ALTER DATABASE ROLE¶

Modifies the properties for an existing database role.

Currently, the only supported operations are renaming a database role or adding/overwriting/removing a comment for a database role.

See also:

CREATE DATABASE ROLE , DROP DATABASE ROLE , SHOW DATABASE ROLES

Syntax¶

ALTER DATABASE ROLE [ IF EXISTS ] <name> RENAME TO <new_name>

ALTER DATABASE ROLE [ IF EXISTS ] <name> SET COMMENT = '<string_literal>'

ALTER DATABASE ROLE [ IF EXISTS ] <name> UNSET COMMENT

ALTER DATABASE ROLE [ IF EXISTS ] <name> SET TAG <tag_name> = '<tag_value>' [ , <tag_name> = '<tag_value>' ... ]

ALTER DATABASE ROLE [ IF EXISTS ] <name> UNSET TAG <tag_name> [ , <tag_name> ... ]
Copy

Parameters¶

name

Specifies the identifier (i.e. name) for the database role; must be unique in the database in which the role is created.

The identifier must start with an alphabetic character and cannot contain spaces or special characters unless the entire identifier string is enclosed in double quotes (e.g. "My object"). Identifiers enclosed in double quotes are also case-sensitive.

If the identifier is not fully qualified in the form of db_name.database_role_name, the command looks for the database role in the current database for the session.

RENAME TO new_name

Specifies the new identifier for the database role; must be unique for your account.

For more details, see Identifier requirements.

Note that when specifying the fully-qualified name of the database role, you cannot specify a different database. The name of the database, db_name, must remain the same. Only the database_role_name can change during a rename operation.

SET ...

Specifies the properties to set for the database role:

COMMENT = 'string_literal'

Adds a comment or overwrites an existing comment for the database role.

TAG tag_name = 'tag_value' [ , tag_name = 'tag_value' , ... ]

Specifies the tag name and the tag string value.

The tag value is always a string, and the maximum number of characters for the tag value is 256.

For information about specifying tags in a statement, see Tag quotas for objects and columns.

UNSET ...

Specifies the properties to unset for the database role, which resets them to the defaults.

  • COMMENT

  • TAG tag_name [ , tag_name ... ]

Access control privileges¶

A role used to execute this SQL command must have the following privileges at a minimum:

Privilege

Object

Notes

OWNERSHIP

Database role

Only the database role owner (i.e. the database role with the OWNERSHIP privilege on the database role), or a higher role, can execute this command.

The owner role does not inherit any permissions granted to the owned database role. To inherit permissions from a database role, that database role must be granted to another role, creating a parent-child relationship in a role hierarchy.

APPLY

Tag

Enables setting a tag on a database role.

Usage notes¶

Regarding metadata:

Attention

Customers should ensure that no personal data (other than for a User object), sensitive data, export-controlled data, or other regulated data is entered as metadata when using the Snowflake service. For more information, see Metadata fields in Snowflake.

Examples¶

Rename database role dr1 to dbr2 in database d1:

ALTER DATABASE ROLE d1.dr1 RENAME TO d1.dbr2;
Copy

Add a comment for database role d1.dbr2:

ALTER DATABASE ROLE d1.dbr2 SET COMMENT = 'New comment for database role';
Copy