A user with administrative privileges can grant or revoke access control of ML Engine analytic functions. For example:
To grant the trusted user td_ffe_svc_acct the privilege to set role to the permanent user username:
grant ctcontrol on username to td_ffe_svc_acct; grant connect through td_ffe_svc_acct to permanent username without role;
To grant the privilege for username to execute functions from syslib, thereby giving access to the function mappings:
grant execute function on syslib to username with grant option;
The
following grants allow username to export data, execute foreign functions, and import the results:
grant execute function on TD_SYSFNLIB.QGEXECUTEFOREIGNQUERY to username; grant execute function on TD_SYSFNLIB.QGINITIATOREXPORT to username; grant execute function on TD_SYSFNLIB.QGINITIATORIMPORT to username; grant execute function on TD_SYSFNLIB.QGREMOTEEXPORT to username; grant execute function on TD_SYSFNLIB.QGREMOTEIMPORT to username; GRANT SELECT ON TD_SERVER_DB.coprocessor TO username; GRANT INSERT ON TD_SERVER_DB.coprocessor TO username; GRANT execute function on TD_SERVER_DB.coprocessor to username;
The next set of grants allow username to access a view in which the ML Engine connector will log errors:
grant select on td_mle_db.user_mle_errors to username; grant insert on td_mle_db.user_mle_errors to username; grant delete on td_mle_db.user_mle_errors to username;