You can grant database privileges directly to users, or they can be inherited through role membership.
Privilege Name | Supported By Database Object | Allows a User To |
---|---|---|
ALL | Tables, views, materialized views | Perform all tasks associated with tables, views and materialized views. |
ALTER | Tables | Alter the structure of a table. |
CREATE | Dbspaces | Create objects on the dbspace. The additional privileges required depend on the object that is being created. For example, to create a table, one of CREATE TABLE, CREATE ANY TABLE, or CREATE ANT OBJECT is required. |
DELETE | Tables, view | Delete rows from the table or view. |
EXECUTE | Procedure, user-defined functions | Execute the procedure or user-defined function. |
INSERT | Table, views | Insert rows into the table or view. |
LOAD | Tables | Load the table if the -gl database option is set to anything other than NONE. |
REFERENCES | Tables | Create indexes on a table, and to create foreign keys that reference a table. |
SELECT | Table, views | Look at information in a table or view. |
TRUNCATE | Table, materialized views | Truncate the table or materialized view. |
UPDATE | Tables, views | Update rows in a table or view. |
USAGE | Sequence generators | Evaluate the current or next value in the sequence. |
In a multiplex, only write servers can modify table privileges on tables owned by the write server.