USE SECONDARY ROLES¶

Specifies the active/current secondary roles for the session. The currently-active secondary roles set the context that determines whether the current user has the necessary privileges to perform SQL actions.

Note that authorization to execute CREATE <object> statements to create objects is provided by the primary role.

For more information, see Overview of Access Control.

See also:

USE ROLE

Syntax¶

USE SECONDARY ROLES { ALL | NONE }
Copy

Parameters¶

ALL:

All roles that have been granted to the user in addition to the current active primary role.

Note that the set of roles is reevaluated when each SQL statement executes. If additional roles are granted to the user, and that user executes a new SQL statement, the newly granted roles are active secondary roles for the new SQL statement. The same logic applies to roles that are revoked from a user.

NONE:

Disables secondary roles. The authorization for all SQL actions is provided via the primary role.

Usage notes¶

  • To use a role, the role must have been granted to the user.

  • Note that you cannot select multiple roles in the context dropdown.