File tree 1 file changed +33
-0
lines changed
1 file changed +33
-0
lines changed Original file line number Diff line number Diff line change @@ -236,6 +236,39 @@ CREATE USER <replaceable>name</replaceable>;
236
236
</para>
237
237
</listitem>
238
238
</varlistentry>
239
+
240
+ <varlistentry>
241
+ <term>inheritance of privileges<indexterm><primary>role</primary><secondary>privilege to inherit</secondary></indexterm></term>
242
+ <listitem>
243
+ <para>
244
+ A role is given permission to inherit the privileges of roles it is a
245
+ member of, by default. However, to create a role without the permission,
246
+ use <literal>CREATE ROLE <replaceable>name</replaceable> NOINHERIT</literal>.
247
+ </para>
248
+ </listitem>
249
+ </varlistentry>
250
+
251
+ <varlistentry>
252
+ <term>bypassing row-level security<indexterm><primary>role</primary><secondary>privilege to bypass</secondary></indexterm></term>
253
+ <listitem>
254
+ <para>
255
+ A role must be explicitly given permission to bypass every row-level security (RLS) policy
256
+ (except for superusers, since those bypass all permission checks).
257
+ To create such a role, use <literal>CREATE ROLE <replaceable>name</replaceable> BYPASSRLS</literal> as a superuser.
258
+ </para>
259
+ </listitem>
260
+ </varlistentry>
261
+
262
+ <varlistentry>
263
+ <term>connection limit<indexterm><primary>role</primary><secondary>privilege to limit connection</secondary></indexterm></term>
264
+ <listitem>
265
+ <para>
266
+ Connection limit can specify how many concurrent connections a role can make.
267
+ -1 (the default) means no limit. Specify connection limit upon role creation with
268
+ <literal>CREATE ROLE <replaceable>name</replaceable> CONNECTION LIMIT '<replaceable>integer</replaceable>'</literal>.
269
+ </para>
270
+ </listitem>
271
+ </varlistentry>
239
272
</variablelist>
240
273
241
274
A role's attributes can be modified after creation with
You can’t perform that action at this time.
0 commit comments