Data Warehouse User Roles
The following roles can be assigned to Data Warehouse users.
Data Admin
Role identifier: dataAdmin
This role should be assigned to any Data Warehouse user who needs to use the instance for loading and processing data.
Read all tables or views.
Import data into Data Warehouse tables.
Create, drop, or purge Data Warehouse tables.
Create other objects such as functions and views in the database.
The Data Admin role is sufficient for basic use of the Data Warehouse instance.
Admin
Role identifier: admin
This role should be reserved for the user or users who need to have control over the other users in the Data Warehouse instance.
Read all tables or views.
Import data into Data Warehouse tables.
Create, drop, or purge Data Warehouse tables.
Create other objects such as functions and views in the database.
Add user.
Remove user. The user cannot be the Owner of the instance.
Change a user’s role. The user cannot be the Owner of the instance and cannot be changed to the Owner role.
Edit the name or description of an Data Warehouse instance.
Read-only user
Role identifier: readOnly
This role should be reserved for the user or users who need to only review or test data in the Data Warehouse instance without permissions to make any changes.
- Access the Data Warehouse instance in read-only mode.
- Read all tables or views.
- Call the functions that do not modify the data.
Read-only users cannot:
- Create any object (for example, tables, views, sequences).
- Insert, update, merge, delete or drop any objects or entities.
- Call any Vertica function that requires access higher than read-only.
Data Warehouse instance owner
The user who created the Data Warehouse instance is automatically assigned ownership of the instance. Ownership is not a formal role in the instance.
The Owner of a Data Warehouse instance cannot be changed.
The Owner is also automatically assigned the Admin role. The Owner has all of the permissions of the Admin role, and the permission to delete the Data Warehouse instance.