Using roles
A role can be defined as a database object that has the capability to hold a collection of privileges and authorities that can be assigned to a user or a group. Using roles considerably simplifies the management of privileges and authorities to be granted, especially if you have a large user base in your organization.
Getting ready
In this recipe, we will create two roles, named db2rlus and db2rinh
. We will grant the CONNECT and SELECT privileges on tables NAV.COMM and NAV.WAYPOINT, to role db2rlus. We will grant this role to group db2users. Next, we will grant role db2rlus to role db2rihn. Next, we will revoke role db2rlus from the db2users group and re-grant db2rlus role to this group, to demonstrate how roles inherit rights from other roles.
Connect to database
NAVas userdb2secad:[db2inst1@nodedb21 ~]$ db2 "connect to nav user db2secad using db2secad" Database Connection Information Database server = DB2/LINUXX8664 9.7.4 SQL authorization ID = DB2SECAD Local...
