Because functions
are associated with a database, the functions inherit the access rights
of that database. It could be useful to create a separate shared database
for scoring functions so that access rights can be customized as needed.
If you use scoring functions
to run your scoring model, you must have the following permissions
on the database where the functions are published:
| CREATE FUNCTION |
| DROP FUNCTION |
| EXECUTE FUNCTION |
| ALTER FUNCTION |
If you use the SAS Embedded
Process to run your scoring model, you must have these permissions:
| SELECT, CREATE TABLE, INSERT ON database TO userid |
| EXECUTE FUNCTION ON SAS_SYSFNLIB |
| EXECUTE FUNCTION ON SYSLIB.MonitorVirtualConfig |
| EXECUTE PROCEDURE ON SAS_SYSFNLIB |
Note: database refers
to both the database where the scoring files and model table are published
and the database that contains the output table. If you use the SAS
Embedded Process publish method to publish models from SAS Model Manager
to a Teradata database, and you select “Validate scoring results”,
the user database is the database that contains the output table.
Therefore, the user database must have the permissions listed above
to validate the scoring results.
The SAS_SCORE_EP procedure
runs with access rights of the calling user.
Note: During deployment of the
SAS Embedded Process, the SAS Embedded Process support function package
(sasepfunc) installs grant.sh, which helps an administrator grant
permissions for the SAS Embedded Process. An administrator has to
run the script from a machine with Teradata BTEQ utility once for
each SAS Embedded Process user.
To obtain database
permissions, contact your database administrator.