REVOKE SERVICE ROLE

Revokes a service role from an account role, application role, or database role. For more information, see Managing service-related privileges.

See also:

GRANT SERVICE ROLE, SHOW ROLES IN SERVICE, SHOW GRANTS

语法

REVOKE SERVICE ROLE <name> FROM
{
  ROLE <role_name>                     |
  APPLICATION ROLE <application_role_name>  |
  DATABASE ROLE <database_role_name>
}

参数

name

指定要撤销的服务角色的标识符。如果标识符包含空格或特殊字符,则整个字符串必须放在双引号内。放在双引号内的标识符也区分大小写。

按以下格式指定服务角色名称:

service-name!service-role-name

For example, echo_service!echoendpoint_role.

ROLE role_name

要撤销服务角色的账户角色的名称。

APPLICATION ROLE application_role

要撤销服务角色的应用程序角色的名称。

DATABASE ROLE database_name

要撤销服务角色的数据库角色的名称。

访问控制要求

A role used to execute this operation must have the following privileges at a minimum:

Privilege or roleObjectNotes
OWNERSHIPServiceOnly the service owner can revoke the service role.

示例

The following command revokes the echoendpoint_role service role defined in the echo_service service specification from the service_function_user_role role.

REVOKE SERVICE ROLE echo_service!echoendpoint_role FROM ROLE service_function_user_role;