PostgreSQL1 manages database access and permissions using “roles”. A role is similar to a database user (as in MariaDB/MySQL). Roles have the concept of ownership and may own database objects (e.g tables, sequences and functions) and can assign privileges on those objects to other roles.
A role can represent a group of database users, such that it is possible to grant membership in a role to another role; therefore, allowing the member role to inherit privileges.
The concept of roles subsumes the concepts of “users” and “groups”.
CREATE ROLE name1 WITH PASSWORD 'password1'; CREATE ROLE name2 CREATEDB CREATEROLE WITH PASSWORD 'password2';
The GRANT command is used to grant membership in a role.
GRANT admins TO ish;
With the above command, role “ish” inherits all privileges of role “admins”.
The GRANT command is also used to grant privileges on database objects (e.g table, column, view, database, etc).
GRANT ALL PRIVILEGES ON mydatabase TO admins; GRANT SELECT, UPDATE, INSERT on mytable TO ish;