IBM Data and AI Ideas Portal for Clients

Shape the future of IBM!

We invite you to shape the future of IBM, including product roadmaps, by submitting ideas that matter to you the most. Here's how it works:

Post your ideas

If you have not registered on this portal please register at http://ibm.biz/IBM-Data-and-AI-Portal-Register . To complete registration you will need to open the email you will receive from Aha to confirm your identity.

Post ideas and requests to enhance a product or service. Take a look at ideas others have posted and upvote them if they matter to you,

  1. Post an idea

  2. Upvote ideas that matter most to you

  3. Get feedback from the IBM team to refine your idea

Help IBM prioritize your ideas and requests

The IBM team may need your help to refine the ideas so they may ask for more information or feedback. The offering manager team will then decide if they can begin working on your idea. If they can start during the next development cycle, they will put the idea on the priority list. Each team at IBM works on a different schedule, where some ideas can be implemented right away, others may be placed on a different schedule.

Receive notification on the decision

Some ideas can be implemented at IBM, while others may not fit within the development plans for the product. In either case, the team will let you know as soon as possible. In some cases, we may be able to find alternatives for ideas which cannot be implemented in a reasonable time.

Additional Information

To view our roadmaps: http://ibm.biz/Data-and-AI-Roadmaps

Reminder: This is not the place to submit defects or support needs, please use normal support channel for these cases

IBM Employees:

The correct URL for entering your ideas is: https://hybridcloudunit-internal.ideas.aha.io

Security & Permissions

 

A user should ONLY be able to view objects of a schema that has explicit privileges (unless the owner).

Eg. If we say 'grant schemaadm on schema abc to role xyz' then any user in that role should be able to view the tables in schema abc. (like LIST in NZ).

 

Be able to grant 'create table/drop table privilege' to a user/group/role in Db2 like NZ. We have CREATEIN on a schema but that will allow for other objects other than tables to be created in the schema and CREATETAB is at the database level.

  • Avatar32.5fb70cce7410889e661286fd7f1897de Guest
  • Jul 2 2019
  • Not Under Consideration
Who would benefit from this IDEA? As a customer I want to be able to grant above listed permission to be in compliant with our Netezza security mode.
How should it work?

A user should ONLY be able to view objects of a schema that has explicit privileges (unless the owner).

Eg. If we say 'grant schemaadm on schema abc to role xyz' then any user in that role should be able to view the tables in schema abc. (like LIST in NZ).

 

Be able to grant 'create table/drop table privilege' to a user/group/role in Db2 like NZ. We have CREATEIN on a schema but that will allow for other objects other than tables to be created in the schema and CREATETAB is at the database level.

Idea Priority Urgent
Priority Justification We are migrating all our Netezza servers to IIAS.
Client Name Blue Shield of CA
  • Attach files
  • Admin
    Maryia Rakina commented
    8 Jul, 2019 07:00pm

    Hi Chandra, we are reviewing your request and will get back to you soon. Thank you for your patience!

    Maryia Rakina,

    HDM Offering Management

  • Avatar40.8f183f721a2c86cd98fddbbe6dc46ec9
    Guest commented
    3 Jul, 2019 11:47pm

    1) May I know what is the replacement for "LIST" permission in Netezza?

    2) As our ELT involves creating and dropping tables, we do class level permissions. We can't grant access on individual/specific objects.

    Example Nz commands:

    grant select on table to NZ_DB_PERMISSION_GRP_RO;

    grant select on view to NZ_DB_PERMISSION_GRP_RO;

    If you see above commands, there is "NO" tablename or viewname mentioned. I call it object class wise permission at schema level. I am granting SELECT on all tables and views (existing & future).

    Below are the commands we use in day to day work. We need replacement for below.

