Table of Contents Previous Next


2 The SQL Language : 2.3 SQL Commands : 2.3.29 CREATE ROLE

CREATE ROLE -- define a new database role
CREATE ROLE name [IDENTIFIED BY password [REPLACE old_password]]
CREATE ROLE adds a new role to the Advanced Server database cluster. A role is an entity that can own database objects and have database privileges; a role can be considered a “user”, a “group”, or both depending on how it is used. The newly created role does not have the LOGIN attribute, so it cannot be used to start a session. Use the ALTER ROLE command to give the role LOGIN rights. You must have CREATEROLE privilege or be a database superuser to use the CREATE ROLE command.
If the IDENTIFIED BY clause is specified, the CREATE ROLE command also creates a schema owned by, and with the same name as the newly created role.
IDENTIFIED BY password
Sets the role’s password. (A password is only of use for roles having the LOGIN attribute, but you can nonetheless define one for roles without it.) If you do not plan to use password authentication you can omit this option.
Use ALTER ROLE to change the attributes of a role, and DROP ROLE to remove a role. The attributes specified by CREATE ROLE can be modified by later ALTER ROLE commands.
Use GRANT and REVOKE to add and remove members of roles that are being used as groups.
Create a role (and a schema) named, admins, with a password:

2 The SQL Language : 2.3 SQL Commands : 2.3.29 CREATE ROLE

Table of Contents Previous Next