Skip to main content
The DROP ROLE removes one or more SQL roles. You can use the keywords ROLE and USER interchangeably. is an alias for DROP ROLE.
The “ statement performs a schema change. For more information about how online schema changes work in CockroachDB, see .

Considerations

  • The admin user/role cannot be dropped, and root must always be a member of admin.
  • A user/role cannot be dropped if it has privileges. Use to remove privileges.
  • Users/roles that (such as databases, tables, schemas, and types) cannot be dropped until the .
  • If a user/role is logged in while a drops that user, CockroachDB checks that the user exists before allowing it to inherit privileges from . In addition, any active are revoked when a user is dropped.

Required privileges

Non-admin roles cannot drop admin roles. To drop non-admin roles, the role must be a member of the admin role or have the parameter set.

Synopsis

drop_role syntax diagram

Parameters

ParameterDescription
nameThe name of the role to remove. To remove multiple roles, use a comma-separate list of roles.

You can use to find the names of roles.

Example

In this example, first check a role’s privileges. Then, revoke the role’s privileges and remove the role.
> SHOW GRANTS ON documents FOR dev_ops;
+------------+--------+-----------+---------+------------+
|  Database  | Schema |   Table   |  User   | Privileges |
+------------+--------+-----------+---------+------------+
| jsonb_test | public | documents | dev_ops | INSERT     |
+------------+--------+-----------+---------+------------+
> REVOKE INSERT ON documents FROM dev_ops;
> DROP ROLE dev_ops;

See also