REVOKE
On this page
Revoke privileges from a SingleStore user or role.
Syntax
REVOKE priv_type [, priv_type] ... ON priv_level
FROM user_or_role [, user_or_role [ ... ]] ...
priv_level:
*
| *.*
| database.*
user_or_role:
user [, user]
| role
user:
'user_name'[@'host_name']
role:
ROLE 'role_name'
priv_type:
SELECT
| INSERT
| UPDATE
| DELETE
| CREATE
| DROP
| RELOAD
| PROCESS
| FILE READ
| FILE WRITE
| GRANT OPTION
| INDEX
| ALTER
| SHOW METADATA
| SUPER
| CREATE TEMPORARY TABLES
| LOCK TABLES
| REPLICATION
| CREATE VIEW
| SHOW VIEW
| CREATE USER
| CLUSTER
| ALTER VIEW
| DROP VIEW
| BACKUP
| CREATE DATABASE
| DROP DATABASE
REVOKE ALL PRIVILEGES, GRANT OPTION
FROM user_or_role [, user_or_role] ...Remarks
-
priv_- privilege levellevel -
priv_- privilege typetype -
user_: One or more user attributes or a role attribute.or_ role The @'host_part is optional.name' If a hostname is not specified, @'%'will be appended to the user string.For example, 'demo-user'is equivalent to'demo-user'@'%'.The '%'wildcard matches any hostname.userandhost_need not be quoted if they are legal as unquoted identifiers.name Quotes must be used if a host_string contains wildcard characters (such asname %), or a user string contains special characters (such as space or-) or is a restricted keyword. -
This command can be run on any SingleStore node.
-
This command causes implicit commits.
Refer to COMMIT for more information. -
GRANT OPTIONmust be revoked separately from any other privileges. -
The
REVOKEcommand holds a global lock on the cluster until the processing of the command is completed.See Cluster Level Locks for more info. -
A user is granted the
USAGEprivilege by default.This privilege cannot be removed by using REVOKE [ALL].The USAGEprivilege is automatically removed when the user is dropped. -
Refer to the Permission Matrix for the required permission.
Examples
REVOKE INSERT ON *.* FROM 'user';REVOKE ALL PRIVILEGES, GRANT OPTION FROM 'user';REVOKE SELECT ON dbTable FROM ROLE 'r1';
Related Topics
Last modified: February 1, 2024