ALTER ROLE: Managing database link and DBMS_RLS privileges v17
EDB Postgres Advanced Server includes extra syntax not offered by Oracle for the ALTER ROLE
command. This syntax can be useful when assigning privileges related to creating and dropping database links compatible with Oracle databases and fine-grained access control using DBMS_RLS
.
CREATE DATABASE LINK
A user who holds the CREATE DATABASE LINK
privilege can create a private database link. The following ALTER ROLE
command grants privileges to an EDB Postgres Advanced Server role that allow the specified role to create a private database link:
This command is the functional equivalent of:
Use the following command to revoke the privilege:
Note
The CREATEDBLINK
and NOCREATEDBLINK
keywords are deprecated syntaxes. We recommend using the CREATE DATABASE LINK
and NO CREATE DATABASE LINK
syntax options.
CREATE PUBLIC DATABASE LINK
A user who holds the CREATE PUBLIC DATABASE LINK
privilege can create a public database link. The following ALTER ROLE
command grants privileges to an EDB Postgres Advanced Server role that allow the specified role to create a public database link:
This command is the functional equivalent of:
Use the following command to revoke the privilege:
Note
The CREATEPUBLICDBLINK
and NOCREATEPUBLICDBLINK
keywords are deprecated syntaxes. We recommend using the CREATE PUBLIC DATABASE LINK
and NO CREATE PUBLIC DATABASE LINK
syntax options.
DROP PUBLIC DATABASE LINK
A user who holds the DROP PUBLIC DATABASE LINK
privilege can drop a public database link. The following ALTER ROLE
command grants privileges to an EDB Postgres Advanced Server role that allow the specified role to drop a public database link:
This command is the functional equivalent of:
Use the following command to revoke the privilege:
Note
The DROPPUBLICDBLINK
and NODROPPUBLICDBLINK
keywords are deprecated syntaxes. We recommend using the DROP PUBLIC DATABASE LINK
and NO DROP PUBLIC DATABASE LINK
syntax options.
EXEMPT ACCESS POLICY
A user who holds the EXEMPT ACCESS POLICY
privilege is exempt from fine-grained access control (DBMS_RLS
) policies. A user who holds these privileges can view or modify any row in a table constrained by a DBMS_RLS
policy. The following ALTER ROLE
command grants privileges to an EDB Postgres Advanced Server role that exempt the specified role from any defined DBMS_RLS
policies:
This command is the functional equivalent of:
Use the following command to revoke the privilege:
Note
The POLICYEXEMPT
and NOPOLICYEXEMPT
keywords are deprecated syntaxes. We recommend using the EXEMPT ACCESS POLICY
and NO EXEMPT ACCESS POLICY
syntax options.