DLI Permissions
Elastic Resource Pool
- For details about authorization through the DLI console, see Managing Permissions.
- For details about authorization through APIs, see Data Authorization APIs.
|
Operation |
Description |
DLI Privileges |
Authorizable Through DLI Console (Yes/No) |
Authorizable Through API (Yes/No) |
Authorization Object |
|---|---|---|---|---|---|
|
Updating an elastic resource pool |
Updates the description of an elastic resource pool. |
UPDATE |
Yes |
Yes |
Single resource |
|
Managing resources |
Adds queues, deletes queues, and configures scaling policies for queues in an elastic resource pool. |
RESOURCE_MANAGEMENT |
Yes |
Yes |
Single resource |
|
Deleting an elastic resource pool |
Deletes an elastic resource pool. |
DROP |
Yes |
Yes |
Single resource |
|
Changing specifications |
Changes the specifications of a yearly/monthly elastic resource pool. |
SCALE |
Yes |
Yes |
Single resource |
|
Granting permissions |
Grants elastic resource pool permissions to other users. |
GRANT_PRIVILEGE |
Yes |
Yes |
Single resource |
|
Revoking permissions |
Revokes the elastic resource pool permissions of other users, but not the pool owner. |
REVOKE_PRIVILEGE |
Yes |
Yes |
Single resource |
|
Viewing permissions of other users |
Views the elastic resource pool permissions of other users. |
SHOW_PRIVILEGES |
Yes |
Yes |
Single resource |
|
Creating an elastic resource pool |
Creates elastic resource pools. |
CREATE |
No |
Yes |
All resources (*) |
|
Querying the elastic resource pool list |
Views all elastic resource pools. |
LIST |
No |
Yes |
All resources (*) |
Queue
- For details about authorization through the DLI console, see Queue Permission Management.
- For details about authorization through APIs, see Data Authorization APIs.
|
Operation |
Description |
DLI Privileges |
Authorizable Through DLI Console (Yes/No) |
Authorizable Through API (Yes/No) |
Authorization Object |
|---|---|---|---|---|---|
|
Deleting a queue |
Deletes a queue. |
DROP_QUEUE |
Yes |
Yes |
Single resource |
|
Submitting a job |
Submits jobs to a queue. |
SUBMIT_JOB |
Yes |
Yes |
Single resource |
|
Terminating a job |
Terminates the jobs submitted to a queue. |
CANCEL_JOB |
Yes |
Yes |
Single resource |
|
Granting permissions |
Grants queue permissions to other users. |
GRANT_PRIVILEGE |
Yes |
Yes |
Single resource |
|
Revoking permissions |
Revokes the queue permissions of other users, but not the queue owner. |
REVOKE_PRIVILEGE |
Yes |
Yes |
Single resource |
|
Viewing permissions of other users |
Views the queue permissions of other users. |
SHOW_PRIVILEGES |
Yes |
Yes |
Single resource |
|
Restarting a queue |
Restarts a queue. |
RESTART |
Yes |
Yes |
Single resource |
|
Changing specifications |
Changes queue specifications. |
SCALE_QUEUE |
Yes |
Yes |
Single resource |
|
Creating a queue |
Creates queues. |
CREATE_QUEUE |
No |
Yes |
All resources (*) |
|
Querying the queue list |
Queries the queue list. |
LIST_QUEUES |
No |
Yes |
All resources (*) |
Data Catalog
- For details about authorization through the DLI console, see Configuring Data Catalog Permissions on the DLI Console.
- For details about authorization through APIs, see Data Authorization APIs.
|
Operation |
Description |
DLI Privileges |
Authorizable Through DLI Console (Yes/No) |
Authorizable Through API (Yes/No) |
Authorization Object |
|---|---|---|---|---|---|
|
Unbinding a data catalog |
Unbinds a data catalog from DLI. |
UNBIND |
Yes |
Yes |
Single resource |
|
Querying data catalog binding details |
Views data catalog binding details. This permission is required if you need to use the data catalog when submitting jobs. |
GET |
Yes |
Yes |
Single resource |
|
Granting permissions |
Grants data catalog permissions to specified users. |
GRANT |
Yes |
Yes |
Single resource |
|
Revoking permissions |
Revokes data catalog permissions from specified users. |
REVOKE |
Yes |
Yes |
Single resource |
|
Viewing permissions of other users |
Views data catalog permissions of other users. |
SHOW Privileges |
Yes |
Yes |
Single resource |
|
Binding a data catalog |
Binds data catalogs to DLI. |
BIND |
No |
Yes |
All resources (*) |
|
Querying the data catalog binding list |
Views the data catalogs bound to DLI. |
LIST |
No |
Yes |
All resources (*) |
Database
- For details about authorization through the DLI console, see Configuring Database Permissions on the DLI Console.
