PSEUDOSUPERUSER role is a predefined role that is automatically assigned to the
dbadmin user on database installation. The
dbadmin can grant this role to any user or non-predefined role. Thereafter,
PSEUDOSUPERUSER users can grant any role, including predefined roles, to other users.
Users with the
PSEUDOSUPERUSER role are entitled to complete administrative privileges, which cannot be revoked. Role privileges include:
- Bypass all GRANT/REVOKE authorization
- Create schemas and tables
- Create users and roles, and grant privileges to them
- Modify user accounts—for example, set user account's passwords, and lock/unlock accounts.
- Create or drop a UDF library and function, or any external procedure