Roles can be used to grant privileges on database objects to groups of users with similar needs, rather than granting the privileges to individual users. Roles require less dictionary space than individually granted privileges.
Use the CREATE ROLE statement to define each role, then use the GRANT statement to grant roles to users. The CREATE USER statement must also specify the default role for the user. Use the MODIFY USER statement to assign additional user roles.
A member of a role may access all objects to which a role has privileges. Users can use the SET ROLE statement to switch from the default role to any alternate role of which the user is a member or use SET ROLE ALL to access all roles.
For more information on use of roles, see Teradata Vantage™ - Database Administration, B035-1093.
Roles for Proxy Users
Proxy users access the database through a middle-tier application set up to offer trusted sessions. Proxy users are limited to privileges defined in roles assigned to them using the GRANT CONNECT THROUGH statement.
For details, see Teradata Vantage™ - Analytics Database Security Administration, B035-1100 and Teradata Vantage™ - SQL Data Control Language, B035-1149.