Security Built-in Function Permissions

The documentation regarding permissions for several built-in functions is incomplete.


Functions	Permissions
asehostname	With granular permissions enabled, you must be granted select on asehostname or have `manage server` permission to execute asehostname. With granular permissions disabled, you must be granted select on asehostname or be a user with sa_role to execute asehostname.
migrate_instance_id	Any user can execute migrate_instance_id.
show_cached_text	With granular permissions enabled, you must be a user with mon_role, or have `monitor qp performance` permission to execute show_cached_text. With granular permissions disabled, you must be a user with mon_role or sa_role to execute show_cached_text.
show_cached_text_long	With granular permissions enabled, you must be a user with mon_role, or have `monitor qp performance` permission to execute show_cached_text_long. With granular permissions disabled, you must be a user with mon_role or sa_role to execute show_cached_text_long.
show_plan	With granular permissions enabled, you must be a user with `monitor qp performance` permission to execute show_plan. With granular permissions disabled, you must be a user with sa_role to execute show_plan.
user_id	Any user can execute user_id.
workload_metric	With granular permissions enabled, you must have `manage cluster` permission or be a user with ha_role to execute workload_metric. With granular permissions disabled, you must be a user with sa_role or ha_role to execute workload_metric.