CREATE ROLE v11
Name
CREATE ROLE -- define a new database role.
Synopsis
CREATE ROLE <name> [IDENTIFIED BY <password> [REPLACE old_password]]
Description
CREATE ROLE adds a new role to the Advanced Server database cluster. A role is an entity that can own database objects and have database privileges; a role can be considered a “user”, a “group”, or both depending on how it is used. The newly created role does not have the LOGIN attribute, so it cannot be used to start a session. Use the ALTER ROLE command to give the role LOGIN rights. You must have CREATEROLE privilege or be a database superuser to use the CREATE ROLE command.
If the IDENTIFIED BY clause is specified, the CREATE ROLE command also creates a schema owned by, and with the same name as the newly created role.
Note
The roles are defined at the database cluster level, and so are valid in all databases in the cluster.
Parameters
name
The name of the new role.
IDENTIFIED BY password
Sets the role’s password. (A password is only of use for roles having the LOGIN attribute, but you can nonetheless define one for roles without it.) If you do not plan to use password authentication you can omit this option.
Notes
Use ALTER ROLE to change the attributes of a role, and DROP ROLE to remove a role. The attributes specified by CREATE ROLE can be modified by later ALTER ROLE commands.
Use GRANT and REVOKE to add and remove members of roles that are being used as groups.
The maximum length limit for role name and password is 63 characters.
Examples
Create a role (and a schema) named, admins, with a password:
CREATE ROLE admins IDENTIFIED BY Rt498zb;
See Also