Entities #
The Starburst Galaxy access control system manages privileges to access all entities – roles, users, clusters, catalogs, schemas, tables, object storage locations, and functions.
List #
The following table lists all available types of entities and the associated privileges, that can be managed with SQL statements.
| Entity | Description | SQL privileges |
|---|---|---|
| CLUSTER | A single cluster specified by name. | No SQL privileges. Configure USE_CLUSTER and START_STOP_CLUSTER with the user interface. |
| CATALOG | A single catalog specified by name. | CREATE_SCHEMA |
| ROLE | A single role specified by name. | No SQL privileges. Configured with the user interface. |
| USER | A single user specified by name. | No SQL privileges. Configured with the user interface. |
| SCHEMA | A single schema specified by catalog name and schema name. | CREATE_TABLE |
| TABLE | A single table specified by catalog name, schema name and table name. | SELECT, INSERT, DELETE, UPDATE |
| location | A URI to the root of an object storage location. | No SQL privileges. Create SQL as
detailed the location privilege
section. |
| function | A function to invoke as part of a SQL statement. | No SQL privileges. Usage detailed in the function privilege section. |
Entities with No SQL privileges in the Privileges column can only be managed
with the Starburst Galaxy UI, and not with SQL commands.
Visibility #
The visibility of an entity for a user is controlled by the following aspects:
- Ownership of an entity, or any contained entity, provides visibility.
- Grant of any privilege on an entity, or any contained entity, provides visibility.
- A wildcard privilege for ownership to any privilege on an entity, provides visibility to existing matching entities and any future matching entities.
- The MANAGE_SECURITY privilege provides full visibility to all entities.
Visibility alone does not grant any access to an entity.
Is the information on this page helpful?
Yes
No
Is the information on this page helpful?
Yes
No