System Privilege
|
Privilege Purpose
|
Comment
|
|---|---|---|
ADAPTER ADMIN
|
Controls the execution of the following adapter-related commands: CREATE ADAPTER, DROP ADAPTER and ALTER ADAPTER. Also allows access to ADAPTERS and ADAPTER_LOCATIONS system views.
| |
AGENT ADMIN
|
Controls the execution of the following agent-related commands: CREATE AGENT, DROP AGENT and ALTER AGENT. Also allows access to AGENTS and ADAPTER_LOCATIONS system views.
| |
AUDIT ADMIN
|
Controls the execution of the following auditing-related commands: CREATE AUDIT POLICY, DROP AUDIT POLICY and ALTER AUDIT POLICY and the changes of the auditing configuration. Also allows access to AUDIT_LOG system view.
| |
AUDIT OPERATOR
|
Authorizes the execution of the following command: ALTER SYSTEM CLEAR AUDIT LOG. Also allows access to AUDIT_LOG system view.
| |
BACKUP ADMIN
|
Authorizes BACKUP and RECOVERY commands for defining and initiating backup and recovery procedures. Also changing system configuration options with respect to backup and recovery.
| |
BACKUP OPERATOR
|
Authorizes the BACKUP command to initiate a backup process.
| |
CATALOG READ
|
Authorizes users to have unfiltered read-only access to all system views.
|
Normally, the content of these views is filtered based on the privileges of the accessing user.
|
CREATE R SCRIPT
|
Authorizes the creation of a procedure using the language R.
| |
CREATE REMOTE SOURCE
|
Authorizes the creation of remote data sources using the CREATE REMOTE SOURCE command.
| |
CREATE SCENARIO
|
Controls the creation of calculation scenarios and cubes (calculation database)
| |
CREATE SCHEMA
|
Authorizes the creation of database schemas using the CREATE SCHEMA command.
|
By default each user owns one schema, with this privilege the user is allowed to create additional schemas.
|
CREATE STRUCTURED PRIVILEGE
|
Authorizes the creation of Structured Privileges (Analytical Privileges)
|
Only the owner of an Analytical Privilege can further grant or revoke that privilege to other users or roles.
|
CREDENTIAL ADMIN
|
Authorizes the credential commands: CREATE/ALTER/DROP CREDENTIAL.
| |
DATA ADMIN
|
Authorizes reading all data in the system views. It also enables execution of any Data Definition Language (DDL) commands in the SAP HANA database
|
A user having this privilege cannot select or change data stored tables for which they do not have access privileges, but they can drop tables or modify table definitions.
|
| DATABASE ADMIN | Authorizes all commands related to databases in a multi-database, such as CREATE, DROP, ALTER, RENAME, BACKUP, RECOVERY | |
EXPORT
|
Authorizes export activity in the database via the EXPORT TABLE command.
|
Note that beside this privilege the user requires the SELECT privilege on the source tables to be exported.
|
IMPORT
|
Authorizes the import activity in the database using the IMPORT commands.
|
Note that beside this privilege the user requires the INSERT privilege on the target tables to be imported.
|
INIFILE ADMIN
|
Authorizes changing of system settings.
| |
LICENSE ADMIN
|
Authorizes the SET SYSTEM LICENSE command install a new license.
| |
LOG ADMIN
|
Authorizes the ALTER SYSTEM LOGGING [ON|OFF] commands to enable or disable the log flush mechanism.
| |
MONITOR ADMIN
|
Authorizes the ALTER SYSTEM commands for EVENTs.
| |
OPTIMIZER ADMIN
|
Authorizes the ALTER SYSTEM commands concerning SQL PLAN CACHE and ALTER SYSTEM UPDATE STATISTICS commands, which influence the behavior of the query optimizer.
| |
RESOURCE ADMIN
|
This privilege authorizes commands concerning system resources, for example ALTER SYSTEM RECLAIM DATAVOLUME and ALTER SYSTEM RESET MONITORING VIEW. It also authorizes many of the commands available in the Management Console.
| |
ROLE ADMIN
|
This privilege authorizes the creation and deletion of roles using the CREATE ROLE and DROP ROLE commands. It also authorizes the granting and revocation of roles using the GRANT and REVOKE commands.
|
Activated roles, meaning roles whose creator is the pre-defined user _SYS_REPO, can neither be granted to other roles or users nor dropped directly. Not even users having ROLE ADMIN privilege are able to do so. Please check documentation concerning activated objects.
|
SAVEPOINT ADMIN
|
Authorizes the execution of a savepoint process using the ALTER SYSTEM SAVEPOINT command.
| |
SCENARIO ADMIN
|
Authorizes all calculation scenario-related activities (including creation).
| |
SERVICE ADMIN
|
Authorizes the ALTER SYSTEM [START|CANCEL|RECONFIGURE] commands.
|
This privilege is for administering system services of the database
|
SESSION ADMIN
|
authorizes the ALTER SYSTEM commands concerning sessions to stop or disconnect a user session or to change session variables.
| |
STRUCTUREDPRIVILEGE ADMIN
|
Authorizes the creation, reactivation, and dropping of structured privileges.
| |
TABLE ADMIN
|
Authorizes the LOAD/UNLOAD/MERGE of tables and its table placement.
| |
TRACE ADMIN
|
Authorizes the ALTER SYSTEM [CLEAR|REMOVE] TRACES commands for operations on database trace files and authorizes changing trace system settings.
| |
TRUST ADMIN
|
Authorizes commands to update the trust store.
| |
USER ADMIN
|
Authorizes the creation and modification of users using the CREATE USER, ALTER USER, and DROP USER commands.
| |
VERSION ADMIN
|
Authorizes the ALTER SYSTEM RECLAIM VERSION SPACE command of the multi-version concurrency control (MVCC) mechanism.
| |
<identifier>.<identifier>
|
Components of the SAP HANA database can create new system privileges. These privileges use the component-name as first identifier of the system privilege and the component-privilege-name as the second identifier.
|
This post is very simple to read and appreciate without leaving any details out. Great work ! cloud call center software
ReplyDelete