- For details about authorization through APIs, see Data Authorization APIs.
- Non-inheritable permissions: Permissions that are directly granted to databases and are neither inherited from parent objects nor passed down to child objects. These permissions are independent of the permission settings of other objects and are only valid for specified objects.
- Inheritable permissions: Permissions that are inherited from parent objects or can be passed down to child objects. For example, if an inheritable permission is granted to a database, the tables in the database will inherit the permission.
|
Type |
Operation |
Description |
DLI Privileges |
Authorizable Through DLI Console (Yes/No) |
Authorizable Through API (Yes/No) |
Authorization Object |
|---|---|---|---|---|---|---|
|
Non-inheritable permission |
Showing all tables |
Shows all tables in a database. |
DISPLAY_ALL_TABLES |
Yes |
Yes |
Single resource |
|
Showing a database |
Shows information about a database. |
DISPLAY_DATABASE |
Yes |
Yes |
Single resource |
|
|
Deleting a database |
Deletes a database. |
DROP_DATABASE |
Yes |
Yes |
Single resource |
|
|
Creating a table |
Creates tables in a database. |
CREATE_TABLE |
Yes |
Yes |
Single resource |
|
|
Creating a view |
Creates views in a database. |
CREATE_VIEW |
Yes |
Yes |
Single resource |
|
|
Explaining SQL statements as an execution plan |
Executes explain statements. |
EXPLAIN |
Yes |
Yes |
Single resource |
|
|
Creating a role |
Creates roles in a database. |
CREATE_ROLE |
Yes |
Yes |
Single resource |
|
|
Deleting a role |
Deletes roles from a database. |
DROP_ROLE |
Yes |
Yes |
Single resource |
|
|
Showing a role |
Shows the roles of a user. |
SHOW_ROLES |
Yes |
Yes |
Single resource |
|
|
Binding a role |
Binds roles in a database. |
GRANT_ROLE |
Yes |
Yes |
Single resource |
|
|
Unbinding a role |
Unbinds roles in a database. |
REVOKE_ROLE |
Yes |
Yes |
Single resource |
|
|
Showing the binding relationships between all roles and users |
Shows the binding relationships between all roles and users. |
SHOW_USERS |
Yes |
Yes |
Single resource |
|
|
Creating a function |
Creates functions in a database. |
CREATE_FUNCTION |
Yes |
Yes |
Single resource |
|
|
Deleting a function |
Deletes functions from a database. |
DROP_FUNCTION |
Yes |
Yes |
Single resource |
|
|
Showing all functions |
Shows all functions in a database. |
SHOW_FUNCTIONS |
Yes |
Yes |
Single resource |
|
|
Showing function details |
Shows details about a function. |
DESCRIBE_FUNCTION |
Yes |
Yes |
Single resource |
|
|
Granting permissions |
Grants database permissions to other users. |
GRANT_PRIVILEGE |
Yes |
Yes |
Single resource |
|
|
Revoking permissions |
Revokes the database permissions of other users, but not the database owner. |
REVOKE_PRIVILEGE |
Yes |
Yes |
Single resource |
|
|
Viewing permissions of other users |
Views the database permissions of other users. |
SHOW_PRIVILEGES |
Yes |
Yes |
Single resource |
|
|
Updating a database |
Updates the metadata of a database. |
UPDATE_DATABASE |
No |
Yes |
Single resource |
|
|
Obtaining database information |
Obtains details of a database. |
GET_DATABASE |
No |
Yes |
Single resource |
|
|
Describing a database |
Checks comments of a database. |
DESCRIBE |
No |
Yes |
Single resource |
|
|
Viewing all tables in a database |
Lists all tables in a database. |
LIST_TABLES |
No |
Yes |
Single resource |
|
|
Querying details about a specified function |
Queries details about a specified function. |
GET_FUNCTION |
No |
Yes |
Single resource |
|
|
Listing all available functions in a database |
Lists all available functions in a database. |
LIST_FUNCTIONS |
No |
Yes |
Single resource |
|
|
Allowing Spark applications to access metadata |
Allows Spark applications to access metadata. |
SPARK_APP_ACCESS_META |
No |
Yes |
Single resource |
|
|
Inheritable permission |
Querying tables |
Retrieves data records from a table. |
SELECT |
Yes |
Yes |
Single resource |
|
Showing table information |
Shows the column names and data types of a table. |
