Access control commands reference

Access Control functionality is available only in QuestDB Enterprise version.

Managing or verifying what users have access to is possible with the following SQL commands:

• ADD USER - add user to one or more groups
• ALTER USER - modifies user settings
• ALTER SERVICE ACCOUNT - modifies service account settings
• ASSUME SERVICE ACCOUNT - switches current user to a service account
• CREATE GROUP - creates user group
• CREATE SERVICE ACCOUNT - creates service account
• CREATE USER - creates user
• DROP GROUP - drops user group
• DROP SERVICE ACCOUNT - drops an existing service account
• DROP USER - drops an existing user
• EXIT SERVICE ACCOUNT - switches current user back from service account
• GRANT - grants permission to user, service account or group
• REMOVE USER - removes user from one or more groups
• REVOKE - revokes permission from user, service account or group
• SHOW USER - shows enabled authentication methods of a user
• SHOW USERS - shows all users
• SHOW GROUPS - displays all groups or those the user is part of
• SHOW SERVICE ACCOUNT - shows enabled authentication methods of a user
• SHOW SERVICE ACCOUNTS - displays all service accounts or those assigned to the user/group
• SHOW PERMISSIONS - displays permissions of a user, service account or group

List of all permissions is available at permissions summary .