The least privileged user requirements for the Management Pack include a restricted SAP HANA user account that has been customized as described in the following section. Creating the required SAP HANA user account includes the following tasks:
Creating a Restricted SAP HANA User
Granting Privileges to a Restricted SAP HANA User
Creating a Restricted SAP HANA User
Run CREATE RESTRICTED USER <USERNAME> PASSWORD “<password>”; to create a restricted user.
Run ALTER USER <USERNAME> ENABLE CLIENT CONNECT; to allow the user to connect to the database.
Granting Privileges to a Restricted SAP HANA User
Run GRANT CATALOG READ TO <USERNAME>; to give the user read-only access to all system views.
Run GRANT SELECT ON <VIEW_NAME> TO <USERNAME>; for each view listed below:
_SYS_STATISTICS.STATISTICS_CURRENT_ALERTS
SYS.M_BLOCKED_TRANSACTIONS
SYS.M_CACHES
SYS.M_CONNECTION_STATISTICS
SYS.M_CONNECTIONS
SYS.M_DATABASE
SYS.M_DATABASE_HISTORY
SYS.M_DISKS
SYS.M_EXPENSIVE_STATEMENTS
SYS.M_GARBAGE_COLLECTION_STATISTICS
SYS.M_HOST_INFORMATION
SYS.M_HOST_RESOURCE_UTILIZATION
SYS.M_JOB_PROGRESS SYS.M_LANDSCAPE_HOST_CONFIGURATION
SYS.M_LICENSE
SYS.M_MEMORY
SYS.M_RECORD_LOCKS
SYS.M_SERVICE_MEMORY
SYS.M_SERVICE_STATISTICS
SYS.M_SERVICE_THREADS
SYS.M_SERVICES
SYS.M_SHARED_MEMORY
SYS.M_SYSTEM_OVERVIEW
SYS.M_TRANSACTIONS
SYS.M_VOLUME_IO_STATISTICS
SYS.M_VOLUME_SIZES
SYS.M_VOLUMES
After creating the user, the password must be changed by logging in to the SAP HANA Administration Console.
For detailed information on creating restricted users and granting privileges to users, visit the SAP Help Portal.
