|
Motore del database
|
Privilegio del sistema
|
Ruolo di database
|
|
RDS per Db2
|
L’utente master viene assegnato al gruppo masterdba e a master_user_role.
SYSMON, DBADM con DATAACCESS E ACCCESSCTRL,BINDADD, CONNECTCREATETAB,CREATE_SECURE_OBJECT,EXPLAIN,IMPLICIT_SCHEMA,LOAD,SQLADM, WLMADM
|
DBA,DBA_RESTRICTED,
DEVELOPER,ROLE_NULLID_PACKAGES,
ROLE_PROCEDURES,ROLE_TABLESPACES
Per ulteriori informazioni, consulta Ruoli predefiniti di Amazon RDS per Db2.
|
|
RDS per MariaDB
|
SELECT,INSERT,UPDATE,DELETE,
CREATE,DROP,RELOAD,
PROCESS,REFERENCES,INDEX,
ALTER,SHOW DATABASES,CREATE
TEMPORARY TABLES,LOCK TABLES,
EXECUTE,REPLICATION CLIENT,CREATE
VIEW,SHOW VIEW,CREATE ROUTINE,
ALTER ROUTINE,CREATE USER,
EVENT,TRIGGER,REPLICATION
SLAVE
A partire da RDS per MariaDB versione 11.4, anche l’utente master ottiene il privilegio SHOW CREATE ROUTINE.
|
—
|
|
RDS per MySQL 8.0.36 e versioni successive
|
SELECT,INSERT,UPDATE,
DELETE,CREATE,DROP,
RELOAD,PROCESS,
REFERENCES,INDEX,ALTER,
SHOW DATABASES,CREATE TEMPORARY
TABLES,LOCK TABLES,EXECUTE,
REPLICATION SLAVE,REPLICATION CLIENT,
CREATE VIEW,SHOW VIEW,CREATE
ROUTINE,ALTER ROUTINE,CREATE
USER,EVENT,TRIGGER,
CREATE ROLE,DROP ROLE,
APPLICATION_PASSWORD_ADMIN,
ROLE_ADMIN,SET_USER_ID,
XA_RECOVER_ADMIN
|
rds_superuser_role
Per ulteriori informazioni su rds_superuser_role, consultare Privilegio basato sui ruoli per RDS per MySQL.
|
|
RDS per MySQL versioni precedenti alla 8.0.36
|
SELECT,INSERT,UPDATE,
DELETE,CREATE,DROP,
RELOAD,PROCESS,
REFERENCES,INDEX,ALTER,
SHOW DATABASES,CREATE TEMPORARY
TABLES,LOCK TABLES,EXECUTE,
REPLICATION CLIENT,CREATE VIEW,
SHOW VIEW,CREATE ROUTINE,ALTER
ROUTINE,CREATE USER,EVENT,
TRIGGER,REPLICATION
SLAVE
|
—
|
|
RDS per PostgreSQL.
|
CREATE ROLE,CREATE DB,
PASSWORD VALID UNTIL INFINITY,CREATE
EXTENSION,ALTER EXTENSION,DROP
EXTENSION,CREATE TABLESPACE,ALTER
<OBJECT> OWNER,CHECKPOINT,
PG_CANCEL_BACKEND(),
PG_TERMINATE_BACKEND(),SELECT
PG_STAT_REPLICATION,EXECUTE
PG_STAT_STATEMENTS_RESET(),OWN
POSTGRES_FDW_HANDLER(),OWN
POSTGRES_FDW_VALIDATOR(),OWN POSTGRES_FDW,
EXECUTE PG_BUFFERCACHE_PAGES(),SELECT
PG_BUFFERCACHE
|
RDS_SUPERUSER
Per ulteriori informazioni su RDS_SUPERUSER, consultare Informazioni su ruoli e autorizzazioni di PostgreSQL.
|
|
RDS per Oracle
|
ADMINISTER DATABASE TRIGGER,ALTER DATABASE
LINK,ALTER PUBLIC DATABASE LINK,
AUDIT SYSTEM,CHANGE NOTIFICATION,
DROP ANY DIRECTORY,EXEMPT ACCESS
POLICY,EXEMPT IDENTITY POLICY,EXEMPT
REDACTION POLICY,FLASHBACK ANY TABLE,
GRANT ANY OBJECT PRIVILEGE,RESTRICTED
SESSION,SELECT ANY TABLE,UNLIMITED
TABLESPACE
|
DBA
Il ruolo DBA è esente dai seguenti privilegi:
ALTER DATABASE,ALTER SYSTEM,
CREATE ANY DIRECTORY,CREATE EXTERNAL
JOB,CREATE PLUGGABLE DATABASE,
GRANT ANY PRIVILEGE,GRANT ANY
ROLE,READ ANY FILE GROUP
|
|
Amazon RDS for Microsoft SQL Server
|
ADMINISTER BULK OPERATIONS,ALTER ANY CONNECTION,ALTER ANY CREDENTIAL,
ALTER ANY EVENT SESSION,ALTER ANY LINKED
SERVER,ALTER ANY LOGIN,ALTER ANY
SERVER AUDIT,ALTER ANY SERVER ROLE,
ALTER SERVER STATE,ALTER TRACE,
CONNECT SQL,CREATE ANY DATABASE,
VIEW ANY DATABASE,VIEW ANY
DEFINITION,VIEW SERVER STATE,ALTER ON
ROLE SQLAgentOperatorRole
|
DB_OWNER (ruolo a livello di database), PROCESSADMIN (ruolo a livello di server), SETUPADMIN (ruolo a livello di server), SQLAgentUserRole (ruolo a livello di database), SQLAgentReaderRole (ruolo a livello di database) e SQLAgentOperatorRole (ruolo a livello di database)
|
