Currently all roles are statically defined:https://github.com/coder/coder/blob/main/coderd/rbac/roles.go#L227-L227

Creating custom roles means to store dynamic roles in the database.

• Add more verbs than CRUD to remove pseudo-resources
  • Pseudo rbac resources are a consequence of a fixed set of verbs (CRUD). Expanding the allowed verbs would remove the need for these resources, making custom roles more easily defined. Custom roles need to make sense of the verbs, as now verbs will be exposed to users (not just devs). Intuitive verbs provide more value to ensure consistent behavior with expectations.chore: remove rbac psuedo resources, add custom verbs #13276
• What roles can assign what other roles is currentlystatically defined. This needs to accommodate dynamic roles (Kept to just owners for now)
• Add creating org scoped roles. Likely some sort of checkbox based approach to selecting which permissions are apart of some custom role.chore: add edit organization role to cli #13365
• Audit log new/changed custom roleschore: implement audit log for custom role edits #13494
• Add cli for viewing organization members + roleschore: implement cli list organization members #13555
• Add cli for assigning custom org roleschore: implement custom role assignment for organization admins #13570
• Backend refactor of rolenames to include organization IDchore: create type for unique role names #13506