pg_policy — PostgreSQL system catalog

Summary

The catalog pg_policy stores row-level security policies for tables. A policy includes the kind of command that it applies to (possibly all commands), the roles that it applies to, the expression to be added as a security-barrier qualification to queries that include the table, and the expression to be added as a WITH CHECK option for queries that attempt to add new records to the table.

(Description quoted from the official PostgreSQL documentation.)

Columns

The pg_policy system catalog exposes the following columns (names, types and descriptions are taken verbatim from the PostgreSQL documentation):

• oid oid
  Row identifier
• polname name
  The name of the policy
• polrelid oid references pg_class.oid
  The table to which the policy applies
• polcmd char
  The command type to which the policy is applied: r for select, a for insert, w for update, d for delete, or * for all
• polpermissive bool
  Is the policy permissive or restrictive?
• polroles oid[] references pg_authid.oid
  The roles to which the policy is applied; zero means PUBLIC (and normally appears alone in the array)
• polqual pg_node_tree
  The expression tree to be added to the security barrier qualifications for queries that use the table
• polwithcheck pg_node_tree
  The expression tree to be added to the WITH CHECK qualifications for queries that attempt to add rows to the table

Related catalogs

This object references the following other system catalogs:

• polrelid → pg_class
• polroles → pg_authid

Version applicability

Present in PostgreSQL 17, 18, 19 (verified against each release’s documentation). This is a long-standing system object that also exists in earlier PostgreSQL releases.

Related & references

• PostgreSQL system catalog & view index
• Built-in function reference

Reference: PostgreSQL documentation — pg_policy.