • Academy
  • eBooks & Guides
  • Blog
  • Webinars
  • Events
  • The Data Flowcast Podcast
  • All Resources

Airflow

  • What is Airflow
  • Airflow on Astro
  • Airflow 3.0
  • Airflow Upgrades
  • Airflow Use Cases
  • Airflow 2.x End of Life

Company

  • Our Story
  • Customers
  • Newsroom
  • Careers
  • Contact

Support

  • Knowledge Base
  • Status
  • Contact Support
GitHubYouTubeLinkedInx
  • Legal
  • Privacy
  • Terms of Service
  • Consent Preferences

  • Do Not Sell or Share My Personal information
  • Limit the Use Of My Sensitive Personal Information

Apache Airflow®, Airflow, and the Airflow logo are trademarks of the Apache Software Foundation. Copyright © Astronomer 2026. All rights reserved.

LogoLogo
On this page
  • Roles APC needs
  • PostgreSQL example
  • Related documentation
Platform administrationData plane failover

Customer-created database users

Edit this page
Built with

This page covers the database setup required when you choose the Customer manages users model for data plane failover. In this model, you create the per-Deployment login roles yourself, and Astro Private Cloud (APC) still needs the privileges it uses to fence those roles during failover.

For the high-level overview and the alternative APC manages users model, see Per-deployment database users.

Roles APC needs

For every Apache Airflow Deployment, APC requires the following on the Deployment’s metadata database:

  • An owner role on the metadata database, so APC can manage the schema and switch CONNECT privileges between the two login roles during failover.
  • A connection-terminator role that can terminate active sessions for the two login roles, so APC can fence the source data plane during failover without needing full access to those login roles.
  • Membership in both of these roles for the deployment orchestrator database user.

You create the two login roles per Deployment (one per data plane cluster) and grant them CONNECT on the metadata database.

PostgreSQL example

For a Deployment whose metadata database is airflow_db_<deployment> and whose per-data-plane login roles are dp1_user_<deployment> and dp2_user_<deployment>, the full setup is:

1CREATE ROLE airflow_db_<deployment>_owner NOLOGIN;
2CREATE ROLE airflow_conn_killer_<deployment> NOLOGIN NOINHERIT;
3
4ALTER DATABASE airflow_db_<deployment> OWNER TO airflow_db_<deployment>_owner;
5
6REVOKE CONNECT ON DATABASE airflow_db_<deployment> FROM PUBLIC;
7GRANT CONNECT ON DATABASE airflow_db_<deployment> TO dp1_user_<deployment>;
8GRANT CONNECT ON DATABASE airflow_db_<deployment> TO dp2_user_<deployment>;
9
10GRANT dp1_user_<deployment> TO airflow_conn_killer_<deployment> WITH INHERIT FALSE, SET FALSE;
11GRANT dp2_user_<deployment> TO airflow_conn_killer_<deployment> WITH INHERIT FALSE, SET FALSE;
12
13GRANT airflow_db_<deployment>_owner TO commander_user;
14GRANT airflow_conn_killer_<deployment> TO commander_user;

Replace commander_user with the deployment orchestrator database user configured for your APC installation, and <deployment> with the identifier you use for each Airflow Deployment.

Related documentation

  • Data plane failover
  • Enable data plane failover
  • Trigger a data plane failover