REVOKE (Role)
Revokes a role (and administrative access, applicable) from a grantee. A user that has administrator access to a role can revoke the role for other users.
You can also remove a role's access to another role.
Syntax
REVOKE [ ADMIN OPTION FOR ] role [, ...]
... FROM { user | role | PUBLIC } [, ...]
...[ CASCADE ];
Parameters
ADMIN OPTION FOR |
Revokes just the user's or role's administration access to the role, and not the role itself. |
role |
The name of one or more roles from which you want to revoke access. |
user | role | PUBLIC |
The name of a user or role whose permission you want to revoke. You can use the PUBLIC option to revoke access to a role that was previously made public. |
CASCADE |
Revokes the privilege from the specified user or role and then from others. After a user or role has been granted a privilege, the user can grant that privilege to other users and roles. The CASCADE keyword first revokes the privilege from the initial user or role, and then from other grantees extended the privilege. |
Examples
This example shows the revocation of the pseudosuperuser role from the dbadmin user:
=> REVOKE pseudosuperuser from dbadmin;
This example shows the revocation of administration access from the dbadmin user for the pseudosuperuser role. The ADMIN OPTION command does not remove the pseudosuperuser role.
=> REVOKE ADMIN OPTION FOR pseudosuperuser FROM dbadmin;
Notes
If the role you are trying to revoke was not already granted to the user, Vertica returns a NOTICE:
=> REVOKE commentor FROM Sue; NOTICE 2022: Role "commentor" was not already granted to user "Sue" REVOKE ROLE
