ALTER ROLE name RENAME TO newname ALTER ROLE name SET config_parameter {TO | =} {value | DEFAULT} ALTER ROLE name RESET config_parameter ALTER ROLE name RESOURCE QUEUE {queue_name | NONE} ALTER ROLE name [ [WITH] option [ ... ] ] where option can be: SUPERUSER | NOSUPERUSER
| CREATEDB | NOCREATEDB
| CREATEROLE | NOCREATEROLE
| CREATEEXTTABLE | NOCREATEEXTTABLE
[ ( attribute='value'[, ...] ) ]
where attributes and value are:
type='readable'|'writable'
protocol='gpfdist'|'http'
| INHERIT | NOINHERIT
| LOGIN | NOLOGIN
| CONNECTION LIMIT connlimit
| [ENCRYPTED | UNENCRYPTED] PASSWORD 'password'
| VALID UNTIL 'timestamp'
| [ DENY deny_point ]
| [ DENY BETWEEN deny_point AND deny_point]
| [ DROP DENY FOR deny_point ]When a non super user role is created in Greenplum, it does not have privilege to create external (readable or writable ) table. Grant options is not good to allow a role to create external table. It is done through alter role command. For examplecreate role etlroleext; alter role etlroleext with CREATEEXTTABLE (type='readable',protocol='gpfdist'); alter role etlroleext with CREATEEXTTABLE (type='writable',protocol='gpfdist'); Please note that etlroleext is a group role. If you want to grant external priv directly to individual etl users you can do so by, create role etluser1 login; alter role etluser1 with CREATEEXTTABLE (type='readable',protocol='gpfdist'); alter role etluser1 with CREATEEXTTABLE (type='writable',protocol='gpfdist'); |
|
|