yexinru/doc-exports
1
0
Fork 0
forked from docs/doc-exports
Code Pull Requests Activity
Files
0b3a43371a4bcc99577594de0a685249d676a567
doc-exports/docs/dws/dev/dws_06_0292.html
luhuayi 177cd61a57 DWS DEVG 910.211 version 
Reviewed-by: Pruthi, Vineet <vineet.pruthi@t-systems.com>
Co-authored-by: luhuayi <luhuayi@huawei.com>
Co-committed-by: luhuayi <luhuayi@huawei.com>
2025-05-05 07:44:03 +00:00

60 lines
13 KiB
HTML
Raw Blame History

<a name="EN-US_TOPIC_0000001953417561"></a><a name="EN-US_TOPIC_0000001953417561"></a>
<h1 class="topictitle1">CREATE BLOCK RULE</h1>
<div id="body0000001953417561"><div class="section" id="EN-US_TOPIC_0000001953417561__s838d89a72a6f4d7d9c0f9e49f477329c"><h4 class="sectiontitle">Function</h4><p id="EN-US_TOPIC_0000001953417561__a64cec0174a7f4190a28d9ea601fabfc8">This function creates a filtering rule, including the filtering rule name, bound client name, client IP address, user, and matching mode.</p>
<p id="EN-US_TOPIC_0000001953417561__p11941336171015">This syntax is supported only by clusters of 9.1.0.100 and later versions.</p>
</div>
<div class="section" id="EN-US_TOPIC_0000001953417561__sa23aa140f6fc4376b9d411fb5ddf5c19"><h4 class="sectiontitle">Precautions</h4><p id="EN-US_TOPIC_0000001953417561__p177651538163613">Only a user with the database owner permission or the <strong id="EN-US_TOPIC_0000001953417561__b11706834466">gs_role_block</strong> role permission can run <strong id="EN-US_TOPIC_0000001953417561__b58930610468">CREATE BLOCK RULE</strong>. A system administrator has this permission by default.</p>
</div>
<div class="section" id="EN-US_TOPIC_0000001953417561__s6c35b8923bb449a9a70a2abe4e4dff0a"><h4 class="sectiontitle">Syntax</h4><div class="p" id="EN-US_TOPIC_0000001953417561__p84711629193615"><div class="codecoloring" codetype="Sql" id="EN-US_TOPIC_0000001953417561__s96352857e0e945e6a9e1ca25f70a8da2"><div class="highlight"><table class="highlighttable"><tr><td class="linenos"><div class="linenodiv"><pre><span class="normal">1</span>
<span class="normal">2</span>
<span class="normal">3</span>
<span class="normal">4</span>
<span class="normal">5</span>
<span class="normal">6</span></pre></div></td><td class="code"><div><pre><span></span><span class="k">CREATE</span><span class="w"> </span><span class="n">BLOCK</span><span class="w"> </span><span class="k">RULE</span><span class="w"> </span><span class="p">[</span><span class="w"> </span><span class="k">IF</span><span class="w"> </span><span class="k">NOT</span><span class="w"> </span><span class="k">EXISTS</span><span class="w"> </span><span class="p">]</span><span class="w"> </span><span class="n">block_name</span>
<span class="w"> </span><span class="p">[</span><span class="w"> </span><span class="p">[</span><span class="w"> </span><span class="k">TO</span><span class="w"> </span><span class="n">user_name</span><span class="o">@</span><span class="s1">'host'</span><span class="w"> </span><span class="p">]</span><span class="w"> </span><span class="o">|</span><span class="w"> </span><span class="p">[</span><span class="w"> </span><span class="k">TO</span><span class="w"> </span><span class="n">user_name</span><span class="w"> </span><span class="p">]</span><span class="w"> </span><span class="o">|</span><span class="w"> </span><span class="p">[</span><span class="w"> </span><span class="k">TO</span><span class="w"> </span><span class="s1">'host'</span><span class="w"> </span><span class="p">]</span><span class="w"> </span><span class="p">]</span><span class="w"> </span><span class="o">|</span>
<span class="w"> </span><span class="p">[</span><span class="w"> </span><span class="k">FOR</span><span class="w"> </span><span class="k">UPDATE</span><span class="w"> </span><span class="o">|</span><span class="w"> </span><span class="k">SELECT</span><span class="w"> </span><span class="o">|</span><span class="w"> </span><span class="k">INSERT</span><span class="w"> </span><span class="o">|</span><span class="w"> </span><span class="k">DELETE</span><span class="w"> </span><span class="o">|</span><span class="w"> </span><span class="n">MERGE</span><span class="w"> </span><span class="p">]</span><span class="w"> </span><span class="o">|</span>
<span class="w"> </span><span class="n">FILTER</span><span class="w"> </span><span class="k">BY</span>
