I recently got asked this by a customer of ours and it sparked the idea to put it into a blog post for those who are looking for a similar solution 
The blog posts and guides that I found when researching this would grant SAP Lumira access to all the views on your HANA server but none that I found restricted access to only certain packages.
Firstly let’s create a new ROLE that users will be assigned to:
And let’s now create a test USER and add it to the ROLE we created above:
Now let’s try log into HANA via SAP Lumira with the new user. We get the following error message which is as expected:
I will then give the TEST_ROLE Select rights to _SYS_BI and _SYS_BIC objects as below:
I will then try access HANA again using the TEST_USER. The good news is that we can now connect to SAP HANA but we do not have access to any analytical views yet:
There are a few blog post on SCN, that I found, like this one that touches on granting access for Lumira. Typically this involves granting access to the _SYS_B_CP_ALL Analytic Privilege to your USER/ROLE as below:
The problem/limitation with this method is that it casts the access net over your whole HANA system and will give that user access to all the Views/Packages on your system. As can be seen below we have access to 40 views in total:
So let me revoke the _SYS_BI_CP_ALL privileged first. Once that is done I now want to grant this TEST_ROLE access to only the CV_DEMO package and the three views in that as per the screen shot above.
In HANA Studio right click on the package you want to grant access to (cv_demo in my case) and choose to create a new Analytic Privilege as below:
As a matter of reference I created my Analytic Privilege as AP_CV_DEMO. The final piece of the puzzle is to go back to the TEST_ROLE and grant it access to AP_CV_DEMO Analytic Privilege that we have just created:
For one final check let’s head back into Lumira. When we log on we only have access to the 3 views in CV_DEMO which is what we wanted:
Finally if we access one of those views we are able to see the data in Lumira:
I hope this will help people out who are stuck with this and please do leave comments below if you have any further questions or ideas on this.
As a side note the revisions of Software that this is done on was:
SAP HANA Rev 82 (1.00.82.00.394270)
SAP Lumira 1.19.0 (Build 1099)
Hi Clint,
Excellent blog. Very precise and clear.
I know this is not a forum, but I have been stuck for a few days with a Hana privilege issue. I’m using a SAP Hana Cloud Trial landscape account (developer license). I have Hana Studio in Eclipse in a MAC (OSX). I do not see the _SYS_BIC schema. I see the _SYS_BI and _SYS schemas. I have created and activated analytic and attribute views, but am unable to preview data as it gives my an unauthorized user error. I am the owner of this account, and SAP states that I should be able to view this as a System owner. Can you please advise? My email is [email protected] in case you wish to send an email.