cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 

Authorizations for HANA Security Administrator

Go to solution
niteshgupta87
Active Participant

on ‎11-04-2014 7:02 AM

0 Kudos

Hi Guys,

Could any one please explain what all roles/privileges are required for a HANA Security Administrator. I am aware of below privileges, but any thing apart from these?

Standard Roles:  MODELING , MONITORING

Package Privileges:  For Root Package, below privileges:

REPO.READ
REPO.EDIT_NATIVE_OBJECTS
REPO.ACTIVATE_NATIVE_OBJECTS
REPO.MAINTAIN_NATIVE_OBJECTS

System Privileges:  (Some of these might not be needed)

REPO.EXPORT
REPO.IMPORT
REPO.MAINTAIN_DELIVERY_UNITS
REPO.WORK_IN_FOREIGN_WORKSPACE
REPO.MODIFY_CHANGE
REPO.MODIFY_OWN_CONTRIBUTION
REPO.MODIFY_FOREIGN_CONTRIBUTION
ROLE ADMIN
USER ADMIN
TRACE ADMIN
CREATE STRUCTURED PRIVILEGE
STRUCTUREDPRIVILEGE ADMIN

Object Privileges:  SELECT, EXECUTE, INSERT and UPDATE for  _SYS_BI, _SYS_BIC, _SYS_REPO and for schema where all views are stored.

EXECUTE for procedure REPOSITORY_REST.

Analytic Privilege:   _SYS_BI_CP_ALL

Is there anything else I am missing? Actually I already have these privileges but not able to assign privileges like REPO.IMPORT or package privileges to users.

Thanks & Regards,

Nitesh Gupta

Show replies
Show replies
Answer

Accepted Solutions (1)

Accepted Solutions (1)

vivekbhoj
Active Contributor
‎11-17-2014 11:02 AM
0 Kudos

Hi Nitesh,

It depends on what all authorizations you want to give to your security administrator.

For example, you will need to give him INFILE ADMIN System privilege so that he is able to make changes to password configuration file.

Similarly, You need to provide SELECT, INSERT, UPDATE privilege on _SYS_PASSWORD_BLACKLIST table present in _SYS_SECURITY schema and there are many such privileges.

Similarly, why you want to give Security Admin - Modeling and Monitoring roles or _SYS_BI_CP_ALL privilege?

So I would advise you to go through the below documents once:

SAP HANA Security Guide - SAP Library

Regards,

Vivek

Show replies
Show replies
niteshgupta87
Active Participant
‎11-19-2014 6:04 AM
0 Kudos

Thanks Vivek..Thats really helpful.

Answers (0)

Ask a Question