Fragment-Level Privileges

The keyword or keywords that follow the FRAGMENT keyword specify fragment-level privileges, which are a logical subset of table-level privileges:

Fragment-Level Privileges

{ ALL | { | INSERT | DELETE | UPDATE } }

You can revoke fragment-level privileges individually or in combination. The following keywords specify the fragment-level privileges that you can revoke.

Keyword
Effect
INSERT
Prevents the user from inserting rows in the fragment
DELETE
Prevents the user from deleting rows in the fragment
UPDATE
Prevents the user from updating rows in the fragment
ALL
Cancels Insert, Delete, and Update privileges on a fragment

If you specify the ALL keyword in a REVOKE FRAGMENT statement, the specified users and roles lose all fragment-level privileges that they currently possess on the specified fragments. For example, assume that a user currently has the Update privilege on one fragment of a table. If you use the ALL keyword to revoke all current privileges on this fragment from this user, the user loses the Update privilege that they had on this fragment.

For the distinction between fragment-level and table-level privileges, see the sections Definition of Fragment-Level Authorization and Effect of Fragment-Level Authorization in Statement Validation.