diff --git a/src/.vuepress/sidebar/V2.0.x/en-Table.ts b/src/.vuepress/sidebar/V2.0.x/en-Table.ts
index 850e77f66..8a4fb24c9 100644
--- a/src/.vuepress/sidebar/V2.0.x/en-Table.ts
+++ b/src/.vuepress/sidebar/V2.0.x/en-Table.ts
@@ -239,6 +239,8 @@ export const enSidebar = {
             { text: 'Set Operations', link: 'Set-Operations_apache' },
           ],
         },
+        { text: 'Data Sync', link: 'SQL-Data-Sync_apache' },
+        { text: 'Authority Management', link: 'SQL-Authority-Management_apache' },
         { text: 'Maintenance Statements', link: 'SQL-Maintenance-Statements_apache' },
         { text: 'Identifier', link: 'Identifier' },
         { text: 'Keywords', link: 'Keywords' },
diff --git a/src/.vuepress/sidebar/V2.0.x/zh-Table.ts b/src/.vuepress/sidebar/V2.0.x/zh-Table.ts
index e4b1ce051..96e73b14c 100644
--- a/src/.vuepress/sidebar/V2.0.x/zh-Table.ts
+++ b/src/.vuepress/sidebar/V2.0.x/zh-Table.ts
@@ -238,6 +238,8 @@ export const zhSidebar = {
             { text: '集合操作', link: 'Set-Operations_apache' },
           ],
         },
+        { text: '数据同步', link: 'SQL-Data-Sync_apache' },
+        { text: '权限管理', link: 'SQL-Authority-Management_apache' },
         { text: '运维语句', link: 'SQL-Maintenance-Statements_apache' },
         { text: '标识符', link: 'Identifier' },
         { text: '保留字&关键字', link: 'Keywords' },
diff --git a/src/UserGuide/Master/Table/SQL-Manual/SQL-Authority-Management_apache.md b/src/UserGuide/Master/Table/SQL-Manual/SQL-Authority-Management_apache.md
new file mode 100644
index 000000000..8b95ff036
--- /dev/null
+++ b/src/UserGuide/Master/Table/SQL-Manual/SQL-Authority-Management_apache.md
@@ -0,0 +1,378 @@
+<!--
+
+    Licensed to the Apache Software Foundation (ASF) under one
+    or more contributor license agreements.  See the NOTICE file
+    distributed with this work for additional information
+    regarding copyright ownership.  The ASF licenses this file
+    to you under the Apache License, Version 2.0 (the
+    "License"); you may not use this file except in compliance
+    with the License.  You may obtain a copy of the License at
+    
+        http://www.apache.org/licenses/LICENSE-2.0
+    
+    Unless required by applicable law or agreed to in writing,
+    software distributed under the License is distributed on an
+    "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+    KIND, either express or implied.  See the License for the
+    specific language governing permissions and limitations
+    under the License.
+
+-->
+
+# Authority  Management
+
+This document is the SQL manual for authority management starting from version V2.0.7. For detailed function usage, see [Authority Management](../User-Manual/Authority-Management-Upgrade_apache.md). For an introduction to authority management functions before version V2.0.7, refer to [Authority Management](../User-Manual/Authority-Management_apache.md)
+
+## 1. Privilege List
+
+<table>
+  <tbody>
+    <tr>
+      <th>Privilege Type</th>
+      <th>Privilege Name</th>
+      <th>Scope of Effect</th>
+      <th>Description</th>
+    </tr>
+    <!-- Global Privileges - SYSTEM -->
+    <tr>
+      <td rowspan="17">Global Privileges</td>
+      <td rowspan="6">SYSTEM</td>
+      <td rowspan="6">Global</td>
+      <td>Allows users to create, modify, and delete databases.</td>
+    </tr>
+    <tr>
+      <td>Allows users to create, modify, and delete tables and table views.</td>
+    </tr>
+    <tr>
+      <td>Allows users to create, delete, and view user-defined functions.</td>
+    </tr>
+    <tr>
+      <td>Allows users to create, start, stop, delete, and view PIPEs. Allows users to create, delete, and view PIPEPLUGINS.</td>
+    </tr>
+    <tr>
+      <td>Allows users to query and cancel queries. Allows users to view variables. Allows users to view cluster status.</td>
+    </tr>
+    <tr>
+      <td>Allows users to create, delete, and view deep learning models.</td>
+    </tr>
+    <!-- Global Privileges - SECURITY -->
+    <tr>
+      <td rowspan="10">SECURITY</td>
+      <td rowspan="10">Global</td>
+      <td>Allows users to create users.</td>
+    </tr>
+    <tr>
+      <td>Allows users to delete users.</td>
+    </tr>
+    <tr>
+      <td>Allows users to modify user passwords.</td>
+    </tr>
+    <tr>
+      <td>Allows users to view user privilege information.</td>
+    </tr>
+    <tr>
+      <td>Allows users to list all users.</td>
+    </tr>
+    <tr>
+      <td>Allows users to create roles.</td>
+    </tr>
+    <tr>
+      <td>Allows users to delete roles.</td>
+    </tr>
+    <tr>
+      <td>Allows users to view role privilege information.</td>
+    </tr>
+    <tr>
+      <td>Allows users to grant a role to a user or revoke it.</td>
+    </tr>
+    <tr>
+      <td>Allows users to list all roles.</td>
+    </tr>
+    <!-- Global Privileges - AUDIT -->
+    <tr>
+      <td>AUDIT</td>
+      <td>Global</td>
+      <td>Allows users to maintain audit log rules and view audit logs.</td>
+    </tr>
+    <!-- Data Privileges - CREATE -->
+    <tr>
+      <td rowspan="15">Data Privileges</td>
+      <td rowspan="3">CREATE</td>
+      <td>ANY</td>
+      <td>Allows creating any table and any database.</td>
+    </tr>
+    <tr>
+      <td>Database</td>
+      <td>Allows users to create tables under this database; allows users to create a database with this name.</td>
+    </tr>
+    <tr>
+      <td>Table</td>
+      <td>Allows users to create a table with this name.</td>
+    </tr>
+    <!-- Data Privileges - ALTER -->
+    <tr>
+      <td rowspan="3">ALTER</td>
+      <td>ANY</td>
+      <td>Allows modifying the definition of any table and any database.</td>
+    </tr>
+    <tr>
+      <td>Database</td>
+      <td>Allows users to modify the definition of a database and the definitions of tables under that database.</td>
+    </tr>
+    <tr>
+      <td>Table</td>
+      <td>Allows users to modify the definition of a table.</td>
+    </tr>
+    <!-- Data Privileges - SELECT -->
+    <tr>
+      <td rowspan="3">SELECT</td>
+      <td>ANY</td>
+      <td>Allows querying data from any table in any database in the system.</td>
+    </tr>
+    <tr>
+      <td>Database</td>
+      <td>Allows users to query data from any table in this database.</td>
+    </tr>
+    <tr>
+      <td>Table</td>
+      <td>Allows users to query data in this table. When executing multi-table queries, the database only displays data that the user has permission to access.</td>
+    </tr>
+    <!-- Data Privileges - INSERT -->
+    <tr>
+      <td rowspan="3">INSERT</td>
+      <td>ANY</td>
+      <td>Allows inserting/updating data into any table in any database.</td>
+    </tr>
+    <tr>
+      <td>Database</td>
+      <td>Allows users to insert/update data into any table within the scope of this database.</td>
+    </tr>
+    <tr>
+      <td>Table</td>
+      <td>Allows users to insert/update data into this table.</td>
+    </tr>
+    <!-- Data Privileges - DELETE -->
+    <tr>
+      <td rowspan="3">DELETE</td>
+      <td>ANY</td>
+      <td>Allows deleting data from any table.</td>
+    </tr>
+    <tr>
+      <td>Database</td>
+      <td>Allows users to delete data within the scope of this database.</td>
+    </tr>
+    <tr>
+      <td>Table</td>
+      <td>Allows users to delete data from this table.</td>
+    </tr>
+  </tbody>
+</table>
+
+## 2. SQL Statements
+
+### 2.1 User and Role Management
+
+1. Create User (Requires SECURITY privilege)
+
+```SQL
+CREATE USER <USERNAME> <PASSWORD>   
+eg: CREATE USER user1 'passwd';
+```
+
+2. Change Password
+
+Users can change their own passwords, but changing other users' passwords requires the SECURITY privilege.
+
+```SQL
+ALTER USER <USERNAME> SET PASSWORD <password>
+eg: ALTER USER tempuser SET PASSWORD 'newpwd';
+```
+
+3. Drop User (Requires SECURITY privilege)
+
+```SQL
+DROP USER <USERNAME>
+eg: DROP USER user1;
+```
+
+4. Create Role (Requires SECURITY privilege)
+
+```SQL
+CREATE ROLE <ROLENAME>
+eg: CREATE ROLE role1;
+```
+
+5. Drop Role (Requires SECURITY privilege)
+
+```SQL
+DROP ROLE <ROLENAME>
+eg: DROP ROLE role1;
+```
+
+6. Grant Role to User (Requires SECURITY privilege)
+
+```SQL
+GRANT ROLE <ROLENAME> TO <USERNAME>
+eg: GRANT ROLE admin TO user1;
+```
+
+7. Revoke Role from User (Requires SECURITY privilege)
+
+```SQL
+REVOKE ROLE <ROLENAME> FROM <USERNAME>
+eg: REVOKE ROLE admin FROM user1;
+```
+
+8. List All Users (Requires SECURITY privilege)
+
+```SQL
+LIST USER;
+```
+
+9. List All Roles (Requires SECURITY privilege)
+
+```SQL
+LIST ROLE;
+```
+
+10. List All Users Under a Specified Role (Requires SECURITY privilege)
+
+```SQL
+LIST USER OF ROLE <ROLENAME>
+eg: LIST USER OF ROLE roleuser;
+```
+
+11. List All Roles of a Specified User
+
+Users can list their own roles, but listing other users' roles requires the SECURITY privilege.
+
+```SQL
+LIST ROLE OF USER <USERNAME>
+eg: LIST ROLE OF USER tempuser;
+```
+
+12. List All Privileges of a User
+
+Users can list their own privilege information, but listing other users' privileges requires the SECURITY privilege.
+
+```SQL
+LIST PRIVILEGES OF USER <USERNAME>
+eg: LIST PRIVILEGES OF USER tempuser;
+```
+
+13. List All Privileges of a Role
+
+Users can list the privilege information of roles they possess, but listing other roles' privileges requires the SECURITY privilege.
+
+```SQL
+LIST PRIVILEGES OF ROLE <ROLENAME>
+eg: LIST PRIVILEGES OF ROLE actor;
+```
+
+### 2.2 Privilege Management
+
+#### 2.2.1 Grant Privileges
+
+1. Grant user management privileges to a user
+
+```SQL
+GRANT SECURITY TO USER <USERNAME>
+eg: GRANT SECURITY TO USER TEST_USER;
+```
+
+2. Grant a user the privilege to create databases and create tables within the database scope, and allow the user to manage privileges within that scope
+
+```SQL
+GRANT CREATE ON DATABASE <DATABASE> TO USER <USERNAME> WITH GRANT OPTION
+eg: GRANT CREATE ON DATABASE TESTDB TO USER TEST_USER WITH GRANT OPTION;
+```
+
+3. Grant a role the privilege to query a database
+
+```SQL
+GRANT SELECT ON DATABASE <DATABASE> TO ROLE <ROLENAME>
+eg: GRANT SELECT ON DATABASE TESTDB TO ROLE TEST_ROLE;
+```
+
+4. Grant a user the privilege to query a table
+
+```SQL
+GRANT SELECT ON <DATABASE>.<TABLENAME> TO USER <USERNAME>
+eg: GRANT SELECT ON TESTDB.TESTTABLE TO USER TEST_USER;
+```
+
+5. Grant a role the privilege to query all databases and tables
+
+```SQL
+GRANT SELECT ON ANY TO ROLE <ROLENAME>
+eg: GRANT SELECT ON ANY TO ROLE TEST_ROLE;
+```
+
+6. ALL Syntax Sugar: ALL represents all privileges within the object scope. You can use the ALL field to flexibly grant privileges.
