1 files changed, 9 insertions, 2 deletions

diff --git a/doc/src/sgml/ref/create_role.sgml b/doc/src/sgml/ref/create_role.sgml
index 6e4148a17c4..c03b11a5752 100644
--- a/doc/src/sgml/ref/create_role.sgml
+++ b/doc/src/sgml/ref/create_role.sgml
@@ -181,6 +181,8 @@ in sync when changing the above synopsis!
         highly privileged role, and should only be used on roles actually
         used for replication. If not specified,
         <literal>NOREPLICATION</literal> is the default.
+        You must be a superuser to create a new role having the
+        <literal>REPLICATION</literal> attribute.
        </para>
       </listitem>
      </varlistentry>
@@ -192,11 +194,16 @@ in sync when changing the above synopsis!
        <para>
         These clauses determine whether a role bypasses every row-level
         security (RLS) policy.  <literal>NOBYPASSRLS</literal> is the default.
+        You must be a superuser to create a new role having
+        the <literal>BYPASSRLS</literal> attribute.
+       </para>
+
+       <para>
         Note that pg_dump will set <literal>row_security</literal> to
         <literal>OFF</literal> by default, to ensure all contents of a table are
         dumped out.  If the user running pg_dump does not have appropriate
-        permissions, an error will be returned.  The superuser and owner of the
-        table being dumped always bypass RLS.
+        permissions, an error will be returned.  However, superusers and the
+        owner of the table being dumped always bypass RLS.
        </para>
       </listitem>
      </varlistentry>