In IBM DB2, you use the GRANT and REVOKE statements to manage privileges and permissions on database objects.
GRANT:
The GRANT statement is used to give specific privileges to users or roles.
Syntax:
GRANT privilege(s)
ON object_name
TO { user_name | group_name | PUBLIC }
[ WITH GRANT OPTION ]
Example:
GRANT SELECT, INSERT ON employees TO user1;
This grants the SELECT and INSERT privileges on the employees table to the user user1.
GRANT SELECT ON employees TO HR WITH GRANT OPTION;
This grants the SELECT privilege on the employees table to the HR group with the option to further grant this privilege to other users.
REVOKE:
The REVOKE statement is used to take back privileges that have been granted from users or roles.
Syntax:
REVOKE privilege(s)
ON object_name
FROM { user_name | group_name | PUBLIC }
Example:
REVOKE SELECT, INSERT ON employees FROM user1;
This revokes the SELECT and INSERT privileges on the employees table from the user user1.
REVOKE SELECT ON employees FROM HR;
This revokes the SELECT privilege on the employees table from the HR group.
As with other database systems, ensure to use these statements carefully to maintain the security and integrity of your DB2 database.
No comments:
Post a Comment