Note:
Cockroach Labs supports the current stable release and two releases prior. Therefore, this version will no longer be supported after the Spring 2019 release.

In CockroachDB, privileges are granted to users at the database and table levels. They are not yet supported for other granularities such as columns or rows.

When a user connects to a database, either via the built-in SQL client or a client driver, CockroachDB checks the user's privileges for each statement executed. If the user does not have sufficient privileges for a statement, CockroachDB gives an error.

For the privileges required by specific statements, see the documentation for the respective SQL statement.

Supported Privileges

For a full list of supported privileges, see the GRANT documentation.

Granting Privileges

To grant privileges to a user, use the GRANT statement, for example:

> GRANT SELECT, INSERT ON bank.accounts TO maxroach;

Showing Privileges

To show privileges granted to users, use the SHOW GRANTS statement, for example:

> SHOW GRANTS ON DATABASE bank FOR maxroach;

Revoking Privileges

To revoke privileges from users, use the REVOKE statement, for example:

> REVOKE INSERT ON bank.accounts FROM maxroach;

See Also



Yes No