Restrictions on users to read and write to Aster databases are managed as follows:
- GRANT and REVOKE privileges that you set for a database object.
- GRANT privileges on database objects to one or more roles or individual users.
You can grant membership in a role to another role or user, and thus grant the rights and privileges assigned to a role to its member roles and users.
Also, granted membership is a way to group users together who require access privileges to specific database objects. You can manage secure levels of access by granting specific privileges for the group as a whole. Teradata recommends you create the group role first, and then add users to the role.