> For the complete documentation index, see [llms.txt](https://docs.postgresql.tw/llms.txt). Markdown versions of documentation pages are available by appending `.md` to page URLs; this page is available as [Markdown](https://docs.postgresql.tw/11/server-administration/21.-zi-liao-ku-jiao-se/21.5.-default-roles.md). # 21.5. Default Roles PostgreSQL provides a set of default roles which provide access to certain, commonly needed, privileged capabilities and information. Administrators can GRANT these roles to users and/or other roles in their environment, providing those users with access to the specified capabilities and information. The default roles are described in [Table 21.1](https://www.postgresql.org/docs/10/static/default-roles.html#DEFAULT-ROLES-TABLE). Note that the specific permissions for each of the default roles may change in the future as additional capabilities are added. Administrators should monitor the release notes for changes. **Table 21.1. Default Roles** | Role | Allowed Access | | ----------------------- | ---------------------------------------------------------------------------------------------------------------------------------------------------- | | pg\_read\_all\_settings | Read all configuration variables, even those normally visible only to superusers. | | pg\_read\_all\_stats | Read all pg\_stat\_\* views and use various statistics related extensions, even those normally visible only to superusers. | | pg\_stat\_scan\_tables | Execute monitoring functions that may take `ACCESS SHARE` locks on tables, potentially for a long time. | | pg\_signal\_backend | Send signals to other backends (eg: cancel query, terminate). | | pg\_monitor | Read/execute various monitoring views and functions. This role is a member of `pg_read_all_settings`, `pg_read_all_stats` and `pg_stat_scan_tables`. | The `pg_monitor`, `pg_read_all_settings`, `pg_read_all_stats` and `pg_stat_scan_tables` roles are intended to allow administrators to easily configure a role for the purpose of monitoring the database server. They grant a set of common privileges allowing the role to read various useful configuration settings, statistics and other system information normally restricted to superusers. Care should be taken when granting these roles to ensure they are only used where needed to perform the desired monitoring. Administrators can grant access to these roles to users using the GRANT command: ``` GRANT pg_signal_backend TO admin_user; ``` --- # Agent Instructions This documentation is published with GitBook. GitBook is the documentation platform designed so that both humans and AI agents can read, navigate, and reason over technical content effectively. Learn more at gitbook.com. ## Querying This Documentation If you need additional information that is not directly available in this page, you can query the documentation dynamically by asking a question. Perform an HTTP GET request on the current page URL with the `ask` query parameter, and the optional `goal` query parameter: ``` GET https://docs.postgresql.tw/11/server-administration/21.-zi-liao-ku-jiao-se/21.5.-default-roles.md?ask=&goal= ``` `ask` is the immediate question: it should be specific, self-contained, and written in natural language. `goal` is optional and describes the broader end goal you are ultimately trying to accomplish on behalf of the user. GitBook uses it to tailor the answer towards what is most useful for that goal. The response will contain a direct answer to the question and relevant excerpts and sources from the documentation. Use this mechanism when the answer is not explicitly present in the current page, you need clarification or additional context, or you want to retrieve related documentation sections.