User role is designed to define application rights without assigning them directly to concrete users. By using user roles you can organize your security configuration in more fluent way.

You can add, edit and delete user roles on the Permissions page in builder. 

Existing role can be applied to access rights in permission or directly for a concrete menu item. In the first case you should go to the Permission page and for any desired action, for example, for 'Create' or 'Update', set rights using 'In any of roles' option and specifying the roles. If you want to apply the role for menu then go to Menus page in builder, select corresponding menu and set permission using 'IN_ANY_OF_ROLES' option.