pg_roles

The view pg_roles provides access to information about database roles. This is simply a publicly readable view of pg_authid that blanks out the password field. This view explicitly exposes the OID column of the underlying table, since that is needed to do joins to other catalogs.

columntypereferencesdescription
rolnamename Role name
rolsuperbool Role has superuser privileges
rolinheritbool Role automatically inherits privileges of roles it is a member of
rolcreaterolebool Role may create more roles
rolcreatedbbool Role may create databases
rolcatupdatebool Role may update system catalogs directly. (Even a superuser may not do this unless this column is true.)
rolcanloginbool Role may log in. That is, this role can be given as the initial session authorization identifier
rolconnlimitint4 For roles that can log in, this sets maximum number of concurrent connections this role can make. -1 means no limit
rolpasswordtext Not the password (always reads as **)
rolvaliduntiltimestamptz Password expiry time (only used for password authentication); NULL if no expiration
rolconfigtext[] Session defaults for run-time configuration variables
rolresqueueoidpg_resqueue.oidObject ID of the resource queue this role is assigned to.
oidoidpg_authid.oidObject ID of role
rolcreaterextgpfdbool Role may create readable external tables that use the gpfdist protocol.
rolcreaterexthttpbool Role may create readable external tables that use the http protocol.
rolcreatewextgpfdbool Role may create writable external tables that use the gpfdist protocol.
rolcreaterexthdfsbool Role may create readable external tables that use the gphdfs protocol (deprecated).
rolcreatewexthdfsbool Role may create writable external tables that use the gphdfs protocol (deprecated).
rolresgroupoidpg_resgroup.oidObject ID of the resource group to which this role is assigned.

Parent topic: System Catalogs Definitions