Example: Non-Hierarchical Rules - Analytics Database - Teradata Vantage

Security Administration

Deployment
VantageCloud
VantageCore
Edition
Enterprise
IntelliFlex
VMware
Product
Analytics Database
Teradata Vantage
Release Number
17.20
Published
June 2022
Language
English (United States)
Last Update
2023-11-02
dita:mapPath
hjo1628096075471.ditamap
dita:ditavalPath
qkf1628213546010.ditaval
dita:id
zuy1472246340572
lifecycle
latest
Product Category
Teradata Vantage™
Operation Example Rule
INSERT The current session must have a security label (1 or more compartments). All compartments in the session label are entered as the row constraint column value.

Purpose: Forces predictable row classification based on the user label.

SELECT The session security label must include all the compartments in the row label or the operation fails.

Purpose: If a row is classified with several compartments, ensures that the accessing user is a member of all of the compartments.

UPDATE The row label must include all the compartments contained in the session label.

Purpose: Prevents the user from inadvertently adding classifications to the row.

DELETE The row can be deleted only if the constraint column value is NULL.

Purpose: Ensures that a row is reviewed and declassified before it can be deleted.

You must have OVERRIDE UPDATE privileges to reclassify a row as NULL, so that it can be deleted.