Example: Security Constraint Non-Hierarchical Rules - Analytics Database

Example: Security Constraint Non-Hierarchical Rules - Analytics Database - Teradata Vantage

SQL External Routine Programming

Deployment

VantageCloud

VantageCore

Edition

Enterprise

IntelliFlex

VMware

Product

Analytics Database

Teradata Vantage

Release Number

17.20

Published

June 2022

ft:locale

en-US

ft:lastEdition

2025-03-30

dita:mapPath

iiv1628111441820.ditamap

dita:ditavalPath

qkf1628213546010.ditaval

dita:id

qnu1472247494689

lifecycle

latest

Product Category

Teradata Vantage™

Operation	Example Rule	Purpose
INSERT	The current session must have a security label (1 or more compartments). All compartments in the session label are entered as the row constraint column value.	Forces predictable row classification based on user label.
SELECT	The session security label must include all the compartments in the row label or the operation fails.	If row is classified with multiple compartments, makes sure accessing user is member of all compartments.
UPDATE	The row label must include all the compartments contained in the session label.	Prevents user from inadvertently adding classifications to row.
DELETE	The row can be deleted only if the constraint column value is NULL. You must have OVERRIDE UPDATE privileges to reclassify a row as NULL.	Makes sure row is reviewed and declassified before deletion.