+
+```SQL
+GRANT ALL TO USER TESTUSER;
+-- Grants all privileges available to the user, including global privileges and all data privileges in the ANY scope
+
+GRANT ALL ON ANY TO USER TESTUSER;
+-- Grants all data privileges available in the ANY scope to the user. After executing this statement, the user will have all data privileges on all databases
+
+GRANT ALL ON DATABASE TESTDB TO USER TESTUSER;
+-- Grants all data privileges available in the DB scope to the user. After executing this statement, the user will have all data privileges on this database
+
+GRANT ALL ON TABLE TESTTABLE TO USER TESTUSER;
+-- Grants all data privileges available in the TABLE scope to the user. After executing this statement, the user will have all data privileges on this table
+```
+
+#### 2.2.2 Revoke Privileges
+
+1. Revoke user management privileges from a user
+
+```SQL
+REVOKE SECURITY FROM USER <USERNAME>
+eg: REVOKE SECURITY FROM USER TEST_USER;
+```
+
+2. Revoke a user's privilege to create databases and create tables within the database scope
+
+```SQL
+REVOKE CREATE ON DATABASE <DATABASE> FROM USER <USERNAME>
+eg: REVOKE CREATE ON DATABASE TEST_DB FROM USER TEST_USER;
+```
+
+3. Revoke a user's privilege to query a table
+
+```SQL
+REVOKE SELECT ON <DATABASE>.<TABLENAME> FROM USER <USERNAME>
+eg: REVOKE SELECT ON TESTDB.TESTTABLE FROM USER TEST_USER;
+```
+
+4. Revoke a user's privilege to query all databases and tables
+
+```SQL
+REVOKE SELECT ON ANY FROM USER <USERNAME>
+eg: REVOKE SELECT ON ANY FROM USER TEST_USER;
+```
+
+5. ALL Syntax Sugar: ALL represents all privileges within the object scope. You can use the ALL field to flexibly revoke privileges.
+
+```SQL
+REVOKE ALL FROM USER TESTUSER;
+-- Revokes all global privileges and all data privileges in the ANY scope from the user
+
+REVOKE ALL ON ANY FROM USER TESTUSER;
+-- Revokes all data privileges in the ANY scope from the user, and does not affect DB-scope and TABLE-scope privileges
+
+REVOKE ALL ON DATABASE TESTDB FROM USER TESTUSER;
+-- Revokes all data privileges on the DB from the user, and does not affect TABLE privileges
+
+REVOKE ALL ON TABLE TESTDB FROM USER TESTUSER;
+-- Revokes all data privileges on the TABLE from the user
+```
+
+#### 2.2.3 View User Privileges
+
+```SQL
+LIST PRIVILEGES OF USER <USERNAME>
+eg: LIST PRIVILEGES OF USER tempuser
+```
\ No newline at end of file
diff --git a/src/UserGuide/Master/Table/SQL-Manual/SQL-Authority-Management_timecho.md b/src/UserGuide/Master/Table/SQL-Manual/SQL-Authority-Management_timecho.md
new file mode 100644
index 000000000..3528a5f31
--- /dev/null
+++ b/src/UserGuide/Master/Table/SQL-Manual/SQL-Authority-Management_timecho.md
@@ -0,0 +1,378 @@
+<!--
+
+    Licensed to the Apache Software Foundation (ASF) under one
+    or more contributor license agreements.  See the NOTICE file
+    distributed with this work for additional information
+    regarding copyright ownership.  The ASF licenses this file
+    to you under the Apache License, Version 2.0 (the
+    "License"); you may not use this file except in compliance
+    with the License.  You may obtain a copy of the License at
+    
+        http://www.apache.org/licenses/LICENSE-2.0
+    
+    Unless required by applicable law or agreed to in writing,
+    software distributed under the License is distributed on an
+    "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+    KIND, either express or implied.  See the License for the
+    specific language governing permissions and limitations
+    under the License.
+
+-->
+
+# Authority  Management
+
+This document is the SQL manual for authority management starting from version V2.0.7. For detailed function usage, see [Authority Management](../User-Manual/Authority-Management-Upgrade_timecho.md). For an introduction to authority management functions before version V2.0.7, refer to [Authority Management](../User-Manual/Authority-Management_timecho.md)
+
+## 1. Privilege List
+
+<table>
+  <tbody>
+    <tr>
+      <th>Privilege Type</th>
+      <th>Privilege Name</th>
+      <th>Scope of Effect</th>
+      <th>Description</th>
+    </tr>
+    <!-- Global Privileges - SYSTEM -->
+    <tr>
+      <td rowspan="17">Global Privileges</td>
+      <td rowspan="6">SYSTEM</td>
+      <td rowspan="6">Global</td>
+      <td>Allows users to create, modify, and delete databases.</td>
+    </tr>
+    <tr>
+      <td>Allows users to create, modify, and delete tables and table views.</td>
+    </tr>
+    <tr>
+      <td>Allows users to create, delete, and view user-defined functions.</td>
+    </tr>
+    <tr>
+      <td>Allows users to create, start, stop, delete, and view PIPEs. Allows users to create, delete, and view PIPEPLUGINS.</td>
+    </tr>
+    <tr>
+      <td>Allows users to query and cancel queries. Allows users to view variables. Allows users to view cluster status.</td>
+    </tr>
+    <tr>
+      <td>Allows users to create, delete, and view deep learning models.</td>
+    </tr>
+    <!-- Global Privileges - SECURITY -->
+    <tr>
+      <td rowspan="10">SECURITY</td>
+      <td rowspan="10">Global</td>
+      <td>Allows users to create users.</td>
+    </tr>
+    <tr>
+      <td>Allows users to delete users.</td>
+    </tr>
+    <tr>
+      <td>Allows users to modify user passwords.</td>
+    </tr>
+    <tr>
+      <td>Allows users to view user privilege information.</td>
+    </tr>
+    <tr>
+      <td>Allows users to list all users.</td>
+    </tr>
+    <tr>
+      <td>Allows users to create roles.</td>
+    </tr>
+    <tr>
+      <td>Allows users to delete roles.</td>
+    </tr>
+    <tr>
+      <td>Allows users to view role privilege information.</td>
+    </tr>
+    <tr>
+      <td>Allows users to grant a role to a user or revoke it.</td>
+    </tr>
+    <tr>
+      <td>Allows users to list all roles.</td>
+    </tr>
+    <!-- Global Privileges - AUDIT (New) -->
+    <tr>
+      <td>AUDIT</td>
+      <td>Global</td>
+      <td>Allows users to maintain audit log rules and view audit logs.</td>
+    </tr>
+    <!-- Data Privileges - CREATE -->
+    <tr>
+      <td rowspan="15">Data Privileges</td>
+      <td rowspan="3">CREATE</td>
+      <td>ANY</td>
+      <td>Allows creating any table and any database.</td>
+    </tr>
+    <tr>
+      <td>Database</td>
+      <td>Allows users to create tables under this database; allows users to create a database with this name.</td>
+    </tr>
+    <tr>
+      <td>Table</td>
+      <td>Allows users to create a table with this name.</td>
+    </tr>
+    <!-- Data Privileges - ALTER -->
+    <tr>
+      <td rowspan="3">ALTER</td>
+      <td>ANY</td>
+      <td>Allows modifying the definition of any table and any database.</td>
+    </tr>
+    <tr>
+      <td>Database</td>
+      <td>Allows users to modify the definition of a database and the definitions of tables under that database.</td>
+    </tr>
+    <tr>
+      <td>Table</td>
+      <td>Allows users to modify the definition of a table.</td>
+    </tr>
+    <!-- Data Privileges - SELECT -->
+    <tr>
+      <td rowspan="3">SELECT</td>
+      <td>ANY</td>
+      <td>Allows querying data from any table in any database in the system.</td>
+    </tr>
+    <tr>
+      <td>Database</td>
+      <td>Allows users to query data from any table in this database.</td>
+    </tr>
+    <tr>
+      <td>Table</td>
+      <td>Allows users to query data in this table. When executing multi-table queries, the database only displays data that the user has permission to access.</td>
+    </tr>
+    <!-- Data Privileges - INSERT -->
+    <tr>
+      <td rowspan="3">INSERT</td>
+      <td>ANY</td>
+      <td>Allows inserting/updating data into any table in any database.</td>
+    </tr>
+    <tr>
+      <td>Database</td>
+      <td>Allows users to insert/update data into any table within the scope of this database.</td>
+    </tr>
+    <tr>
+      <td>Table</td>
+      <td>Allows users to insert/update data into this table.</td>
+    </tr>
+    <!-- Data Privileges - DELETE -->
+    <tr>
+      <td rowspan="3">DELETE</td>
+      <td>ANY</td>
+      <td>Allows deleting data from any table.</td>
+    </tr>
+    <tr>
+      <td>Database</td>
+      <td>Allows users to delete data within the scope of this database.</td>
+    </tr>
+    <tr>
+      <td>Table</td>
+      <td>Allows users to delete data from this table.</td>
+    </tr>
+  </tbody>
+</table>
+
+## 2. SQL Statements
+
+### 2.1 User and Role Management
+
+1. Create User (Requires SECURITY privilege)
+
+```SQL
+CREATE USER <USERNAME> <PASSWORD>   
+eg: CREATE USER user1 'Passwd@202604';
+```
+
+2. Change Password
+
+Users can change their own passwords, but changing other users' passwords requires the SECURITY privilege.
+
+```SQL
+ALTER USER <USERNAME> SET PASSWORD <password>
+eg: ALTER USER tempuser SET PASSWORD 'Newpwd@202604';
+```
+
+3. Drop User (Requires SECURITY privilege)
+
+```SQL
+DROP USER <USERNAME>
+eg: DROP USER user1;
+```
+
+4. Create Role (Requires SECURITY privilege)
+
+```SQL
+CREATE ROLE <ROLENAME>
+eg: CREATE ROLE role1;
+```
+
+5. Drop Role (Requires SECURITY privilege)
+
+```SQL
+DROP ROLE <ROLENAME>
+eg: DROP ROLE role1;
+```
+
+6. Grant Role to User (Requires SECURITY privilege)
+
+```SQL
+GRANT ROLE <ROLENAME> TO <USERNAME>
+eg: GRANT ROLE admin TO user1;
+```
+
+7. Revoke Role from User (Requires SECURITY privilege)
+
+```SQL
+REVOKE ROLE <ROLENAME> FROM <USERNAME>
+eg: REVOKE ROLE admin FROM user1;
+```
+
+8. List All Users (Requires SECURITY privilege)
+
+```SQL
+LIST USER;
+```
+
+9. List All Roles (Requires SECURITY privilege)
+
+```SQL
+LIST ROLE;
+```
+
+10. List All Users Under a Specified Role (Requires SECURITY privilege)
+
+```SQL
+LIST USER OF ROLE <ROLENAME>
+eg: LIST USER OF ROLE roleuser;
+```
+
+11. List All Roles of a Specified User
+
+Users can list their own roles, but listing other users' roles requires the SECURITY privilege.
+
+```SQL
+LIST ROLE OF USER <USERNAME>
+eg: LIST ROLE OF USER tempuser;
+```
+
+12. List All Privileges of a User
+
+Users can list their own privilege information, but listing other users' privileges requires the SECURITY privilege.
+
+```SQL
+LIST PRIVILEGES OF USER <USERNAME>
+eg: LIST PRIVILEGES OF USER tempuser;
+```
+
+13. List All Privileges of a Role
+
+Users can list the privilege information of roles they possess, but listing other roles' privileges requires the SECURITY privilege.
+
+```SQL
+LIST PRIVILEGES OF ROLE <ROLENAME>
+eg: LIST PRIVILEGES OF ROLE actor;
+```
+
+### 2.2 Privilege Management
+
+#### 2.2.1 Grant Privileges
+
+1. Grant user management privileges to a user
+
+```SQL
+GRANT SECURITY TO USER <USERNAME>
+eg: GRANT SECURITY TO USER TEST_USER;
+```
+
+2. Grant a user the privilege to create databases and create tables within the database scope, and allow the user to manage privileges within that scope
+
+```SQL
+GRANT CREATE ON DATABASE <DATABASE> TO USER <USERNAME> WITH GRANT OPTION
+eg: GRANT CREATE ON DATABASE TESTDB TO USER TEST_USER WITH GRANT OPTION;
+```
+
+3. Grant a role the privilege to query a database
+
+```SQL
+GRANT SELECT ON DATABASE <DATABASE> TO ROLE <ROLENAME>
+eg: GRANT SELECT ON DATABASE TESTDB TO ROLE TEST_ROLE;
+```
+
+4. Grant a user the privilege to query a table
+
+```SQL
+GRANT SELECT ON <DATABASE>.<TABLENAME> TO USER <USERNAME>
+eg: GRANT SELECT ON TESTDB.TESTTABLE TO USER TEST_USER;
+```
+
+5. Grant a role the privilege to query all databases and tables
+
+```SQL
+GRANT SELECT ON ANY TO ROLE <ROLENAME>
+eg: GRANT SELECT ON ANY TO ROLE TEST_ROLE;
+```
+
+6. ALL Syntax Sugar: ALL represents all privileges within the object scope. You can use the ALL field to flexibly grant privileges.
