SET ROLE or OWNER when changing catalog schema

[doctor-eval]

Hi there!

We are deploying Hasura using HashiCorp's Nomad and Vault products. One of Vault's security features is that it creates and manages dynamic Postgresql usernames and password when a service starts, which means that DB credentials are randomised, transient, known only to Vault and the service that's running -- and therefore more secure.

Generally speaking this is awesome, but I know from experience that we are going to have a problem with the ownership of the catalog metadata tables created by hasura, since they will be created under a random temporary user name.

To resolve this in our own software, we create a specialised role (in this case let's say it's called hasura), and assign that role to the temporary user when it's created.

What I want is for all the hasura metadata tables to be owned by this hasura role.

AFAIK there are two ways we can do this:

• Before doing any DDL operations, call SET ROLE hasura, which will then be the identity used in subsequent operations, or
• When creating schema objects, set them with OWNER hasura

Is there any way I can configure this in Hasura? For example, if there was a way to specify some generic SQL to run before a catalog migration?

Note that the hasura role itself can't initiate a connection to the database, and doesn't have a password.

Thanks!
cheers