When using Teradata Secure Zones, grants access to a zone to users or roles that are not zone users.
GRANT ZONE does not automatically grant users access to database objects within the zone. A zone user must grant Discretionary Access Control privileges to zone guests before access is permitted.
Users and roles that are granted zone access using this syntax are called zone guests. Zone users must be created within the zone using the CREATE USER syntax.
Required Privileges
You must be the creator of the zone to use GRANT ZONE to create zone guests.
Restricted Privileges
Zone creators cannot use GRANT ZONE syntax to make themselves guests in a zone that they created.
Only zone users can grant privileges on database objects within the zone to zone guests, but zone users cannot grant privileges on zone objects to a zone guest using the WITH GRANT OPTION.
A zone guest cannot grant access to zone objects to other users.
Syntax
GRANT ZONE zone_name [,...] TO { user_name | role_name } [,...] [;]
Syntax Elements
- zone_name
- The name of the zone. You can specify up to 25 names in a comma-separated list.
- user_name
- role_name
- The name of the user or the role. You can specify up to 25 names in a comma-separated list.