Groups serve to simplify the assignment of rights. Ordinary privileges must be granted to a single user, one at a time. This can be tedious if several users need to be assigned the same access to a variety of database objects.
Groups are created to avoid this problem. A group simply requires a name, and can be created empty (without users). Once created, users who are intended to share common access privileges are added into the group together, and are henceforth associated by their membership in that group. Rights on database objects are then granted to the group, rather than to each member of the group. For a system with many users and databases, groups make managing rights less of an administrative chore.
Users may belong to any number of groups, or no groups at all.
Creating and Removing Groups
Before you get started managing groups, you should first understand how to create and remove them from the system. Each of these procedures requires superuser privileges. See the section titled Managing Users earlier in this chapter for more about superusers.
Creating a group
Any superuser may create a new group in PostgreSQL with the
GROUP command. Here is the syntax for
CREATE GROUP groupname [ WITH [ SYSID groupid ] [ USER username [, ...] ] ]
In this syntax,
groupname is the name of the group that you wish to create. A group’s name must start with an ...