Updated on 2023-10-23 GMT+08:00

DCL Syntax Overview

Data control language (DCL) is used to create users and roles and set or modify database users or role rights.

Defining a Role

A role is used to manage permissions. For database security, management and operation permissions can be granted to different roles. For details about related SQL statements, see Table 1.

Table 1 SQL statements for defining a role

Function

SQL Statement

Creating a role

CREATE ROLE

Altering role attributes

ALTER ROLE

Dropping a role

DROP ROLE

Defining a User

A user is used to log in to a database. Different permissions can be granted to users for managing data accesses and operations of the users. For details about related SQL statements, see Table 2.

Table 2 SQL statements for defining a user

Function

SQL Statement

Creating a user

CREATE USER

Altering user attributes

ALTER USER

Dropping a user

DROP USER

Granting Rights

GaussDB provides a statement for granting rights to data objects and roles. For details, see GRANT.

Revoking Rights

GaussDB provides a statement for revoking rights. For details, see REVOKE.

Setting Default Rights

GaussDB allows users to set rights for objects that will be created in the future. For details, see ALTER DEFAULT PRIVILEGES.