REVOKE-AnalyticDB(AnalyticDB)-阿里云帮助中心

Use REVOKE to remove permissions from an account.

REVOKE
    priv_type [(column_list)]
      [, priv_type [(column_list)]] ...
    ON [object_type] priv_level
    FROM user

Parameters

Parameter	Description
`priv_type`	The permission type to revoke. For the full list, see Permission model.
`column_list`	(Optional) One or more column names. Applies only when `priv_type` is `SELECT`, restricting the revocation to specific columns.
`priv_level`	The scope of the permission to revoke: `.` (cluster level), `db_name.*` (database level), `db_name.table_name` / `table_name` (table level), or `catalog catalog_name` (external catalog level).

To run REVOKE, the account must have the GRANT OPTION permission.

Revoke all database-level permissions from account3:
```
REVOKE ALL ON adb_demo.* FROM 'account3';
```
Revoke the ACCESS permission on the external catalog paimon_catalog from account4:
```
REVOKE ACCESS ON catalog paimon_catalog FROM 'account4';
```