+551 auth-id DOES NOT HAVE THE PRIVILEGE TO PERFORM OPERATION operation ON OBJECT object-name

Explanation

Authorization ID auth-id has attempted to perform the specified operation on object object-name without having been granted the proper authority to do so. This error might also occur if the specified object does not exist, or if the object is a read-only view (for UPDATE, INSERT, or MERGE). Additionally, the error may occur if auth-id is trying to create a table or view with a schema qualifier that is a value other than auth-id. You may create a table or view with a schema qualifier other than auth-id other than your own authorization ID if your authorization ID is SYSADM, DBADM, or DBCTRL.

If you are using a trusted context, the token auth-id might return a role instead of an authorization ID. A role is returned if a role was in effect and the authorization checking is performed against the role, rather than the authorization ID of the session, when the condition was encountered. Otherwise an authorization ID is returned. A role is returned in the following format as a single token:
  • ROLE: role-name

If this error occurs while Db2 is creating or altering a table involving referential constraints, this code reports that the user does not have the necessary ALTER privilege to perform a FOREIGN KEY, DROP FOREIGN KEY, DROP PRIMARY KEY, or DROP UNIQUE operation. The object-name identifies the object table of the CREATE or ALTER TABLE statement, not the table for which the user lacks the ALTER privilege.

System action

A valid plan or package will be created if no errors are detected. The statement is bound dynamically on each execution of the statement.

Programmer response

For better performance, rebind the plan or package after correcting the statement. To correct the statement, ensure that auth-id has been granted the authority to perform the operation, that object-name exists, and that auth-id is not trying to create a table with a schema qualifier other than the authorization ID.

SQLSTATE

01548