Roles to Manage Privileges | Teradata Vantage - Using Roles to Manage Privileges - Analytics Database - Teradata Vantage

Security Administration

Deployment
VantageCloud
VantageCore
Edition
Enterprise
IntelliFlex
VMware
Product
Analytics Database
Teradata Vantage
Release Number
17.20
Published
June 2022
Language
English (United States)
Last Update
2023-11-02
dita:mapPath
hjo1628096075471.ditamap
dita:ditavalPath
qkf1628213546010.ditaval
dita:id
zuy1472246340572
lifecycle
latest
Product Category
Teradata Vantage™

Role privileges add to any privileges you grant directly to users.

Security constraint privileges and overrides are assigned rather than granted. See Assigning Security Constraints in a CREATE PROFILE Statement.
Granting privileges to roles and then granting role membership to users offers these advantages:
  • Standardizes privileges for users with a similar job description
  • Reduces the time required to assign the privileges, compared with granting privileges to individual users
  • Reduces the time the system takes to check user privileges at logon
You can grant one or more roles to one or more users or roles, therefore:
  • A role can have many members.
  • A user or role can be a member of more than one role.
    The database allows only a single level of role nesting, that is, a role that has a member role cannot also be a member of another role. Members of the grantee role (the top level role) also have all the privileges in the nested role

When you grant a privilege to an existing role, it immediately affects any role member for which the role is currently active in a session.