diff --git a/docs/en/guides/56-security/access-control/01-privileges.md b/docs/en/guides/56-security/access-control/01-privileges.md index f613111258..8a6dee0243 100644 --- a/docs/en/guides/56-security/access-control/01-privileges.md +++ b/docs/en/guides/56-security/access-control/01-privileges.md @@ -109,7 +109,7 @@ Databend offers a range of privileges that allow you to exercise fine-grained co | ALL | All | Grants all the privileges for the specified object type. | | ALTER | Global, Database, Table, View | Alters a database, table, user or UDF. | | CREATE | Global, Table | Creates a table or UDF. | -| CREATE DATABASE | Global | Creates a database, table or UDF. | +| CREATE DATABASE | Global | Creates a database or UDF. | | CREATE WAREHOUSE | Global | Creates a warehouse. | | DELETE | Table | Deletes or truncates rows in a table. | | DROP | Global, Database, Table, View | Drops a database, table, view or UDF. Undrops a table. | diff --git a/docs/en/sql-reference/10-sql-commands/00-ddl/00-database/ddl-create-database.md b/docs/en/sql-reference/10-sql-commands/00-ddl/00-database/ddl-create-database.md index fbbd05bcd9..d5f0de1193 100644 --- a/docs/en/sql-reference/10-sql-commands/00-ddl/00-database/ddl-create-database.md +++ b/docs/en/sql-reference/10-sql-commands/00-ddl/00-database/ddl-create-database.md @@ -15,6 +15,15 @@ Create a database. CREATE [ OR REPLACE ] DATABASE [ IF NOT EXISTS ] ``` +## Access control requirements + +| Privilege | Object Type | Description | +|:----------------|:------------|:--------------------| +| CREATE DATABASE | Global | Creates a database. | + + +To create a database, the user performing the operation or the [current_role](/guides/security/access-control/roles) must have the CREATE DATABASE [privilege](/guides/security/access-control/privileges). + ## Examples The following example creates a database named `test`: diff --git a/docs/en/sql-reference/10-sql-commands/00-ddl/01-table/10-ddl-create-table.md b/docs/en/sql-reference/10-sql-commands/00-ddl/01-table/10-ddl-create-table.md index a1cc438e68..7b86223825 100644 --- a/docs/en/sql-reference/10-sql-commands/00-ddl/01-table/10-ddl-create-table.md +++ b/docs/en/sql-reference/10-sql-commands/00-ddl/01-table/10-ddl-create-table.md @@ -192,6 +192,16 @@ When choosing between stored computed columns and virtual computed columns, cons Databend's syntax is difference from MySQL mainly in the data type and some specific index hints. +## Access control requirements + +| Privilege | Object Type | Description | +|:----------|:--------------|:-----------------------| +| CREATE | Global, Table | Creates a table. | + + +To create a table, the user performing the operation or the [current_role](/guides/security/access-control/roles) must have the CREATE [privilege](/guides/security/access-control/privileges#table-privileges). + + ## Examples ### Create Table diff --git a/docs/en/sql-reference/10-sql-commands/00-ddl/03-stage/01-ddl-create-stage.md b/docs/en/sql-reference/10-sql-commands/00-ddl/03-stage/01-ddl-create-stage.md index 27a298553b..94a3f02711 100644 --- a/docs/en/sql-reference/10-sql-commands/00-ddl/03-stage/01-ddl-create-stage.md +++ b/docs/en/sql-reference/10-sql-commands/00-ddl/03-stage/01-ddl-create-stage.md @@ -125,6 +125,15 @@ copyOptions ::= | `SIZE_LIMIT = ` | Number (> 0) that specifies the maximum rows of data to be loaded for a given COPY statement. Default `0` | Optional | | `PURGE = ` | True specifies that the command will purge the files in the stage if they are loaded successfully into table. Default `false` | Optional | + +## Access control requirements + +| Privilege | Object Type | Description | +|:----------|:--------------|:--------------------------------------------------------------------------| +| SUPER | Global, Table | Operates a stage(Lists stages. Creates, Drops a stage), catalog or share. | + +To create a stage, the user performing the operation or the [current_role](/guides/security/access-control/roles) must have the SUPER [privilege](/guides/security/access-control/privileges). + ## Examples ### Example 1: Create Internal Stage diff --git a/docs/en/sql-reference/10-sql-commands/00-ddl/10-udf/ddl-create-function.md b/docs/en/sql-reference/10-sql-commands/00-ddl/10-udf/ddl-create-function.md index 2e14a639c1..8b778a6de9 100644 --- a/docs/en/sql-reference/10-sql-commands/00-ddl/10-udf/ddl-create-function.md +++ b/docs/en/sql-reference/10-sql-commands/00-ddl/10-udf/ddl-create-function.md @@ -16,6 +16,14 @@ CREATE [ OR REPLACE ] FUNCTION [ IF NOT EXISTS ] [ DESC='' ] ``` +## Access control requirements + +| Privilege | Object Type | Description | +|:----------|:--------------|:---------------| +| SUPER | Global, Table | Operates a UDF | + +To create a user-defined function, the user performing the operation or the [current_role](/guides/security/access-control/roles) must have the SUPER [privilege](/guides/security/access-control/privileges). + ## Examples See [Usage Examples](/guides/query/udf#usage-examples).