Purpose
Creates or replaces an authorization object in a Teradata system. The authorization stores the credentials for a user account existing on a remote platform. The credentials only need to be valid on the platform specified in the foreign server object; the credentials do not need to be valid on the Teradata system or on the underlying operating system. When specifying TRUSTED in the CREATE or REPLACE AUTHORIZATION statement, the database does not validate the credentials.
An authorization object is used by a foreign server object to log on to a remote platform using the credentials that are valid on the remote platform. When a Teradata user makes a request that uses the foreign server, the foreign server object provides the credentials from the authorization object for authentication. This allows any part of the request running on the remote platform to use the context, privileges, and access control granted to the remote platform user account. For example, if the foreign server connects to a server protected by Kerberos, then the associated authorization object must contain credentials for the user account on that remote server.
The syntax table describes only the portions of the CREATE AUTHORIZATION and REPLACE AUTHORIZATION syntax diagram specific to QueryGrid. For information about the other syntax with CREATE AUTHORIZATION and REPLACE AUTHORIZATION, see Teradata® Database SQL Data Definition Language - Syntax and Examples, B035-1144.
Syntax
{ CREATE | REPLACE } AUTHORIZATION [ database_name. | user_name. ] authorization_name [ AS ] [ INVOKER | DEFINER [ DEFAULT ] ] TRUSTED USER 'fs_user_name' PASSWORD 'fs_user_password' [;]