You can grant database privileges directly to users, or they can be inherited through role membership.
| Privilege Name | Supported By Database Object | Allows a User To |
|---|---|---|
| ALL | Tables, views, materialized views | Perform all tasks associated with tables, views and materialized views. |
| ALTER | Tables | Alter the structure of a table. |
| CREATE | Dbspaces | Create objects on the dbspace. The additional privileges required depend on the object that is being created. For example, to create a table, one of CREATE TABLE, CREATE ANY TABLE, or CREATE ANT OBJECT is required. |
| DELETE | Tables, view | Delete rows from the table or view. |
| EXECUTE | Procedure, user-defined functions | Execute the procedure or user-defined function. |
| INSERT | Table, views | Insert rows into the table or view. |
| LOAD | Tables | Load the table if the -gl database option is set to anything other than NONE. |
| REFERENCES | Tables | Create indexes on a table, and to create foreign keys that reference a table. |
| SELECT | Table, views | Look at information in a table or view. |
| TRUNCATE | Table, materialized views | Truncate the table or materialized view. |
| UPDATE | Tables, views | Update rows in a table or view. |
| USAGE | Sequence generators | Evaluate the current or next value in the sequence. |
In a multiplex, only write servers can modify table privileges on tables owned by the write server.