Basic User Role Commands

Users within a DeltaStream Organization have one or more roles. In most cases, users will be assigned to multiple roles. In this tutorial, we'll cover some basic commands for managing a user's roles.

List Roles

A user can see their current set of roles using the LIST ROLES command. In the example below, we can see that our current role is sysadmin, but this user has access to other roles including public, orgadmin, securityadmin, and useradmin.

<no-db>/<no-store># LIST ROLES;
      Name      | Current |      Created at
----------------+---------+-----------------------
  public        |         | 2023-08-09T22:49:46Z
  orgadmin      |         | 2023-08-09T22:49:46Z
  securityadmin |         | 2023-08-09T22:49:46Z
  useradmin     |         | 2023-08-09T22:49:46Z
  sysadmin      | ✓       | 2023-08-09T22:49:46Z

Switch Roles

To switch to a different role, users can use the USE command. In this example, let's switch from the sysadmin role to the useradmin role.

<no-db>/<no-store># USE ROLE useradmin;

Now, if we LIST ROLES again, we can see that the current role has changed to useradmin.

<no-db>/<no-store># LIST ROLES;
      Name      | Current |      Created at
----------------+---------+-----------------------
  public        |         | 2023-08-09T22:49:46Z
  orgadmin      |         | 2023-08-09T22:49:46Z
  securityadmin |         | 2023-08-09T22:49:46Z
  useradmin     | ✓       | 2023-08-09T22:49:46Z
  sysadmin      |         | 2023-08-09T22:49:46Z

Describe a Role

We can also use the DESCRIBE ROLE command to learn more information about a specific role. Note that in order to describe a particular role, the user's current role must have access to that role. In this example, we can see that the useradmin role is also granted the public role. Below that, we can see the privileges of the role. Since the useradmin role is for managing other users, the ManageMembers privilege is granted to this role. Other roles will have other privileges.

<no-db>/<no-store># DESCRIBE ROLE useradmin;
    Name    |      Created at
------------+-----------------------
  useradmin | 2023-08-09T22:49:46Z

Granted Roles
   Name
----------
  public

Granted Privileges
      Type      |    Target    | ID/Name | Grant option
----------------+--------------+---------+---------------
  ManageMembers | Organization |         | ✓
PreviousUser Management for AdminsNextExample: Setting Up Custom Roles for Prod and Stage

Last updated