16.10 - tdatAllowDeny - Teradata Database

Teradata Database Security Administration

prodname
Teradata Database
vrm_release
16.10
created_date
June 2017
category
Administration
Security
featnum
B035-1100-161K

The tdatAllowDeny attribute is similar to the filter type element in an IP XML document. It can contain either of two values:

  • A value of TRUE defines the filter as a restrictive filter. A restrictive filter:
    • Denies all IP addresses except those specifically allowed.
    • Processes the tdatAllowedIP filter first, to determine the IP address or range of addresses allowed to access the database.
    • Processes the tdatDeniedIP filter second, to identify any exceptions to the allowed IP addresses.
  • A value of FALSE defines the filter as permissive. A permissive filter:
    • Allows all IP addresses except those specifically denied.
    • Processes the tdatDeniedIP filter first, to determine the IP address or range of addresses denied access to the database.
    • Processes the tdatAllowedIP filter second to identify any exceptions to the denied IP addresses.

For information on the function of restrictive and permissive filters, see Working with the Effects of Filter Type on allow and deny Elements.