CREATE ROLE

The CREATE ROLE statement creates a role at the current server.

Invocation

This statement can be embedded in an application program or issued interactively. It is an executable statement that can be dynamically prepared only if DYNAMICRULES run behavior is implicitly or explicitly specified.

Authorization

The privilege set that is defined below must include at least one of the following authorities:

  • SYSADM authority
  • SYSCTRL authority
  • Start of changeSECADMEnd of change

Privilege set: If the statement is embedded in an application program, the privilege set is the set of privileges that are held by the owner of the plan or package.

If the statement is dynamically prepared, the privilege set is the set of privileges that are held by the SQL authorization ID of the process or by the role that is associated with the primary authorization ID, if the statement is run in a trusted context and the ROLE AS OBJECT OWNER clause is specified.

Syntax

Read syntax diagram
>>-CREATE ROLE--role-name--------------------------------------><

Description

role-name
Start of changeNames the role. The name must not identify a role that exists at the current server. The name must not begin with the characters 'SYS' and must not be 'DBADM', ‘NONE', 'NULL', 'PUBLIC', or 'SECADM'.End of change

Examples

The following statement creates a role named TELLER. 
   CREATE ROLE TELLER;