> This page location: Roles & Privileges > Create Superusers
> Full Neon documentation index: https://neon.com/docs/llms.txt

# How to Create Superuser in PostgreSQL

**Info:** Creating superusers with CREATE ROLE and ALTER ROLE works the same on any PostgreSQL deployment, so the techniques here apply wherever you run Postgres. If you're an enterprise looking for managed Postgres in the AI era, [Lakebase](https://www.databricks.com/product/lakebase) delivers high performance, strong security, and tight integration with the Lakehouse. If you're a developer or startup who needs to ship and scale quickly, [Neon](https://neon.com) gives you the best Postgres platform to build on.

**Summary**: in this tutorial, you will learn about PostgreSQL superusers and how to create them using the `CREATE` `ROLE` statement.

## Introduction to PostgreSQL superuser

In PostgreSQL, a superuser is a special role with the highest privileges. A superuser has full access to all databases and tables. Additionally, it can perform administrative tasks such as [creating databases](https://neon.com/postgresql/administration/postgresql-create-database), [dropping databases](https://neon.com/postgresql/administration/postgresql-drop-database), [managing user roles](https://neon.com/postgresql/administration/postgresql-roles), modifying database configuration, and so on.

In other words, a superuser can bypass all security checks except the right to log in.

**Tip: Neon Note**

Neon is a managed Postgres service, so you cannot access the host operating system or connect using the Postgres `superuser` account like you can in a standalone Postgres installation. Instead, Neon provides the `neon_superuser` role with elevated privileges. For more information about roles in Neon, see [Manage roles](https://neon.com/docs/manage/roles).

By default, PostgreSQL has a superuser role called `postgres`. Typically, you use the `postgres` user role for performing administrative tasks and don't need to create additional users with the superuser privilege.

However, if you need additional superuser roles, you can create them using the `CREATE ROLE` statement or change a regular user to a superuser using the `ALTER ROLE` statement.

### Creating new superusers

First, connect to the PostgreSQL database using a client such as `psql`:

```bash
psql -U postgres
```

Second, execute the following `CREATE ROLE` command to create a superuser:

```sql
CREATE ROLE username SUPERUSER;
```

You need to replace `username` with your desired username for the superuser. For example:

```sql
CREATE ROLE spiderman SUPERUSER
LOGIN
PASSWORD 'moreSecurePass';
```

Third, verify the user creation:

```text
\du spiderman
```

Output:

```text
     List of roles
 Role name | Attributes
-----------+------------
 spiderman | Superuser
```

The output indicates that `spiderman` role is a superuser.

### Changing a user to a superuser

It's possible to change a user to a superuser using the `ALTER` `ROLE` statement.

First, create a regular role with a login privilege and a password:

```sql
CREATE ROLE batman LOGIN PASSWORD 'moreSecurePass';
```

Second, make the `batman` role become a superuser using the `ALTER` `ROLE` statement:

```sql
ALTER ROLE batman SUPERUSER;
```

Third, verify the user modification:

```text
\du batman
```

Output:

```text
     List of roles
 Role name | Attributes
-----------+------------
 batman    | Superuser
```

### Revoking superuser from a user

To revoke a superuser status of a user, you can use the following `ALTER` `ROLE` statement:

```sql
ALTER USER username NOSUPERUSER;
```

For example, the following statement revokes the `SUPERUSER` status from the `spiderman` role:

```sql
ALTER USER spiderman NOSUPERUSER;
```

You can verify the `spiderman` role as follows:

```text
\du spiderman
```

Output:

```text
     List of roles
 Role name | Attributes
-----------+------------
 spiderman |
```

## Summary

- In PostgreSQL, a superuser bypass all permission checks except the permission to log in.
- Use the `CREATE ROLE...SUPERUSER` statement to create a superuser.
- Use the `ALTER ROLE...SUPERUSER` statement to make a role a superuser.
- Use the `ALTER ROLE...NOSUPERUSER` statement to revoke the superuser from a user.

---

## Related docs (Roles & Privileges)

- [Create Roles](https://neon.com/postgresql/administration/roles)
- [Grant Privileges](https://neon.com/postgresql/administration/grant)
- [Revoke Privileges](https://neon.com/postgresql/administration/revoke)
- [Alter roles](https://neon.com/postgresql/administration/alter-role)
- [Drop Roles](https://neon.com/postgresql/administration/drop-role)
- [Role Membership](https://neon.com/postgresql/administration/role-membership)
- [SET ROLE Statement](https://neon.com/postgresql/administration/set-role)
- [CURRENT_USER](https://neon.com/postgresql/administration/current_user)
- [List Roles](https://neon.com/postgresql/administration/list-users)
- [Change Password](https://neon.com/postgresql/administration/change-password)
- [PostgreSQL Row-Level Security](https://neon.com/postgresql/administration/row-level-security)