I have been asked to provide administration of an existing RDS Postgres instance. The AWS admin has created a new user for me and has added the rds_superuser role to it.
But this user with the rds_superuser role does not seem to have the same set of privileges as the default rds_superuser.
I cannot, for example, create new roles.
Does anyone know the difference between the default rds_superuser that comes with a new RDS PG instance and those users that are subsequently granted the rds_superuser role?
Best Answer
rds_superuser, unlike a real superuser, doesn't inherently have permission to create roles.
You will have to have the other rds_superuser (or anyone else who already has createrole) do: