diff --git a/share/dataset-pg/databases.tf b/share/dataset-pg/databases.tf
index ccaf4d3..d988bfb 100644
--- a/share/dataset-pg/databases.tf
+++ b/share/dataset-pg/databases.tf
@@ -64,6 +64,11 @@ resource "postgresql_role" "owner" {
   name              = "${local.sorted-dbs[count.index].name}"
   login             = true
   password          = data.kubernetes_secret_v1.password_get[count.index].data["POSGRESQL_PASSWORD"]
+  lifecycle {
+    ignore_changes = [
+      roles,
+    ]
+  }
 }
 
 resource "postgresql_database" "my_db" {
diff --git a/share/dataset-pg/index.yaml b/share/dataset-pg/index.yaml
index 3634fb6..43bccbf 100644
--- a/share/dataset-pg/index.yaml
+++ b/share/dataset-pg/index.yaml
@@ -6,6 +6,26 @@ metadata:
   name: dataset-pg
   description: null
 options:
+  issuer:
+    default: letsencrypt-prod
+    examples:
+    - letsencrypt-prod
+    type: string
+  ingress-class:
+    default: traefik
+    examples:
+    - traefik
+    type: string
+  storage:
+    default: 8Gi
+    examples:
+    - 8Gi
+    type: string
+  replicas:
+    default: 1
+    examples:
+    - 1
+    type: integer
   extentions:
     default:
       pool:
@@ -112,20 +132,15 @@ options:
             type: object
         type: object
     type: object
-  databases:
+  roles:
     default: []
     items:
       properties:
         name:
-          default: db
+          default: alt-account
           type: string
       type: object
     type: array
-  ingress-class:
-    default: traefik
-    examples:
-    - traefik
-    type: string
   backups:
     default:
       enable: false
@@ -180,35 +195,20 @@ options:
         default: backup-settings
         type: string
     type: object
+  databases:
+    default: []
+    items:
+      properties:
+        name:
+          default: db
+          type: string
+      type: object
+    type: array
   sub-domain:
     default: dataset-pg
     examples:
     - dataset-pg
     type: string
-  replicas:
-    default: 1
-    examples:
-    - 1
-    type: integer
-  issuer:
-    default: letsencrypt-prod
-    examples:
-    - letsencrypt-prod
-    type: string
-  storage:
-    default: 8Gi
-    examples:
-    - 8Gi
-    type: string
-  roles:
-    default: []
-    items:
-      properties:
-        name:
-          default: alt-account
-          type: string
-      type: object
-    type: array
   domain-name:
     default: your_company.com
     examples:
diff --git a/share/dataset-pg/roles.tf b/share/dataset-pg/roles.tf
index 93169b3..f26af2c 100644
--- a/share/dataset-pg/roles.tf
+++ b/share/dataset-pg/roles.tf
@@ -47,3 +47,9 @@ resource "postgresql_role" "role" {
   login             = true
   password          = data.kubernetes_secret_v1.password_role_get[count.index].data["POSGRESQL_PASSWORD"]
 }
+
+resource "postgresql_grant_role" "anomynous" {
+  count             = var.extentions.postgrest.enable?1:0
+  role              = "${var.instance}"
+  grant_role        = "anomynous"
+}