Name
CREATE ROLE
Synopsis
CREATE ROLE
allows the creation of a named set of privileges that may be assigned
to users of a database. When a user is granted a role, that user also
gets all the privileges and permissions of that role.
Vendor |
Command |
---|---|
SQL Server |
Not supported |
MySQL |
Not supported |
Oracle |
Supported, with variations |
PostgreSQL |
Not supported |
Microsoft SQL Server does not support the CREATE
ROLE
command, but has the equivalent capability via the
system stored procedure
sp_add_role
.
SQL99 Syntax and Description
CREATE ROLE role_name [WITH ADMIN {CURRENT_USER | CURRENT_ROLE}]
This statement creates a new role, and differentiates that role from
a host-DBMS
user. The WITH ADMIN
clause allows assigns a
role immediately to the currently active user or currently active
role. By default, the statement defaults to WITH ADMIN
CURRENT_USER
.
Oracle Syntax and Variations
CREATE ROLE role_name [NOT IDENTIFIED | IDENTIFIED {BY password | EXTERNALLY | GLOBALLY}]
In Oracle, the role is created first, then granted privileges and
permissions as if it is a user via the GRANT
command. When users want to get access to the permissions of a role
protected by a password, they use the SET ROLE
command. If a password is placed on the role, any user wishing to
access it must provide the password with the SET
ROLE
command.
Oracle ships with several preconfigured
roles.
CONNECT
, DBA
, and
RESOURCE
are available in all versions of
Oracle. EXP_FULL_DATABASE
and
IMP_FULL_DATABASE
are newer roles used ...
Get SQL in a Nutshell now with the O’Reilly learning platform.
O’Reilly members experience books, live events, courses curated by job role, and more from O’Reilly and nearly 200 top publishers.