Name

CREATE/ALTER/DROP ROLE

Synopsis

CREATE Syntax:

CREATE ROLE rolename 
{NOT IDENTIFIED 
| IDENTIFIED 
  { EXTERNALLY 
  | GLOBALLY 
  | BY password  
  | USING [schema.]package 
  }
}

ALTER Syntax:

ALTER ROLE rolename 
{NOT IDENTIFIED 
| IDENTIFIED 
  { EXTERNALLY 
  | GLOBALLY 
  | BY password  
  | USING [schema.]package 
  }
}

DROP Syntax:

  DROP ROLE rolename

Creates, modifies, or removes a role, w hich is a set of privileges that can be granted to users. When you create a role, you are automatically granted that role WITH ADMIN OPTION, which allows you to grant or revoke the role or to modify it using the ALTER ROLE statement.

Keywords

rolename

Name of the role to be created.

NOT IDENTIFIED

Specifies that a user who was granted the role does not need to be verified when enabling it.

IDENTIFIED BY password

Specifies that the password must be provided when enabling the role.

IDENTIFIED EXTERNALLY

Specifies that the operating system verifies the user enabling the role.

IDENTIFIED GLOBALLY

Specifies that a global user is to be created. A global user must be authorized to use the role by the enterprise directory service before the role is enabled with the SET ROLE statement or at login time.

IDENTIFIED USING

Specifies that this is an application role, which is a role that can be enabled only by applications using packages. New with Oracle9i.

Common keywords and clauses: schema.

Get Oracle in a Nutshell now with the O’Reilly learning platform.

O’Reilly members experience books, live events, courses curated by job role, and more from O’Reilly and nearly 200 top publishers.

Start your free trial