File tree Expand file tree Collapse file tree 1 file changed +22
-0
lines changed
docs/en/sql-reference/00-sql-reference/32-system-history-tables Expand file tree Collapse file tree 1 file changed +22
-0
lines changed Original file line number Diff line number Diff line change @@ -20,6 +20,28 @@ Databend's system history tables provide **Data Governance** capabilities by aut
2020| [ profile_history] ( profile-history.md ) | Detailed query execution profiles | Performance optimization, resource planning, bottleneck identification |
2121| [ log_history] ( log-history.md ) | Raw system logs and events | System troubleshooting, error analysis, operational monitoring |
2222
23+ ## Permissions
24+
25+ ** Access Restrictions:**
26+ - Only ` SELECT ` and ` DROP ` operations are allowed
27+ - ALTER operations are prohibited for all users
28+ - Ownership cannot be transferred
29+
30+ ** Required Permissions:**
31+ To query system history tables, users need one of:
32+ - ` GRANT SELECT ON *.* ` (global access)
33+ - ` GRANT SELECT ON system_history.* ` (database access)
34+ - ` GRANT SELECT ON system_history.table_name ` (table-specific access)
35+
36+ ** Example:**
37+ ``` sql
38+ -- Create audit role for compliance team
39+ CREATE ROLE audit_team;
40+ GRANT SELECT ON system_history.* TO ROLE audit_team;
41+ CREATE USER compliance_officer IDENTIFIED BY ' secure_password' = ' audit_team'
42+ GRANT ROLE audit_team TO USER compliance_officer;
43+ ```
44+
2345## Configuration
2446
2547### Databend Cloud
You can’t perform that action at this time.
0 commit comments