REVOKE

Revoke user permissions.

Revoke user permissions.

Synopsis

REVOKE  permission_name PERMISSION 
|  REVOKE ALL PERMISSIONS 
ON resource FROM user_name

permission_name is one of these:

  • ALL
  • ALTER
  • AUTHORIZE
  • CREATE
  • DROP
  • MODIFY
  • SELECT

resource is one of these:

  • ALL KEYSPACES
  • KEYSPACE keyspace_name
  • TABLE keyspace_name.table_name
Table 1. Legend
  • Uppercase means literal
  • Lowercase means not literal
  • Italics mean optional
  • The pipe (|) symbol means OR or AND/OR
  • Ellipsis (...) means repeatable

A semicolon that terminates CQL statements is not included in the synopsis.

Description

Permissions to access all keyspaces, a named keyspace, or a table can be revoked from a user. Enclose the user name in single quotation marks if it contains non-alphanumeric characters.

The table in GRANT lists the permissions needed to use CQL statements:

Example

REVOKE SELECT ON ravens.plays FROM boone;

The user boone can no longer perform SELECT queries on the ravens.plays table. Exceptions: Because of inheritance, the user can perform SELECT queries on ravens.plays if one of these conditions is met:

  • The user is a superuser.
  • The user has SELECT on ALL KEYSPACES permissions.
  • The user has SELECT on the ravens keyspace.