A role is a collection of privileges.
Like a privilege, a role can be assigned to a different role or to a user.
While privileges are always valid, roles are always inactive, that is, the privileges they contain are not valid. Roles can be activated for individual database sessions. Every user to whom roles have been assigned can also define which of the roles should be active in each of his or her database sessions. This definition can be changed after a database session has been opened.
All roles are inactive for the current database session while data definition statements are being executed.
See also: