Granting a Permission
Function
This statement is used to grant permissions to a user or role.
Syntax
1
|
GRANT (privilege,...) ON (resource,..) TO ((ROLE [db_name].role_name) | (USER user_name)),...); |
Keywords
ROLE: The subsequent role_name must be a role.
USER: The subsequent user_name must be a user.
Precautions
- The privilege must be one of the authorizable permissions. If the object has the corresponding permission on the resource or the upper-level resource, the permission fails to be granted. For details about the permission types supported by the privilege, see Data Permissions List.
- The resource can be a queue, database, table, view, or column. The formats are as follows:
- Queue format: queues.queue_name
The following table lists the permission types supported by a queue.
Operation
Description
DROP_QUEUE
Deleting a queue
SUBMIT_JOB
Submitting a job
CANCEL_JOB
Cancel a job
RESTART
Restarting a queue
SCALE_QUEUE
Scaling out/in a queue
GRANT_PRIVILEGE
Granting queue permissions
REVOKE_PRIVILEGE
Revoking queue permissions
SHOW_PRIVILEGES
Checking queue permissions of other users
- Database format: databases.db_name
For details about the permission types supported by a database, see Data Permissions List.
- Table format: databases.db_name.tables.table_name
For details about the permission types supported by a table, see Data Permissions List.
- View format: databases.db_name.tables.view_name
Permission types supported by a view are the same as those supported by a table. For details, see table permissions in Data Permissions List.
- Column format: databases.db_name.tables.table_name.columns.column_name
- Queue format: queues.queue_name
Example
Run the following statement to grant user_name1 the permission to delete the db1 database:
1
|
GRANT DROP_DATABASE ON databases.db1 TO USER user_name1; |
Run the following statement to grant user_name1 the SELECT permission of data table tb1 in the db1 database:
1
|
GRANT SELECT ON databases.db1.tables.tb1 TO USER user_name1; |
Run the following statement to grant role_name the SELECT permission of data table tb1 in the db1 database:
1
|
GRANT SELECT ON databases.db1.tables.tb1 TO ROLE role_name; |
Feedback
Was this page helpful?
Provide feedbackThank you very much for your feedback. We will continue working to improve the documentation.See the reply and handling status in My Cloud VOC.
For any further questions, feel free to contact us through the chatbot.
Chatbot