Create Role

Last Updated: Dec 26, 2016

As described in User Authorization and Show Grants, all users can operate MaxCompute only after added in MaxCompute and granted appropriate privileges.Since there are a number of users existing in a project, the authorization action will be very tedious. In this case, project administrator can classify the users who have the same privileges and each category has the same privileges, which we call “role“. Multiple users can exist in one role simultaneously; a user can belong to multiple roles. After granting privileges to a role, all users of this role will have the same privileges.

Create Role

  1. CREATE ROLE <roleName>;

For example, create a role “player”:

  1. create role player;

Grant a Role to User

  1. GRANT <roleName> TO <full_username>;

For example:

  1. grant player to bob@aliyun.com;

Grant bob@aliyun.com to the role ‘player’. Role authorization statement is similar to user authorization. Refer to User Authorization and Show Grants and User or Role Authorization.

Revoke Role from User

  1. REVOKE <roleName> FROM <full_username>;

For example:

  1. revoke player from bob@aliyun.com;

Remove the user ‘bob@aliyun.com’from the role ‘player’.

Drop Role

To drop a role, use the following command:

  1. DROP ROLE <roleName>;

For example:

  1. drop role player;

Delete the role ‘player’.

Notes:

Thank you! We've received your feedback.