User management
Access to Db2® Warehouse SaaS is controlled by database-level privileges. The initial database admin username and password are provided when an Engine is provisioned for the first time. You can add users later through the console or via APIs.
Database users
These users are used to access the database. Traditionally, they are OS users in on-premises deployments. In the cloud, a user registry is used and users are considered native to the database. Privileges and roles can be granted or revoked for these users.
In this environment, there is only one category of user recognized by the system: authenticated users. These users are authorized to access both the database and the management console.
Traditionally, in on-premises Db2 deployments, these users are operating system (OS) users. However, in cloud deployments, user identities are managed through a user registry. Db2 treats these users as native database users, meaning they are fully integrated into the database's authentication and authorization model.
Database privileges and roles can be granted to or revoked from these users. Roles can also be created by users and assigned as needed.
There are two main subtypes of users:Admin Users
These users serve as both database administrators and service-level administrators within the console.
For more information, see the chart below.
Database Users
These are standard users who can access the database and the console but do not have administrative privileges.
For more information, see the chart below.
Roles and access
Users can connect to the database using JDBC or any Db2 client by providing their database user name and password
Permissions are controlled by database level privileges of the associated user.
Console access
| Role | User mgmt | SQL editor/tables | Monitoring info | Settings (includes scale, backup, DR) | Info panels |
|---|---|---|---|---|---|
| Admin User | Add/Delete/Lock users. Change user's passwords. | Yes | Yes | Yes | Yes |
| Database User | Change one's own password. | Yes | No | No | Yes |
For more information about user management, see Database user management.