Users and privileges
Keys, certificates, and TLS Configurations now support granting and revoking privileges.
Expanded cryptographic privileges
Keys, certificates, and TLS Configurations now support granting and revoking privileges.
Superusers have limited privileges on cryptographic objects that they do not own. For details, see Database Object Privileges.
Cryptographic keys and certificates
You can now grant/revoke USAGE, DROP, and ALTER privileges on cryptographic keys.
You cannot explicitly grant privileges on certificates; rather, privileges on certificates comes from ownership or privileges on the underlying cryptographic key. For details, see GRANT (key).
TLS configurations
You can now grant/revoke DROP and USAGE privileges on TLS Configurations.