GRANT SERVICE ROLE¶

Assigns a service role to an account role, application role, or database role. For more information, see Managing service-related privileges.

See also:: REVOKE SERVICE ROLE, SHOW ROLES IN SERVICE, SHOW GRANTS

语法

GRANT SERVICE ROLE <name> TO
{
  ROLE <role_name>                     |
  APPLICATION ROLE <application_role_name>  |
  DATABASE ROLE <database_role_name>
}

参数

name

指定要授予的服务角色的标识符。如果标识符包含空格或特殊字符，则整个字符串必须放在双引号内。放在双引号内的标识符也区分大小写。

按以下格式指定服务角色名称：

service-name!service-role-name

For example, echo_service!echoendpoint_role.

ROLE role_name

要向其授予服务角色的账户角色的名称。

APPLICATION ROLE application_role_name

要向其授予服务角色的应用程序角色的名称。

DATABASE ROLE database_role_name

要向其授予服务角色的数据库角色的名称。

访问控制要求

A role used to execute this operation must have the following privileges at a minimum:

Privilege or role	Object	Notes
OWNERSHIP	Service	Only the service owner can grant the service role.

For instructions on creating a custom role with a specified set of privileges, see Creating custom roles.

For general information about roles and privilege grants for performing SQL actions on securable objects, see Overview of Access Control.

示例

The following command grants the echoendpoint_role service role defined in the echo_service service specification to the service_function_user_role role.

GRANT SERVICE ROLE echo_service!echoendpoint_role TO ROLE service_function_user_role;