GRANT (schema)
Grants schema privileges to users and roles. By default, only superusers and the schema owner have the following schema privileges:
Note
By default, new users cannot access schema PUBLIC. You must explicitly grant all new users USAGE privileges on the PUBLIC schema.Syntax
GRANT { privilege[,...] | ALL [ PRIVILEGES ] [ EXTEND ] }
ON SCHEMA [database.]schema[,...]
TO grantee[,...]
[ WITH GRANT OPTION ]
Parameters
privilege
- One of the following privileges:
-
USAGE: Enables access to objects in the specified schemas. Grantees can then be granted privileges on individual objects in these schemas in order to access them, for example, with GRANT TABLE and GRANT VIEW.
-
CREATE: Create and rename objects in the specified schemas, and move objects from other schemas.
You can also grant the following privileges on a schema, to be inherited by tables and their projections, and by views of that schema. If inheritance is enabled for the database and schema, these privileges are automatically granted to those objects on creation:
-
SELECT: Query tables and views. SELECT privileges are granted by default to the PUBLIC role.
-
INSERT: Insert rows, or and load data into tables with
COPY
.Note
COPY FROM STDIN
is allowed for users with INSERT privileges, whileCOPY FROM
file
requires admin privileges. -
UPDATE: Update table rows.
-
DELETE: Delete table rows.
-
REFERENCES: Create foreign key constraints on this table. This privilege must be set on both referencing and referenced tables.
-
TRUNCATE: Truncate table contents. Non-owners of tables can also execute the following partition operations on them:
-
ALTER: Modify the DDL of tables and views with
ALTER TABLE
andALTER VIEW
, respectively. -
DROP: Drop tables and views.
-
ALL [PRIVILEGES][EXTEND]
- Grants USAGE AND CREATE privileges. Inherited privileges must be granted explicitly.
You can qualify
ALL
with two optional keywords:-
PRIVILEGES
conforms with the SQL standard. -
EXTEND
extends the semantics ofALL
to include ALTER and DROP privileges. An unqualifiedALL
excludes these two privileges. This option enables backward compatibility withGRANT ALL
usage in pre-9.2.1 Vertica releases.
-
[
database
.]
schema
- Specifies a target schema. If you specify a database, it must be the current database.
grantee
Specifies who is granted privileges, one of the following:
WITH GRANT OPTION
Gives
grantee
the privilege to grant the same privileges to other users or roles, and also revoke them. For details, see Granting privileges.
Privileges
Non-superusers, one of the following:
-
Schema owner
-
Privileges grantee given the option (
WITH GRANT OPTION
) of granting privileges to other users or roles.
Examples
Grant user Joe USAGE privilege on schema online_sales
.
=> CREATE USER Joe;
CREATE USER
=> GRANT USAGE ON SCHEMA online_sales TO Joe;
GRANT PRIVILEGE