Ctrl K

Remove a role from a user or service account

Published Oct 17, 2025

Remove a single role from a user or service account by providing its user_id or service_account_id. Roles that will be removed as a result of this call must follow the CC rules for role assignment: https://www.cockroachlabs.com/docs/cockroachcloud/authorization#which-roles-grant-the-ability-to-add-remove-and-manage-members-in-in-a-cockroachdb-cloud-organization

Script cockroachdb Verified

Use in Windmill

The script

Submitted by hugo697 Bun

Verified 235 days ago

All edits

Permalink

//native
type Cockroachdb = {
  token: string;
};
/**
 * Remove a role from a user or service account
 * Remove a single role from a user or service account by providing its user_id or service_account_id.

Roles that will be removed as a result of this call must follow the CC rules for role assignment:
https://www.cockroachlabs.com/docs/cockroachcloud/authorization#which-roles-grant-the-ability-to-add-remove-and-manage-members-in-in-a-cockroachdb-cloud-organization
 */
export async function main(
  auth: Cockroachdb,
  user_id: string,
  resource_type: "ORGANIZATION" | "CLUSTER" | "FOLDER",
  resource_id: string,
  role_name:
    | "BILLING_COORDINATOR"
    | "ORG_ADMIN"
    | "ORG_MEMBER"
    | "CLUSTER_ADMIN"
    | "CLUSTER_OPERATOR_WRITER"
    | "CLUSTER_DEVELOPER"
    | "CLUSTER_CREATOR"
    | "FOLDER_ADMIN"
    | "FOLDER_MOVER",
) {
  const url = new URL(
    `https://cockroachlabs.cloud/api/v1/roles/${user_id}/${resource_type}/${resource_id}/${role_name}`,
  );

  const response = await fetch(url, {
    method: "DELETE",
    headers: {
      Authorization: "Bearer " + auth.token,
    },
    body: undefined,
  });
  if (!response.ok) {
    const text = await response.text();
    throw new Error(`${response.status} ${text}`);
  }
  return await response.json();
}


`1`	`//native`
`2`	`type Cockroachdb = {`
`3`	`token: string;`
`4`	`};`
`5`	`/**`
`6`	`* Remove a role from a user or service account`
`7`	`* Remove a single role from a user or service account by providing its user_id or service_account_id.`
`8`
`9`	`Roles that will be removed as a result of this call must follow the CC rules for role assignment:`
`10`	`https://www.cockroachlabs.com/docs/cockroachcloud/authorization#which-roles-grant-the-ability-to-add-remove-and-manage-members-in-in-a-cockroachdb-cloud-organization`
`11`	`*/`
`12`	`export async function main(`
`13`	`auth: Cockroachdb,`
`14`	`user_id: string,`
`15`	`resource_type: "ORGANIZATION" \| "CLUSTER" \| "FOLDER",`
`16`	`resource_id: string,`
`17`	`role_name:`
`18`	`\| "BILLING_COORDINATOR"`
`19`	`\| "ORG_ADMIN"`
`20`	`\| "ORG_MEMBER"`
`21`	`\| "CLUSTER_ADMIN"`
`22`	`\| "CLUSTER_OPERATOR_WRITER"`
`23`	`\| "CLUSTER_DEVELOPER"`
`24`	`\| "CLUSTER_CREATOR"`
`25`	`\| "FOLDER_ADMIN"`
`26`	`\| "FOLDER_MOVER",`
`27`	`) {`
`28`	`const url = new URL(`
`29`	`https://cockroachlabs.cloud/api/v1/roles/${user_id}/${resource_type}/${resource_id}/${role_name}`,
`30`	`);`
`31`
`32`	`const response = await fetch(url, {`
`33`	`method: "DELETE",`
`34`	`headers: {`
`35`	`Authorization: "Bearer " + auth.token,`
`36`	`},`
`37`	`body: undefined,`
`38`	`});`
`39`	`if (!response.ok) {`
`40`	`const text = await response.text();`
`41`	throw new Error(`${response.status} ${text}`);
`42`	`}`
`43`	`return await response.json();`
`44`	`}`
`45`