REVOKE
Name
REVOKE
Description
The REVOKE command is used to revoke the privileges assigned by the specified user or role.
REVOKE privilege_list ON db_name[.tbl_name] FROM user_identity [ROLE role_name]
REVOKE privilege_list ON RESOURCE resource_name FROM user_identity [ROLE role_name]
user_identity:
The user_identity syntax here is the same as CREATE USER. And must be a user_identity created with CREATE USER. The host in user_identity can be a domain name. If it is a domain name, the revocation time of permissions may be delayed by about 1 minute.
It is also possible to revoke the permissions of the specified ROLE, the executed ROLE must exist.
Example
Revoke the permission of user jack database testDb
REVOKE SELECT_PRIV ON db1.* FROM 'jack'@'192.%';
Revoke user jack resource spark_resource permission
REVOKE USAGE_PRIV ON RESOURCE 'spark_resource' FROM 'jack'@'192.%';
Keywords
REVOKE