ALTER POLICY statement changes an existing policy on a table.
Allowed changes to a policy using ALTER POLICY include:
- Rename the policy.
- Change the applicable .
- Modify the
USINGexpression. - Modify the
WITH CHECKexpression.
You cannot use
ALTER POLICY to change the PERMISSIVE, RESTRICTIVE, or FOR clauses of a policy, as defined in CREATE POLICY... ON... ( PERMISSIVE | RESTRICTIVE )... FOR ( ALL | SELECT |... ). To make these changes, drop the policy with and issue a new statement.Syntax
Parameters
| Parameter | Description |
|---|---|
policy\_name | The identifier of the existing policy to be modified. Must be unique for the specified table\_name. |
ON table\_name | The name of the table on which the policy policy\_name is defined. |
new\_policy\_name | The new identifier for the policy. The new\_policy\_name must be a unique name on table\_name. |
| `TO (role_name | PUBLIC |
USING ( using\_expression ) | Replaces the previous value of this expression. For details about this expression, refer to . |
WITH CHECK ( check\_expression ) | Replaces the previous value of this expression. For details about this expression, refer to . |
Example
In this example, you will start by only allowing users to see or modify their own rows in anorders table. Then, as the schema is updated due to business requirements, you will refine the policy to take into account the new requirements.
orders table schema will be updated to include an is_archived flag, and the initial policy will need refinement.
- The policy should now only apply to users belonging to the
customer_servicerole, notPUBLIC. - Users in
customer_serviceshould only be able to view and modify orders that are not archived (is_archived = FALSE). Archived orders should be invisible/immutable via this policy.
customer_service role has been created:
ALTER POLICY statement:
ALTER POLICY statement can be explained as follows:
TO customer_service: Restricts the policy’s application from all users (PUBLIC) to only those who are members of thecustomer_servicerole. Other users will no longer be affected by this specific policy (they would need other applicable policies or RLS would deny access by default).USING ( user_id = CURRENT_USER AND is_archived = FALSE ): Modifies the visibility rule. Now,customer_serviceusers can only see rows that match theiruser_idand are not archived.WITH CHECK ( user_id = CURRENT_USER AND is_archived = FALSE ): Modifies the constraint forINSERT/UPDATE. Users attempting modifications must match theuser_id, and the resulting row must not be archived. This prevents the user from inserting archived orders or updating an order to setis_archived = TRUEvia operations governed by this policy.
ALTER POLICY statement represents a typical use case: it refines role targeting and adapts the policy logic to accommodate schema changes and evolving access control requirements.

