> This page location: Roles & Privileges > Alter roles
> Full Neon documentation index: https://neon.com/docs/llms.txt

# PostgreSQL ALTER ROLE Statement

**Info:** The ALTER ROLE statement works the same way across every PostgreSQL deployment, so everything you learn here about modifying attributes, renaming roles, and setting session defaults applies to Postgres wherever you run it. If you're an enterprise looking for managed Postgres built for the AI era, [Lakebase](https://www.databricks.com/product/lakebase) delivers performance, security, and deep integration with the Lakehouse. If you're a developer or startup that needs to ship and scale fast, [Neon](https://neon.com) is the Postgres platform built for you.

**Summary**: in this tutorial, you will learn how to use the PostgreSQL `ALTER ROLE` statement to modify the attributes of a role, rename a role, and change a role's session default for a configuration variable.

## Using the PostgreSQL ALTER ROLE to modify attributes of roles

To change attributes of a [role](https://neon.com/postgresql/administration/postgresql-roles), you use the following form of `ALTER ROLE` statement.

Here's the basic syntax of the

```sql
ALTER ROLE role_name [WITH] option;
```

The option can be:

- `SUPERUSER` | `NOSUPERUSER` – determine if the role is a `superuser` or not.
- `CREATEDB` | `NOCREATEDB`– allow the role to create new databases.
- `CREATEROLE` | `NOCREATEROLE` – allow the role to create or change roles.
- `INHERIT` | `NOINHERIT` – determine if the role inherits the privileges of roles of which it is a member.
- `LOGIN` | `NOLOGIN` – allow the role to log in.
- `REPLICATION` | `NOREPLICATION` – determine if the role is a replication role.
- `BYPASSRLS` | `NOBYPASSRLS` – determine if the role is to bypass the row-level security (RLS) policy.
- `CONNECTION LIMIT limit` – specify the number of concurrent connections a role can make, -1 means unlimited.
- `PASSWORD 'password' | PASSWORD NULL` – change the role's password.
- `VALID UNTIL 'timestamp'` – set the date and time after which the role's password is no longer valid.

The following rules are applied:

- Superusers can change any of those attributes for any role.
- Roles that have the `CREATEROLE` attribute can change any of these attributes for only non-superusers and no-replication roles.
- Ordinal roles can only change their passwords.

First, log in to PostgreSQL server using the `postgres` role.

Second, [create a new role](https://neon.com/postgresql/administration/postgresql-roles) called `calf` using the `CREATE ROLE` statement:

```sql
create role calf login password 'securePwd1';
```

The `calf` role can log in with a password.

Because `postgres` is a superuser, it can change the role `calf` to be a superuser:

```sql
alter role calf superuser;
```

View the role `calf`:

```text
\du calf
```

Output:

```text
        List of roles
Role name | Attributes | Member of
-----------+------------+-----------
calf      | Superuser  | {}

```

The following statement sets the password of the role `calf` to expire until the end of `2050`:

```sql
alter role calf
valid until '2050-01-01';
```

Use the `\du` command to see the effect:

```text
\du calf
```

Output:

```text
                            List of roles
Role name |                 Attributes                  | Member of
-----------+---------------------------------------------+-----------
calf      | Superuser                                  +| {}
          | Password valid until 2050-01-01 00:00:00-08 |

```

## Using the PostgreSQL ALTER ROLE to rename roles

To change the name of a role, you use the following form of the `ALTER ROLE` statement:

```sql
ALTER ROLE role_name
TO new_name;
```

In this syntax, you specify the name of the role after the `ALTER ROLE` keywords and the new name of the role after the `TO` keyword.

A superuser can rename any role. A role that has the `CREATEROLE` privilege can rename no-superuser roles.

If you use a role to log in to the PostgreSQL database server and rename it in the current session, you will get an error:

```sql
ERROR:  session user cannot be renamed
```

In this case, you need to connect to the PostgreSQL database server using a different role to rename that role.

You execute the following statement from the `postgres`' session to rename the role `calf` to `elephant`:

```sql
ALTER ROLE calf
RENAME TO elephant;
```

## Changing a role's session default for a configuration variable

The following `ALTER ROLE` statement changes the role's session default for a configuration variable:

```sql
ALTER ROLE role_name | CURRENT_USER | SESSION_USER | ALL
[IN DATABASE database_name]
SET configuration_param = { value | DEFAULT }
```

In this syntax:

- First, specify the name of the role that you want to modify the role's session default, or use the `CURRENT_USER`, or `SESSION_USER`. You use the `ALL` option to change the settings for all roles.
- Second, specify a database name after the `IN DATABASE` keyword to change only for sessions in the named database. In case you omit the `IN DATABASE` clause, the change will be applied to all databases.
- Third, specify the configuration parameter and the new value in the `SET` clause.

Superusers can change the session defaults of any role. Roles with the `CREATEROLE` attribute can set the defaults for non-superuser roles. Ordinary roles can only set defaults for themselves. Only superusers can change a setting for all roles in all databases.

The following example uses the `ALTER ROLE` to give the role elephant a non-default, database-specific setting of the `client_min_messages` parameter:

```sql
ALTER ROLE elephant
IN DATABASE dvdrental
SET client_min_messages = NOTICE;
```

## Summary

- Use the `ALTER ROLE role_name option` to modify the attributes of a role.
- Use the `ALTER ROLE role_name RENAME TO new_role` statement to rename a role.
- Use the `ALTER ROLE role_name SET param=value` statement to change a role's session default for a configuration variable.

---

## Related docs (Roles & Privileges)

- [Create Roles](https://neon.com/postgresql/administration/roles)
- [Grant Privileges](https://neon.com/postgresql/administration/grant)
- [Revoke Privileges](https://neon.com/postgresql/administration/revoke)
- [Drop Roles](https://neon.com/postgresql/administration/drop-role)
- [Role Membership](https://neon.com/postgresql/administration/role-membership)
- [SET ROLE Statement](https://neon.com/postgresql/administration/set-role)
- [CURRENT_USER](https://neon.com/postgresql/administration/current_user)
- [List Roles](https://neon.com/postgresql/administration/list-users)
- [Change Password](https://neon.com/postgresql/administration/change-password)
- [Create Superusers](https://neon.com/postgresql/administration/create-superuser-postgresql)
- [PostgreSQL Row-Level Security](https://neon.com/postgresql/administration/row-level-security)