Db Roles Managing Privileges

Once a role is created, you can:

• Manage its current privileges (i.e., privileges on existing objects):
  • By granting privileges for a role or revoking privileges from a role.
  • By granting other roles to the role or revoking roles from the role. Recommended for user account/service account roles.
• Manage its future privileges (i.e., privileges on objects created in the future):
  • By defining default privileges for objects. With default privileges in place, a role is automatically granted/revoked privileges as new objects are created by others (When an object is created, the creator is granted all applicable privileges for that object automatically).