Grants roles to users or other roles.
You cannot grant external roles with this GRANT statement. You can only grant individual privileges and database roles to external roles within Teradata Database.
For more information, see Teradata Vantage™ - Advanced SQL Engine Security Administration, B035-1100 and Teradata Vantage™ - Database Administration, B035-1093.
Required Privileges
To grant a role, you must have the WITH ADMIN OPTION privilege on the role. The following users can grant a role to a user or other role:
- User DBC.
- A user who has been granted the specified role WITH ADMIN OPTION.
The creator of a role is automatically granted the specified role WITH ADMIN OPTION.
- A user who has an active role to which the specified role was granted WITH ADMIN OPTION. An active role can be a current role or a nested role of a current role.
A grantor does not need to have any privilege, including WITH ADMIN OPTION, on the grantee to grant a privilege to it, whether the grantee is a role or a user.
Syntax
GRANT role_name [,...] TO { user_name | role_name } [,...] [ WITH ADMIN OPTION ] [;]
Syntax Elements
- role_name
- One or more comma-separated names of roles to grant to specified users or other roles.
The system ignores duplicate role names.
- TO
- user_name
- role_name
- The names of role grantees.
- WITH ADMIN OPTION
- The role grantees have the privilege to use DROP ROLE, GRANT, and REVOKE statements to administer the specified roles.