REVOKE

Name

REVOKE

Description

The REVOKE command is used to revoke the privileges assigned by the specified user or role.

  1. REVOKE privilege_list ON db_name[.tbl_name] FROM user_identity [ROLE role_name]
  3. REVOKE privilege_list ON RESOURCE resource_name FROM user_identity [ROLE role_name]

user_identity:

The user_identity syntax here is the same as CREATE USER. And must be a user_identity created with CREATE USER. The host in user_identity can be a domain name. If it is a domain name, the revocation time of permissions may be delayed by about 1 minute.

It is also possible to revoke the permissions of the specified ROLE, the executed ROLE must exist.

Example

  1. Revoke the permission of user jack database testDb

    1. REVOKE SELECT_PRIV ON db1.* FROM 'jack'@'192.%';

  2. Revoke user jack resource spark_resource permission

    1. REVOKE USAGE_PRIV ON RESOURCE 'spark_resource' FROM 'jack'@'192.%';

Keywords

  1. REVOKE

Best Practice