I would like to establish readonly connections into the Teradata Manager service on my Teradata Manager server. I have set up a profile called READONLY with access to session information only.
What is the best practice for setting up the users? Should I create a seperate user for each connection into the service or should I create one readonly user that all readonly users should use to login to the service?
Also, is this user(s) always created in Database Setup? The reason I ask is because I created a test user and assigned it to a profile with view session only. After the creation was complete, I reviewed the log and was amazed at the grants that user received:
GRANT SELECT, DELETE ON DBC.ResUSageSHST TO "USRA"; *** Query accepted
GRANT SELECT, DELETE ON DBC.ResUsageSPMA TO "USRA"; *** Query accepted
Grant delete on dbc.acctg to "USRA" *** Query accepted
Just to illustrate a few... is this normal?
My question is... what is the best way to set up a readonly user with session view access only? The user manual recommends doing it this way but I couldn't believe the permissions granted. Any suggestions out there?