Special attributes of roles can be granted to a user by including the WITH ADMIN OPTION clause in the GRANT statement. In this case, the user is allowed to grant the role to other users or roles. If you are able to grant a role to someone because you have the role WITH ADMIN OPTION, and then the role is revoked from you, the cascaded grants remain. The situation is different in cases where you simply have object privileges.

Normally, when a role is granted to a user, it is granted as a default role. The exception is when the DEFAULT ROLE clause has previously been used in the CREATE USER or ALTER USER commands. In this case, the role may be granted as a non-default role. In order for the person granting the role to ensure that the role is a default role, he or she must also have been granted the ALTER ANY USER system privilege.