+
+```SQL
+GRANT ALL TO USER TESTUSER;
+-- Grants all privileges available to the user, including global privileges and all data privileges in the ANY scope
+
+GRANT ALL ON ANY TO USER TESTUSER;
+-- Grants all data privileges available in the ANY scope to the user. After executing this statement, the user will have all data privileges on all databases
+
+GRANT ALL ON DATABASE TESTDB TO USER TESTUSER;
+-- Grants all data privileges available in the DB scope to the user. After executing this statement, the user will have all data privileges on this database
+
+GRANT ALL ON TABLE TESTTABLE TO USER TESTUSER;
+-- Grants all data privileges available in the TABLE scope to the user. After executing this statement, the user will have all data privileges on this table
+```
+
+#### 2.2.2 Revoke Privileges
+
+1. Revoke user management privileges from a user
+
+```SQL
+REVOKE SECURITY FROM USER <USERNAME>
+eg: REVOKE SECURITY FROM USER TEST_USER;
+```
+
+2. Revoke a user's privilege to create databases and create tables within the database scope
+
+```SQL
+REVOKE CREATE ON DATABASE <DATABASE> FROM USER <USERNAME>
+eg: REVOKE CREATE ON DATABASE TEST_DB FROM USER TEST_USER;
+```
+
+3. Revoke a user's privilege to query a table
+
+```SQL
+REVOKE SELECT ON <DATABASE>.<TABLENAME> FROM USER <USERNAME>
+eg: REVOKE SELECT ON TESTDB.TESTTABLE FROM USER TEST_USER;
+```
+
+4. Revoke a user's privilege to query all databases and tables
+
+```SQL
+REVOKE SELECT ON ANY FROM USER <USERNAME>
+eg: REVOKE SELECT ON ANY FROM USER TEST_USER;
+```
+
+5. ALL Syntax Sugar: ALL represents all privileges within the object scope. You can use the ALL field to flexibly revoke privileges.
+
+```SQL
+REVOKE ALL FROM USER TESTUSER;
+-- Revokes all global privileges and all data privileges in the ANY scope from the user
+
+REVOKE ALL ON ANY FROM USER TESTUSER;
+-- Revokes all data privileges in the ANY scope from the user, and does not affect DB-scope and TABLE-scope privileges
+
+REVOKE ALL ON DATABASE TESTDB FROM USER TESTUSER;
+-- Revokes all data privileges on the DB from the user, and does not affect TABLE privileges
+
+REVOKE ALL ON TABLE TESTDB FROM USER TESTUSER;
+-- Revokes all data privileges on the TABLE from the user
+```
+
+#### 2.2.3 View User Privileges
+
+```SQL
+LIST PRIVILEGES OF USER <USERNAME>
+eg: LIST PRIVILEGES OF USER tempuser
+```
\ No newline at end of file
diff --git a/src/UserGuide/Master/Table/SQL-Manual/SQL-Data-Sync_apache.md b/src/UserGuide/Master/Table/SQL-Manual/SQL-Data-Sync_apache.md
new file mode 100644
index 000000000..d3365d405
--- /dev/null
+++ b/src/UserGuide/Master/Table/SQL-Manual/SQL-Data-Sync_apache.md
@@ -0,0 +1,240 @@
+<!--
+
+    Licensed to the Apache Software Foundation (ASF) under one
+    or more contributor license agreements.  See the NOTICE file
+    distributed with this work for additional information
+    regarding copyright ownership.  The ASF licenses this file
+    to you under the Apache License, Version 2.0 (the
+    "License"); you may not use this file except in compliance
+    with the License.  You may obtain a copy of the License at
+    
+        http://www.apache.org/licenses/LICENSE-2.0
+    
+    Unless required by applicable law or agreed to in writing,
+    software distributed under the License is distributed on an
+    "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+    KIND, either express or implied.  See the License for the
+    specific language governing permissions and limitations
+    under the License.
+
+-->
+
+# Data Sync
+
+This document mainly contains the SQL statements for the data synchronization function. For detailed function introduction and usage instructions, see [Data Sync](../User-Manual/Data-Sync_apache.md)
+
+## 1. Create Task
+
+**Syntax:**
+
+```SQL
+CREATE PIPE [IF NOT EXISTS] <PipeId> -- PipeId is the name that uniquely identifies the task
+-- Data extraction plugin, optional plugin
+WITH SOURCE (
+  [<parameter> = <value>,],
+)
+-- Data processing plugin, optional plugin
+WITH PROCESSOR (
+  [<parameter> = <value>,],
+)
+-- Data connection plugin, required plugin
+WITH SINK (
+  [<parameter> = <value>,],
+)
+```
+
+**Example 1: Full Data Synchronization**
+
+```SQL
+create pipe A2B
+with sink (
+  'sink'='iotdb-thrift-sink',
+  'node-urls' = '127.0.0.1:6668', 
+)
+```
+
+**Example 2: Partial Data Synchronization**
+
+```SQL
+create pipe A2B
+WITH SOURCE (
+  'source'= 'iotdb-source',
+  'mode.streaming' = 'true',
+  'database-name'='db_b.*', 
+  'start-time' = '2023.08.23T08:00:00+00:00', 
+  'end-time' = '2023.10.23T08:00:00+00:00'
+) 
+with SINK (
+  'sink'='iotdb-thrift-async-sink',
+  'node-urls' = '127.0.0.1:6668', 
+)
+```
+
+**Example 3: Edge-Cloud Data Transmission**
+
+* Execute the following statement on IoTDB B to synchronize data from B to A
+
+```SQL
+create pipe BA
+with source (
+   'database-name'='db_b.*', 
+   'table-name'='.*', 
+)
+with sink (
+  'sink'='iotdb-thrift-sink',
+  'node-urls' = '127.0.0.1:6667', 
+)
+```
+
+* Execute the following statement on IoTDB C to synchronize data from C to A
+
+```SQL
+create pipe CA
+with source (
+   'database-name'='db_c.*', 
+   'table-name'='.*', 
+)
+with sink (
+  'sink'='iotdb-thrift-sink',
+  'node-urls' = '127.0.0.1:6668', 
+)
+```
+
+* Execute the following statement on IoTDB D to synchronize data from D to A
+
+```SQL
+create pipe DA
+with source (
+   'database-name'='db_d.*', 
+   'table-name'='.*', 
+)
+with sink (
+  'sink'='iotdb-thrift-sink',
+  'node-urls' = '127.0.0.1:6669', 
+)
+```
+
+**Example 4: Cascaded Data Transmission**
+
+* Execute the following statement on IoTDB A to synchronize data from A to B
+
+```SQL
+create pipe AB
+with sink (
+  'sink'='iotdb-thrift-sink',
+  'node-urls' = '127.0.0.1:6668', 
+)
+```
+
+* Execute the following statement on IoTDB B to synchronize data from B to C
+
+```SQL
+create pipe BC
+with source (
+)
+with sink (
+  'sink'='iotdb-thrift-sink',
+  'node-urls' = '127.0.0.1:6669', 
+)
+```
+
+**Example 5: Compressed Synchronization**
+
+```SQL
+create pipe A2B 
+with sink (
+ 'node-urls' = '127.0.0.1:6668', 
+ 'compressor' = 'snappy,lz4',
+ 'rate-limit-bytes-per-second'='1048576' 
+)
+```
+
+**Example 6: Encrypted Synchronization**
+
+```SQL
+create pipe A2B
+with sink (
+  'sink'='iotdb-thrift-ssl-sink',
+  'node-urls'='127.0.0.1:6667',  
+  'ssl.trust-store-path'='pki/trusted', 
+  'ssl.trust-store-pwd'='root' 
+)
+```
+
+## 2. Start Task
+
+**Syntax:**
+
+```SQL
+START PIPE <PipeId>
+```
+
+**Example:**
+
+```SQL
+START PIPE A2B
+```
+
+## 3. Stop Task
+
+**Syntax:**
+
+```SQL
+STOP PIPE <PipeId>
+```
+
+**Example:**
+
+```SQL
+STOP PIPE A2B
+```
+
+## 4. Drop Task
+
+**Syntax:**
+
+```SQL
+DROP PIPE [IF EXISTS] <PipeId>
+```
+
+**Example:**
+
+```SQL
+DROP PIPE IF EXISTS A2B
+```
+
+## 5. Show Tasks
+
+**Syntax:**
+
+```SQL
+-- Show all tasks
+SHOW PIPES
+-- Show a specific task
+SHOW PIPE <PipeId>
+```
+
+**Example:**
+
+```SQL
+SHOW PIPES
+
+SHOW PIPE A2B
+```
+
+## 6. Alter Task
+
+**Syntax:**
+
+```SQL
+ALTER PIPE [IF EXISTS] <PipeId>
+    MODIFY/REPLACE SOURCE(...)
+    MODIFY/REPLACE PROCESSOR(...)
+    MODIFY/REPLACE SINK(...)
+```
+
+**Example:**
+
+```SQL
+ALTER PIPE A2B REPLACE SINK ('sink'='iotdb-thrift-sink', 'node-urls' = '127.0.0.1:6668');
+```
\ No newline at end of file
diff --git a/src/UserGuide/Master/Table/SQL-Manual/SQL-Data-Sync_timecho.md b/src/UserGuide/Master/Table/SQL-Manual/SQL-Data-Sync_timecho.md
new file mode 100644
index 000000000..41eff7eeb
--- /dev/null
+++ b/src/UserGuide/Master/Table/SQL-Manual/SQL-Data-Sync_timecho.md
@@ -0,0 +1,321 @@
+<!--
+
+    Licensed to the Apache Software Foundation (ASF) under one
+    or more contributor license agreements.  See the NOTICE file
+    distributed with this work for additional information
+    regarding copyright ownership.  The ASF licenses this file
+    to you under the Apache License, Version 2.0 (the
+    "License"); you may not use this file except in compliance
+    with the License.  You may obtain a copy of the License at
+    
+        http://www.apache.org/licenses/LICENSE-2.0
+    
+    Unless required by applicable law or agreed to in writing,
+    software distributed under the License is distributed on an
+    "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+    KIND, either express or implied.  See the License for the
+    specific language governing permissions and limitations
+    under the License.
