/revoke/permission

URL: https://<aws.fqdn>/<aws.cluster.name>/gpudb-0/revoke/permission

Revoke user or role the specified permission on the specified object.

Input Parameter Description

Name

Type

Description

principal

string

Name of the user or role for which the permission is being revoked. Must be an existing user or role. The default value is ''.

object

string

Name of object permission is being revoked from. It is recommended to use a fully-qualified name when possible.

object_type

string

The type of object being revoked

Supported Values	Description
context	Context
credential	Credential
datasink	Data Sink
datasource	Data Source
directory	KIFS File Directory
graph	A Graph object
proc	UDF Procedure
schema	Schema
sql_proc	SQL Procedure
system	System-level access
table	Database Table
table_monitor	Table monitor

permission

string

Permission being revoked.

Supported Values	Description
admin	Full read/write and administrative access on the object.
connect	Connect access on the given data source or data sink.
delete	Delete rows from tables.
execute	Ability to Execute the Procedure object.
insert	Insert access to tables.
read	Ability to read, list and use the object.
update	Update access to the table.
user_admin	Access to administer users and roles that do not have system_admin permission.
write	Access to write, change and delete objects.

options

map of string to strings

Optional parameters. The default value is an empty map ( {} ).

Supported Parameters (keys)	Parameter Description
columns	Revoke table security from these columns, comma-separated. The default value is ''.

Output Parameter Description

The GPUdb server embeds the endpoint response inside a standard response structure which contains status information and the actual response to the query. Here is a description of the various fields of the wrapper:

Name

Type

Description

status

String

'OK' or 'ERROR'

message

String

Empty if success or an error message

data_type

String

'revoke_permission_response' or 'none' in case of an error

data

String

Empty string

data_str

JSON or String

This embedded JSON represents the result of the /revoke/permission endpoint:

Name	Type	Description
principal	string	Value of input parameter principal.
object	string	Value of input parameter object.
object_type	string	Value of input parameter object_type.
permission	string	Value of input parameter permission.
info	map of string to strings	Additional information.

Empty string in case of an error.