When using the HTTP JSON API, one can pass a JDBC configuration which is used to connect to a Postgres database for the query store. This config includes a database user and an option to create the schema or not (if it already exists). How do users typically interact with this from a database role perspective?
Specifically, the database user when creating the schema needs to have permissions to drop and create tables (DDL operations), but when running the service afterwards the user only needs permissions to read and write to existing tables. In the latter scenario, is it normal to inspect the schema created and create a new user with the refined permissions to those tables, or does one typically just use a single user with liberal permissions for both modes?
The sandbox docs seem to suggest always passing the same user with DDL privileges, in case migrations are required.
I’m wondering what the common usage is here for designing the trigger service.