On this page 
Warning:
As of June 5, 2024, CockroachDB v22.2 is no longer supported. For more details, refer to the Release Support Policy.
The DROP ROLE statement removes one or more SQL roles. You can use the keywords ROLE and USER interchangeably. DROP USER is an alias for DROP ROLE.
Note:
The DROP ROLE statement performs a schema change. For more information about how online schema changes work in CockroachDB, see Online Schema Changes.
Considerations
- The
adminrole cannot be dropped, androotmust always be a member ofadmin. - A role cannot be dropped if it has privileges. Use
REVOKEto remove privileges. - Roles that own objects (such as databases, tables, schemas, and types) cannot be dropped until the ownership is transferred to another role.
Required privileges
Non-admin roles cannot drop admin roles. To drop non-admin roles, the role must be a member of the admin role or have the CREATEROLE parameter set.
Synopsis
Parameters
| Parameter | Description |
|---|---|
name |
The name of the role to remove. To remove multiple roles, use a comma-separate list of roles. You can use SHOW ROLES to find the names of roles. |
Example
In this example, first check a role's privileges. Then, revoke the role's privileges and remove the role.
> SHOW GRANTS ON documents FOR dev_ops;
+------------+--------+-----------+---------+------------+
| Database | Schema | Table | User | Privileges |
+------------+--------+-----------+---------+------------+
| jsonb_test | public | documents | dev_ops | INSERT |
+------------+--------+-----------+---------+------------+
> REVOKE INSERT ON documents FROM dev_ops;
Note:
All of a role's privileges must be revoked before the role can be dropped.> DROP ROLE dev_ops;
See also
- Authorization
- Authorization Best Practices
CREATE ROLESHOW ROLESGRANTSHOW GRANTS- SQL Statements
- Online Schema Changes
Was this helpful?
