Database Development

IBM DB2 LUW – How to Grant Account Privileges to CREATE & DROP specific object types

As part of a system hardening exercise I am looking to restrict DB2-LUW privileges by individual service account and use-case. In this particular instance, i’m looking for a way to restrict the CREATE and DROP permissions to a particular object type, i.e. ALIAS, rather than grant the service account account CREATE access to the whole scheme. My DBA told me this is not possible, but this seems surprisingly and a rather brute force way to design permissions administration.

Thanks in advance for your input.

Leave a Reply

Your email address will not be published. Required fields are marked *