CREATE ROLE

CREATE ROLE —create a new database role

Syntax

CREATE ROLE [schema.]name

Description

A ROLE is an entity that can own database objects and be assigned database privileges. Any user can create a ROLE. Use DROP ROLE to drop a ROLE. Use GRANT and REVOKE to assign and remove privileges from roles. (See DROP ROLE, GRANT, REVOKE.) The user granting privileges on database objects to a ROLE must own both the ROLE and that database object for which they are granting privileges. It is recommended that you create roles, assign privileges to those roles, and then assign those roles to users, rather than assigning privileges directly to users. Users can assigned any number of roles.

For more information on using database identifiers with special characters, see Rules for Specifying NuoDB Identifier Names.

Parameters

schema: Name of the schema in which the role will be created. The default is the current schema as defined by the USE command. If schema is provided, and the schema does not exist, it will be created.
name: Name (optionally schema-qualified) of the new role. If the schema does not exist it will be created. Roles cannot be created in the SYSTEM schema. This schema is reserved for database metadata.

Example

Create a ROLE. Assign SELECT on a table to the ROLE. Assign the ROLE to a USER.

CREATE ROLE account_manager;
CREATE TABLE accounts_payable (id INTEGER, account_no STRING, amount NUMBER);
GRANT SELECT ON accounts_payable TO ROLE account_manager;

CREATE USER payroll_clerk password 'jd&dtk9';
GRANT account_manager TO payroll_clerk;