Role privileges
Resources: Roles
Resource type: L
Db2 privileges
COMMENT ON ROLE
XAPLPRIV value: COMNTAUTL
Privcode 97 (x'61')
Does the user or the role associated with the user own the role?
If so, XAPLUPRM must match the owner name passed from Db2 by the XAPLOWNR parameter when XAPLONRT indicates an authorization ID, or XAPLUCHK must match XAPLOWNR and XAPLUCKT must match XAPLONRT.
If not, the user must have sufficient authority to:
| One of these resources: | In class: |
|---|---|
| Db2-subsystem.SYSCTRL Bypass if Separate Security = Yes |
DSNADM |
| Db2-subsystem.SYSADM Bypass if Separate Security = Yes |
DSNADM |
| Db2-subsystem.SECADM | DSNADM |
CREATE ROLE
XAPLPRIV value: CREATAUTL
Privcode 271 (x'10F')
The user must have sufficient authority to:
| One of these resources: | In class: |
|---|---|
| Db2-subsystem.SYSCTRL Bypass if Separate Security = Yes |
DSNADM |
| Db2-subsystem.SYSADM Bypass if Separate Security = Yes |
DSNADM |
| Db2-subsystem.SECADM | DSNADM |
DROP ROLE
XAPLPRIV value: DROPAUTL
Privcode 73 (x'49')
Does the user or the role associated with the user own the role?
If so, XAPLUPRM must match the owner name passed from Db2 by the XAPLOWNR parameter when XAPLONRT indicates an authorization ID, or XAPLUCHK must match XAPLOWNR and XAPLUCKT must match XAPLONRT.
If not, the user must have sufficient authority to:
| One of these resources: | In class: |
|---|---|
| Db2-subsystem.SYSCTRL Bypass if Separate Security = Yes |
DSNADM |
| Db2-subsystem.SYSADM Bypass if Separate Security = Yes |
DSNADM |
| Db2-subsystem.SECADM | DSNADM |