+
+-->
+
+# Data Sync
+
+This document mainly contains the SQL statements for the data synchronization function. For detailed function introduction and usage instructions, see [Data Sync](../User-Manual/Data-Sync_timecho.md)
+
+## 1. Create Task
+
+**Syntax:**
+
+```SQL
+CREATE PIPE [IF NOT EXISTS] <PipeId> -- PipeId is the name that uniquely identifies the task
+-- Data extraction plugin, optional
+WITH SOURCE (
+  [<parameter> = <value>,],
+)
+-- Data processing plugin, optional
+WITH PROCESSOR (
+  [<parameter> = <value>,],
+)
+-- Data connection plugin, required
+WITH SINK (
+  [<parameter> = <value>,],
+)
+```
+
+**Example 1: Full Data Synchronization**
+
+```SQL
+create pipe A2B
+with sink (
+  'sink'='iotdb-thrift-sink',
+  'node-urls' = '127.0.0.1:6668', 
+)
+```
+
+**Example 2: Partial Data Synchronization**
+
+```SQL
+create pipe A2B
+WITH SOURCE (
+  'source'= 'iotdb-source',
+  'mode.streaming' = 'true',
+  'database-name'='db_b.*', 
+  'start-time' = '2023.08.23T08:00:00+00:00', 
+  'end-time' = '2023.10.23T08:00:00+00:00'
+) 
+with SINK (
+  'sink'='iotdb-thrift-async-sink',
+  'node-urls' = '127.0.0.1:6668', 
+)
+```
+
+**Example 3: Bidirectional Data Transmission**
+
+* Execute the following statement on IoTDB A
+
+```SQL
+create pipe AB
+with source (
+  'source.mode.double-living' ='true'
+)
+with sink (
+  'sink'='iotdb-thrift-sink',
+  'node-urls' = '127.0.0.1:6668', 
+)
+```
+
+* Execute the following statement on IoTDB B
+
+```SQL
+create pipe BA
+with source (
+  'source.mode.double-living' ='true' 
+)
+with sink (
+  'sink'='iotdb-thrift-sink',
+  'node-urls' = '127.0.0.1:6667', 
+)
+```
+
+**Example 4: Edge-Cloud Data Transmission**
+
+* Execute the following statement on IoTDB B to synchronize data from B to A
+
+```SQL
+create pipe BA
+with source (
+   'database-name'='db_b.*', 
+   'table-name'='.*', 
+)
+with sink (
+  'sink'='iotdb-thrift-sink',
+  'node-urls' = '127.0.0.1:6667', 
+)
+```
+
+* Execute the following statement on IoTDB C to synchronize data from C to A
+
+```SQL
+create pipe CA
+with source (
+   'database-name'='db_c.*', 
+   'table-name'='.*', 
+)
+with sink (
+  'sink'='iotdb-thrift-sink',
+  'node-urls' = '127.0.0.1:6668', 
+)
+```
+
+* Execute the following statement on IoTDB D to synchronize data from D to A
+
+```SQL
+create pipe DA
+with source (
+   'database-name'='db_d.*', 
+   'table-name'='.*', 
+)
+with sink (
+  'sink'='iotdb-thrift-sink',
+  'node-urls' = '127.0.0.1:6669', 
+)
+```
+
+**Example 5: Cascaded Data Transmission**
+
+* Execute the following statement on IoTDB A to synchronize data from A to B
+
+```SQL
+create pipe AB
+with sink (
+  'sink'='iotdb-thrift-sink',
+  'node-urls' = '127.0.0.1:6668', 
+)
+```
+
+* Execute the following statement on IoTDB B to synchronize data from B to C
+
+```SQL
+create pipe BC
+with source (
+)
+with sink (
+  'sink'='iotdb-thrift-sink',
+  'node-urls' = '127.0.0.1:6669', 
+)
+```
+
+**Example 6: Cross-Gap Data Transmission**
+
+```SQL
+create pipe A2B
+with sink (
+  'sink'='iotdb-air-gap-sink',
+  'node-urls' = '10.53.53.53:9780', 
+)
+```
+
+**Example 7: Compressed Synchronization**
+
+```SQL
+create pipe A2B 
+with sink (
+ 'node-urls' = '127.0.0.1:6668', 
+ 'compressor' = 'snappy,lz4',
+ 'rate-limit-bytes-per-second'='1048576' 
+)
+```
+
+**Example 8: Encrypted Synchronization**
+
+```SQL
+create pipe A2B
+with sink (
+  'sink'='iotdb-thrift-ssl-sink',
+  'node-urls'='127.0.0.1:6667',  
+  'ssl.trust-store-path'='pki/trusted', 
+  'ssl.trust-store-pwd'='root' 
+)
+```
+
+**Example 9: Local Export of Object Type Data**
+
+```SQL
+CREATE PIPE tsfile_export_local
+WITH SOURCE (                           
+  'source' = 'iotdb-source',
+  'table-name' = 'test_table'
+)
+WITH PROCESSOR (
+  'processor' = 'do-nothing-processor'
+)
+WITH SINK (
+  'sink' = 'tsfile-local-sink',                         
+  'sink.local.target-path' = '/data/backup/export_2024',
+  'sink.rate-limit-bytes-per-second' = '10485760'      
+);
+```
+
+**Example 10: Remote Transmission of Object Type Data**
+
+* This method requires pre-registration of the `tsfile_remote_sink` plugin
+
+```SQL
+CREATE PIPE tsfile_export_scp
+WITH SOURCE (
+  'source' = 'iotdb-source',
+  'table-name' = 'test_table'                        
+)
+WITH PROCESSOR (
+  'processor' = 'do-nothing-processor'
+)
+WITH SINK (
+  'sink' = 'tsfile_remote_sink',
+  'sink.file-mode' = 'scp',                          
+  'sink.scp.host' = '192.168.1.100',                 
+  'sink.scp.port' = '22',                            
+  'sink.scp.user' = 'backup_user',                  
+  'sink.scp.password' = 'ComplexPass123!',           
+  'sink.scp.remote-path' = '/remote/archive/',       
+  'sink.rate-limit-bytes-per-second' = '10485760'    
+);
+```
+
+## 2. Start Task
+
+**Syntax:**
+
+```SQL
+START PIPE <PipeId>
+```
+
+**Example:**
+
+```SQL
+START PIPE A2B
+```
+
+## 3. Stop Task
+
+**Syntax:**
+
+```SQL
+STOP PIPE <PipeId>
+```
+
+**Example:**
+
+```SQL
+STOP PIPE A2B
+```
+
+## 4. Drop Task
+
+**Syntax:**
+
+```SQL
+DROP PIPE [IF EXISTS] <PipeId>
+```
+
+**Example:**
+
+```SQL
+DROP PIPE IF EXISTS A2B
+```
+
+## 5. Show Tasks
+
+**Syntax:**
+
+```SQL
+-- Show all tasks
+SHOW PIPES
+-- Show a specific task
+SHOW PIPE <PipeId>
+```
+
+**Example:**
+
+```SQL
+SHOW PIPES
+
+SHOW PIPE A2B
+```
+
+## 6. Alter Task
+
+**Syntax:**
+
+```SQL
+ALTER PIPE [IF EXISTS] <PipeId>
+    MODIFY/REPLACE SOURCE(...)
+    MODIFY/REPLACE PROCESSOR(...)
+    MODIFY/REPLACE SINK(...)
+```
+
+**Example:**
+
+```SQL
+ALTER PIPE A2B REPLACE SINK ('sink'='iotdb-thrift-sink', 'node-urls' = '127.0.0.1:6668');
+```
\ No newline at end of file
diff --git a/src/UserGuide/latest-Table/SQL-Manual/SQL-Authority-Management_apache.md b/src/UserGuide/latest-Table/SQL-Manual/SQL-Authority-Management_apache.md
new file mode 100644
index 000000000..8b95ff036
--- /dev/null
+++ b/src/UserGuide/latest-Table/SQL-Manual/SQL-Authority-Management_apache.md
@@ -0,0 +1,378 @@
+<!--
+
+    Licensed to the Apache Software Foundation (ASF) under one
+    or more contributor license agreements.  See the NOTICE file
+    distributed with this work for additional information
+    regarding copyright ownership.  The ASF licenses this file
+    to you under the Apache License, Version 2.0 (the
+    "License"); you may not use this file except in compliance
+    with the License.  You may obtain a copy of the License at
+    
+        http://www.apache.org/licenses/LICENSE-2.0
+    
+    Unless required by applicable law or agreed to in writing,
+    software distributed under the License is distributed on an
+    "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+    KIND, either express or implied.  See the License for the
+    specific language governing permissions and limitations
+    under the License.
+
+-->
+
+# Authority  Management
+
+This document is the SQL manual for authority management starting from version V2.0.7. For detailed function usage, see [Authority Management](../User-Manual/Authority-Management-Upgrade_apache.md). For an introduction to authority management functions before version V2.0.7, refer to [Authority Management](../User-Manual/Authority-Management_apache.md)
+
+## 1. Privilege List
+
+<table>
+  <tbody>
+    <tr>
+      <th>Privilege Type</th>
+      <th>Privilege Name</th>
+      <th>Scope of Effect</th>
+      <th>Description</th>
+    </tr>
+    <!-- Global Privileges - SYSTEM -->
+    <tr>
+      <td rowspan="17">Global Privileges</td>
+      <td rowspan="6">SYSTEM</td>
+      <td rowspan="6">Global</td>
+      <td>Allows users to create, modify, and delete databases.</td>
+    </tr>
+    <tr>
+      <td>Allows users to create, modify, and delete tables and table views.</td>
+    </tr>
+    <tr>
+      <td>Allows users to create, delete, and view user-defined functions.</td>
+    </tr>
+    <tr>
+      <td>Allows users to create, start, stop, delete, and view PIPEs. Allows users to create, delete, and view PIPEPLUGINS.</td>
+    </tr>
+    <tr>
+      <td>Allows users to query and cancel queries. Allows users to view variables. Allows users to view cluster status.</td>
+    </tr>
+    <tr>
+      <td>Allows users to create, delete, and view deep learning models.</td>
+    </tr>
+    <!-- Global Privileges - SECURITY -->
+    <tr>
+      <td rowspan="10">SECURITY</td>
+      <td rowspan="10">Global</td>
+      <td>Allows users to create users.</td>
+    </tr>
+    <tr>
+      <td>Allows users to delete users.</td>
+    </tr>
+    <tr>
+      <td>Allows users to modify user passwords.</td>
+    </tr>
+    <tr>
+      <td>Allows users to view user privilege information.</td>
+    </tr>
+    <tr>
+      <td>Allows users to list all users.</td>
+    </tr>
+    <tr>
+      <td>Allows users to create roles.</td>
+    </tr>
+    <tr>
+      <td>Allows users to delete roles.</td>
+    </tr>
+    <tr>
+      <td>Allows users to view role privilege information.</td>
+    </tr>
+    <tr>
+      <td>Allows users to grant a role to a user or revoke it.</td>
+    </tr>
+    <tr>
+      <td>Allows users to list all roles.</td>
+    </tr>
+    <!-- Global Privileges - AUDIT -->
+    <tr>
+      <td>AUDIT</td>
+      <td>Global</td>
+      <td>Allows users to maintain audit log rules and view audit logs.</td>
+    </tr>
+    <!-- Data Privileges - CREATE -->
+    <tr>
+      <td rowspan="15">Data Privileges</td>
+      <td rowspan="3">CREATE</td>
+      <td>ANY</td>
+      <td>Allows creating any table and any database.</td>
+    </tr>
+    <tr>
+      <td>Database</td>
+      <td>Allows users to create tables under this database; allows users to create a database with this name.</td>
+    </tr>
+    <tr>
+      <td>Table</td>
+      <td>Allows users to create a table with this name.</td>
+    </tr>
+    <!-- Data Privileges - ALTER -->
+    <tr>
+      <td rowspan="3">ALTER</td>
+      <td>ANY</td>
+      <td>Allows modifying the definition of any table and any database.</td>
+    </tr>
+    <tr>
+      <td>Database</td>
+      <td>Allows users to modify the definition of a database and the definitions of tables under that database.</td>
+    </tr>
+    <tr>
+      <td>Table</td>
+      <td>Allows users to modify the definition of a table.</td>
+    </tr>
+    <!-- Data Privileges - SELECT -->
+    <tr>
+      <td rowspan="3">SELECT</td>
+      <td>ANY</td>
+      <td>Allows querying data from any table in any database in the system.</td>
+    </tr>
+    <tr>
+      <td>Database</td>
+      <td>Allows users to query data from any table in this database.</td>
+    </tr>
+    <tr>
+      <td>Table</td>
+      <td>Allows users to query data in this table. When executing multi-table queries, the database only displays data that the user has permission to access.</td>
+    </tr>
+    <!-- Data Privileges - INSERT -->
+    <tr>
+      <td rowspan="3">INSERT</td>
+      <td>ANY</td>
+      <td>Allows inserting/updating data into any table in any database.</td>
+    </tr>
+    <tr>
+      <td>Database</td>
+      <td>Allows users to insert/update data into any table within the scope of this database.</td>
+    </tr>
+    <tr>
+      <td>Table</td>
+      <td>Allows users to insert/update data into this table.</td>
+    </tr>
+    <!-- Data Privileges - DELETE -->
+    <tr>
+      <td rowspan="3">DELETE</td>
+      <td>ANY</td>
+      <td>Allows deleting data from any table.</td>
+    </tr>
+    <tr>
+      <td>Database</td>
+      <td>Allows users to delete data within the scope of this database.</td>
+    </tr>
+    <tr>
+      <td>Table</td>
+      <td>Allows users to delete data from this table.</td>
+    </tr>
+  </tbody>
+</table>
+
+## 2. SQL Statements
+
+### 2.1 User and Role Management
+
+1. Create User (Requires SECURITY privilege)
+
+```SQL
+CREATE USER <USERNAME> <PASSWORD>   
+eg: CREATE USER user1 'passwd';
+```
+
+2. Change Password
+
+Users can change their own passwords, but changing other users' passwords requires the SECURITY privilege.
+
+```SQL
+ALTER USER <USERNAME> SET PASSWORD <password>
+eg: ALTER USER tempuser SET PASSWORD 'newpwd';
+```
+
+3. Drop User (Requires SECURITY privilege)
+
+```SQL
+DROP USER <USERNAME>
+eg: DROP USER user1;
+```
+
+4. Create Role (Requires SECURITY privilege)
+
+```SQL
+CREATE ROLE <ROLENAME>
+eg: CREATE ROLE role1;
+```
+
+5. Drop Role (Requires SECURITY privilege)
+
+```SQL
+DROP ROLE <ROLENAME>
+eg: DROP ROLE role1;
+```
+
+6. Grant Role to User (Requires SECURITY privilege)
+
+```SQL
+GRANT ROLE <ROLENAME> TO <USERNAME>
+eg: GRANT ROLE admin TO user1;
+```
+
+7. Revoke Role from User (Requires SECURITY privilege)
+
+```SQL
+REVOKE ROLE <ROLENAME> FROM <USERNAME>
+eg: REVOKE ROLE admin FROM user1;
+```
+
+8. List All Users (Requires SECURITY privilege)
+
+```SQL
+LIST USER;
+```
+
+9. List All Roles (Requires SECURITY privilege)
+
+```SQL
+LIST ROLE;
+```
+
+10. List All Users Under a Specified Role (Requires SECURITY privilege)
+
+```SQL
+LIST USER OF ROLE <ROLENAME>
+eg: LIST USER OF ROLE roleuser;
+```
+
+11. List All Roles of a Specified User
+
+Users can list their own roles, but listing other users' roles requires the SECURITY privilege.
+
+```SQL
+LIST ROLE OF USER <USERNAME>
+eg: LIST ROLE OF USER tempuser;
+```
+
+12. List All Privileges of a User
+
+Users can list their own privilege information, but listing other users' privileges requires the SECURITY privilege.
+
+```SQL
+LIST PRIVILEGES OF USER <USERNAME>
+eg: LIST PRIVILEGES OF USER tempuser;
+```
+
+13. List All Privileges of a Role
+
+Users can list the privilege information of roles they possess, but listing other roles' privileges requires the SECURITY privilege.
