pg_roles

The view pg_roles provides access to information about database roles. This is simply a publicly readable view of pg_authid that blanks out the password field.

This view explicitly exposes the OID column of the underlying table, since that is needed to do joins to other catalogs.

Table 1. pg_catalog.pg_roles

Name	Type	References	Description
rolname	name		Role name
rolsuper	bool		Role has superuser privileges
rolinherit	bool		Role automatically inherits privileges of roles it is a member of
rolcreaterole	bool		Role may create more roles
rolcreatedb	bool		Role may create databases
rolcatupdate	bool		Role may update system catalogs directly. (Even a superuser may not do this unless this column is true.)
rolcanlogin	bool		Role may log in. That is, this role can be given as the initial session authorization identifier
rolconnlimit	int4		For roles that can log in, this sets maximum number of concurrent connections this role can make. -1 means no limit
rolpassword	text		Not the password (always reads as ********)
rolvaliduntil	timestamptz		Password expiry time (only used for password authentication); NULL if no expiration
rolconfig	text[]		Session defaults for run-time configuration variables
rolresqueue	oid		resqueue oid of the user
oid	oid	pg_authid.oid	ID of role
rolcreaterextgpfd	boolean		Privilege to create read external tables with the gpfdist or gpfdists protocol
rolcreaterexthttp	boolean		Privilege to create read external tables with the http protocol
rolcreatewextgpfd	boolean		Privilege to create write external tables with the gpfdist or gpfdists protocol
rolcreaterexthdfs	boolean		Privilege to create read external tables with the gphdfs protocol. (gphdfs is deprecated.)
rolcreatewexthdfs	boolean		Privilege to create write external tables with the gphdfs protocol. (gphdfs is deprecated.)