GIVE PRIVILEGE GROUP

Syntax

GIVE PRIVILEGE GROUP pg-name TO authid;

Description

The GIVE PRIVILEGE GROUP statement transfers the ownership of a privilege group to another user.

Parameters

pg-name: is the name of an existing explicit privilege group, a SQL identifier. It cannot be in the same format as a valid Guardian group name and an implicit privilege group name.
authid: specifies an authorization ID which must be a valid Guardian username, enclosed in double quotes, or an External Use name that is already associated with one of the Guardian users. If authid is a Guardian username, then it is not case-sensitive.

Considerations

The metadata for the system catalog must be 3500 or higher.
The ownership of a privilege group can be transferred to any existing user on the system.
The existing privileges granted to the privilege group are not affected by GIVE PRIVILEGE GROUP command.

Authorization Requirements

To transfer the ownership using GIVE PRIVILEGE GROUP, you must be one of the following:
- Privilege group owner
- Security Administrator
- Super ID (if Super ID is a part of the Security Administrator’s group or if no Security Administrator’s group exists)
The ownership of the privilege group cannot be transferred to any member of the Security Administrator’s group, unless the grantor is the owner of the privilege group.

Example Command

To transfer the ownership of a privilege group:

GIVE PRIVILEGE GROUP temp_users TO "customer@hpe.com";