Azure Database for PostgreSQL
An Azure managed PostgreSQL database service for app development and deployment.
Cannot Drop Role with "Replication" Attribute in Azure PostgreSQL Flexible Server 16
Gabriel Aquino
0
Reputation points
Hello,
I am encountering the following error when trying to drop a role that has the "REPLICATION" attribute enabled.
ERROR: permission denied to drop role
Detail: Only roles with the CREATEROLE attribute and the ADMIN option on role "test_replication" may drop this role.
SQL Error [42501]: ERROR: permission denied to drop role
Detail: Only roles with the CREATEROLE attribute and the ADMIN option on role "test_replication" may drop this role.
Some context:
Environment: Azure Database for PostgreSQL Flexible Server (version 16.8)
Authentication: PostgreSQL authentication only
This "admin" user created the role test_replication but is unable to drop it.
To investigate, we ran the following script:
DROP ROLE IF EXISTS test_noreplication;
CREATE ROLE test_noreplication WITH
LOGIN
NOSUPERUSER
INHERIT
CREATEDB
NOCREATEROLE
NOREPLICATION;
DROP ROLE IF EXISTS test_replication;
CREATE ROLE test_replication WITH
LOGIN
NOSUPERUSER
INHERIT
CREATEDB
NOCREATEROLE
REPLICATION;
After running the script, we confirmed that we cannot drop the role that has the REPLICATION attribute enabled.
Thanks! Looking forward to your insights.
Azure Database for PostgreSQL
-
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(256, 4%, 34%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3EPC%3C/text%3E%3C/svg%3E)
Prasad Chaganti 775 Reputation points Microsoft External Staff Moderator2025-03-07T17:04:14.36+00:00 Hi Gabriel Aquino,
Thank you for posting the Question and using Microsoft Q&A,
It looks like you're trying to drop a role in your database, but you're encountering a permission error. This error indicates that only roles with the
CREATEROLEattribute and theADMINoption on the role "test_replication" can drop this role.To resolve this issue, you need to ensure that the role you're using has the necessary permissions. Here are the steps you can follow:
- Check your current role's attributes: Verify if your current role has the
CREATEROLEattribute. - Grant the necessary permissions: If your role doesn't have the required permissions, you can grant them using the following SQL commands: -- Grant CREATEROLE attribute to your role
ALTER ROLE your_role_name CREATEROLE;
Grant ADMIN option on the role "test_replication"
GRANT ADMIN OPTION ON ROLE test_replication TO your_role_name;
I hope this information helps. Please do let us know if you have any further queries. - Check your current role's attributes: Verify if your current role has the
-
Prasad Chaganti 775 Reputation points Microsoft External Staff Moderator
2025-03-10T19:23:32.13+00:00 Hi Gabriel Aquino,
We have identified this as a bug and the team is currently working to fix it. In the meantime, to unblock you, we can drop the server from the back end for you until issue is fix. We need some information from you. Could you please check the private message for the necessary details we need?
-
Prasad Chaganti 775 Reputation points Microsoft External Staff Moderator
2025-03-17T18:16:11.0133333+00:00 Hi Gabriel Aquino,
we have completed the action of dropping the user at the backend. Could you please check and confirm from your side if everything looks fine?
-
Prasad Chaganti 775 Reputation points Microsoft External Staff Moderator
2025-03-18T17:31:07.4233333+00:00 Hi Gabriel Aquino,
We haven’t heard from you on the last response and was just checking back to see if you have a resolution yet.
In case if you have any resolution please do share that same with the community as it can be helpful to others. Otherwise, will respond with more details and we will try to help.
-
Gabriel Aquino 0 Reputation points
2025-03-18T18:04:00.62+00:00 Hi!
The roles were dropped correctly, but they have another problem and i would like to know if its related to the action taken. I specified this in the direct messages.thanks!
-
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(300.8, 60%, 39%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3EP%3C/text%3E%3C/svg%3E)
PratikLad 1,905 Reputation points Microsoft External Staff Moderator2025-03-25T09:38:05.5366667+00:00 Hi Gabriel Aquino,
Run the following command to check if the "staging" database exists:
az postgres db list --server-name <server-name> --resource-group <resource-group-name> --output tableIf the database does not appear in the list, it might have been deleted or not created.
-
PratikLad 1,905 Reputation points Microsoft External Staff Moderator
2025-03-26T03:31:19.13+00:00 Hi Gabriel Aquino,
We haven’t heard from you on the last response and was just checking back to see if you have a resolution yet.
In case if you have any resolution please do share that same with the community as it can be helpful to others. Otherwise, will respond with more details and we will try to help.
-
PratikLad 1,905 Reputation points Microsoft External Staff Moderator
2025-03-27T03:38:26.53+00:00 Hi Gabriel Aquino,
We haven’t heard from you on the last response and was just checking back to see if you have a resolution yet.
In case if you have any resolution please do share that same with the community as it can be helpful to others. Otherwise, will respond with more details and we will try to help.
Sign in to comment
Sign in to answer