Amazon Redshift will no longer support the use of Python UDFs after June 30, 2026.
We will start enforcing it in phases. For more information on the details of Python end of life
and migration options, see the
blog post
ROLE_IS_MEMBER_OF
Returns true if the role is a member of another role. Superusers can check the membership of all roles. Regular users who have the ACCESS SYSTEM TABLE permission can check all users' membership. Otherwise, regular users can only check roles to which they have access. Amazon Redshift errors out if the provided roles don't exist or the current user doesn't have access to the role.
Data sharing consideration
When a consumer cluster queries a shared object that references this function, such as a view, RLS policy, or DDM policy, the function evaluates using the consumer cluster's security context. The consumer's local users, roles, and group memberships determine the result, not those defined on the producer cluster. If you intend to enforce the same permissions context that is implemented on the producer, ensure that the corresponding role names, group names, and user memberships exist on the consumer cluster and match those on the producer.
Syntax
role_is_member_of( role_name, granted_role_name)
Arguments
- role_name
-
The name of the role.
- granted_role_name
-
The name of the granted role.
Return type
Returns a BOOLEAN.
Example
The following query confirms that the role isn't a member of role1 nor role2.
SELECT role_is_member_of('role1', 'role2'); role_is_member_of ------------------- False