16.20 - CTCONTROL Privilege - Teradata Vantage NewSQL Engine

Teradata Vantage™ SQL Data Control Language

prodname
Teradata Database
Teradata Vantage NewSQL Engine
vrm_release
16.20
created_date
March 2019
category
Programming Reference
featnum
B035-1149-162K

CTCONTROL enables a user to grant or revoke the CONNECT THROUGH privilege using the GRANT CONNECT THROUGH or REVOKE CONNECT THROUGH statements. You can only grant CTCONTROL to specific users.

Rules for Granting the CTCONTROL Privilege

The following rules apply to granting the CTCONTROL privilege:
  • The user specified by user_name must be an existing user of the system. Note that user_name cannot specify a role. If you attempt to grant CTCONTROL to a role, the request aborts and returns a message to the user.
  • User DBC can grant the CTCONTROL privilege to any other user WITH GRANT OPTION.
  • To submit a GRANT request for the CTCONTROL privilege to a user, you must either be user DBC or a user who has previously been granted the CTCONTROL privilege WITH GRANT OPTION.

    WITH GRANT OPTION permits the grantee to grant the privilege to other users.

For more information about GRANT CONNECT THROUGH, see GRANT CONNECT THROUGH.

Example: Granting the CTCONTROL Privilege

The following example grants user kate the privilege to grant the CONNECT THROUGH privilege to user trusteduser2:

GRANT CTCONTROL
ON trusteduser2
TO kate;
To then execute a GRANT CONNECT THROUGH request, trusteduser2 requires the following privileges:
  • CTCONTROL on herself.
  • GRANT … WITH ADMIN OPTION on any role specified

    See GRANT (Role Form).

  • DROP USER on any PERMANENT users specified as proxy users.