Using the CLI to Manage User Roles

Every DeltaStream organization member belongs to one or more roles. As each role may allow a unique and specific subset of capabilities, in most cases people are assigned multiple roles. Review the basic commands below for details on how to manage someone's roles.

Listing Roles

Individuals can view their current set of roles via the LIST ROLES command. In the example below, you can see that while the current role is sysadmin, it also has access to other roles including public, orgadmin, securityadmin, and useradmin.

<no-db>/<no-store># LIST ROLES;
      Name      | Current |      Created at
----------------+---------+-----------------------
  public        |         | 2023-08-09T22:49:46Z
  orgadmin      |         | 2023-08-09T22:49:46Z
  securityadmin |         | 2023-08-09T22:49:46Z
  useradmin     |         | 2023-08-09T22:49:46Z
  sysadmin      | ✓       | 2023-08-09T22:49:46Z

Switching Roles

To switch to a different role, you can can use the USE command. The example below shows how to switch from the sysadmin role to the useradmin role.

<no-db>/<no-store># USE ROLE useradmin;

Now, if you LIST ROLES again, you can see that the current role has changed to useradmin.

<no-db>/<no-store># LIST ROLES;
      Name      | Current |      Created at
----------------+---------+-----------------------
  public        |         | 2023-08-09T22:49:46Z
  orgadmin      |         | 2023-08-09T22:49:46Z
  securityadmin |         | 2023-08-09T22:49:46Z
  useradmin     | ✓       | 2023-08-09T22:49:46Z
  sysadmin      |         | 2023-08-09T22:49:46Z

Describing a Role

You can also use the CREATE ROLE command to learn more information about a specific role.

Note Your current role must have access to whichever role you wish to describe.

The example below shows that the useradmin role is also granted the public role, and below that you can view the privileges of the role. Since the useradmin role is for managing other users, the ManageMembers privilege is granted to this role. Other roles may have other privileges.

<no-db>/<no-store># DESCRIBE ROLE useradmin;
    Name    |      Created at
------------+-----------------------
  useradmin | 2023-08-09T22:49:46Z

Granted Roles
   Name
----------
  public

Granted Privileges
      Type      |    Target    | ID/Name | Grant option
----------------+--------------+---------+---------------
  ManageMembers | Organization |         | ✓

PreviousAdministering Users in your Organization NextExample: Setting Up Custom Roles for Production and Stage

Last updated 2 months ago