ALTER POLICY
Synopsis
Use the ALTER POLICY
statement to change the definition of a row level security policy. It can be used to
change the roles that the policy applies to and the USING
and CHECK
expressions of the policy.
Syntax
alter_policy ::= ALTER POLICY name ON table_name
[ TO { role_name
| PUBLIC
| CURRENT_USER
| SESSION_USER } [ , ... ] ]
[ USING ( using_expression ) ]
[ WITH CHECK ( check_expression ) ]
alter_policy_rename ::= ALTER POLICY name ON table_name RENAME TO
new_name
Where
name
is the name of the policy being updated.table_name
is the name of the table on which the policy applies.new_name
is the new name of the policy.role_name
is the role(s) to which the policy applies. UsePUBLIC
if the policy should be applied to all roles.using_expression
is a SQL conditional expression. Only rows for which the condition returns to true will be visible in aSELECT
and available for modification in anUPDATE
orDELETE
.check_expression
is a SQL conditional expression that is used only forINSERT
andUPDATE
queries. Only rows for which the expression evaluates to true will be allowed in anINSERT
orUPDATE
. Note that unlikeusing_expression
, this is evaluated against the proposed new contents of the row.
Examples
- Rename a policy.
yugabyte=# ALTER POLICY p1 ON table_foo RENAME TO p2;
- Apply policy to all roles.
yugabyte=# ALTER POLICY p1 ON table_foo TO PUBLIC;