     

    create group NZ_DB_PERMISSION_GRP_RO

    grant list on NZ_DB_PERMISSION to NZ_DB_PERMISSION_GRP_RO

    grant temp table to NZ_DB_PERMISSION_GRP_RO;

    grant execute on aggregate to NZ_DB_PERMISSION_GRP_RO;

    grant list on aggregate to NZ_DB_PERMISSION_GRP_RO;

    grant list on external table to NZ_DB_PERMISSION_GRP_RO;

    grant select on external table to NZ_DB_PERMISSION_GRP_RO;

    grant execute on function to NZ_DB_PERMISSION_GRP_RO;

    grant list on function to NZ_DB_PERMISSION_GRP_RO;

    grant execute on procedure to NZ_DB_PERMISSION_GRP_RO;

    grant list on procedure to NZ_DB_PERMISSION_GRP_RO;

    grant list on sequence to NZ_DB_PERMISSION_GRP_RO;

    grant select on sequence to NZ_DB_PERMISSION_GRP_RO;

    grant list on synonym to NZ_DB_PERMISSION_GRP_RO;

    grant select on synonym to NZ_DB_PERMISSION_GRP_RO;

    grant list on table to NZ_DB_PERMISSION_GRP_RO;

    grant select on table to NZ_DB_PERMISSION_GRP_RO;

    grant list on view to NZ_DB_PERMISSION_GRP_RO;

    grant select on view to NZ_DB_PERMISSION_GRP_RO;

    grant create temp table to NZ_DB_PERMISSION_GRP_RO;

     

    create group NZ_DB_PERMISSION_GRP_RW

    grant list on NZ_DB_PERMISSION to NZ_DB_PERMISSION_GRP_RW

    grant list, execute on function to NZ_DB_PERMISSION_GRP_RW
    grant create temp table to NZ_DB_PERMISSION_GRP_RW ;

    grant execute on aggregate to NZ_DB_PERMISSION_GRP_RW ;


    grant list on aggregate to NZ_DB_PERMISSION_GRP_RW ;

    grant list on external table to NZ_DB_PERMISSION_GRP_RW ;
    grant list, execute on function to NZ_DB_PERMISSION_GRP_RW

    grant select on external table to NZ_DB_PERMISSION_GRP_RW ;


    grant execute on function to NZ_DB_PERMISSION_GRP_RW ;

    grant list on function to NZ_DB_PERMISSION_GRP_RW ;

    grant execute on procedure to NZ_DB_PERMISSION_GRP_RW ;

    grant list on procedure to NZ_DB_PERMISSION_GRP_RW ;

    grant list on sequence to NZ_DB_PERMISSION_GRP_RW ;

    grant select on sequence to NZ_DB_PERMISSION_GRP_RW ;

    grant list on synonym to NZ_DB_PERMISSION_GRP_RW ;

    grant select on synonym to NZ_DB_PERMISSION_GRP_RW ;

    grant list on table to NZ_DB_PERMISSION_GRP_RW ;

    grant select on table to NZ_DB_PERMISSION_GRP_RW ;

    grant list on view to NZ_DB_PERMISSION_GRP_RW ;

    grant select on view to NZ_DB_PERMISSION_GRP_RW ;

    grant aggregate to NZ_DB_PERMISSION_GRP_RW ;

    grant external table to NZ_DB_PERMISSION_GRP_RW ;

    grant function to NZ_DB_PERMISSION_GRP_RW ;

    grant materialized view to NZ_DB_PERMISSION_GRP_RW ;

    grant procedure to NZ_DB_PERMISSION_GRP_RW ;

    grant sequence to NZ_DB_PERMISSION_GRP_RW ;

    grant synonym to NZ_DB_PERMISSION_GRP_RW ;

    grant table to NZ_DB_PERMISSION_GRP_RW ;

    grant view to NZ_DB_PERMISSION_GRP_RW ;

    grant drop on aggregate to NZ_DB_PERMISSION_GRP_RW ;

    grant alter on aggregate to NZ_DB_PERMISSION_GRP_RW ;

    grant delete on sequence to NZ_DB_PERMISSION_GRP_RW ;

    grant update on sequence to NZ_DB_PERMISSION_GRP_RW ;

    grant delete on synonym to NZ_DB_PERMISSION_GRP_RW ;

    grant delete on table to NZ_DB_PERMISSION_GRP_RW ;

    grant genstats on table to NZ_DB_PERMISSION_GRP_RW ;

    grant insert on table to NZ_DB_PERMISSION_GRP_RW ;

