Product:
Starburst Galaxy
- Overview
- Query data
- Explore data
- Share data
-
Manage catalogs
- Overview
- Manage catalogs
- Object storage
-
Non-object storage
- Overview
- Amazon DynamoDB
- Amazon Redshift
- Apache Cassandra
- Apache Druid
- Apache Pinot
- Apache Polaris
- Azure Synapse
- ClickHouse
- Elasticsearch
- Galaxy Telemetry
- Google BigQuery
- Google Sheets
- MariaDB
- Microsoft SQL Server
- MongoDB
- MySQL
- OpenSearch
- Oracle
- PostgreSQL
- Salesforce
- Salesforce Data Cloud
- SAP HANA
- Snowflake
- Tabular
- Sample data sets
- Query performance
- Data ingest
- Migrating queries
- SQL reference
- Overview
- Manage Galaxy access
- Manage data access
-
Manage cluster connectivity
- Overview
- SSH tunnels
- Galaxy IP allow list
- Amazon AWS
- Microsoft Azure
- Google Cloud
-
Private connections
- Overview
- AWS PrivateLink
- AWS PrivateLink for RDS
- AWS PrivateLink for Snowflake
- AWS PrivateLink for MongoDB Atlas
- AWS PrivateLink for on-prem data source
- Connect clients to AWS PrivateLink
- Azure Private Link
- Azure Private Link for ADLS
- Azure Private Link for Azure database PaaS
- Azure Private Link for a database running a VM
starburst galaxy > reference > access control > SQL privileges
SQL privileges #
The Starburst Galaxy access control system manages privileges to access all entities – roles, users, clusters, catalogs, schemas, tables, views, columns, object storage locations, functions, and SQL routines.
The privileges of some entities can also be managed with SQL commands. The following table lists the available types of entities and their associated privileges that can be managed with SQL statements.
Entities with No SQL privileges in the Privileges column can only be
managed with the Starburst Galaxy UI, and not with SQL commands.
| Entity | Description | SQL privileges |
|---|---|---|
| CLUSTER | A single cluster specified by name. | No SQL privileges. Configure USE_CLUSTER and START_STOP_CLUSTER with the user interface. |
| CATALOG | A single catalog specified by name. | CREATE_SCHEMA |
| ROLE | A single role specified by name. | No SQL privileges. Configured with the user interface. |
| USER | A single user specified by name. | No SQL privileges. Configured with the user interface. |
| SCHEMA | A single schema specified by catalog name and schema name. | CREATE_TABLE |
| TABLE | A single table specified by catalog name, schema name and table name. | SELECT, INSERT, DELETE, UPDATE |
| location | A URI to the root of an object storage location. | No SQL privileges. Create SQL as
detailed the location privilege
section. |
| function | A function to invoke as part of a SQL statement. | No SQL privileges. Usage detailed in the function privilege section. |
Is the information on this page helpful?
Yes
No