First, the superuser role has some privileges, which can also be granted to non-superuser roles separately.
To give the role Bob the ability to create new databases, run the following:
ALTER ROLE BOB WITH CREATEDB;
To give the role bob the ability to create new users, run the following:
ALTER ROLE BOB WITH CREATEUSER;
However, it is also possible to give ordinary users more fine-grained and controlled access to some action reserved for superusers by using
SECURITY DEFINER functions. The same trick can also be used for passing on partial privileges between different users.
First, you must have access to the database as a superuser in order to delegate some powers. Here, we assume the use ...