4. SQL Statements : ALTER ROLE
Share this page                  
Valid in: SQL, ESQL, OpenAPI, ODBC, JDBC, .NET
The ALTER ROLE statement changes the attributes associated with a role identifier.
Use ADD PRIVILEGES to give the user additional privileges. Use DROP PRIVILEGES to remove privileges from the user. You cannot use either ADD PRIVILEGES or DROP PRIVILEGES if with_option is specified in the with_clause.
The ALTER ROLE statement has the following format:
[EXEC SQL] ALTER ROLE role_id {, role_id}
[ADD PRIVILEGES ( priv {,priv} ) | DROP PRIVILEGES ( priv {,priv} )]
[WITH with_option {,with_option}]
with_option = NOPASSWORD | PASSWORD = 'role_password' | EXTERNAL_PASSWORD
               | NOPRIVILEGES | PRIVILEGES = ( priv {,priv} )
               | NOSECURITY_AUDIT | SECURITY_AUDIT = (audit_opt {,audit_opt})
Specifies an existing role ID created with the CREATE ROLE statement. If one or more of the specified role identifiers do not exist, the DBMS Server issues a warning, but all valid role identifiers are processed.
Specifies a subject privilege, as described in CREATE USER.
Note:  These are requestable privileges. They must be activated using the SET SESSION ADD PRIVILEGES statement.
Defines the password for the role.
Caution! If no password is specified, any session has access to the specified role identifier and its associated permissions.
Defines security audit options, as described in CREATE USER.