Groups - Amazon Redshift

Groups

Groups are collections of users who are all granted whatever permissions are associated with the group. You can use groups to assign permissions. For example, you can create different groups for sales, administration, and support and give the users in each group the appropriate access to the data they need for their work. You can grant or revoke permissions at the group level, and those changes will apply to all members of the group, except for superusers.

To view all user groups, query the PG_GROUP system catalog table:

select * from pg_group;

For example, to list all database users by group, run the following SQL.

SELECT u.usesysid ,g.groname ,u.usename FROM pg_user u LEFT JOIN pg_group g ON u.usesysid = ANY (g.grolist)

Creating, altering, and deleting groups

Only a superuser can create, alter, or drop groups.

You can perform the following actions:

  • To create a group, use the CREATE GROUP command.

  • To add users to or remove users from an existing group, use the ALTER GROUP command.

  • To delete a group, use the DROP GROUP command. This command only drops the group, not its member users.