module postgres_privs unexpected behaviour with default privs

[Giannis Sialmas]

Some details

ansible 2.7.4
   python version = 2.7.15rc1 (default, Nov 12 2018, 14:31:15) [GCC 7.3.0]

postgres version: PostgreSQL 10.6 (Ubuntu 10.6-1.pgdg16.04+1) on x86_64-pc-linux-gnu, compiled by gcc (Ubuntu 5.4.0-6ubuntu1~16.04.10) 5.4.0 20160609, 64-bit

 

I'm trying to use the new functionality that came with ansible 2.7 of the module postgresql_privs that enables tweaking of default privilages but i have the following problem:

I want to convert a shell command i run on the target postgres host to the above module. The command is the following and is run by the postgres system user:

shell: psql -d my_database -c "ALTER DEFAULT PRIVILEGES FOR ROLE myuser IN SCHEMA public GRANT SELECT ON TABLES TO seconduser;"

The above command gives the expected read default permission to my seconduser as seen by the psql \ddp command:

my_database=# \ddp

                        Default access privileges

      Owner       | Schema | Type  |          Access privileges

------------------+--------+-------+-------------------------------------

 myuser           | public | table | seconduser=r/myuser

(1 row)

But when ran the module as following:

          postgresql_privs:

            login_user: myuser

            login_password: myuserpassword

            host: localhost

            db: my_database

            type: default_privs

            role: seconduser

            objs: TABLES

            privs: SELECT

I get the below default privilages:

my_database=# \ddp

                        Default access privileges

      Owner       | Schema | Type  |          Access privileges

------------------+--------+-------+-------------------------------------

 myuser           | public | table | seconduser=r/myuser
 myuser           | public | type  | seconduser=U/myuser

What is the second U privilage that pops up? I searched the docs and i know it is the usage privilage, but why did it turn up?