+
+```SQL
+LIST PRIVILEGES OF ROLE <ROLENAME>
+eg: LIST PRIVILEGES OF ROLE actor;
+```
+
+### 2.2 Privilege Management
+
+#### 2.2.1 Grant Privileges
+
+1. Grant user management privileges to a user
+
+```SQL
+GRANT SECURITY TO USER <USERNAME>
+eg: GRANT SECURITY TO USER TEST_USER;
+```
+
+2. Grant a user the privilege to create databases and create tables within the database scope, and allow the user to manage privileges within that scope
+
+```SQL
+GRANT CREATE ON DATABASE <DATABASE> TO USER <USERNAME> WITH GRANT OPTION
+eg: GRANT CREATE ON DATABASE TESTDB TO USER TEST_USER WITH GRANT OPTION;
+```
+
+3. Grant a role the privilege to query a database
+
+```SQL
+GRANT SELECT ON DATABASE <DATABASE> TO ROLE <ROLENAME>
+eg: GRANT SELECT ON DATABASE TESTDB TO ROLE TEST_ROLE;
+```
+
+4. Grant a user the privilege to query a table
+
+```SQL
+GRANT SELECT ON <DATABASE>.<TABLENAME> TO USER <USERNAME>
+eg: GRANT SELECT ON TESTDB.TESTTABLE TO USER TEST_USER;
+```
+
+5. Grant a role the privilege to query all databases and tables
+
+```SQL
+GRANT SELECT ON ANY TO ROLE <ROLENAME>
+eg: GRANT SELECT ON ANY TO ROLE TEST_ROLE;
+```
+
+6. ALL Syntax Sugar: ALL represents all privileges within the object scope. You can use the ALL field to flexibly grant privileges.
+
+```SQL
+GRANT ALL TO USER TESTUSER;
+-- Grants all privileges available to the user, including global privileges and all data privileges in the ANY scope
+
+GRANT ALL ON ANY TO USER TESTUSER;
+-- Grants all data privileges available in the ANY scope to the user. After executing this statement, the user will have all data privileges on all databases
+
+GRANT ALL ON DATABASE TESTDB TO USER TESTUSER;
+-- Grants all data privileges available in the DB scope to the user. After executing this statement, the user will have all data privileges on this database
+
+GRANT ALL ON TABLE TESTTABLE TO USER TESTUSER;
+-- Grants all data privileges available in the TABLE scope to the user. After executing this statement, the user will have all data privileges on this table
+```
+
+#### 2.2.2 Revoke Privileges
+
+1. Revoke user management privileges from a user
+
+```SQL
+REVOKE SECURITY FROM USER <USERNAME>
+eg: REVOKE SECURITY FROM USER TEST_USER;
+```
+
+2. Revoke a user's privilege to create databases and create tables within the database scope
+
+```SQL
+REVOKE CREATE ON DATABASE <DATABASE> FROM USER <USERNAME>
+eg: REVOKE CREATE ON DATABASE TEST_DB FROM USER TEST_USER;
+```
+
+3. Revoke a user's privilege to query a table
+
+```SQL
+REVOKE SELECT ON <DATABASE>.<TABLENAME> FROM USER <USERNAME>
+eg: REVOKE SELECT ON TESTDB.TESTTABLE FROM USER TEST_USER;
+```
+
+4. Revoke a user's privilege to query all databases and tables
+
+```SQL
+REVOKE SELECT ON ANY FROM USER <USERNAME>
+eg: REVOKE SELECT ON ANY FROM USER TEST_USER;
+```
+
+5. ALL Syntax Sugar: ALL represents all privileges within the object scope. You can use the ALL field to flexibly revoke privileges.
+
+```SQL
+REVOKE ALL FROM USER TESTUSER;
+-- Revokes all global privileges and all data privileges in the ANY scope from the user
+
+REVOKE ALL ON ANY FROM USER TESTUSER;
+-- Revokes all data privileges in the ANY scope from the user, and does not affect DB-scope and TABLE-scope privileges
+
+REVOKE ALL ON DATABASE TESTDB FROM USER TESTUSER;
+-- Revokes all data privileges on the DB from the user, and does not affect TABLE privileges
+
+REVOKE ALL ON TABLE TESTDB FROM USER TESTUSER;
+-- Revokes all data privileges on the TABLE from the user
+```
+
+#### 2.2.3 View User Privileges
+
+```SQL
+LIST PRIVILEGES OF USER <USERNAME>
+eg: LIST PRIVILEGES OF USER tempuser
+```
\ No newline at end of file
diff --git a/src/UserGuide/latest-Table/SQL-Manual/SQL-Authority-Management_timecho.md b/src/UserGuide/latest-Table/SQL-Manual/SQL-Authority-Management_timecho.md
new file mode 100644
index 000000000..3528a5f31
--- /dev/null
+++ b/src/UserGuide/latest-Table/SQL-Manual/SQL-Authority-Management_timecho.md
@@ -0,0 +1,378 @@
+<!--
+
+    Licensed to the Apache Software Foundation (ASF) under one
+    or more contributor license agreements.  See the NOTICE file
+    distributed with this work for additional information
+    regarding copyright ownership.  The ASF licenses this file
+    to you under the Apache License, Version 2.0 (the
+    "License"); you may not use this file except in compliance
+    with the License.  You may obtain a copy of the License at
+    
+        http://www.apache.org/licenses/LICENSE-2.0
+    
+    Unless required by applicable law or agreed to in writing,
+    software distributed under the License is distributed on an
+    "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+    KIND, either express or implied.  See the License for the
+    specific language governing permissions and limitations
+    under the License.
+
+-->
+
+# Authority  Management
+
+This document is the SQL manual for authority management starting from version V2.0.7. For detailed function usage, see [Authority Management](../User-Manual/Authority-Management-Upgrade_timecho.md). For an introduction to authority management functions before version V2.0.7, refer to [Authority Management](../User-Manual/Authority-Management_timecho.md)
+
+## 1. Privilege List
+
+<table>
+  <tbody>
+    <tr>
+      <th>Privilege Type</th>
+      <th>Privilege Name</th>
+      <th>Scope of Effect</th>
+      <th>Description</th>
+    </tr>
+    <!-- Global Privileges - SYSTEM -->
+    <tr>
+      <td rowspan="17">Global Privileges</td>
+      <td rowspan="6">SYSTEM</td>
+      <td rowspan="6">Global</td>
+      <td>Allows users to create, modify, and delete databases.</td>
+    </tr>
+    <tr>
+      <td>Allows users to create, modify, and delete tables and table views.</td>
+    </tr>
+    <tr>
+      <td>Allows users to create, delete, and view user-defined functions.</td>
+    </tr>
+    <tr>
+      <td>Allows users to create, start, stop, delete, and view PIPEs. Allows users to create, delete, and view PIPEPLUGINS.</td>
+    </tr>
+    <tr>
+      <td>Allows users to query and cancel queries. Allows users to view variables. Allows users to view cluster status.</td>
+    </tr>
+    <tr>
+      <td>Allows users to create, delete, and view deep learning models.</td>
+    </tr>
+    <!-- Global Privileges - SECURITY -->
+    <tr>
+      <td rowspan="10">SECURITY</td>
+      <td rowspan="10">Global</td>
+      <td>Allows users to create users.</td>
+    </tr>
+    <tr>
+      <td>Allows users to delete users.</td>
+    </tr>
+    <tr>
+      <td>Allows users to modify user passwords.</td>
+    </tr>
+    <tr>
+      <td>Allows users to view user privilege information.</td>
+    </tr>
+    <tr>
+      <td>Allows users to list all users.</td>
+    </tr>
+    <tr>
+      <td>Allows users to create roles.</td>
+    </tr>
+    <tr>
+      <td>Allows users to delete roles.</td>
+    </tr>
+    <tr>
+      <td>Allows users to view role privilege information.</td>
+    </tr>
+    <tr>
+      <td>Allows users to grant a role to a user or revoke it.</td>
+    </tr>
+    <tr>
+      <td>Allows users to list all roles.</td>
+    </tr>
+    <!-- Global Privileges - AUDIT (New) -->
+    <tr>
+      <td>AUDIT</td>
+      <td>Global</td>
+      <td>Allows users to maintain audit log rules and view audit logs.</td>
+    </tr>
+    <!-- Data Privileges - CREATE -->
+    <tr>
+      <td rowspan="15">Data Privileges</td>
+      <td rowspan="3">CREATE</td>
+      <td>ANY</td>
+      <td>Allows creating any table and any database.</td>
+    </tr>
+    <tr>
+      <td>Database</td>
+      <td>Allows users to create tables under this database; allows users to create a database with this name.</td>
+    </tr>
+    <tr>
+      <td>Table</td>
+      <td>Allows users to create a table with this name.</td>
+    </tr>
+    <!-- Data Privileges - ALTER -->
+    <tr>
+      <td rowspan="3">ALTER</td>
+      <td>ANY</td>
+      <td>Allows modifying the definition of any table and any database.</td>
+    </tr>
+    <tr>
+      <td>Database</td>
+      <td>Allows users to modify the definition of a database and the definitions of tables under that database.</td>
+    </tr>
+    <tr>
+      <td>Table</td>
+      <td>Allows users to modify the definition of a table.</td>
+    </tr>
+    <!-- Data Privileges - SELECT -->
+    <tr>
+      <td rowspan="3">SELECT</td>
+      <td>ANY</td>
+      <td>Allows querying data from any table in any database in the system.</td>
+    </tr>
+    <tr>
+      <td>Database</td>
+      <td>Allows users to query data from any table in this database.</td>
+    </tr>
+    <tr>
+      <td>Table</td>
+      <td>Allows users to query data in this table. When executing multi-table queries, the database only displays data that the user has permission to access.</td>
+    </tr>
+    <!-- Data Privileges - INSERT -->
+    <tr>
+      <td rowspan="3">INSERT</td>
+      <td>ANY</td>
+      <td>Allows inserting/updating data into any table in any database.</td>
+    </tr>
+    <tr>
+      <td>Database</td>
+      <td>Allows users to insert/update data into any table within the scope of this database.</td>
+    </tr>
+    <tr>
+      <td>Table</td>
+      <td>Allows users to insert/update data into this table.</td>
+    </tr>
+    <!-- Data Privileges - DELETE -->
+    <tr>
+      <td rowspan="3">DELETE</td>
+      <td>ANY</td>
+      <td>Allows deleting data from any table.</td>
+    </tr>
+    <tr>
+      <td>Database</td>
+      <td>Allows users to delete data within the scope of this database.</td>
+    </tr>
+    <tr>
+      <td>Table</td>
+      <td>Allows users to delete data from this table.</td>
+    </tr>
+  </tbody>
+</table>
+
+## 2. SQL Statements
+
+### 2.1 User and Role Management
+
+1. Create User (Requires SECURITY privilege)
+
+```SQL
+CREATE USER <USERNAME> <PASSWORD>   
+eg: CREATE USER user1 'Passwd@202604';
+```
+
+2. Change Password
+
+Users can change their own passwords, but changing other users' passwords requires the SECURITY privilege.
+
+```SQL
+ALTER USER <USERNAME> SET PASSWORD <password>
+eg: ALTER USER tempuser SET PASSWORD 'Newpwd@202604';
+```
+
+3. Drop User (Requires SECURITY privilege)
+
+```SQL
+DROP USER <USERNAME>
+eg: DROP USER user1;
+```
+
+4. Create Role (Requires SECURITY privilege)
+
+```SQL
+CREATE ROLE <ROLENAME>
+eg: CREATE ROLE role1;
+```
+
+5. Drop Role (Requires SECURITY privilege)
+
+```SQL
+DROP ROLE <ROLENAME>
+eg: DROP ROLE role1;
+```
+
+6. Grant Role to User (Requires SECURITY privilege)
+
+```SQL
+GRANT ROLE <ROLENAME> TO <USERNAME>
+eg: GRANT ROLE admin TO user1;
+```
+
+7. Revoke Role from User (Requires SECURITY privilege)
+
+```SQL
+REVOKE ROLE <ROLENAME> FROM <USERNAME>
+eg: REVOKE ROLE admin FROM user1;
+```
+
+8. List All Users (Requires SECURITY privilege)
+
+```SQL
+LIST USER;
+```
+
+9. List All Roles (Requires SECURITY privilege)
+
+```SQL
+LIST ROLE;
+```
+
+10. List All Users Under a Specified Role (Requires SECURITY privilege)
+
+```SQL
+LIST USER OF ROLE <ROLENAME>
+eg: LIST USER OF ROLE roleuser;
+```
+
+11. List All Roles of a Specified User
+
+Users can list their own roles, but listing other users' roles requires the SECURITY privilege.
+
+```SQL
+LIST ROLE OF USER <USERNAME>
+eg: LIST ROLE OF USER tempuser;
+```
+
+12. List All Privileges of a User
+
+Users can list their own privilege information, but listing other users' privileges requires the SECURITY privilege.