DESCRIBE_TABLE |
Yes |
Yes |
Single resource |
|
|
Showing the table creation statement |
Shows SQL statements for creating a table. |
SHOW_CREATE_TABLE |
Yes |
Yes |
Single resource |
|
|
Dropping a table |
Drops tables and their data. |
DROP_TABLE |
Yes |
Yes |
Single resource |
|
|
Clearing table data |
Deletes all data in a table but retains the table structure. |
TRUNCATE_TABLE |
Yes |
Yes |
Single resource |
|
|
Renaming a table |
Renames tables. |
ALTER_TABLE_RENAME |
Yes |
Yes |
Single resource |
|
|
Inserting table data |
Adds data records to a table. |
INSERT_INTO_TABLE |
Yes |
Yes |
Single resource |
|
|
Overwriting a table |
Inserts new data and overwrites the original data in a table. |
INSERT_OVERWRITE_TABLE |
Yes |
Yes |
Single resource |
|
|
Adding a column |
Adds columns to a table. |
ALTER_TABLE_ADD_COLUMNS |
Yes |
Yes |
Single resource |
|
|
Accessing metadata |
Allows Spark applications to read metadata. |
SPARK_APP_ACCESS_META |
Yes |
Yes |
Single resource |
|
|
Viewing permissions of other users |
Lists a user's or role's permissions. |
SHOW_PRIVILEGES |
Yes |
Yes |
Single resource |
|
|
Granting permissions |
Grants permissions to a user or role. |
GRANT_PRIVILEGE |
Yes |
Yes |
Single resource |
|
|
Revoking permissions |
Revokes permissions from a user or role. |
REVOKE_PRIVILEGE |
Yes |
Yes |
Single resource |
|
|
Collecting table statistics |
Collects statistics about a table. |
ANALYZE_TABLE |
Yes |
Yes |
Single resource |
|
|
Adding a partition |
Adds partitions to a table. |
ALTER_TABLE_ADD_PARTITION |
Yes |
Yes |
Single resource |
|
|
Deleting a partition |
Removes partitions from a table. |
ALTER_TABLE_DROP_PARTITION |
Yes |
Yes |
Single resource |
|
|
Setting the partition path |
Modifies the storage location of table data. |
ALTER_TABLE_SET_LOCATION |
Yes |
Yes |
Single resource |
|
|
Renaming a table partition |
Renames partitions. |
ALTER_TABLE_RENAME_PARTITION |
Yes |
Yes |
Single resource |
|
|
Restoring a table partition |
Restores lost or damaged partitions. |
ALTER_TABLE_RECOVER_PARTITION |
Yes |
Yes |
Single resource |
|
|
Showing all partitions |
Lists all partitions of a table. |
SHOW_PARTITIONS |
Yes |
Yes |
Single resource |
|
|
Updating table data |
Modifies data records in a table. |
UPDATE_TABLE |
No |
Yes |
Single resource |
|
|
Dropping a table column |
Removes one or more columns from a table. |
ALTER_TABLE_DROP_COLUMNS |
No |
Yes |
Single resource |
|
|
Modifying a table column |
Changes the column name, data type, and other attributes. |
ALTER_TABLE_CHANGE_COLUMN |
No |
Yes |
Single resource |
|
|
Setting the table storage location |
Specifies a new path for storing table data. |
ALTER_TABLE_SET_LOCATION |
No |
Yes |
Single resource |
|
|
Setting table attributes |
Modifies the metadata attribute of a table. |
ALTER_TABLE_SET_PROPERTIES |
No |
Yes |
Single resource |
|
|
Querying table information |
Queries the structure and metadata of a table. |
GET_TABLE |
No |
Yes |
Single resource |
|
|
Showing the table structure |
Shows the column names and data types of a table. |
DISPLAY_TABLE |
No |
Yes |
Single resource |
|
|
Creating a partition |
Creates partition structures for a table. |
CREATE_PARTITION |
No |
Yes |
Single resource |
|
|
Deleting a partition |
Removes partitions from a table. |
DROP_PARTITION |
No |
Yes |
Single resource |
|
|
Updating a partition |
Modifies metadata or data of a partition. |
UPDATE_PARTITION |
No |
Yes |
Single resource |
|
|
Querying partition information |
Queries details about a partition. |
GET_PARTITION |
No |
Yes |
Single resource |
|
|
Listing partitions |
Shows all partitions of a table. |
LIST_PARTITIONS |
No |
Yes |
Single resource |
|
|
Modifying a view |
Updates the definition or attributes of a view. |
ALTER_VIEW |
No |
Yes |
Single resource |
|
|
Migrating data |
Migrates data from one location to another. |
DATA_MIGRATION |
No |
Yes |
Single resource |
|
|
Modifying an object |
Modifies the attributes or structure of a database object. |
ALTER |
No |
Yes |
