9.7.8 REVOKE
Purpose
The REVOKE
command removes privileges and roles.
Syntax
REVOKE object_type [name] FROM sub_object_type [sub_object_name]
Usage Notes
-
object_type can be as follows:
-
PRIVILEGE
-
ROLE
-
-
The following can be used for
PRIVILEGE
object type:-
name is in the following format:
{ ALL ACTIONS | action } ON { ALL OBJECTS | object } { ALL ATTRIBUTES | \ ATTRIBUTES attribute1 [, attribute2, ...] } { WITH ALL OPTIONS | \ WITH OPTIONS option1 [, option2, ...] }
-
The sub_object_type must be
ROLE
. -
The sub_object_name is a role name, a comma-delimited list of role names, or the keyword
ALL
.
-
-
The following can be used for the
ROLE
object type:-
name is a role name, a comma-delimited list of role names, or the keyword
ALL
. -
The sub_object_type must be
USER
. -
The sub_object_name is the name of the user, a comma-delimited list of user names, or the keyword
ALL
.
-
Parent topic: DBMCLI Command Reference