Role Management in SAP Hana
In this video we will discuss about Role Management in SAP Hana. Role management in SAP Hana consist of several functions like (Role Creation, Drop Role, Assign Role, Revoke Role).
What is Role: A role is a set of privileges that can be granted to a user or a role in. A role basically contains the privileges required for a particular function or task.
It is recommended in Sap Hana to manage authorization for users by using roles. Roles can be nested so that role hierarchies can be implemented. This makes them very flexible, allowing.
A role can contain any number of the following privileges: (object privileges, SYSTEM privileges, package privileges, analytic privileges, and application privileges and Privileges on users). You an read more about privileges here: Types of Privileges in SAP Hana.
Types of Roles in SAP HANA:
Run Time Roles: Run time roles are directly assigned to database users, and are granted or revoked by the database user.
Design Time Roles: Created by technical user _SYS_REPO. And not assigned directly to database user. It will granted through the execution of stored procedures.
How to Create Role SQL Query:
CREATE ROLE <ROLE NAME>
How to DROP Role SQL Query:
DROP ROLE <ROLE NAME>
Assign Privileges to Role:
GRANT <PRIVILEGES NAME> TO <ROLE NAME>
How to ASSIGN Role to a User SQL Query:
GRANT ROLE <ROLE NAME> TO <USER NAME>
How to Revoke Role from a User SQL Query:
REVOKE ROLE <ROLE NAME> FROM <USER NAME>