Grants privileges on a specified securable to a user or role.

Syntax

GRANT cirroprivilege,...
[ON securable]
TO {username | rolename}
[WITH GRANT OPTION];

Arguments

  • cirroprivilege - A privilege on a supported securable.

  • securable - A supported securable. If omitted, the privilege is applied to all available datasources.

  • username - Cirro user account name. Can be internal to CIRRO or an external Directory Service user.

  • rolename - Cirro Role.

  • GRANT OPTION - the ability to grant the stated privilege(s) to another user or role. This also allows REVOKE and DENY on the privilege.

Additional Information

  • A GRANT will fail if a DENY privilege has been executed on the securable. First REVOKE the DENY, then Grant again.

  • Attempting to GRANT permission to a user which exists only on a federated system will fail with an error.

  • Privileges cannot be granted to the Cirro user in excess of those available to the underlying federated system user, which was associated with this Cirro user in the ADD AUTHORIZATION statement.

  • Use the REVOKE statement to remove a previously-granted privilege. See REVOKE PRIVILEGE

  • When a user is GRANTed a DB credential there is an implied PASSTHROUGH permission.

Examples

Grant CREATE SYSTEM privilege to a Cirro user.

GRANT CREATE SYSTEM ON * TO myUser1;

Grant SELECT privilege on datasource to a Cirro role.

GRANT SELECT ON Oracle1.Accounting2016DB.* TO accountingUsersRole;

See Also