Product DocumentationAppearance
sys.role
This system view returns a list of roles.
Superusers can see all roles in this view. Users and roles with CREATE ROLE, ALTER ANY ROLE, or DROP ANY ROLE privilege can also see all roles in this view.
Users and roles that are not superusers and do not have (or inherit) CREATE ROLE, ALTER ANY ROLE, or DROP ANY ROLE privilege can only see their own accounts in this view.
Note: This view returns only those roles and users that are created with the NOLOGIN attribute. Roles and users with LOGIN access are not included. See also sys.user.
| Column Name | Data Type | Description |
|---|---|---|
| role_id | bigint | Unique role ID. |
| name | text | Name of the role. |
| create_role | boolean | Whether this role has the privilege to create other roles. |
| create_database | boolean | Whether this role has the privilege to create databases. |
| superuser | boolean | Whether this role has superuser privileges. |
| ldap_synchronized | boolean | Whether this role is synchronized via an LDAP server group. |
| default_cluster | text | Default virtual compute cluster that was set for the role, if any. |
| memberof | name[] | Which roles this role is a member of, if any. |
Examples
For example:
premdb=# select * from sys.role;
role_id | name | create_role | create_database | superuser | ldap_synchronized | memberof
---------+--------+-------------+-----------------+-----------+-------------------+----------
16486 | qa | t | t | f | f | {}
16485 | backup | f | f | f | f | {}
(2 rows)The following role is not listed in sys.role because it was created with the login attribute:
premdb=# create role bar_role login;
CREATE ROLE
premdb=# select * from sys.role where name='bar_role';
role_id | name | create_role | create_database | superuser | ldap_synchronized | memberof
---------+------+-------------+-----------------+-----------+-------------------+----------
(0 rows)