Categories:

User & Security DDL (Roles)

CREATE ROLE

Create a new role or replace an existing role in the system.

After creating roles, you can grant object privileges to the role and then grant the role to other roles or individual users to enable access control security for objects in the system.

Note

Only user adminstrators (i.e. users with the USERADMIN role or higher), or another role with the CREATE ROLE privilege on the account, can create roles.

See also:

GRANT <privileges> … TO ROLE , GRANT ROLE , GRANT OWNERSHIP

Syntax

CREATE [ OR REPLACE ] ROLE [ IF NOT EXISTS ] <name>
  [ COMMENT = '<string_literal>' ]

Required Parameters

name

Identifier for the role; must be unique for your account.

The identifier must start with an alphabetic character and cannot contain spaces or special characters unless the entire identifier string is enclosed in double quotes (e.g. "My object"). Identifiers enclosed in double quotes are also case-sensitive.

For more details, see Identifier Requirements.

Optional Parameters

COMMENT = 'string_literal'

Specifies a comment for the role.

Default: No value

Examples

CREATE ROLE myrole;