17.20 - Working with Constraint OVERRIDE Privileges - Analytics Database - Teradata Vantage

Teradata Vantage™ - Analytics Database Security Administration - 17.20

Deployment
VantageCloud
VantageCore
Edition
Enterprise
IntelliFlex
VMware
Product
Analytics Database
Teradata Vantage
Release Number
17.20
Published
June 2022
Language
English (United States)
Last Update
2023-03-07
dita:mapPath
hjo1628096075471.ditamap
dita:ditavalPath
qkf1628213546010.ditaval
dita:id
zuy1472246340572

When a CONSTRAINT object defines no UDF for an SQL DML operation, only users with the OVERRIDE or OVERRIDE operation privilege can perform the operation.

Manual entry or update of a constraint column value requires that the user have the OVERRIDE privilege to bypass the automatic use (by the enforcing UDF) of the current_session parameter to set the constraint column value.

Users who perform load/export jobs may need OVERRIDE privileges to ensure that they can access all rows required to complete a load/export operation.

You can grant OVERRIDE privileges to users to bypass enforcement of row level security constraints. OVERRIDE privileges can apply to:
  • A database, table, or column
  • Some or all SQL DML operation types
  • Some or all security constraints
  • One or more users, roles, or external roles
  • The granting user must have the system level CONSTRAINT ASSIGNMENT privilege.
  • OVERRIDE privileges take effect at the next user request after they are granted/revoked.