<span class="w"> </span><span class="err">{</span><span class="w"> </span><span class="k">SQL</span><span class="w"> </span><span class="p">(</span><span class="w"> </span><span class="s1">'text'</span><span class="w"> </span><span class="p">)</span><span class="w"> </span><span class="o">|</span><span class="w"> </span><span class="k">TEMPLATE</span><span class="w"> </span><span class="p">(</span><span class="w"> </span><span class="n">template_parameter</span><span class="w"> </span><span class="o">=</span><span class="w"> </span><span class="n">value</span><span class="w"> </span><span class="p">)</span><span class="w"> </span><span class="err">}</span>
<span class="w"> </span><span class="p">[</span><span class="w"> </span><span class="k">WITH</span><span class="w"> </span><span class="p">(</span><span class="w"> </span><span class="err">{</span><span class="w"> </span><span class="n">with_parameter</span><span class="w"> </span><span class="o">=</span><span class="w"> </span><span class="n">value</span><span class="w"> </span><span class="err">}</span><span class="p">,</span><span class="w"> </span><span class="p">[,</span><span class="w"> </span><span class="p">...</span><span class="w"> </span><span class="p">]</span><span class="w"> </span><span class="p">)</span><span class="w"> </span><span class="p">];</span>
</pre></div></td></tr></table></div>
</div>
</div>
</div>
<div class="section" id="EN-US_TOPIC_0000001953417561__s4f953a5b708c40d6ba7643477e86c1af"><h4 class="sectiontitle">Parameter Description</h4><ul id="EN-US_TOPIC_0000001953417561__ul98931257412"><li id="EN-US_TOPIC_0000001953417561__le6fce7d14f044f9d87cdd4f294b95ffe"><strong id="EN-US_TOPIC_0000001953417561__b354618495561">block_name</strong><p id="EN-US_TOPIC_0000001953417561__p11893105711111">Name of the query filtering rule to be created.</p>
<p id="EN-US_TOPIC_0000001953417561__p8893185718119">Value range: a string. It must comply with the naming convention.</p>
</li></ul>
<ul id="EN-US_TOPIC_0000001953417561__u9a8ffe5ee34146a2b0c30dc785d383fb"><li id="EN-US_TOPIC_0000001953417561__lfbc5546570464b74b12f535ccc6bfe28"><strong id="EN-US_TOPIC_0000001953417561__b1392174416212">user_name</strong><p id="EN-US_TOPIC_0000001953417561__a35bc70d0d5424a4a8d36d57b149c95fc">Queries the users to which the filtering rule applies.</p>
<p id="EN-US_TOPIC_0000001953417561__a634fa77a048c435180553fd00c3efd0c">Value range: A string. It must be a valid username.</p>
</li><li id="EN-US_TOPIC_0000001953417561__li391192510524"><strong id="EN-US_TOPIC_0000001953417561__b386014518210">host</strong><p id="EN-US_TOPIC_0000001953417561__p919171914547">Queries the client IP address to which the filtering rule applies.</p>
<p id="EN-US_TOPIC_0000001953417561__p11917190544">Value range: a string of valid IP addresses.</p>
</li><li id="EN-US_TOPIC_0000001953417561__li143981026145213"><strong id="EN-US_TOPIC_0000001953417561__b35171054826">SQL</strong><p id="EN-US_TOPIC_0000001953417561__p6615112513538">Queries the regular expression matching statement of the filtering rule.</p>
<p id="EN-US_TOPIC_0000001953417561__p4582103755315">Value range: a string or a regular expression. The length of the statement or keyword matching the regular expression cannot exceed 1,024 characters.</p>
</li><li id="EN-US_TOPIC_0000001953417561__li4751227125215"><strong id="EN-US_TOPIC_0000001953417561__b944695714210">template_parameter</strong><p id="EN-US_TOPIC_0000001953417561__p1311650115419">Queries a filtering rule matching template.</p>
<p id="EN-US_TOPIC_0000001953417561__p151850155416">Value range: <strong id="EN-US_TOPIC_0000001953417561__b7143134474615">unique_sql_id/sql_hash</strong>. The value is a character string, where <strong id="EN-US_TOPIC_0000001953417561__b19144124424615">unique_sql_id</strong> must be all digits.</p>
</li><li id="EN-US_TOPIC_0000001953417561__li473315276523"><strong id="EN-US_TOPIC_0000001953417561__b2803401635">with_parameter</strong><p id="EN-US_TOPIC_0000001953417561__p10211833145617">Queries filtering rule options. You can set both of them. The query that meets any of the parameters will be filtered out.</p>
<p id="EN-US_TOPIC_0000001953417561__p10330101165716">Value range:</p>
