pg_roles
The view pg_roles
provides access to information about database roles. This is simply a publicly readable view of pg_authid that blanks out the password field. This view explicitly exposes the OID column of the underlying table, since that is needed to do joins to other catalogs.
Table 1. pg_catalog.pg_roles
column | type | references | description |
---|---|---|---|
rolname | name | Role name | |
rolsuper | boolean | Role has superuser privileges | |
rolinherit | boolean | Role automatically inherits privileges of roles it is a member of | |
rolcreaterole | boolean | Role may create more roles | |
rolcreatedb | boolean | Role may create databases | |
rolcatupdate | boolean | Role may update system catalogs directly. (Even a superuser may not do this unless this column is true.) | |
rolcanlogin | boolean | Role may log in. That is, this role can be given as the initial session authorization identifier | |
rolconnlimit | integer | For roles that can log in, this sets maximum number of concurrent connections this role can make. -1 means no limit | |
rolpassword | text | Not the password (always reads as **) | |
rolvaliduntil | timestamp with time zone | Password expiry time (only used for password authentication); NULL if no expiration | |
rolconfig | text[] | Session defaults for run-time configuration variables | |
rolresqueue | oid | pg_resqueue.oid | Object ID of the resource queue this role is assigned to. |
oid | oid | pg_authid.oid | Object ID of role |
rolcreaterextgpfd | boolean | Role may create readable external tables that use the gpfdist protocol. | |
rolcreaterexthttp | boolean | Role may create readable external tables that use the http protocol. | |
rolcreatewextgpfd | boolean | Role may create writable external tables that use the gpfdist protocol. |