我的书签
添加书签
移除书签ALTER ROLE
Superusers can change the attributes of any role. Roles with CREATEROLE privilege can change the attributes of any non-superuser role.Other roles can only change their own password.
alter_role
alter_role_option
role_specification
alter_role_rename
alter_role_config
config_setting
Where
role_specificationspecifies the name of the role whose attributes are to be changed or current user or current session user.SUPERUSER,NOSUPERUSERdetermine whether the role is a “superuser” or not. Superusers can override all access restrictions and should be used with care.Only roles with SUPERUSER privilege can create other SUPERUSER roles.CREATEDB,NOCREATEDBdetermine whether the role can create a database or not.CREATEROLE, determine whether the role can create other roles or not.INHERIT,NOINHERITdetermine whether the role inherits privileges of the roles that it is a member of.Without INHERIT, membership in another role only grants the ability to SET ROLE to that other role. The privileges of the other role are only available after having done so.CONNECTION LIMITspecifies how many concurrent connections the role can make. This only applies to roles that can login.sets a date and time after which the role’s password is no longer valid.
config_paramandconfig_valueare the name and value of configuration parameters being set.
ALTER ROLE role_name RENAME TO can be used to change the name of the role. Note that current session role cannot be renamed.Because MD5-encrypted passwords use the role name as cryptographic salt, renaming a role clears its password if the password is MD5-encrypted.
ALTER ROLE SET | RESET config_param is used to change role’s session default for a configuration variable, either for all databases or, when the IN DATABASE clause is specified, only for sessions in the named database. If ALL is specified instead of a role name, this changes the setting for all roles.
- Change a role’s password.
- Rename a role.
- Change default_transaction_isolation session parameter for a role.
