Roles
Role management may be performed via the SQL editor. To grant or revoke privileges to a role, use the GRANT command.
Creating a New Role
Create role syntaxCREATE ROLE "<role_name>"
Parameters
{{< sql-section file="data/sql/roles.json" data="createRoleParameters" >}}
Example
Create a new roleCREATE ROLE "role1"
Granting a Role to a User
Grant role syntaxGRANT ROLE "<role_name>"
TO USER "<username>"
Parameters
{{< sql-section file="data/sql/roles.json" data="grantingRoleParameters" >}}
Example
Grant a role to a userGRANT ROLE "role1"
TO USER "user@dremio.com"
Revoking a Role from a User
Revoke role syntaxREVOKE ROLE "<role_name>"
FROM USER "<username>"
Parameters
{{< sql-section file="data/sql/roles.json" data="revokingRoleParameters" >}}
Example
Revoke a role from a userREVOKE ROLE "role1"
FROM USER "user@dremio.com"
Nesting a Role within a Role
Nest role syntaxGRANT ROLE "<sub_role>"
TO ROLE "<parent_role>"
Parameters
{{< sql-section file="data/sql/roles.json" data="grantingNestingParameters" >}}
Example
Nest a role within a roleGRANT ROLE "subrole"
TO ROLE "role1"
Removing a Nested Role
Remove nested role syntaxREVOKE ROLE "<sub_role>"
FROM ROLE "<parent_role>"
Parameters
{{< sql-section file="data/sql/roles.json" data="revokingNestingParameters" >}}
Example
Remove a nested role from a parent roleREVOKE ROLE "subrole"
FROM ROLE "role1"
Deleting a Role
Delete role syntaxDROP ROLE "<role_name>"
Parameters
{{< sql-section file="data/sql/roles.json" data="droppingRoleParameters" >}}
Example
Delete a roleDROP ROLE "role1"