+
+```SQL
+LIST PRIVILEGES OF USER <USERNAME>
+eg: LIST PRIVILEGES OF USER tempuser;
+```
+
+13. List All Privileges of a Role
+
+Users can list the privilege information of roles they possess, but listing other roles' privileges requires the SECURITY privilege.
+
+```SQL
+LIST PRIVILEGES OF ROLE <ROLENAME>
+eg: LIST PRIVILEGES OF ROLE actor;
+```
+
+### 2.2 Privilege Management
+
+#### 2.2.1 Grant Privileges
+
+1. Grant user management privileges to a user
+
+```SQL
+GRANT SECURITY TO USER <USERNAME>
+eg: GRANT SECURITY TO USER TEST_USER;
+```
+
+2. Grant a user the privilege to create databases and create tables within the database scope, and allow the user to manage privileges within that scope
+
+```SQL
+GRANT CREATE ON DATABASE <DATABASE> TO USER <USERNAME> WITH GRANT OPTION
+eg: GRANT CREATE ON DATABASE TESTDB TO USER TEST_USER WITH GRANT OPTION;
+```
+
+3. Grant a role the privilege to query a database
+
+```SQL
+GRANT SELECT ON DATABASE <DATABASE> TO ROLE <ROLENAME>
+eg: GRANT SELECT ON DATABASE TESTDB TO ROLE TEST_ROLE;
+```
+
+4. Grant a user the privilege to query a table
+
+```SQL
+GRANT SELECT ON <DATABASE>.<TABLENAME> TO USER <USERNAME>
+eg: GRANT SELECT ON TESTDB.TESTTABLE TO USER TEST_USER;
+```
+
+5. Grant a role the privilege to query all databases and tables
+
+```SQL
+GRANT SELECT ON ANY TO ROLE <ROLENAME>
+eg: GRANT SELECT ON ANY TO ROLE TEST_ROLE;
+```
+
+6. ALL Syntax Sugar: ALL represents all privileges within the object scope. You can use the ALL field to flexibly grant privileges.
+
+```SQL
+GRANT ALL TO USER TESTUSER;
+-- Grants all privileges available to the user, including global privileges and all data privileges in the ANY scope
+
+GRANT ALL ON ANY TO USER TESTUSER;
+-- Grants all data privileges available in the ANY scope to the user. After executing this statement, the user will have all data privileges on all databases
+
+GRANT ALL ON DATABASE TESTDB TO USER TESTUSER;
+-- Grants all data privileges available in the DB scope to the user. After executing this statement, the user will have all data privileges on this database
+
+GRANT ALL ON TABLE TESTTABLE TO USER TESTUSER;
+-- Grants all data privileges available in the TABLE scope to the user. After executing this statement, the user will have all data privileges on this table
+```
+
+#### 2.2.2 Revoke Privileges
+
+1. Revoke user management privileges from a user
+
+```SQL
+REVOKE SECURITY FROM USER <USERNAME>
+eg: REVOKE SECURITY FROM USER TEST_USER;
+```
+
+2. Revoke a user's privilege to create databases and create tables within the database scope
+
+```SQL
+REVOKE CREATE ON DATABASE <DATABASE> FROM USER <USERNAME>
+eg: REVOKE CREATE ON DATABASE TEST_DB FROM USER TEST_USER;
+```
+
+3. Revoke a user's privilege to query a table
+
+```SQL
+REVOKE SELECT ON <DATABASE>.<TABLENAME> FROM USER <USERNAME>
+eg: REVOKE SELECT ON TESTDB.TESTTABLE FROM USER TEST_USER;
+```
+
+4. Revoke a user's privilege to query all databases and tables
+
+```SQL
+REVOKE SELECT ON ANY FROM USER <USERNAME>
+eg: REVOKE SELECT ON ANY FROM USER TEST_USER;
+```
+
+5. ALL Syntax Sugar: ALL represents all privileges within the object scope. You can use the ALL field to flexibly revoke privileges.
+
+```SQL
+REVOKE ALL FROM USER TESTUSER;
+-- Revokes all global privileges and all data privileges in the ANY scope from the user
+
+REVOKE ALL ON ANY FROM USER TESTUSER;
+-- Revokes all data privileges in the ANY scope from the user, and does not affect DB-scope and TABLE-scope privileges
+
+REVOKE ALL ON DATABASE TESTDB FROM USER TESTUSER;
+-- Revokes all data privileges on the DB from the user, and does not affect TABLE privileges
+
+REVOKE ALL ON TABLE TESTDB FROM USER TESTUSER;
+-- Revokes all data privileges on the TABLE from the user
+```
+
+#### 2.2.3 View User Privileges
+
+```SQL
+LIST PRIVILEGES OF USER <USERNAME>
+eg: LIST PRIVILEGES OF USER tempuser
+```
\ No newline at end of file
diff --git a/src/UserGuide/latest-Table/SQL-Manual/SQL-Data-Sync_apache.md b/src/UserGuide/latest-Table/SQL-Manual/SQL-Data-Sync_apache.md
new file mode 100644
index 000000000..d3365d405
--- /dev/null
+++ b/src/UserGuide/latest-Table/SQL-Manual/SQL-Data-Sync_apache.md
@@ -0,0 +1,240 @@
+<!--
+
+    Licensed to the Apache Software Foundation (ASF) under one
+    or more contributor license agreements.  See the NOTICE file
+    distributed with this work for additional information
+    regarding copyright ownership.  The ASF licenses this file
+    to you under the Apache License, Version 2.0 (the
+    "License"); you may not use this file except in compliance
+    with the License.  You may obtain a copy of the License at
+    
+        http://www.apache.org/licenses/LICENSE-2.0
+    
+    Unless required by applicable law or agreed to in writing,
+    software distributed under the License is distributed on an
+    "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+    KIND, either express or implied.  See the License for the
+    specific language governing permissions and limitations
+    under the License.
+
+-->
+
+# Data Sync
+
+This document mainly contains the SQL statements for the data synchronization function. For detailed function introduction and usage instructions, see [Data Sync](../User-Manual/Data-Sync_apache.md)
+
+## 1. Create Task
+
+**Syntax:**
+
+```SQL
+CREATE PIPE [IF NOT EXISTS] <PipeId> -- PipeId is the name that uniquely identifies the task
+-- Data extraction plugin, optional plugin
+WITH SOURCE (
+  [<parameter> = <value>,],
+)
+-- Data processing plugin, optional plugin
+WITH PROCESSOR (
+  [<parameter> = <value>,],
+)
+-- Data connection plugin, required plugin
+WITH SINK (
+  [<parameter> = <value>,],
+)
+```
+
+**Example 1: Full Data Synchronization**
+
+```SQL
+create pipe A2B
+with sink (
+  'sink'='iotdb-thrift-sink',
+  'node-urls' = '127.0.0.1:6668', 
+)
+```
+
+**Example 2: Partial Data Synchronization**
+
+```SQL
+create pipe A2B
+WITH SOURCE (
+  'source'= 'iotdb-source',
+  'mode.streaming' = 'true',
+  'database-name'='db_b.*', 
+  'start-time' = '2023.08.23T08:00:00+00:00', 
+  'end-time' = '2023.10.23T08:00:00+00:00'
+) 
+with SINK (
+  'sink'='iotdb-thrift-async-sink',
+  'node-urls' = '127.0.0.1:6668', 
+)
+```
+
+**Example 3: Edge-Cloud Data Transmission**
+
+* Execute the following statement on IoTDB B to synchronize data from B to A
+
+```SQL
+create pipe BA
+with source (
+   'database-name'='db_b.*', 
+   'table-name'='.*', 
+)
+with sink (
+  'sink'='iotdb-thrift-sink',
+  'node-urls' = '127.0.0.1:6667', 
+)
+```
+
+* Execute the following statement on IoTDB C to synchronize data from C to A
+
+```SQL
+create pipe CA
+with source (
+   'database-name'='db_c.*', 
+   'table-name'='.*', 
+)
+with sink (
+  'sink'='iotdb-thrift-sink',
+  'node-urls' = '127.0.0.1:6668', 
+)
+```
+
+* Execute the following statement on IoTDB D to synchronize data from D to A
+
+```SQL
+create pipe DA
+with source (
+   'database-name'='db_d.*', 
+   'table-name'='.*', 
+)
+with sink (
+  'sink'='iotdb-thrift-sink',
+  'node-urls' = '127.0.0.1:6669', 
+)
+```
+
+**Example 4: Cascaded Data Transmission**
+
+* Execute the following statement on IoTDB A to synchronize data from A to B
+
+```SQL
+create pipe AB
+with sink (
+  'sink'='iotdb-thrift-sink',
+  'node-urls' = '127.0.0.1:6668', 
+)
+```
+
+* Execute the following statement on IoTDB B to synchronize data from B to C
+
+```SQL
+create pipe BC
+with source (
+)
+with sink (
+  'sink'='iotdb-thrift-sink',
+  'node-urls' = '127.0.0.1:6669', 
+)
+```
+
+**Example 5: Compressed Synchronization**
+
+```SQL
+create pipe A2B 
+with sink (
+ 'node-urls' = '127.0.0.1:6668', 
+ 'compressor' = 'snappy,lz4',
+ 'rate-limit-bytes-per-second'='1048576' 
+)
+```
+
+**Example 6: Encrypted Synchronization**
+
+```SQL
+create pipe A2B
+with sink (
+  'sink'='iotdb-thrift-ssl-sink',
+  'node-urls'='127.0.0.1:6667',  
+  'ssl.trust-store-path'='pki/trusted', 
+  'ssl.trust-store-pwd'='root' 
+)
+```
+
+## 2. Start Task
+
+**Syntax:**
+
+```SQL
+START PIPE <PipeId>
+```
+
+**Example:**
+
+```SQL
+START PIPE A2B
+```
+
+## 3. Stop Task
+
+**Syntax:**
+
+```SQL
+STOP PIPE <PipeId>
+```
+
+**Example:**
+
+```SQL
+STOP PIPE A2B
+```
+
+## 4. Drop Task
+
+**Syntax:**
+
+```SQL
+DROP PIPE [IF EXISTS] <PipeId>
+```
+
+**Example:**
+
+```SQL
+DROP PIPE IF EXISTS A2B
+```
+
+## 5. Show Tasks
+
+**Syntax:**
+
+```SQL
+-- Show all tasks
+SHOW PIPES
+-- Show a specific task
+SHOW PIPE <PipeId>
+```
+
+**Example:**
+
+```SQL
+SHOW PIPES
+
+SHOW PIPE A2B
+```
+
+## 6. Alter Task
+
+**Syntax:**
+
+```SQL
+ALTER PIPE [IF EXISTS] <PipeId>
+    MODIFY/REPLACE SOURCE(...)
+    MODIFY/REPLACE PROCESSOR(...)
+    MODIFY/REPLACE SINK(...)
+```
+
+**Example:**
+
+```SQL
+ALTER PIPE A2B REPLACE SINK ('sink'='iotdb-thrift-sink', 'node-urls' = '127.0.0.1:6668');
+```
\ No newline at end of file
diff --git a/src/UserGuide/latest-Table/SQL-Manual/SQL-Data-Sync_timecho.md b/src/UserGuide/latest-Table/SQL-Manual/SQL-Data-Sync_timecho.md
new file mode 100644
index 000000000..41eff7eeb
--- /dev/null
+++ b/src/UserGuide/latest-Table/SQL-Manual/SQL-Data-Sync_timecho.md
@@ -0,0 +1,321 @@
+<!--
+
+    Licensed to the Apache Software Foundation (ASF) under one
+    or more contributor license agreements.  See the NOTICE file
+    distributed with this work for additional information
+    regarding copyright ownership.  The ASF licenses this file
+    to you under the Apache License, Version 2.0 (the
+    "License"); you may not use this file except in compliance
+    with the License.  You may obtain a copy of the License at
+    
+        http://www.apache.org/licenses/LICENSE-2.0
+    
+    Unless required by applicable law or agreed to in writing,
+    software distributed under the License is distributed on an
+    "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+    KIND, either express or implied.  See the License for the
+    specific language governing permissions and limitations
+    under the License.
