Administrator privileges
Administrator privileges give users and groups permission to execute global operations and to create objects.
When you grant a privilege, the user you grant the privilege to cannot pass that privilege onto another user by default. If you want to allow the user to grant the privilege to another user, include the WITH GRANT OPTION when you grant the privilege.
The following
table describes the administrator privileges. The words in brackets
are optional.
Privilege | Description |
---|---|
Backup | Allows the user to perform backups. The user can run the nzbackup command. |
[Create] Aggregate | Allows the user to create user-defined aggregates (UDAs) and to operate on existing UDAs. |
[Create] Database | Allows the user to create databases. Permission to operate on existing databases is controlled by object privileges. |
[Create] External Table | Allows the user to create external tables. Permission to operate on existing tables is controlled by object privileges. |
[Create] Function | Allows the user to create user-defined functions (UDFs) and to operate on existing UDFs. |
[Create] Group | Allows the user to create groups and roles. Permission to operate on existing groups and roles is controlled by object privileges. |
[Create] Library | Allows the user to create user-defined shared libraries. Permission to operate on existing shared libraries. |
[Create] Materialized View | Allows the user to create materialized views. |
[Create] Procedure | Allows the user to create stored procedures. |
[Create] Scheduler Rule | Allows the user to create scheduler rules and to show, drop, alter, or set (deactivate or reactivate) any rule, regardless of who created or owns it. |
[Create] Sequence | Allows the user to create database sequences. |
[Create] Synonym | Allows the user to create synonyms. |
[Create] Table | Allows the user to create tables. Permission to operate on existing tables is controlled by object privileges. |
[Create] Temp Table | Allows the user to create temporary tables. Permission to operate on existing tables is controlled by object privileges. |
[Create] User | Allows the user to create users. Permission to operate on existing users is controlled by object privileges. |
[Create] View | Allows the user to create views. Permission to operate on existing views is controlled by object privileges. |
[Manage] Hardware | Allows the user to do the following hardware-related operations: view hardware status, manage SPUs, manage topology and mirroring, and run diagnostic tests. The user can run the nzds and nzhw commands. |
[Manage] Security | Allows the user to run commands and operations that relate to the following advanced security options such as: managing and configuring history databases; managing multi-level security objects and specifying security for users and groups; managing database key stores and keys and key stores for the digital signing of audit data. |
[Manage] System | Allows the user to do the following management operations: start, stop, pause, or resume the system, abort sessions, and view the distribution map, system statistics, logs, and plan files from active query or query history lists. The user can use the following commands: nzsystem, nzstate, nzstats, and nzsession priority. |
Restore | Allows the user to restore the system. The user can run the nzrestore command. |
Unfence | Allows the user to create an unfenced user-defined function (UDF) or user-defined aggregate (UDA), or to unfence an existing fenced UDF or UDA if the user has permission to create or alter it. For more information, see the IBM® Netezza® User-Defined Functions Developer's Guide. |