search
Start Trial

REVOKE PRIVILEGES

hashtag
Revoke Organization Privileges

hashtag
Syntax

REVOKE [ CREATE_COMPUTE_POOL
       | CREATE_DATABASE 
       | CREATE_STORE 
       | CREATE_SCHEMA_REGISTRY
       | CREATE_DESCRIPTOR_SOURCE 
       | CREATE_FUNCTION_SOURCE | CREATE_FUNCTION
       | CREATE_QUERY
       | CREATE_CONNECTOR
       | ALL PRIVILEGES
       ]
FROM ROLE role_name [, ...];

hashtag
Description

Revokes organization privileges from one or more roles.

The current role requires one of the following privileges:

  • Ownership of organization

  • MANAGE_GRANTS privilege on organization

  • Privilege granted to the current role WITH GRANT OPTION.

hashtag
Arguments

hashtag
CREATE_COMPUTE_POOL

Disallow role from creating compute_pools under the organization.

hashtag
CREATE_DATABASE

Disallow role from creating databases under the organization.

hashtag
CREATE_STORE

Disallow role from creating stores under the organization.

hashtag
CREATE_SCHEMA_REGISTRY

Disallow role from creating schema registries under the organization.

hashtag
CREATE_DESCRIPTOR_SOURCE

Disallow role from uploading descriptor sources to the organization.

hashtag
CREATE_FUNCTION_SOURCE

Disallow role from uploading UDF and UDAF sources to the organization.

hashtag
CREATE_FUNCTION

Disallow role from creating UDFs or UDAFs under the organization.

hashtag
CREATE_QUERY

Disallow role from launching any query under the organization.

hashtag
MANAGE_MEMBERS

Disallow role from managing roles, invitations, and users.

hashtag
MANAGE_GRANTS

Disallow role from managing privilege grants within the organization.

hashtag
ALL PRIVILEGES

Revoke all privileges listed above from the role.

hashtag
role_name [, ...]

One or more roles from which to revoke the privileges.

hashtag
Revoke compute_pool Privileges

hashtag
Syntax

hashtag
Description

Revoke compute_pool privileges from one or more roles.

hashtag
Arguments

hashtag
USAGE

Disallow role from listing or using the compute_pool.

hashtag
ALL PRIVILEGES

Revoke all the privileges listed above from the role.

hashtag
compute_pool_name

The name of the compute_pool on which to revoke privileges.

hashtag
role_name [, ...]

One or more roles from which to revoke the privileges.

hashtag
Revoke Database Privileges

hashtag
Syntax

hashtag
Description

Revoke database privileges from one or more roles.

hashtag
Arguments

hashtag
USAGE

Disallow role from listing or using the database.

hashtag
CREATE

Disallow role from creating schemas under the database.

hashtag
ALL PRIVILEGES

Revoke all the privileges listed above from the role.

hashtag
database_name

The name of the database on which to revoke privileges.

hashtag
role_name [, ...]

One or more roles from which to revoke the privileges.

hashtag
Revoke Database Schema Privileges

hashtag
Syntax

hashtag
Description

Revokes schema privileges from one or more roles.

hashtag
Arguments

hashtag
USAGE

Disallow role from listing and using the schema.

hashtag
CREATE

Disallow role from creating relations under the schema.

hashtag
ALL PRIVILEGES

Revoke all the privileges listed above from the role.

hashtag
schema_name

The qualified name of the schema from which to revoke privileges. This name can include a specific database name to form a fully-qualified name in the format of <database_name>.<schema_name>; otherwise the system uses the current database name in the session.

hashtag
role_name [, ...]

One or more roles from which to revoke the privileges.

hashtag
Revoke Store Privileges

hashtag
Syntax

hashtag
Description

Revokes store privileges from one or more roles.

hashtag
Arguments

hashtag
USAGE

Disallow role from listing and using the store.

hashtag
store_name

The name of the store from which to revoke privileges.

hashtag
role_name [, ...]

One or more roles from whichto revoke the privileges.

hashtag
Revoke Descriptor Source Privileges

hashtag
Syntax

hashtag
Description

Revoke descriptor source privileges from one or more roles.

hashtag
Arguments

hashtag
USAGE

Disallow role from listing and using the descriptor source.

hashtag
descriptor_source_name

The name of the descriptor source on which to revoke privileges.

hashtag
role_name [, ...]

One or more roles from which to revoke the privileges.

hashtag
Revoke Relation Privileges

hashtag
Syntax

hashtag
Description

Revokes relation privileges from one or more roles.

hashtag
Arguments

hashtag
SELECT

Disallow role from creating a query and using the relation as a source.

hashtag
INSERT

Disallow role from creating a query and using the relation as a sink.

hashtag
relation_name

The name of the relation from which to revoke privileges. Optionally, provide database and schema name for a fully-qualified relation name in the format of [<database_name>.<schema_name>.]<relation_name> — for example, db1.public.pageviews. Otherwise, the system uses the current database and schema to identify the relation.

hashtag
role_name [, ...]

One or more roles from which to revoke the privileges.

hashtag
Revoke Function Source Privileges

hashtag
Syntax

hashtag
Description

Revokes function source privileges from one or more roles.

hashtag
Arguments

hashtag
USAGE

Disallow role from listing and using the function source.

hashtag
descriptor_source_name

The name of the function source on which to revoke privileges.

hashtag
role_name [, ...]

One or more roles from which to revoke the privileges.

hashtag
Revoke Function Privileges

hashtag
Syntax

hashtag
Description

Revokes function privileges from one or more roles.

hashtag
Arguments

hashtag
USAGE

Disallow role from listing and using the function.

hashtag
descriptor_source_name

The name of the function on which to revoke privileges.

hashtag
role_name [, ...]

One or more roles from which to revoke the privileges.

PreviousREVOKE INVITATIONNextREVOKE ROLE

Last updated