Revoke user permissions.
REVOKE ( permission_name PERMISSION ) | ( REVOKE ALL PERMISSIONS ) ON resource FROM user_name
permission_name is one of these:
resource is one of these:
- ALL KEYSPACES
- KEYSPACE keyspace_name
- TABLE keyspace_name.table_name
- Uppercase means literal
- Lowercase means not literal
- Italics mean optional
- The pipe (|) symbol means OR or AND/OR
- Ellipsis (...) means repeatable
- Orange ( and ) means not literal, indicates scope
A semicolon that terminates CQL statements is not included in the synopsis.
Permissions to access all keyspaces, a named keyspace, or a table can be revoked from a user. Enclose the user name in single quotation marks if it contains non-alphanumeric characters.
The table in GRANT lists the permissions needed to use CQL statements:
REVOKE SELECT ON ravens.plays FROM boone;
The user boone can no longer perform SELECT queries on the ravens.plays table. Exceptions: Because of inheritance, the user can perform SELECT queries on ravens.plays if one of these conditions is met:
- The user is a superuser.
- The user has SELECT on ALL KEYSPACES permissions.
- The user has SELECT on the ravens keyspace.