+
+-->
+
+# Data Sync
+
+This document mainly contains the SQL statements for the data synchronization function. For detailed function introduction and usage instructions, see [Data Sync](../User-Manual/Data-Sync_timecho.md)
+
+## 1. Create Task
+
+**Syntax:**
+
+```SQL
+CREATE PIPE [IF NOT EXISTS] <PipeId> -- PipeId is the name that uniquely identifies the task
+-- Data extraction plugin, optional
+WITH SOURCE (
+  [<parameter> = <value>,],
+)
+-- Data processing plugin, optional
+WITH PROCESSOR (
+  [<parameter> = <value>,],
+)
+-- Data connection plugin, required
+WITH SINK (
+  [<parameter> = <value>,],
+)
+```
+
+**Example 1: Full Data Synchronization**
+
+```SQL
+create pipe A2B
+with sink (
+  'sink'='iotdb-thrift-sink',
+  'node-urls' = '127.0.0.1:6668', 
+)
+```
+
+**Example 2: Partial Data Synchronization**
+
+```SQL
+create pipe A2B
+WITH SOURCE (
+  'source'= 'iotdb-source',
+  'mode.streaming' = 'true',
+  'database-name'='db_b.*', 
+  'start-time' = '2023.08.23T08:00:00+00:00', 
+  'end-time' = '2023.10.23T08:00:00+00:00'
+) 
+with SINK (
+  'sink'='iotdb-thrift-async-sink',
+  'node-urls' = '127.0.0.1:6668', 
+)
+```
+
+**Example 3: Bidirectional Data Transmission**
+
+* Execute the following statement on IoTDB A
+
+```SQL
+create pipe AB
+with source (
+  'source.mode.double-living' ='true'
+)
+with sink (
+  'sink'='iotdb-thrift-sink',
+  'node-urls' = '127.0.0.1:6668', 
+)
+```
+
+* Execute the following statement on IoTDB B
+
+```SQL
+create pipe BA
+with source (
+  'source.mode.double-living' ='true' 
+)
+with sink (
+  'sink'='iotdb-thrift-sink',
+  'node-urls' = '127.0.0.1:6667', 
+)
+```
+
+**Example 4: Edge-Cloud Data Transmission**
+
+* Execute the following statement on IoTDB B to synchronize data from B to A
+
+```SQL
+create pipe BA
+with source (
+   'database-name'='db_b.*', 
+   'table-name'='.*', 
+)
+with sink (
+  'sink'='iotdb-thrift-sink',
+  'node-urls' = '127.0.0.1:6667', 
+)
+```
+
+* Execute the following statement on IoTDB C to synchronize data from C to A
+
+```SQL
+create pipe CA
+with source (
+   'database-name'='db_c.*', 
+   'table-name'='.*', 
+)
+with sink (
+  'sink'='iotdb-thrift-sink',
+  'node-urls' = '127.0.0.1:6668', 
+)
+```
+
+* Execute the following statement on IoTDB D to synchronize data from D to A
+
+```SQL
+create pipe DA
+with source (
+   'database-name'='db_d.*', 
+   'table-name'='.*', 
+)
+with sink (
+  'sink'='iotdb-thrift-sink',
+  'node-urls' = '127.0.0.1:6669', 
+)
+```
+
+**Example 5: Cascaded Data Transmission**
+
+* Execute the following statement on IoTDB A to synchronize data from A to B
+
+```SQL
+create pipe AB
+with sink (
+  'sink'='iotdb-thrift-sink',
+  'node-urls' = '127.0.0.1:6668', 
+)
+```
+
+* Execute the following statement on IoTDB B to synchronize data from B to C
+
+```SQL
+create pipe BC
+with source (
+)
+with sink (
+  'sink'='iotdb-thrift-sink',
+  'node-urls' = '127.0.0.1:6669', 
+)
+```
+
+**Example 6: Cross-Gap Data Transmission**
+
+```SQL
+create pipe A2B
+with sink (
+  'sink'='iotdb-air-gap-sink',
+  'node-urls' = '10.53.53.53:9780', 
+)
+```
+
+**Example 7: Compressed Synchronization**
+
+```SQL
+create pipe A2B 
+with sink (
+ 'node-urls' = '127.0.0.1:6668', 
+ 'compressor' = 'snappy,lz4',
+ 'rate-limit-bytes-per-second'='1048576' 
+)
+```
+
+**Example 8: Encrypted Synchronization**
+
+```SQL
+create pipe A2B
+with sink (
+  'sink'='iotdb-thrift-ssl-sink',
+  'node-urls'='127.0.0.1:6667',  
+  'ssl.trust-store-path'='pki/trusted', 
+  'ssl.trust-store-pwd'='root' 
+)
+```
+
+**Example 9: Local Export of Object Type Data**
+
+```SQL
+CREATE PIPE tsfile_export_local
+WITH SOURCE (                           
+  'source' = 'iotdb-source',
+  'table-name' = 'test_table'
+)
+WITH PROCESSOR (
+  'processor' = 'do-nothing-processor'
+)
+WITH SINK (
+  'sink' = 'tsfile-local-sink',                         
+  'sink.local.target-path' = '/data/backup/export_2024',
+  'sink.rate-limit-bytes-per-second' = '10485760'      
+);
+```
+
+**Example 10: Remote Transmission of Object Type Data**
+
+* This method requires pre-registration of the `tsfile_remote_sink` plugin
+
+```SQL
+CREATE PIPE tsfile_export_scp
+WITH SOURCE (
+  'source' = 'iotdb-source',
+  'table-name' = 'test_table'                        
+)
+WITH PROCESSOR (
+  'processor' = 'do-nothing-processor'
+)
+WITH SINK (
+  'sink' = 'tsfile_remote_sink',
+  'sink.file-mode' = 'scp',                          
+  'sink.scp.host' = '192.168.1.100',                 
+  'sink.scp.port' = '22',                            
+  'sink.scp.user' = 'backup_user',                  
+  'sink.scp.password' = 'ComplexPass123!',           
+  'sink.scp.remote-path' = '/remote/archive/',       
+  'sink.rate-limit-bytes-per-second' = '10485760'    
+);
+```
+
+## 2. Start Task
+
+**Syntax:**
+
+```SQL
+START PIPE <PipeId>
+```
+
+**Example:**
+
+```SQL
+START PIPE A2B
+```
+
+## 3. Stop Task
+
+**Syntax:**
+
+```SQL
+STOP PIPE <PipeId>
+```
+
+**Example:**
+
+```SQL
+STOP PIPE A2B
+```
+
+## 4. Drop Task
+
+**Syntax:**
+
+```SQL
+DROP PIPE [IF EXISTS] <PipeId>
+```
+
+**Example:**
+
+```SQL
+DROP PIPE IF EXISTS A2B
+```
+
+## 5. Show Tasks
+
+**Syntax:**
+
+```SQL
+-- Show all tasks
+SHOW PIPES
+-- Show a specific task
+SHOW PIPE <PipeId>
+```
+
+**Example:**
+
+```SQL
+SHOW PIPES
+
+SHOW PIPE A2B
+```
+
+## 6. Alter Task
+
+**Syntax:**
+
+```SQL
+ALTER PIPE [IF EXISTS] <PipeId>
+    MODIFY/REPLACE SOURCE(...)
+    MODIFY/REPLACE PROCESSOR(...)
+    MODIFY/REPLACE SINK(...)
+```
+
+**Example:**
+
+```SQL
+ALTER PIPE A2B REPLACE SINK ('sink'='iotdb-thrift-sink', 'node-urls' = '127.0.0.1:6668');
+```
\ No newline at end of file
diff --git a/src/zh/UserGuide/Master/Table/SQL-Manual/SQL-Authority-Management_apache.md b/src/zh/UserGuide/Master/Table/SQL-Manual/SQL-Authority-Management_apache.md
new file mode 100644
index 000000000..247e0d2ba
--- /dev/null
+++ b/src/zh/UserGuide/Master/Table/SQL-Manual/SQL-Authority-Management_apache.md
@@ -0,0 +1,371 @@
+<!--
+
+    Licensed to the Apache Software Foundation (ASF) under one
+    or more contributor license agreements.  See the NOTICE file
+    distributed with this work for additional information
+    regarding copyright ownership.  The ASF licenses this file
+    to you under the Apache License, Version 2.0 (the
+    "License"); you may not use this file except in compliance
+    with the License.  You may obtain a copy of the License at
+    
+        http://www.apache.org/licenses/LICENSE-2.0
+    
+    Unless required by applicable law or agreed to in writing,
+    software distributed under the License is distributed on an
+    "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+    KIND, either express or implied.  See the License for the
+    specific language governing permissions and limitations
+    under the License.
+
+-->
+# 权限管理
+
+本文档为 V2.0.7 版本起权限管理的 SQL 手册，详细功能使用可见[权限管理](../User-Manual/Authority-Management-Upgrade_apache.md)，如需查阅 V2.0.7 版本之前权限管理的功能介绍可参考[权限管理](../User-Manual/Authority-Management_apache.md)
+
+## 1.  权限列表
+
+<table>
+  <tbody>
+    <tr>
+      <th>权限类型</th>
+      <th>权限名称</th>
+      <th>生效范围</th>
+      <th>描述</th>
+    </tr>
+    <!-- 全局权限 - SYSTEM -->
+    <tr>
+      <td rowspan="16">全局权限</td>
+      <td rowspan="6">SYSTEM</td>
+      <td rowspan="6">全局</td>
+      <td>允许用户创建、修改、删除数据库。</td>
+    </tr>
+    <tr>
+      <td>允许用户创建、修改、删除表及表视图。</td>
+    </tr>
+    <tr>
+      <td>允许用户创建、删除、查看用户自定义函数。</td>
+    </tr>
+    <tr>
+      <td>允许用户创建、开始、停止、删除、查看PIPE。允许用户创建、删除、查看PIPEPLUGINS。</td>
+    </tr>
+    <tr>
+      <td>允许用户查询、取消查询。允许用户查看变量。允许用户查看集群状态。</td>
+    </tr>
+    <tr>
+      <td>允许用户创建、删除、查看深度学习模型。</td>
+    </tr>
+    <!-- 全局权限 - SECURITY -->
+    <tr>
+      <td rowspan="10">SECURITY</td>
+      <td rowspan="10">全局</td>
+      <td>允许用户创建用户。</td>
+    </tr>
+    <tr>
+      <td>允许用户删除用户。</td>
+    </tr>
+    <tr>
+      <td>允许用户修改用户密码。</td>
+    </tr>
+    <tr>
+      <td>允许用户查看用户的权限信息。</td>
+    </tr>
+    <tr>
+      <td>允许用户列出所有用户。</td>
+    </tr>
+    <tr>
+      <td>允许用户创建角色。</td>
+    </tr>
+    <tr>
+      <td>允许用户删除角色。</td>
+    </tr>
+    <tr>
+      <td>允许用户查看角色的权限信息。</td>
+    </tr>
+    <tr>
+      <td>允许用户将角色授予某个用户或撤销。</td>
+    </tr>
+    <tr>
+      <td>允许用户列出所有角色。</td>
+    </tr>
+    <!-- 数据权限 - CREATE -->
+    <tr>
+      <td rowspan="15">数据权限</td>
+      <td rowspan="3">CREATE</td>
+      <td>ANY</td>
+      <td>允许创建任意表、创建任意数据库。</td>
+    </tr>
+    <tr>
+      <td>数据库</td>
+      <td>允许用户在该数据库下创建表；允许用户创建该名称的数据库。</td>
+    </tr>
+    <tr>
+      <td>表</td>
+      <td>允许用户创建该名称的表。</td>
+    </tr>
+    <!-- 数据权限 - ALTER -->
+    <tr>
+      <td rowspan="3">ALTER</td>
+      <td>ANY</td>
+      <td>允许修改任意表的定义、任意数据库的定义。</td>
+    </tr>
+    <tr>
+      <td>数据库</td>
