Manage users

Statement Description
list users View all users added to the project.
add user <username> <username> Add a user.
remove user <username> <username> Remove the user.

Manage roles

Statement Description
list roles View all created roles.
create role <rolename> <rolename> Create a role.
drop role <rolename> <rolename> Delete a role.
grant <rolelist> to <username> Assign one or multiple roles to the user.
revoke <rolelist> from <username> Revoke a role from the user.

ACL Authorization

Statement Description
grant <privList> on <objType> <objName> to user <username> Authorize a user.
grant <privList> on <objType> <objName> to role <rolename> Authorize a role.
revoke <privList> on <objType> <objName> from user <username> Revoke user authorization.
revoke <privList> on <objType> <objName> from role <rolename> Revoke role authorization.

Permission review

Statement Description
whoami View current user information.
show grants [for <username>] [on type <objectType>] View user role and permissions.
show acl for <objectName> [on type <objectType>] View specific object authorization information.
describe role <roleName> View role authorization information and role assignments.