Single resource |
|
|
Updating data |
Modifies the data in a table. |
UPDATE |
No |
Yes |
Single resource |
|
|
Deleting data |
Deletes data records from a table. |
DELETE |
No |
Yes |
Single resource |
|
|
Other |
Creating a database |
Creates a database instance. |
CREATE_DATABASE |
No |
Yes |
All resources (*) |
|
Listing databases |
Shows all available databases. |
LIST_DATABASES |
No |
Yes |
All resources (*) |
|
|
Showing all databases |
Lists all databases in the system. |
DISPLAY_ALL_DATABASES |
No |
Yes |
All resources (*) |
|
Type |
Operation |
Description |
DLI Privileges |
Authorizable Through DLI Console (Yes/No) |
Authorizable Through API (Yes/No) |
Authorization Object |
|---|---|---|---|---|---|---|
|
Non-inheritable permission |
Deleting a database |
Deletes a specified database and all its content. |
DROP_DATABASE |
Yes |
Yes |
Single project or cross-tenant project |
|
Creating a table |
Creates a table and defines columns and data types. |
CREATE_TABLE |
Yes |
Yes |
Single project or cross-tenant project |
|
|
Creating a view |
Creates virtual tables based on SQL query definitions. |
CREATE_VIEW |
Yes |
Yes |
Single project or cross-tenant project |
|
|
Explaining SQL statements as an execution plan |
Shows the execution plans of a SQL query. |
EXPLAIN |
Yes |
Yes |
Single project or cross-tenant project |
|
|
Creating a role |
Creates roles for permission management. |
CREATE_ROLE |
Yes |
Yes |
Single project or cross-tenant project |
|
|
Deleting a role |
Deletes roles and their associated permissions. |
DROP_ROLE |
Yes |
Yes |
Single project or cross-tenant project |
|
|
Showing a role |
Lists all roles in the system. |
SHOW_ROLES |
Yes |
Yes |
Single project or cross-tenant project |
|
|
Binding a role |
Assigns roles to a user or group. |
GRANT_ROLE |
Yes |
Yes |
Single project or cross-tenant project |
|
|
Unbinding a role |
Removes roles from a user or group. |
REVOKE_ROLE |
Yes |
Yes |
Single project or cross-tenant project |
|
|
Showing the binding relationships between all roles and users |
Lists all users in the system. |
SHOW_USERS |
Yes |
Yes |
Single project or cross-tenant project |
|
|
Creating a function |
Creates user-defined functions. |
CREATE_FUNCTION |
Yes |
Yes |
Single project or cross-tenant project |
|
|
Deleting a function |
Deletes specified functions. |
DROP_FUNCTION |
Yes |
Yes |
Single project or cross-tenant project |
|
|
Showing all functions |
Lists all functions in the system. |
SHOW_FUNCTIONS |
Yes |
Yes |
Single project or cross-tenant project |
|
|
Showing function details |
Shows the definition and parameters of a function. |
DESCRIBE_FUNCTION |
Yes |
Yes |
Single project or cross-tenant project |
|
|
Inheritable permission |
Querying tables |
Retrieves data records from a table. |
SELECT |
Yes |
Yes |
Single project or cross-tenant project |
|
Showing table information |
Shows the column names and data types of a table. |
DESCRIBE_TABLE |
Yes |
Yes |
Single project or cross-tenant project |
|
|
Showing the table creation statement |
Shows SQL statements for creating a table. |
SHOW_CREATE_TABLE |
Yes |
Yes |
Single project or cross-tenant project |
|
|
Dropping a table |
Drops tables and their data. |
DROP_TABLE |
Yes |
Yes |
Single project or cross-tenant project |
|
|
Clearing table data |
Deletes all data in a table but retains the table structure. |
TRUNCATE_TABLE |
Yes |
Yes |
Single project or cross-tenant project |
|
|
Renaming a table |
Renames tables. |
ALTER_TABLE_RENAME |
Yes |
Yes |
Single project or cross-tenant project |
|
|
Inserting table data |
Adds data records to a table. |
INSERT_INTO_TABLE |
Yes |
Yes |
Single project or cross-tenant project |
|
|
Overwriting a table |
Inserts new data and overwrites the original data in a table. |
INSERT_OVERWRITE_TABLE |
Yes |
Yes |
Single project or cross-tenant project |
|
|
Adding a column |
Adds columns to a table. |
ALTER_TABLE_ADD_COLUMNS |
Yes |
Yes |
Single project or cross-tenant project |
|
|
Accessing metadata |
Allows Spark applications to read metadata. |
