Types of Privileges | Teradata Vantage - Types of Privileges - Analytics Database - Teradata Vantage

Database Administration

Deployment
VantageCloud
VantageCore
Edition
Enterprise
IntelliFlex
VMware
Product
Analytics Database
Teradata Vantage
Release Number
17.20
Published
June 2022
Language
English (United States)
Last Update
2023-11-03
dita:mapPath
pgf1628096104492.ditamap
dita:ditavalPath
qkf1628213546010.ditaval
dita:id
ujp1472240543947
lifecycle
latest
Product Category
Teradata Vantage™

You can explicitly grant database privileges to users, roles, or databases. Users also gain other privileges without a formal grant. Before you decide which privileges to explicitly grant, make sure you understand the privileges users receive by other means.

Privilege Description
Implicit Privileges
Ownership Users who own perm space have certain implicit (ownership) privileges on any object contained in the space they own, even if they did not create the object.
You can transfer ownership using the GIVE statement.
Explicit privileges
Automatic When a user creates a database object, Analytics Database automatically grants privileges to:
  • The creator of the object
  • A newly created user or database
GRANT You can grant privileges:
  • Directly to a user or database
  • To a role, then GRANT membership in the role to one or more users
  • To an external role, then map the external role to one or more groups of directory users
Inherited Privileges that a user acquires indirectly.
  • All users inherit the privileges of the system-generated user, PUBLIC, a role-like collection of privileges available by default, whether or not they have any other privileges. You can grant additional privileges to PUBLIC.
  • A user inherits all the privileges granted to each role of which the user is a member.
  • Directory users inherit the privileges of the database users and external roles to which they are mapped.
The system logs automatic and explicit privileges in exactly the same way, and are indistinguishable as to how they were acquired. All privileges except implicit privileges are stored in the data dictionary in the DBC.AccessRights table, by each user.

For a detailed discussion of privileges, see Teradata Vantage™ - Analytics Database Security Administration, B035-1100.