Database Users¶
Without separation of permissions, GaussDB(DWS) supports two types of database accounts: administrator and common user. For details about user types and permissions under separation of permissions, see Separation of Permissions.
The administrator can manage all common users and databases.
Common users can connect to and access the database, and perform specific database operations and execute SQL statements after being authorized.
Users are authenticated when they log in to the GaussDB(DWS) database. A user can own databases and database objects (such as tables), and grant permissions of these objects to other users and roles. In addition to system administrators, users with the CREATEDB attribute can create databases and grant permissions to these databases.
Database User Types¶
User Type | Description | Allowed Operations | How to Create |
---|---|---|---|
Administrator dbadmin | An administrator, also called a system administrator, is an account with the SYSADMIN attribute. | If separation of permissions is not enabled, this account has the highest permission in the system and can perform all operations. The system administrator has the same permissions as the object owner. |
|
Common user | Common user |
| Run the CREATE USER syntax to create a common user. CREATE USER u1 PASSWORD '{Password}';
|
Private user | A user created with the INDEPENDENT attribute in non-separation-of-permissions mode. Database administrators can manage (DROP, ALTER, and TRUNCATE) objects of private users but cannot access (INSERT, DELETE, SELECT, UPDATE, COPY, GRANT, REVOKE, and ALTER OWNER) the objects before being authorized. | Use the CREATE USER syntax to create a private user. CREATE USER user_independent WITH INDEPENDENT IDENTIFIED BY '{Password}';
|