PG_AUTHID
PG_AUTHID stores information about database authentication identifiers (roles). Roles include the concept of users. A user is essentially a role with the rolcanlogin flag set. Any role (whether rolcanlogin is set or not) can include other roles as members.
There is only one pg_authid per cluster, not per database. Access to this system catalog requires system administrator privileges.
|
Column |
Type |
Description |
|---|---|---|
|
oid |
oid |
Row identifier (a hidden attribute that is only shown upon explicit selection). |
|
rolname |
name |
Role name. |
|
rolsuper |
Boolean |
Whether the role is the initial system administrator with the highest privileges. |
|
rolinherit |
Boolean |
Whether the role automatically inherits the privileges of its parent roles. |
|
rolcreaterole |
Boolean |
Whether the role can create additional roles. |
|
rolcreatedb |
Boolean |
Whether the role can create databases. |
|
rolcatupdate |
Boolean |
Whether the role can directly update system catalogs. Only the initial system administrator with usesysid=10 possesses this privilege. It is unavailable to others. |
|
rolcanlogin |
Boolean |
Whether a role can log in, that is, serve as an initial session authorization identifier. |
|
rolreplication |
Boolean |
Marks the role as a replication role (for adaptation purposes, lacking practical functionality). |
|
rolauditadmin |
Boolean |
Designates the role as an audit user. |
|
rolsystemadmin |
Boolean |
Identifies the role as an administrative user. |
|
rolconnlimit |
integer |
Limits the maximum number of concurrent connections allowed for a single user on a single CN. The value -1 indicates no limit. |
|
rolpassword |
text |
Password (potentially encrypted). NULL if no password exists. |
|
rolvalidbegin |
timestamp with time zone |
Start time of the account's validity period. NULL if unspecified. |
|
rolvaliduntil |
timestamp with time zone |
End time of the account's validity period. NULL if unspecified. |
|
rolrespool |
name |
Resource pool accessible to a user. |
|
roluseft |
Boolean |
Whether the role can perform operations on external tables. |
|
rolparentid |
oid |
OID of the user group a user belongs to. |
|
roltabspace |
Text |
Storage quota for the user's permanent tables. |
|
rolkind |
char |
Special user types, including private users, logical cluster administrators, and regular users. |
|
rolnodegroup |
oid |
OID of the node group associated with a user. This node group must be a logical cluster. |
|
roltempspace |
Text |
Storage quota for the user's temporary tables. |
|
rolspillspace |
Text |
Operator spill space quota for the user. |
|
rolexcpdata |
text |
Reserved column, currently unused. |
|
rolauthinfo |
text |
Additional information for users authenticated through LDAP or OneAccess. NULL for other authentication methods. |
|
rolpwdexpire |
integer |
Expiration time for the user's password. Users may modify their own passwords prior to expiration. Post-expiration, an administrator must reset the password. The value -1 indicates that the password never expires. |
|
rolpwdtime |
timestamp with time zone |
Creation time of the password. |
|
roluuid |
bigint |
Role identifier. This column is available only in clusters of version 9.1.0 or later. |
Feedback
Was this page helpful?
Provide feedbackThank you very much for your feedback. We will continue working to improve the documentation.See the reply and handling status in My Cloud VOC.
For any further questions, feel free to contact us through the chatbot.
Chatbot
