GRANT (SQL Form) Statement | SQL Data Control Language | Teradata Vantage - GRANT (SQL Form) - Analytics Database - Teradata Vantage

SQL Data Control Language

Deployment
VantageCloud
VantageCore
Edition
Enterprise
IntelliFlex
VMware
Product
Analytics Database
Teradata Vantage
Release Number
17.20
Published
June 2022
Language
English (United States)
Last Update
2023-07-11
dita:mapPath
sgu1628111251052.ditamap
dita:ditavalPath
qkf1628213546010.ditaval
dita:id
dvv1472243528022
lifecycle
latest
Product Category
Teradata Vantageā„¢

Grants one or more explicit privileges on a database, user, proxy logon user, table, hash index, join index, view, procedure, User-Defined Function (UDF), function mapping, User-Defined Method (UDM), User-Defined Type (UDT), or macro to a role, group of roles, user, or group of users or databases.

For a list of database privileges, see Database Privileges.

For information about granting the NONTEMPORAL privilege, see Teradata Vantageā„¢ - Temporal Table Support, B035-1182.

ANSI Compliance

This statement is a Teradata extension to the ANSI SQL:2011 standard.

Required Privileges

You must be one of the following to grant privileges on an object using the SQL GRANT statement:
  • User DBC.
  • An owner of the object.

    For details regarding security issues associated with owner privileges, see Security Considerations With the CREATE MACRO Privilege

  • A user possessing each privilege to be granted.

    A user can have a privilege by having been granted it explicitly or by inheriting it from a role as a result of creating a view, macro, or procedure.

To grant the following privileges, you must have the CONSTRAINT ASSIGNMENT privilege.
  • OVERRIDE DELETE CONSTRAINT
  • OVERRIDE DUMP CONSTRAINT
  • OVERRIDE INSERT CONSTRAINT
  • OVERRIDE RESTORE CONSTRAINT
  • OVERRIDE SELECT CONSTRAINT
  • OVERRIDE UPDATE CONSTRAINT
Note the following details about the privileges required to execute a GRANT (SQL Form) request.
  • A user need not be related to a grantor through ownership to receive a privilege.

    A grantor does not need to have any privilege, including WITH ADMIN OPTION, on the grantee to grant a privilege to it, whether the grantee is a role, a user, database, or PUBLIC.

  • If a GRANT statement is on a database or user, the privilege applies to all objects, both current and future, created in that space.

    If a REVOKE statement later removes the privilege, the privilege is dropped for all objects, regardless of when they were created.

    A REVOKE statement at the object level cannot remove a privilege from that object that was granted on the database or user.

  • When you specify the WITH GRANT OPTION phrase, the recipient of the privilege can then grant that privilege to other users.

    An owner implicitly has the WITH GRANT OPTION privilege on any database, user, or object it owns.

    An owner can explicitly grant any or all privileges on any of the following The Privilege Can Be Granted To
    • a child database
    • a child user
    • a database object
    • any other database
    • any other user
    • a role
    • PUBLIC

      You cannot assign row-level security privileges to PUBLIC.

  • Any privilege granted automatically or explicitly can be revoked using the REVOKE statement.

    See REVOKE (SQL Form).

  • Implicit privileges cannot be revoked.

When Privileges Are Granted

GRANT takes effect immediately when the grantee issues their next statement. You do not need to log out to receive a privilege that was just granted to you.