CREATE PRIVILEGE GROUP

Syntax

CREATE PRIVILEGE GROUP pg-name [ ADD ( authid [, authid ] ... ) ];

Description

The CREATE PRIVILEGE GROUP statement creates an explicit privilege group and optionally adds one or more users as group members.

Parameters

pg-name: is the name of the privilege group, a SQL identifier. It cannot be in the same format as a valid Guardian group name.
authid: specifies an authorization ID which must be a valid existing Guardian username, enclosed in double quotes or an External Username that is already associated with one of the Guardian users. If authid is a Guardian username, then it is not case-sensitive.

Considerations

The metadata for the system catalog must be 3500 or higher.
Without the optional ADD clause, the CREATE PRIVILEGE GROUP creates a privilege group with no members and is owned by the creating user.
While creating the privilege group, you cannot specify the same username twice.

Authorization Requirements

If the user creating the privilege group is a member of the Security Administrator’s group, then the ADD clause cannot include any member of the Security Administrator’s group.

Example Command

To create a privilege group:
```
CREATE PRIVILEGE GROUP temp_users;
```

To create a privilege group and add one user with External Username:

CREATE PRIVILEGE GROUP "Database Admins"
  ADD ( "customer@hpe.com" );