SPARK_APP_ACCESS_META |
Yes |
Yes |
Single project or cross-tenant project |
|
|
Viewing permissions of other users |
Lists a user's or role's permissions. |
SHOW_PRIVILEGES |
Yes |
Yes |
Single project or cross-tenant project |
|
|
Getting permissions |
Grants permissions to a user or role. |
GRANT_PRIVILEGE |
Yes |
Yes |
Single project or cross-tenant project |
|
|
Revoking permissions |
Revokes permissions from a user or role. |
REVOKE_PRIVILEGE |
Yes |
Yes |
Single project or cross-tenant project |
|
|
Collecting table statistics |
Collects statistics about a table. |
ANALYZE_TABLE |
Yes |
Yes |
Single project or cross-tenant project |
|
|
Adding a partition |
Adds partitions to a table. |
ALTER_TABLE_ADD_PARTITION |
Yes |
Yes |
Single project or cross-tenant project |
|
|
Deleting a partition |
Removes partitions from a table. |
ALTER_TABLE_DROP_PARTITION |
Yes |
Yes |
Single project or cross-tenant project |
|
|
Setting the partition path |
Modifies the storage location of table data. |
ALTER_TABLE_SET_LOCATION |
Yes |
Yes |
Single project or cross-tenant project |
|
|
Renaming a table partition |
Renames partitions. |
ALTER_TABLE_RENAME_PARTITION |
Yes |
Yes |
Single project or cross-tenant project |
|
|
Restoring a table partition |
Restores lost or damaged partitions. |
ALTER_TABLE_RECOVER_PARTITION |
Yes |
Yes |
Single project or cross-tenant project |
|
|
Showing all partitions |
Lists all partitions of a table. |
SHOW_PARTITIONS |
Yes |
Yes |
Single project or cross-tenant project |
Table
- For details about authorization through the DLI console, see Configuring Table Permissions on the DLI Console.
- For details about authorization through APIs, see Data Authorization APIs.
|
Operation |
Description |
DLI Privileges |
Authorizable Through DLI Console (Yes/No) |
Authorizable Through API (Yes/No) |
Authorization Object |
|---|---|---|---|---|---|
|
Showing a table |
Shows the column names and data types of a table. |
DISPLAY_TABLE |
Yes |
Yes |
Single resource |
|
Querying tables |
Retrieves data records from a table. |
SELECT |
Yes |
Yes |
Single resource |
|
Showing table information |
Shows the column names and data types of a table. |
DESCRIBE_TABLE |
Yes |
Yes |
Single resource |
|
Showing the table creation statement |
Shows SQL statements for creating a table. |
SHOW_CREATE_TABLE |
Yes |
Yes |
Single resource |
|
Dropping a table |
Drops tables and their data. |
DROP_TABLE |
Yes |
Yes |
Single resource |
|
Clearing table data |
Deletes all data in a table but retains the table structure. |
TRUNCATE_TABLE |
Yes |
Yes |
Single resource |
|
Renaming a table |
Renames tables. |
ALTER_TABLE_RENAME |
Yes |
Yes |
Single resource |
|
Inserting table data |
Adds data records to a table. |
INSERT_INTO_TABLE |
Yes |
Yes |
Single resource |
|
Overwriting a table |
Inserts new data and overwrites the original data in a table. |
INSERT_OVERWRITE_TABLE |
Yes |
Yes |
Single resource |
|
Adding a column |
Adds columns to a table. |
ALTER_TABLE_ADD_COLUMNS |
Yes |
Yes |
Single resource |
|
Accessing metadata |
Allows Spark applications to read metadata. |
SPARK_APP_ACCESS_META |
Yes |
Yes |
Single resource |
|
Viewing permissions of other users |
Lists a user's or role's permissions. |
SHOW_PRIVILEGES |
Yes |
Yes |
Single resource |
|
Granting permissions |
Grants permissions to a user or role. |
GRANT_PRIVILEGE |
Yes |
Yes |
Single resource |
|
Revoking permissions |
Revokes permissions from a user or role. |
REVOKE_PRIVILEGE |
Yes |
Yes |
Single resource |
|
Collecting table statistics |
Collects statistics about a table. |
ANALYZE_TABLE |
Yes |
Yes |
Single resource |
|
Updating table data |
Modifies data records in a table. |
UPDATE_TABLE |
No |
Yes |
Single resource |
|
Dropping a table column |
Removes one or more columns from a table. |
ALTER_TABLE_DROP_COLUMNS |
No |
Yes |
Single resource |
|
Modifying a table column |
Changes the column name, data type, and other attributes. |
ALTER_TABLE_CHANGE_COLUMN |
No |
Yes |
Single resource |
|
