What role is usually allocated to users who need to create new database roles?

The role that is typically assigned to users who need to create new database roles is the Security admin. This role encompasses permissions that allow for the management of database security and roles, which includes the ability to create, alter, and drop database roles. Security admins have the necessary privileges to control access and define role memberships, ensuring that users can be granted access rights according to their needs.

In contrast, the other roles mentioned focus on different areas of database management. The Database owner typically has full control over the database itself, including all aspects of its configuration and management, while the Access admin is primarily concerned with granting and managing access for other users. The Server admin has broad controls over the entire server level but does not specifically have the permissions needed to create or manage database roles as their primary function. Thus, Security admin is the most appropriate role for the task of creating new database roles.