REVOKE CONNECT THROUGH Syntax - Analytics Database - Teradata Vantage

SQL Data Control Language

Deployment
VantageCloud
VantageCore
Edition
Enterprise
IntelliFlex
VMware
Product
Analytics Database
Teradata Vantage
Release Number
17.20
Published
June 2022
Language
English (United States)
Last Update
2023-07-11
dita:mapPath
sgu1628111251052.ditamap
dita:ditavalPath
qkf1628213546010.ditaval
dita:id
dvv1472243528022
lifecycle
latest
Product Category
Teradata Vantageā„¢
REVOKE CONNECT THROUGH trusted_user_name {

  { { TO | FROM }

      { application_user_name [,...]
        [ WITH ROLE role_name [,...] ]
        [ WITH PROFILE profile_name ] |

        PERMANENT permanent_user_name [,...]
        [ WITH ROLE role_name [,...] ]
      }
  } |

  WITH TRUST ONLY
} [;]

Syntax Elements

trusted_user_name
The name of the trusted user whose CONNECT THROUGH privilege is being revoked.
WITH TRUST_ONLY
Removes the TrustOnly flag from the trusted_user_name.
This option is valid only when submitted for a trusted user.
The TrustOnly option requires that a trusted user must submit SET QUERY_BAND requests that set or update a proxy user from a trusted request.
application_user_name
The name of an application user from whom the proxy logon privileges granted through trusted_user_name are being revoked.
If you do not specify a WITH ROLE clause, the request revokes the connect privilege for the specified application user.
You can specify a maximum of 25 names in a single revoke request.
permanent_user_name
The name of a permanent user from whom the proxy logon privileges granted through trusted_user_name are being revoked.
If you do not specify a WITH ROLE clause, the request revokes the connect privilege for each permanent user from the trusted user.
You can specify a maximum of 25 names in a single revoke request.
role_name
A list of role names to be removed from the CONNECT THROUGH privilege granted to trusted_user_name.
If you remove all roles that have been granted the CONNECT THROUGH privilege for the specified permanent or application user, then the system revokes the entire privilege for the specified permanent or application user.
Similarly, if you do not specify a WITH ROLE clause, then the system revokes the entire privilege for the specified permanent or application user.
profile_name
Removes the profile from the application_user_name proxy user for trusted_user_name but leaves the rule granted. Removing the profile or revoking the entire rule removes the associated rows for the proxy user from the DBC.databasespace table.