Setting the table storage location |
Specifies a new path for storing table data. |
ALTER_TABLE_SET_LOCATION |
No |
Yes |
Single resource |
|
Setting table attributes |
Modifies the metadata attribute of a table. |
ALTER_TABLE_SET_PROPERTIES |
No |
Yes |
Single resource |
|
Querying table information |
Queries the structure and metadata of a table. |
GET_TABLE |
No |
Yes |
Single resource |
|
Creating a partition |
Creates partition structures for a table. |
CREATE_PARTITION |
No |
Yes |
Single resource |
|
Deleting a partition |
Removes partitions from a table. |
DROP_PARTITION |
No |
Yes |
Single resource |
|
Updating a partition |
Modifies metadata or data of a partition. |
UPDATE_PARTITION |
No |
Yes |
Single resource |
|
Querying partition information |
Queries details about a partition. |
GET_PARTITION |
No |
Yes |
Single resource |
|
Listing partitions |
Shows all partitions of a table. |
LIST_PARTITIONS |
No |
Yes |
Single resource |
|
Modifying a view |
Updates the definition or attributes of a view. |
ALTER_VIEW |
No |
Yes |
Single resource |
|
Migrating data |
Migrates data from one location to another. |
DATA_MIGRATION |
No |
Yes |
Single resource |
|
Modifying an object |
Modifies the attributes or structure of a database object. |
ALTER |
No |
Yes |
Single resource |
|
Updating data |
Modifies the data in a table. |
UPDATE |
No |
Yes |
Single resource |
|
Deleting data |
Deletes data records from a table. |
DELETE |
No |
Yes |
Single resource |
|
Adding a partition |
Adds partitions to a table. |
ALTER_TABLE_ADD_PARTITION |
No |
Yes |
Single resource |
|
Deleting a partition |
Removes partitions from a table. |
ALTER_TABLE_DROP_PARTITION |
No |
Yes |
Single resource |
|
Renaming a partition |
Renames partitions. |
ALTER_TABLE_RENAME_PARTITION |
No |
Yes |
Single resource |
|
Restoring a partition |
Restores lost or damaged partitions. |
ALTER_TABLE_RECOVER_PARTITION |
No |
Yes |
Single resource |
|
Operation |
Description |
DLI Privileges |
Authorizable Through DLI Console (Yes/No) |
Authorizable Through API (Yes/No) |
Authorization Object |
|---|---|---|---|---|---|
|
Querying tables |
Retrieves data records from a table. |
SELECT |
Yes |
Yes |
Single resource |
|
Showing table information |
Shows the column names and data types of a table. |
DESCRIBE_TABLE |
Yes |
Yes |
Single resource |
|
Showing the table creation statement |
Shows SQL statements for creating a table. |
SHOW_CREATE_TABLE |
Yes |
Yes |
Single resource |
|
Dropping a table |
Drops tables and their data. |
DROP_TABLE |
Yes |
Yes |
Single resource |
|
Clearing table data |
Deletes all data in a table but retains the table structure. |
TRUNCATE_TABLE |
Yes |
Yes |
Single resource |
|
Renaming a table |
Renames tables. |
ALTER_TABLE_RENAME |
Yes |
Yes |
Single resource |
|
Inserting table data |
Adds data records to a table. |
INSERT_INTO_TABLE |
Yes |
Yes |
Single resource |
|
Overwriting a table |
Inserts new data and overwrites the original data in a table. |
INSERT_OVERWRITE_TABLE |
Yes |
Yes |
Single resource |
|
Adding a column |
Adds columns to a table. |
ALTER_TABLE_ADD_COLUMNS |
Yes |
Yes |
Single resource |
|
Accessing metadata |
Allows Spark applications to read metadata. |
SPARK_APP_ACCESS_META |
Yes |
Yes |
Single resource |
|
Viewing permissions of other users |
Lists a user's or role's permissions. |
SHOW_PRIVILEGES |
Yes |
Yes |
Single resource |
|
Granting permissions |
Grants permissions to a user or role. |
GRANT_PRIVILEGE |
Yes |
Yes |
Single resource |
|
Revoking permissions |
Revokes permissions from a user or role. |
REVOKE_PRIVILEGE |
Yes |
Yes |
Single resource |
|
Collecting table statistics |
Collects statistics about a table. |
ANALYZE_TABLE |
Yes |
Yes |
Single resource |
|
Updating table data |
Modifies data records in a table. |
UPDATE_TABLE |
No |
Yes |
Single resource |
|
Dropping a table column |
Removes one or more columns from a table. |
ALTER_TABLE_DROP_COLUMNS |
No |
Yes |
Single resource |
|
Modifying a table column |
Changes the column name, data type, and other attributes. |
