FIf you are self hosting, you can edit the defaults.yaml, and add new roles/ edit existing ones
FJust be aware that this also means, you should have a look if we add new roles/permissions in the feature that you update what you need
Ftheir are not stored in tabled, from what i know they are only stored in the defaults yaml
Fno, so the roles and permissions defined in the defaults yaml are only used for zitadel internal permissions and roles. so zitadel does check against those. if you have to check them, there is also endpoints in the auth api which will return the permissions/roles for your user
Fmaybe i missunderstand what you try to achieve here
Fthe roles defined here are read directly by zitadel:
Fyou can add a new role, with permissions, but you need to ensure that the permissions match what ZITADEL already knows. e.g iam.read, iam.write, user.read, user.write, you can't create new permissions, as ZITADEL doesn't know them
Fwhen using the zitadel management console, ZITADEL will read the roles, for example here:
FI see the following roles on my project:
FDid you change the settings in the default yaml? if so what did you change?
FDo you try to add it on the project or a granted project?