REVOKE Access Module Execution Privilege

Revokes from one or more users or groups the privilege of executing a specified access module.
idms
Revokes from one or more users or groups the privilege of executing a specified access module.
REVOKE Access Module Execution Privilege Authorization
To revoke access module execution privilege, one of the following must be true:
  • You hold grantable execution privilege on the access module (you can grant the privilege, but you cannot specify WITH GRANT OPTION).
  • You own the schema associated with the access module.
  • You hold DBADMIN privilege on the dictionary that contains the access module.
  • You hold SYSADMIN privilege.
You must be connected to the application dictionary that contains the access module when you issue the statement.
REVOKE Access Module Execution Privilege Syntax
►►─── REVOKE EXECUTE ─────────────────────────────────────────────────────────►    ►─── ON ACCESS MODULE ─┬────────────────┬─ 
access-module-name
 ───────────────►                         └─ 
schema-name
. ─┘               ┌─────────────── , ──────────────┐  ►─── FROM ─▼─┬─ PUBLIC ───────────────────┬─┴────────────────────────────────►◄               └─ 
authorization-identifier
 ─┘
REVOKE Access Module Execution Privilege Parameters
 
  • EXECUTE
    Specifies that you are revoking execution privilege on the access module identified in the ON parameter from the users or group identified in the FROM parameter.
  • ON ACCESS MODULE
    Specifies the access module to which execution privilege applies.
  • access-module-name
    Identifies the access module.
    You can wildcard
    access-module-name
    . If you specify
    schema-name
    , the wildcard character is valid after the period following
    schema-name
    .
    For more information on wildcarding, see Using a Wildcard.
  • FROM
    Specifies the users or groups from whom you are revoking execution privilege.
  • PUBLIC
    Specifies all users.
    The privilege must have been previously given to PUBLIC by means of the GRANT statement.
  • authorization-identifier
    Identifies a user or group.
    The privilege must have been previously given to
    authorization-identifier
    by means of the GRANT statement.
    Expanded syntax for
    authorization-identifier
    is presented in section Notes on Security Statement Syntax.
Revoking Execution Privilege
The following statement revokes execution privilege on all access modules associated with schema HR that begin with 'HR.EMP' from group PER_GRP_2:
revoke execute    on access module hr.emp*    from per_grp_2;
For more information on granting execution privilege, see GRANT Access Module Execution Privilege.