The Minimum Number of Role Administrators (MIN_ROLE_ADMINS) option is a configurable value that ensures when dropping roles or users, you never create a scenario where there are no users and roles left with sufficient system privilege to manage the remaining users and roles.
The minimum number of role administrators value applies to the minimum number of role administrators for each role, not the minimum number or role administrators for the total number of roles, and is considered when:
MIN_ROLE_ADMINS =2
Role1 has two administrators and Role2 has three administrators.
If you attempt to reduce the min_role_admins value to 1, the command succeeds because both roles still have the new designated minimum number of role administrators. However, if you attempt to increase the value to 3, the command fails because Role1 would no longer have sufficient administrators to meet the new minimum value.
MIN_ROLE_ADMINS =4
Role1 has six administrators and Role2 has four administrators.
If you attempt to drop a user from Role1, the command succeeds because Role1 still has sufficient administrators to meet the minimum value. However, if you attempt to drop a user from Role2, the command fails because Role2 would no longer have sufficient administrators to meet the minimum value.