CREATE ROLE

Description

This statement is used to create a role. You can use roles to manage permissions.

Privilege requirements

• To create a role, the current user must have the CREATE USER or CREATE ROLE privilege. For more information about seekdb privileges, see seekdb privilege types.

• If the value of the system variable read_only is 1, indicating that the instance is in read-only mode, the current user must also have the SUPER privilege to execute the CREATE ROLE statement.

  The system variable read_only is used to set whether the instance is in read-only mode. The default value is 0, indicating that the instance is in read-write mode. For more information about the system variable read_only, see read_only.

Syntax

CREATE ROLE [IF NOT EXISTS] role_name [, role_name ...];

Parameter description

Parameter	Description
IF NOT EXISTS	Optional. If specified, the system will not return an error if the role to be created already exists in the current tenant. Instead, it will return a warning message. If not specified, an error will be returned.
role_name	The name of the role to be created. When creating multiple roles, separate the role names with commas (,).

Examples

• Create a role named role001.

  CREATE ROLE role001;

• Create roles named role001 and role002.

  CREATE ROLE IF NOT EXISTS role001, role002;

  The return result is as follows:

  Query OK, 0 rows affected, 1 warning

  Use the SHOW WARNINGS; statement to query the warning message. The return result is as follows:

  +-------+------+-----------------------------------------------+
  | Level | Code | Message                                       |
  +-------+------+-----------------------------------------------+
  | Note  | 3163 | Authorization ID 'role001'@'%' already exists |
  +-------+------+-----------------------------------------------+
  1 row in set (0.001 sec)

References

• Create a role
• Grant privileges to a role
• Grant a role to a user or role
• View roles
• Indirect authorization