Hi folks,
I've created a role 'admins' and conferred the CREATEDB and CREATE ROLE
privileges to this role. I'd like to be able to add users to this role
in order to easily manage group permissions. This doesn't seem to be
working the way I understand it should, though:
postgres=# CREATE ROLE admins WITH CREATEROLE CREATEDB;
CREATE ROLE
postgres=# CREATE USER joe;
CREATE ROLE
postgres=# GRANT admins TO joe;
GRANT ROLE
postgres=# SET ROLE joe;
SET
postgres=> CREATE DATABASE joes_db;
ERROR: permission denied to create database
postgres=> \dg
List of roles
Role name | Attributes | Member of
------------------+------------------------------------------------------------+-----------------
admins | Create role, Create DB, Cannot login | {}
joe | | {admins}
postgres | Superuser, Create role, Create DB, Replication, Bypass RLS | {}
postgres=>
Should the CREATEDB privilege be inherited when granting the 'admins'
role to a user, or is another step required?
Or (quite possibly) have I misunderstood something else?
Many thanks,
Ben Hancock
PostgreSQL 14.3