<ul id="EN-US_TOPIC_0000001953417561__ul5248182710571"><li id="EN-US_TOPIC_0000001953417561__li3248122712574"><strong id="EN-US_TOPIC_0000001953417561__b192812256418">application_name</strong>: client name.</li><li id="EN-US_TOPIC_0000001953417561__li10678103616574">query_band</li><li id="EN-US_TOPIC_0000001953417561__li641010395578"><strong id="EN-US_TOPIC_0000001953417561__b15808433204113">table_num</strong>: number of tables scanned by the statement.</li><li id="EN-US_TOPIC_0000001953417561__li1675615440574"><strong id="EN-US_TOPIC_0000001953417561__b12950133515410">partition_num</strong>: maximum number of partitions to be scanned by the operator.</li><li id="EN-US_TOPIC_0000001953417561__li98877475572"><strong id="EN-US_TOPIC_0000001953417561__b18378238124116">estimate_row</strong>: estimated maximum number of table rows scanned by the operator.</li><li id="EN-US_TOPIC_0000001953417561__li112561347143814"><strong id="EN-US_TOPIC_0000001953417561__b1351634019410">resource_pool</strong>: name of the resource pool to be switched to.</li><li id="EN-US_TOPIC_0000001953417561__li1855235510710"><strong id="EN-US_TOPIC_0000001953417561__b670219424417">max_active_num</strong>: maximum number of concurrent statements corresponding to the rule.</li><li id="EN-US_TOPIC_0000001953417561__li1811806182120"><strong id="EN-US_TOPIC_0000001953417561__b486824444117">is_warning</strong>: whether an alarm should be generated or an error should be reported when a statement is intercepted.</li></ul>
</li></ul>
</div>
<div class="section" id="EN-US_TOPIC_0000001953417561__se78b7860c04f4abda702554fdd468666"><h4 class="sectiontitle">Examples</h4><p id="EN-US_TOPIC_0000001953417561__p17161195617180">Create a query filtering rule named <strong id="EN-US_TOPIC_0000001953417561__b612624813476">query_block</strong>.</p>
<div class="codecoloring" codetype="Sql" id="EN-US_TOPIC_0000001953417561__screen171783510201"><div class="highlight"><table class="highlighttable"><tr><td class="linenos"><div class="linenodiv"><pre><span class="normal">1</span>
<span class="normal">2</span>
<span class="normal">3</span>
<span class="normal">4</span>
<span class="normal">5</span></pre></div></td><td class="code"><div><pre><span></span><span class="k">CREATE</span><span class="w"> </span><span class="n">BLOCK</span><span class="w"> </span><span class="k">RULE</span><span class="w"> </span><span class="n">query_block</span><span class="w"> </span><span class="k">TO</span><span class="w"> </span><span class="n">user1</span><span class="o">@</span><span class="s1">'192.168.x.x'</span><span class="w"> </span><span class="k">FOR</span><span class="w"> </span><span class="k">SELECT</span><span class="w"> </span><span class="n">FILTER</span><span class="w"> </span><span class="k">BY</span><span class="w"> </span><span class="k">SQL</span><span class="p">(</span><span class="s1">'select * from table_name'</span><span class="p">)</span><span class="k">WITH</span><span class="p">(</span><span class="n">application_name</span><span class="o">=</span><span class="s1">'gsql'</span><span class="p">,</span><span class="n">query_band</span><span class="o">=</span><span class="s1">'test1'</span><span class="p">,</span><span class="n">table_num</span><span class="o">=</span><span class="s1">'2'</span><span class="p">,</span><span class="n">partition_num</span><span class="o">=</span><span class="s1">'3'</span><span class="p">,</span><span class="n">estimate_row</span><span class="o">=</span><span class="s1">'1000'</span><span class="p">,</span><span class="n">resource_pool</span><span class="o">=</span><span class="s1">'rsp1'</span><span class="p">,</span><span class="n">max_active_num</span><span class="o">=</span><span class="s1">'3'</span><span class="p">,</span><span class="n">is_warning</span><span class="o">=</span><span class="s1">'off'</span><span class="p">);</span>
<span class="k">CREATE</span><span class="w"> </span><span class="n">BLOCK</span><span class="w"> </span><span class="k">RULE</span><span class="w"> </span><span class="n">query_block</span><span class="w"> </span><span class="n">FILTER</span><span class="w"> </span><span class="k">BY</span><span class="w"> </span><span class="k">TEMPLATE</span><span class="p">(</span><span class="n">unique_sql_id</span><span class="o">=</span><span class="s1">'1634655172'</span><span class="p">);</span>
<span class="k">CREATE</span><span class="w"> </span><span class="n">BLOCK</span><span class="w"> </span><span class="k">RULE</span><span class="w"> </span><span class="n">query_block</span><span class="w"> </span><span class="n">FILTER</span><span class="w"> </span><span class="k">BY</span><span class="w"> </span><span class="k">TEMPLATE</span><span class="p">(</span><span class="n">sql_hash</span><span class="o">=</span><span class="s1">'sql_c3d119fe636b9ef439b1f96c561c74ff'</span><span class="p">);</span>
</pre></div></td></tr></table></div>
</div>
</div>
</div>
<div>
<div class="familylinks">
<div class="parentlink"><strong>Parent topic:</strong> <a href="dws_06_0118.html">DDL Syntax</a></div>
</div>
</div>
View Git Blame Copy Permalink