    grant truncate on table to NZ_DB_PERMISSION_GRP_RW ;

    grant update on table to NZ_DB_PERMISSION_GRP_RW ;

    grant alter on view to NZ_DB_PERMISSION_GRP_RW ;


    create group NZ_DB_PERMISSION_GRP_SVC
    CREATE GROUP
    grant list on NZ_DB_PERMISSION to NZ_DB_PERMISSION_GRP_SVC

    grant table to NZ_DB_PERMISSION_GRP_SVC;
    grant list, execute on function to NZ_DB_PERMISSION_GRP_SVC

    grant temp table to NZ_DB_PERMISSION_GRP_SVC;


    grant external table to NZ_DB_PERMISSION_GRP_SVC;
    grant list, execute on function to NZ_DB_PERMISSION_GRP_SVC

    grant execute on aggregate to NZ_DB_PERMISSION_GRP_SVC;

    grant list on aggregate to NZ_DB_PERMISSION_GRP_SVC;


    grant list on external table to NZ_DB_PERMISSION_GRP_SVC;

    grant select on external table to NZ_DB_PERMISSION_GRP_SVC;

    grant execute on function to NZ_DB_PERMISSION_GRP_SVC;

    grant list on function to NZ_DB_PERMISSION_GRP_SVC;

    grant execute on procedure to NZ_DB_PERMISSION_GRP_SVC;

    grant list on procedure to NZ_DB_PERMISSION_GRP_SVC;

    grant list on sequence to NZ_DB_PERMISSION_GRP_SVC;

    grant select on sequence to NZ_DB_PERMISSION_GRP_SVC;

    grant delete on sequence to NZ_DB_PERMISSION_GRP_SVC;

    grant update on sequence to NZ_DB_PERMISSION_GRP_SVC;

    grant list on synonym to NZ_DB_PERMISSION_GRP_SVC;

    grant select on synonym to NZ_DB_PERMISSION_GRP_SVC;

    grant delete on synonym to NZ_DB_PERMISSION_GRP_SVC;

    grant list on table to NZ_DB_PERMISSION_GRP_SVC;

    grant select on table to NZ_DB_PERMISSION_GRP_SVC;

    grant delete on table to NZ_DB_PERMISSION_GRP_SVC;

    grant genstats on table to NZ_DB_PERMISSION_GRP_SVC;

    grant insert on table to NZ_DB_PERMISSION_GRP_SVC;

    grant truncate on table to NZ_DB_PERMISSION_GRP_SVC;

    grant update on table to NZ_DB_PERMISSION_GRP_SVC;

    grant drop on table to NZ_DB_PERMISSION_GRP_SVC;

    grant list on view to NZ_DB_PERMISSION_GRP_SVC;

    grant select on view to NZ_DB_PERMISSION_GRP_SVC;

     


    create group NZ_DB_PERMISSION_GRP_VIEW

    grant list on NZ_DB_PERMISSION to NZ_DB_PERMISSION_GRP_VIEW

    create view TO NZ_DB_PERMISSION_GRP_VIEW;

    drop ON view TO NZ_DB_PERMISSION_GRP_VIEW;


IBM's success depends on gathering feedback from customers like yourself. Aha Ideas Portal is the third party tool through which IBM Offering Managers gather feedback from customers such as yourself.
IBM is a global organization with business processes, management structures, technical systems and service provider networks that cross borders. As such, the information collected through Aha Ideas Portal (Customer Name, Customer Email Address) will be stored by them in the United States, and handled only as per IBM's instructions and policies. Your data (Name and Email Address) will NOT be shared with other IBM customers.
In order to safeguard your information in Aha, do not leave your workstation unattended while using this application, log off after using it, and print only if necessary. If you need to make a hardcopy, remember to pick up the print-out immediately, keep it under lock, and destroy it immediately when no longer needed.
NOTICE TO EU RESIDENTS: per EU Data Protection Policy, if you wish to remove your personal information from the IBM ideas portal, please login to the ideas portal using your previously registered information then change your email to "anonymous@euprivacy.out" and first name to "anonymous" and last name to "anonymous". This will ensure that IBM will not send any emails to you about all idea submissions