Vertica role grant not working

StackOverflow https://stackoverflow.com/questions/12089354

  •  27-06-2021
  •  | 
  •  

Question

I am trying to setup a new role for making the access rights granting easier. I was wondering if there is an easier way to give select on all tables (newly created tables should be accessible automatically) under a schema to selected users. I ran following queries for the same. But still my user is not able to access the specific table.

CREATE ROLE myrole;

GRANT SELECT ON myschema.mytable TO myrole;

GRANT usage ON schema myschema TO myrole;

CREATE USER mytest1 identified BY '***';

GRANT myrole TO mytest1;

After this, when I login with mytest1 user and trying to run select on myschema.mytable it is asking me to grant usage on schema to user. After I grant usage on schema to user directly it is failing with permission denied for that table.

Please help with the same. I am running on vertica 5.0

Update: I find that u also have to make that role default or explicitely set that role as default for user session for making the role's effect take place. 

ALTER USER mytest1 DEFAULT ROLE myrole;

But still, my another question of how to make all tables under a schema accessible to specific users remains.

Was it helpful?

Solution

As per the Vertica SQL Reference Manual.pdf (page 725) (doc version 5.0 - for page numbers)

GRANT (Schema)
...
USAGE
Allows the user  access to the objects contained  within the 
schema. This allows the user to look up objects within the 
schema. Note that the user must also be granted access to the
individual objects. See the GRANT TABLE (page 727) ... .

The the user must also be granted access to the individual objects means that you need to also GRANT table.

The two I use is GRANT SELECT and GRANT REFERENCES which allows the user to run queries and join (reference) tables in the query.

Example:

GRANT SELECT ON TABLE [schema].[Table1] TO myUser;
GRANT SELECT ON TABLE [schema].[Table2] TO myUser;
GRANT REFERENCES ON TABLE [schema].[Table1] TO myUser;
GRANT REFERENCES ON TABLE [schema].[Table2] TO myUser;
...

6.0 doc reference GRANT SCHEMA (page 808) and GRANT TABLE (page 813).

Licensed under: CC-BY-SA with attribution
Not affiliated with StackOverflow
scroll top