pg_roles
The view pg_roles
provides access to information about database roles. This is simply a publicly readable view of pg_authid that blanks out the password field. This view explicitly exposes the OID column of the underlying table, since that is needed to do joins to other catalogs.
column | type | references | description |
---|---|---|---|
rolname |
name | Role name | |
rolsuper |
boolean | Role has superuser privileges | |
rolinherit |
boolean | Role automatically inherits privileges of roles it is a member of | |
rolcreaterole |
boolean | Role may create more roles | |
rolcreatedb |
boolean | Role may create databases | |
rolcatupdate |
boolean | Role may update system catalogs directly. (Even a superuser may not do this unless this column is true.) | |
rolcanlogin |
boolean | Role may log in. That is, this role can be given as the initial session authorization identifier | |
rolconnlimit |
integer | For roles that can log in, this sets maximum number of concurrent connections this role can make. -1 means no limit | |
rolpassword |
text | Not the password (always reads as ********) | |
rolvaliduntil |
timestamp with time zone | Password expiry time (only used for password authentication); NULL if no expiration | |
rolconfig |
text[] | Session defaults for run-time configuration variables | |
rolresqueue |
oid | pg_resqueue.oid | Object ID of the resource queue this role is assigned to. |
oid |
oid | pg_authid.oid | Object ID of role |
rolcreaterextgpfd |
boolean | Role may create readable external tables that use the gpfdist protocol. | |
rolcreaterexthttp |
boolean | Role may create readable external tables that use the http protocol. | |
rolcreatewextgpfd |
boolean | Role may create writable external tables that use the gpfdist protocol. |