There are several user roles in Moodle and each role has different access permissions. When you understand the different user roles and access rights, you can take advantage of them and perform more advanced tasks. Roles can be added at the course level, or only for a particular resource or activity.
Role permissions for a course can be changed in Course administration > Users > Permissions
Role permissions for a particular activity can be changed in Activity administration > Permissions
Learn More about Permissions in Moodle.
Assigning roles is done for a particular context. A site and course are examples of two different contexts. When you create a new role or tweak a pre-existing role via Administration > Site Administration > Users > Permissions > Define roles, you are asked in which context(s) you want the role to be assigned.
Learn more about Assigning Roles in Moodle
Managing overall role capabilities can be done by an administrator using Administration > Site administration > Users > Permissions > Define roles. This is the place to add custom roles or modify existing roles. The “Manage roles” tab, allows the system administrator to edit any one of over 350 different capabilities associated with any role.
Learn More about Managing Roles in Moodle