16.20 - GRANT (Role Form) - Teradata Vantage NewSQL Engine

Teradata Vantage™ SQL Data Control Language

prodname
Teradata Database
Teradata Vantage NewSQL Engine
vrm_release
16.20
created_date
March 2019
category
Programming Reference
featnum
B035-1149-162K

Purpose

Grants roles to users or other roles.

You cannot grant external roles with this GRANT statement. You can only grant individual privileges and database roles to external roles within Teradata Database.

For more information, see Teradata Vantage™ NewSQL Engine Security Administration, B035-1100 and Teradata Vantage™ - Database Administration, B035-1093.

Required Privileges

To grant a role, you must have the WITH ADMIN OPTION privilege on the role. The following users can grant a role to a user or other role:
  • User DBC.
  • A user who has been granted the specified role WITH ADMIN OPTION.

    The creator of a role is automatically granted the specified role WITH ADMIN OPTION.

  • A user who has an active role to which the specified role was granted WITH ADMIN OPTION. An active role can be a current role or a nested role of a current role.

A grantor does not need to have any privilege, including WITH ADMIN OPTION, on the grantee to grant a privilege to it, whether the grantee is a role or a user.

Syntax



Syntax Elements

role_name
one or more comma-separated names of roles to grant to specified users or other roles.

The system ignores duplicate role names.

TO
user_name
role_name
the names of role grantees.
You can specify a maximum of 25 names per GRANT request.
Grantees can be users or roles; however, a role cannot be granted to itself or to PUBLIC.
GRANT does not produce an error if a specified role is already granted to a grantee.
WITH ADMIN OPTION
that the role grantees have the privilege to use DROP ROLE, GRANT, and REVOKE statements to administer the specified roles.
To change a privilege previously granted WITH ADMIN OPTION, a GRANT statement must include WITH ADMIN OPTION.