All Products
Search

This Product

    REVOKE

    Document Center
    Product Details

    REVOKE

    Last Updated: Apr 23, 2019

    Revoke account permissions

    Syntax

    1. REVOKE privilege_type
    2. ON privilege_level 
    3. FROM user[, …]

    Parameters

    • privilege_type indicates the type of the permission. Valid values are SELECT, SHOW, ALTER, DROP, CREATE, INSERT, UPDATE, DELETE, GRANT OPTION, ALL, ALL PRIVILEGES, and USAGE.

    • privilege_level indicates the level of the permission you want to revoke.

      • * indicates that the database-level permissions of xxDB that is connected to the instance are revoked.

      • . indicates global-level permissions of all tables in all databases are revoked.

      • xxDb.* indicates that database-level permissions of the specified schema or database are revoked.

      • xxDb.yyTable indicates that the table-level permissions of the specified table in the specified database are revoked.

      • yyTable indicates that table-level permissions of xxTable in xxDB that is connected to the instance are revoked.

      • Currently, field-level permissions cannot be revoked.

    • user indicates the sub-account of which permissions are revoked.

      • Only the DLA root account can revoke permissions of other non-root accounts.

      • Non-root accounts cannot revoke permissions of other accounts.

      • Permissions cannot be revoked in cross-account mode.

      • The root account can run the SHOW GRANTS command to view only the permissions of other accounts under the same cloud account.

    Example

    To revoke the DESCRIBE and SELECT permissions of the account dla_test on customer, run the following statement:

    1. REVOKE describe,select ON customer FROM 'dla_test';
    Free Trial Free Trial