REVOKE
¶
Revokes a previously granted privilege on the whole cluster or on a specific object from a user or a role.
Table of contents
Synopsis¶
REVOKE { { DQL | DML | DDL | AL [,...] } | ALL [ PRIVILEGES ] }
[ON {SCHEMA | TABLE | VIEW} identifier [, ...]]
FROM name [, ...];
REVOKE role_name_to_revoke [, ...] FROM name [, ...]
Description¶
REVOKE
is a management statement which comes in two flavours.
The first one is used to revoke previously granted privileges on a specific
object from one or many existing users or roles.
ON {SCHEMA | TABLE | VIEW}
is optional, if not specified the privilege will
be revoked on the CLUSTER
level.
The second one is used to revoke previously granted roles from one or many existing users or roles. Thus, the users or roles loose the privileges which had automatically inherit from those previously granted roles.
For usages of the REVOKE
statement see Privileges.
Parameters¶
- identifier:
The identifier of the corresponding object.
If
TABLE
orVIEW
is specified theidentifier
should include the object’s full qualified name. Otherwise it will be looked up in the current schema.- role_name_to_revoke:
The name of the role to revoke from another user or role.
- name:
The name of an existing user or role.