- Categories:
User & Security DDL (Roles)
ALTER ROLE¶
Modifies the properties for an existing role. Currently, the only supported operations are renaming a role or adding/overwriting/removing a comment for a role.
- See also:
Syntax¶
ALTER ROLE [ IF EXISTS ] <name> RENAME TO <new_name>
ALTER ROLE [ IF EXISTS ] <name> SET [ TAG <TAG_NAME> = '<string_literal>' [ , <TAG_NAME> = '<string_literal>' ... ] ]
[ COMMENT = '<string_literal>' ]
ALTER ROLE [ IF EXISTS ] <name> UNSET {
TAG <TAG_NAME> [ , <TAG_NAME> ... ] |
COMMENT
}
Parameters¶
nameSpecifies the identifier for the role to alter. If the identifier contains spaces or special characters, the entire string must be enclosed in double quotes. Identifiers enclosed in double quotes are also case-sensitive.
RENAME TO new_nameSpecifies the new identifier for the role; must be unique for your account.
For more details, see Identifier Requirements.
SET ...Specifies the properties to set for the role:
TAG TAG_NAME = 'string_literal' [ , TAG_NAME = '<string_literal>' ... ]Specifies the tag name (i.e. the key) and the tag value.
The tag value is always a string.
COMMENT = 'string_literal'Adds a comment or overwrites an existing comment for the role.
UNSET ...Specifies the properties to unset for the role, which resets them to the defaults.
TAG TAG_NAME [ , TAG_NAME ... ]COMMENT
Usage Notes¶
Only the role owner (i.e. the role with the OWNERSHIP privilege on the role), or a higher role, can execute this command.
To rename a role (using the
RENAME TO new_nameparameter) the role that executes this command must also have the global CREATE ROLE privilege.
Examples¶
Rename role role1 to role2:
ALTER ROLE role1 RENAME TO role2;
Add a comment for role myrole:
ALTER ROLE myrole SET COMMENT = 'New comment for role';