Revoking Administrative Access From a Role

A superuser can revoke administrative access from a role using the ADMIN OPTION parameter with the REVOKE statement. Giving users the ability to revoke roles lets a superuser delegate role administration to other users.

Example

The following example demonstrates revoking administrative access from Alice for the commenter role.

  1. Connect to the database as a superuser (or a user with administrative access)

    \c - dbadmin
  2. Issue the REVOKE command with ADMIN OPTION parameters:

    => REVOKE ADMIN OPTION FOR commenter FROM alice;