Roles - Advanced SQL Engine - Teradata Database

Database Introduction

Product
Advanced SQL Engine
Teradata Database
Release Number
17.10
Published
July 2021
Language
English (United States)
Last Update
2021-07-27
dita:mapPath
jiv1600056352873.ditamap
dita:ditavalPath
jiv1600056352873.ditaval
dita:id
B035-1091
lifecycle
previous
Product Category
Teradata Vantage™

Roles can be used to define privileges on database objects for groups of users with similar needs, rather than granting the privileges to individual users. Roles also require less dictionary space than individually granted privileges. Use the CREATE ROLE statement to define each role, then use the GRANT statement to grant roles to users. The CREATE USER statement must also specify the default role for the user. The MODIFY USER statement can be used to assign additional user roles.

A member of a role may access all objects to which a role has privileges. Users can employ the SET ROLE statement to switch from the default to any alternate role of which the user is a member, or use SET ROLE ALL to access all roles.

For more information on use of roles, see Teradata Vantage™ - Database Administration, B035-1093.

Roles for Proxy Users

Proxy users are users that access the database through a middle-tier application set up to offer trusted sessions. Proxy users are limited to privileges defined in roles that are assigned to them using the GRANT CONNECT THROUGH statement.

For details on using GRANT CONNECT THROUGH, see Teradata Vantage™ - Advanced SQL Engine Security Administration, B035-1100 and Teradata Vantage™ - SQL Data Control Language, B035-1149.