DROP USER

On this page Carat arrow pointing down
Warning:
As of November 24, 2023, CockroachDB v22.1 is no longer supported. For more details, refer to the Release Support Policy.

The DROP USER statement removes one or more SQL users.

Note:

The DROP USER statement performs a schema change. For more information about how online schema changes work in CockroachDB, see Online Schema Changes.

Note:

Since the keywords ROLE and USER can now be used interchangeably in SQL statements for enhanced PostgreSQL compatibility, DROP USER is now an alias for DROP ROLE.

Consideration

Users that own objects (such as databases, tables, schemas, and types) cannot be dropped until the ownership is transferred to another user.

Required privileges

Non-admin users cannot drop admin users. To drop non-admin users, the user must be a member of the admin role or have the CREATEROLE parameter set.

Synopsis

DROP USER IF EXISTS user_name ,

Parameters

Parameter Description
user_name The username of the user to remove. To remove multiple users, use a comma-separate list of usernames.

You can use SHOW USERS to find usernames.

Example

Remove privileges

All of a user's privileges must be revoked before the user can be dropped.

In this example, first check a user's privileges. Then, revoke the user's privileges before removing the user.

icon/buttons/copy
> SHOW GRANTS ON test.customers FOR mroach;
+-----------+--------+------------+
|   Table   |  User  | Privileges |
+-----------+--------+------------+
| customers | mroach | CREATE     |
| customers | mroach | INSERT     |
| customers | mroach | UPDATE     |
+-----------+--------+------------+
(3 rows)
icon/buttons/copy
> REVOKE CREATE,INSERT,UPDATE ON test.customers FROM mroach;
icon/buttons/copy
> DROP USER mroach;

Remove default privileges

In addition to removing a user's privileges, a user's default privileges must be removed prior to dropping the user. If you attempt to drop a user with modified default privileges, you will encounter an error like the following:

ERROR: role mroach cannot be dropped because some objects depend on it
privileges for default privileges on new relations belonging to role demo in database movr
SQLSTATE: 2BP01
HINT: USE test; ALTER DEFAULT PRIVILEGES REVOKE ALL ON TABLES FROM mroach;

Run the HINT SQL prior to dropping the user.

icon/buttons/copy
USE test; ALTER DEFAULT PRIVILEGES REVOKE ALL ON TABLES FROM mroach;
icon/buttons/copy
> DROP USER mroach;

See also


Yes No
On this page

Yes No