Amazon Redshift
Database Developer Guide (API Version 2012-12-01)

UDF Security and Privileges

Superusers have all privileges by default. Users must have the following privileges to work with UDFs:

  • To create a UDF or a UDF library, you must have USAGE ON LANGUAGE plpythonu.

  • To replace or drop a UDF or library, you must be the owner or a superuser.

  • To execute a UDF, you must have EXECUTE ON FUNCTION for each function. By default, the PUBLIC user group has execute permission for new UDFs. To restrict usage, revoke EXECUTE from PUBLIC, then grant the privilege to specific individuals or groups.

For more information, see GRANT and REVOKE.