Database Object Privileges

Privileges can be granted explicitly on most user-visible objects in a Vertica database, such as tables and models. For some objects such as projections, privileges are implicitly derived from other objects.

Explicitly Granted Privileges

The following table provides an overview of privileges that can be explicitly granted on Vertica database objects:

  ! Schema privileges that can be inherited by tables and views of that schema. For detailed information, see GRANT (Schema).

Database Object Privileges
ALTER DROP CREATE DELETE EXECUTE INSERT READ REFERENCES SELECT TEMP TRUNCATE UPDATE USAGE WRITE
Database                        
Schema ! ! !   !   ! !   ! !  
Table            
View                      
Sequence                      
Procedure                          
User‑defined function                      
Model                      
Library                          
Resource Pool                          
Storage Location                        

Implicitly Granted Privileges

Metadata Privileges

Superusers have unrestricted access to all database metadata. For non-superusers, access to the metadata of specific objects depends on their privileges on those objects:

Metadata User access
Catalog objects:
  • Tables
  • Columns
  • Constraints
  • Sequences
  • External procedures
  • Projections
  • ROS containers

Users must possess USAGE privilege on the schema and any type of access (SELECT) or modify privilege on the object to see catalog metadata about the object.

For internal objects such as projections and ROS containers, which have no access privileges directly associated with them, you must have the requisite privileges on the associated schema and tables to view their metadata. For example, to determine whether a table has any projection data, you must have USAGE on the table schema and SELECT on the table.

User sessions and functions, and system tables related to these sessions

Non-superusers can access information about their own (current) sessions only, using the following functions:

Projection Privileges

Projections, which store table data, do not have an owner or privileges directly associated with them. Instead, the privileges to create, access, or alter a projection are derived from the privileges that are set on its anchor tables and respective schemas.