ALTER_TABLE_CHANGE_COLUMN |
No |
Yes |
Single resource |
|
Setting the table storage location |
Specifies a new path for storing table data. |
ALTER_TABLE_SET_LOCATION |
No |
Yes |
Single resource |
|
Setting table attributes |
Modifies the metadata attribute of a table. |
ALTER_TABLE_SET_PROPERTIES |
No |
Yes |
Single resource |
|
Querying table information |
Queries the structure and metadata of a table. |
GET_TABLE |
No |
Yes |
Single resource |
|
Creating a partition |
Creates partition structures for a table. |
CREATE_PARTITION |
No |
Yes |
Single resource |
|
Deleting a partition |
Removes partitions from a table. |
DROP_PARTITION |
No |
Yes |
Single resource |
|
Updating a partition |
Modifies metadata or data of a partition. |
UPDATE_PARTITION |
No |
Yes |
Single resource |
|
Querying partition information |
Queries details about a partition. |
GET_PARTITION |
No |
Yes |
Single resource |
|
Listing partitions |
Shows all partitions of a table. |
LIST_PARTITIONS |
No |
Yes |
Single resource |
|
Modifying a view |
Updates the definition or attributes of a view. |
ALTER_VIEW |
No |
Yes |
Single resource |
|
Migrating data |
Migrates data from one location to another. |
DATA_MIGRATION |
No |
Yes |
Single resource |
|
Modifying an object |
Modifies the attributes or structure of a database object. |
ALTER |
No |
Yes |
Single resource |
|
Updating data |
Modifies the data in a table. |
UPDATE |
No |
Yes |
Single resource |
|
Deleting data |
Deletes data records from a table. |
DELETE |
No |
Yes |
Single resource |
|
Adding a partition |
Adds partitions to a table. |
ALTER_TABLE_ADD_PARTITION |
No |
Yes |
Single resource |
|
Deleting a partition |
Removes partitions from a table. |
ALTER_TABLE_DROP_PARTITION |
No |
Yes |
Single resource |
|
Renaming a partition |
Renames partitions. |
ALTER_TABLE_RENAME_PARTITION |
No |
Yes |
Single resource |
|
Restoring a partition |
Restores lost or damaged partitions. |
ALTER_TABLE_RECOVER_PARTITION |
No |
Yes |
Single resource |
Column
- For details about authorization through the DLI console, see Configuring Table Permissions on the DLI Console.
- For details about authorization through APIs, see Data Authorization APIs.
|
Operation |
Description |
DLI Privileges |
Authorizable Through DLI Console (Yes/No) |
Authorizable Through API (Yes/No) |
Authorization Object |
|---|---|---|---|---|---|
|
Querying a column |
Searches for columns. |
SELECT |
Yes |
Yes |
Single resource |
Flink Job
- For details about authorization through the DLI console, see Configuring Flink Job Permissions.
- For details about authorization through APIs, see Data Authorization APIs.
|
Operation |
Description |
DLI Privileges |
Authorizable Through DLI Console (Yes/No) |
Authorizable Through API (Yes/No) |
Authorization Object |
|---|---|---|---|---|---|
|
Viewing job details |
Queries details about a specified Flink job. |
GET |
Yes |
Yes |
Single resource |
|
Updating a job |
Modifies specified Flink jobs. |
UPDATE |
Yes |
Yes |
Single resource |
|
Deleting a job |
Deletes specified Flink jobs. |
DELETE |
Yes |
Yes |
Single resource |
|
Starting a job |
Starts Flink jobs. |
START |
Yes |
Yes |
Single resource |
|
Stopping a job |
Stops Flink jobs. |
STOP |
Yes |
Yes |
Single resource |
|
Exporting a job |
Exports Flink jobs to a specified location. |
EXPORT |
Yes |
Yes |
Single resource |
|
Granting permissions |
Grants permissions to Flink jobs. |
GRANT_PRIVILEGE |
Yes |
Yes |
Single resource |
|
Revoking permissions |
Revokes permissions from Flink jobs. |
REVOKE_PRIVILEGE |
Yes |
Yes |
Single resource |
|
Viewing permissions of other users |
Lists a user's permissions. |
SHOW_PRIVILEGES |
Yes |
Yes |
Single resource |
|
Creating a Flink job |
Creates Flink jobs. |
CREATE |
No |
Yes |
All resources (*) |
|
Listing all Flink jobs |
Shows all Flink jobs in the system. |
LIST_ALL |
No |
Yes |
All resources (*) |
Package and Package Group
- For details about authorization through the DLI console, see Configuring DLI Package Permissions.
