REVOKE

Revoke user permissions.

Synopsis

REVOKE  permission_name PERMISSION 
|  REVOKE ALL PERMISSIONS 
ON resource FROM user_name

permission_name is one of these:

ALL
ALTER
AUTHORIZE
CREATE
DROP
MODIFY
SELECT

resource is one of these:

ALL KEYSPACES
KEYSPACE keyspace_name
TABLE keyspace_name.table_name

Table 1. Legend
Uppercase means literal Lowercase means not literal Italics mean optional The pipe (\|) symbol means OR or AND/OR Ellipsis (...) means repeatable A semicolon that terminates CQL statements is not included in the synopsis.

Description

Permissions to access all keyspaces, a named keyspace, or a table can be revoked from a user. Enclose the user name in single quotation marks if it contains non-alphanumeric characters.

The table in GRANT lists the permissions needed to use CQL statements:

Example

REVOKE SELECT ON ravens.plays FROM boone;

The user boone can no longer perform SELECT queries on the ravens.plays table. Exceptions: Because of inheritance, the user can perform SELECT queries on ravens.plays if one of these conditions is met:

The user is a superuser.
The user has SELECT on ALL KEYSPACES permissions.
The user has SELECT on the ravens keyspace.