- For details about authorization through APIs, see Data Authorization APIs.
A package inherits all the permissions of its package group.
|
Operation |
DLI Privileges |
Authorizable Through DLI Console (Yes/No) |
Authorizable Through API (Yes/No) |
Authorization Object |
|---|---|---|---|---|
|
Using a package |
USE_RESOURCE |
Yes |
Yes |
Single resource |
|
Updating a package |
UPDATE_RESOURCE |
Yes |
Yes |
Single resource |
|
Querying a package |
GET_RESOURCE |
Yes |
Yes |
Single resource |
|
Deleting a package |
DELETE_RESOURCE |
Yes |
Yes |
Single resource |
|
Granting permissions |
GRANT_PRIVILEGE |
Yes |
Yes |
Single resource |
|
Revoking permissions |
REVOKE_PRIVILEGE |
Yes |
Yes |
Single resource |
|
Viewing permissions of other users |
SHOW_PRIVILEGES |
Yes |
Yes |
Single resource |
|
Operation |
DLI Privileges |
Authorizable Through DLI Console (Yes/No) |
Authorizable Through API (Yes/No) |
Authorization Object |
|---|---|---|---|---|
|
Using a group |
USE_GROUP |
Yes |
Yes |
Single resource |
|
Updating a group |
UPDATE_GROUP |
Yes |
Yes |
Single resource |
|
Querying a group |
GET_GROUP |
Yes |
Yes |
Single resource |
|
Deleting a group |
DELETE_GROUP |
Yes |
Yes |
Single resource |
|
Granting permissions |
GRANT_PRIVILEGE |
Yes |
Yes |
Single resource |
|
Revoking permissions |
REVOKE_PRIVILEGE |
Yes |
Yes |
Single resource |
|
Viewing permissions of other users |
SHOW_PRIVILEGES |
Yes |
Yes |
Single resource |
Datasource Authentication
- For details about authorization through the DLI console, see Datasource Authentication Permission Management.
- For details about authorization through APIs, see Data Authorization APIs.
|
Operation |
DLI Privileges |
Authorizable Through DLI Console (Yes/No) |
Authorizable Through API (Yes/No) |
Authorization Object |
|---|---|---|---|---|
|
Using datasource authentication |
USE_AUTH |
Yes |
Yes |
Single resource |
|
Updating datasource authentication |
UPDATE_AUTH |
Yes |
Yes |
Single resource |
|
Deleting datasource authentication |
DROP_AUTH |
Yes |
Yes |
Single resource |
|
Granting permissions |
GRANT_PRIVILEGE |
Yes |
Yes |
Single resource |
|
Revoking permissions |
REVOKE_PRIVILEGE |
Yes |
Yes |
Single resource |
|
Viewing permissions of other users |
SHOW_PRIVILEGES |
Yes |
Yes |
Single resource |
Enhanced Datasource Connection
- For details about authorization through the DLI console, see Enhanced Connection Permission Management.
- For details about authorization through APIs, see Data Authorization APIs.
|
Operation |
DLI Privileges |
Authorizable Through DLI Console (Yes/No) |
Authorizable Through API (Yes/No) |
Authorization Object |
|---|---|---|---|---|
|
Binding a queue |
BIND_QUEUE |
Yes |
Yes |
Single resource |
Global Variable
- For details about authorization through the DLI console, see Managing DLI Global Variables.
- For details about authorization through APIs, see Data Authorization APIs.
|
Operation |
DLI Privileges |
Authorizable Through DLI Console (Yes/No) |
Authorizable Through API (Yes/No) |
Authorization Object |
|---|---|---|---|---|
|
Updating a global variable |
UPDATE |
Yes |
Yes |
Single resource |
|
Deleting a global variable |
DELETE |
Yes |
Yes |
Single resource |
|
Granting permissions |
GRANT_PRIVILEGE |
Yes |
Yes |
Single resource |
|
Revoking permissions |
REVOKE_PRIVILEGE |
Yes |
Yes |
Single resource |
|
Viewing permissions of other users |
SHOW_PRIVILEGES |
Yes |
Yes |
Single resource |
Feedback
Was this page helpful?
Provide feedbackThank you very much for your feedback. We will continue working to improve the documentation.See the reply and handling status in My Cloud VOC.
For any further questions, feel free to contact us through the chatbot.
Chatbot