+      <td>允许用户修改数据库的定义，允许用户修改数据库下表的定义。</td>
+    </tr>
+    <tr>
+      <td>表</td>
+      <td>允许用户修改表的定义。</td>
+    </tr>
+    <!-- 数据权限 - SELECT -->
+    <tr>
+      <td rowspan="3">SELECT</td>
+      <td>ANY</td>
+      <td>允许查询系统内任意数据库中任意表的数据。</td>
+    </tr>
+    <tr>
+      <td>数据库</td>
+      <td>允许用户查询该数据库中任意表的数据。</td>
+    </tr>
+    <tr>
+      <td>表</td>
+      <td>允许用户查询该表中的数据。执行多表查询时，数据库仅展示用户有权限访问的数据。</td>
+    </tr>
+    <!-- 数据权限 - INSERT -->
+    <tr>
+      <td rowspan="3">INSERT</td>
+      <td>ANY</td>
+      <td>允许任意数据库的任意表插入/更新数据。</td>
+    </tr>
+    <tr>
+      <td>数据库</td>
+      <td>允许用户向该数据库范围内任意表插入/更新数据。</td>
+    </tr>
+    <tr>
+      <td>表</td>
+      <td>允许用户向该表中插入/更新数据。</td>
+    </tr>
+    <!-- 数据权限 - DELETE -->
+    <tr>
+      <td rowspan="3">DELETE</td>
+      <td>ANY</td>
+      <td>允许删除任意表的数据。</td>
+    </tr>
+    <tr>
+      <td>数据库</td>
+      <td>允许用户删除该数据库范围内的数据。</td>
+    </tr>
+    <tr>
+      <td>表</td>
+      <td>允许用户删除该表中的数据。</td>
+    </tr>
+  </tbody>
+</table>
+
+## 2.  SQL 语句
+
+### 2.1  用户与角色管理
+
+1. 创建用户（需 SECURITY 权限)
+
+```SQL
+CREATE USER <USERNAME> <PASSWORD>   
+eg: CREATE USER user1 'passwd';
+```
+
+2. 修改密码
+
+用户可以修改自己的密码，但修改其他用户密码需要具备 SECURITY 权限。
+
+```SQL
+ALTER USER <USERNAME> SET PASSWORD <password>
+eg: ALTER USER tempuser SET PASSWORD 'newpwd';
+```
+
+3. 删除用户（需 SECURITY 权限)
+
+```SQL
+DROP USER <USERNAME>
+eg: DROP USER user1;
+```
+
+4. 创建角色 (需 SECURITY 权限)
+
+```SQL
+CREATE ROLE <ROLENAME>
+eg: CREATE ROLE role1;
+```
+
+5. 删除角色 (需 SECURITY  权限)
+
+```SQL
+DROP ROLE <ROLENAME>
+eg: DROP ROLE role1;
+```
+
+6. 赋予用户角色 (需 SECURITY  权限)
+
+```SQL
+GRANT ROLE <ROLENAME> TO <USERNAME>
+eg: GRANT ROLE admin TO user1;
+```
+
+7. 移除用户角色  (需 SECURITY 权限)
+
+```SQL
+REVOKE ROLE <ROLENAME> FROM <USERNAME>
+eg: REVOKE ROLE admin FROM user1;
+```
+
+8. 列出所有用户（需 SECURITY 权限)
+
+```SQL
+LIST USER;
+```
+
+9. 列出所有的角色 (需 SECURITY 权限)
+
+```SQL
+LIST ROLE;
+```
+
+10. 列出指定角色下所有用户（需 SECURITY 权限)
+
+```SQL
+LIST USER OF ROLE <ROLENAME>
+eg: LIST USER OF ROLE roleuser;
+```
+
+11. 列出指定用户下的所有角色
+
+用户可以列出自己的角色，但列出其他用户的角色需要拥有 SECURITY 权限。
+
+```SQL
+LIST ROLE OF USER <USERNAME>
+eg: LIST ROLE OF USER tempuser;
+```
+
+12. 列出用户所有权限
+
+用户可以列出自己的权限信息，但列出其他用户的权限需要拥有 SECURITY 权限。
+
+```SQL
+LIST PRIVILEGES OF USER <USERNAME>
+eg: LIST PRIVILEGES OF USER tempuser;
+```
+
+13. 列出角色所有权限
+
+用户可以列出自己具有的角色的权限信息，列出其他角色的权限需要有 SECURITY 权限。
+
+```SQL
+LIST PRIVILEGES OF ROLE <ROLENAME>
+eg: LIST PRIVILEGES OF ROLE actor;
+```
+
+### 2.2  权限管理
+
+#### 2.2.1 授予权限
+
+1. 给用户授予管理用户的权限
+
+```SQL
+GRANT SECURITY TO USER <USERNAME>
+eg: GRANT SECURITY TO USER TEST_USER;
+```
+
+2. 给用户授予创建数据库及在数据库范围内创建表的权限，且允许用户在该范围内管理权限
+
+```SQL
+GRANT CREATE ON DATABASE <DATABASE> TO USER <USERNAME> WITH GRANT OPTION
+eg: GRANT CREATE ON DATABASE TESTDB TO USER TEST_USER WITH GRANT OPTION;
+```
+
+3. 给角色授予查询数据库的权限
+
+```SQL
+GRANT SELECT ON DATABASE <DATABASE>TO ROLE <ROLENAME>
+eg: GRANT SELECT ON DATABASE TESTDB TO ROLE TEST_ROLE;
+```
+
+4. 给用户授予查询表的权限
+
+```SQL
+GRANT SELECT ON <DATABASE>.<TABLENAME> TO USER <USERNAME>
+eg: GRANT SELECT ON TESTDB.TESTTABLE TO USER TEST_USER;
+```
+
+5. 给角色授予查询所有数据库及表的权限
+
+```SQL
+GRANT SELECT ON ANY TO ROLE <ROLENAME>
+eg: GRANT SELECT ON ANY TO ROLE TEST_ROLE;
+```
+
+6. ALL 语法糖：ALL 表示对象范围内所有权限，可以使用 ALL 字段灵活地授予权限。
+
+```SQL
+GRANT ALL TO USER TESTUSER;
+-- 将用户可以获取的所有权限授予给用户,包括全局权限和 ANY 范围的所有数据权限
+
+GRANT ALL ON ANY TO USER TESTUSER;
+-- 将 ANY 范围内可以获取的所有权限授予给用户，执行该语句后，用户将拥有在所有数据库上的所有数据权限
+
+GRANT ALL ON DATABASE TESTDB TO USER TESTUSER;
+-- 将 DB 范围内可以获取的所有权限授予给用户，执行该语句后，用户将拥有在该数据库上的所有数据权限
+
+GRANT ALL ON TABLE TESTTABLE TO USER TESTUSER;
+-- 将 TABLE 范围内可以获取的所有权限授予给用户，执行该语句后，用户将拥有在该表上的所有数据权限
+```
+
+#### 2.2.2 撤销权限
+
+1. 取消用户管理用户的权限
+
+```SQL
+REVOKE SECURITY FROM USER <USERNAME>
+eg: REVOKE SECURITY FROM USER TEST_USER;
+```
+
+2. 取消用户创建数据库及在数据库范围内创建表的权限
+
+```SQL
+REVOKE CREATE ON DATABASE <DATABASE> FROM USER <USERNAME>
+eg: REVOKE CREATE ON DATABASE TEST_DB FROM USER TEST_USER;
+```
+
+3. 取消用户查询表的权限
+
+```SQL
+REVOKE SELECT ON <DATABASE>.<TABLENAME> FROM USER <USERNAME>
+eg: REVOKE SELECT ON TESTDB.TESTTABLE FROM USER TEST_USER;
+```
+
+4. 取消用户查询所有数据库及表的权限
+
+```SQL
+REVOKE SELECT ON ANY FROM USER <USERNAME>
+eg: REVOKE SELECT ON ANY FROM USER TEST_USER;
+```
+
+5. ALL 语法糖：ALL 表示对象范围内所有权限，可以使用 ALL 字段灵活地撤销权限。
+
+```SQL
+REVOKE ALL FROM USER TESTUSER;
+-- 取消用户所有的全局权限以及 ANY 范围的所有数据权限
+
+REVOKE ALL ON ANY FROM USER TESTUSER;
+-- 取消用户 ANY 范围的所有数据权限，不会影响 DB 范围和 TABLE 范围的权限
+
+REVOKE ALL ON DATABASE TESTDB FROM USER TESTUSER;
+-- 取消用户在 DB 上的所有数据权限,不会影响 TABLE 权限
+
+REVOKE ALL ON TABLE TESTDB FROM USER TESTUSER;
+-- 取消用户在 TABLE 上的所有数据权限
+```
+
+#### 2.2.3 查看用户权限
+
+```SQL
+LIST PRIVILEGES OF USER <USERNAME>
+eg: LIST PRIVILEGES OF USER tempuser
+```
diff --git a/src/zh/UserGuide/Master/Table/SQL-Manual/SQL-Authority-Management_timecho.md b/src/zh/UserGuide/Master/Table/SQL-Manual/SQL-Authority-Management_timecho.md
new file mode 100644
index 000000000..34fc1bf54
--- /dev/null
+++ b/src/zh/UserGuide/Master/Table/SQL-Manual/SQL-Authority-Management_timecho.md
@@ -0,0 +1,377 @@
+<!--
+
+    Licensed to the Apache Software Foundation (ASF) under one
+    or more contributor license agreements.  See the NOTICE file
+    distributed with this work for additional information
+    regarding copyright ownership.  The ASF licenses this file
+    to you under the Apache License, Version 2.0 (the
+    "License"); you may not use this file except in compliance
+    with the License.  You may obtain a copy of the License at
+    
+        http://www.apache.org/licenses/LICENSE-2.0
+    
+    Unless required by applicable law or agreed to in writing,
+    software distributed under the License is distributed on an
+    "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+    KIND, either express or implied.  See the License for the
+    specific language governing permissions and limitations
+    under the License.
+
+-->
+# 权限管理
+
+本文档为 V2.0.7 版本起权限管理的 SQL 手册，详细功能使用可见[权限管理](../User-Manual/Authority-Management-Upgrade_timecho.md)，如需查阅 V2.0.7 版本之前权限管理的功能介绍可参考[权限管理](../User-Manual/Authority-Management_timecho.md)
+
+## 1.  权限列表
+
+<table>
+  <tbody>
+    <tr>
+      <th>权限类型</th>
+      <th>权限名称</th>
+      <th>生效范围</th>
+      <th>描述</th>
+    </tr>
+    <!-- 全局权限 - SYSTEM -->
+    <tr>
+      <td rowspan="17">全局权限</td>
+      <td rowspan="6">SYSTEM</td>
+      <td rowspan="6">全局</td>
+      <td>允许用户创建、修改、删除数据库。</td>
+    </tr>
+    <tr>
+      <td>允许用户创建、修改、删除表及表视图。</td>
+    </tr>
+    <tr>
+      <td>允许用户创建、删除、查看用户自定义函数。</td>
+    </tr>
+    <tr>
+      <td>允许用户创建、开始、停止、删除、查看PIPE。允许用户创建、删除、查看PIPEPLUGINS。</td>
+    </tr>
+    <tr>
+      <td>允许用户查询、取消查询。允许用户查看变量。允许用户查看集群状态。</td>
+    </tr>
+    <tr>
+      <td>允许用户创建、删除、查看深度学习模型。</td>
+    </tr>
+    <!-- 全局权限 - SECURITY -->
+    <tr>
+      <td rowspan="10">SECURITY</td>
+      <td rowspan="10">全局</td>
+      <td>允许用户创建用户。</td>
+    </tr>
+    <tr>
+      <td>允许用户删除用户。</td>
+    </tr>
+    <tr>
+      <td>允许用户修改用户密码。</td>
+    </tr>
+    <tr>
+      <td>允许用户查看用户的权限信息。</td>
+    </tr>
+    <tr>
+      <td>允许用户列出所有用户。</td>
+    </tr>
+    <tr>
+      <td>允许用户创建角色。</td>
+    </tr>
+    <tr>
+      <td>允许用户删除角色。</td>
+    </tr>
+    <tr>
+      <td>允许用户查看角色的权限信息。</td>
+    </tr>
+    <tr>
+      <td>允许用户将角色授予某个用户或撤销。</td>
+    </tr>
+    <tr>
+      <td>允许用户列出所有角色。</td>
+    </tr>
+    <!-- 全局权限 - AUDIT（新增） -->
+    <tr>
+      <td>AUDIT</td>
+      <td>全局</td>
+      <td>允许用户维护审计日志的规则 允许用户查看审计日志。</td>
+    </tr>
+    <!-- 数据权限 - CREATE -->
+    <tr>
+      <td rowspan="15">数据权限</td>
+      <td rowspan="3">CREATE</td>
+      <td>ANY</td>
+      <td>允许创建任意表、创建任意数据库。</td>
+    </tr>
+    <tr>
+      <td>数据库</td>
+      <td>允许用户在该数据库下创建表；允许用户创建该名称的数据库。</td>
+    </tr>
+    <tr>
+      <td>表</td>
+      <td>允许用户创建该名称的表。</td>
+    </tr>
+    <!-- 数据权限 - ALTER -->
+    <tr>
+      <td rowspan="3">ALTER</td>
+      <td>ANY</td>
+      <td>允许修改任意表的定义、任意数据库的定义。</td>
+    </tr>
+    <tr>
+      <td>数据库</td>
+      <td>允许用户修改数据库的定义，允许用户修改数据库下表的定义。</td>
+    </tr>
+    <tr>
+      <td>表</td>
+      <td>允许用户修改表的定义。</td>
+    </tr>
+    <!-- 数据权限 - SELECT -->
+    <tr>
+      <td rowspan="3">SELECT</td>
+      <td>ANY</td>
+      <td>允许查询系统内任意数据库中任意表的数据。</td>
+    </tr>
+    <tr>
+      <td>数据库</td>
+      <td>允许用户查询该数据库中任意表的数据。</td>
+    </tr>
+    <tr>
+      <td>表</td>
+      <td>允许用户查询该表中的数据。执行多表查询时，数据库仅展示用户有权限访问的数据。</td>
+    </tr>
+    <!-- 数据权限 - INSERT -->
+    <tr>
+      <td rowspan="3">INSERT</td>
+      <td>ANY</td>
+      <td>允许任意数据库的任意表插入/更新数据。</td>
+    </tr>
+    <tr>
+      <td>数据库</td>
+      <td>允许用户向该数据库范围内任意表插入/更新数据。</td>
+    </tr>
+    <tr>
+      <td>表</td>
+      <td>允许用户向该表中插入/更新数据。</td>
+    </tr>
+    <!-- 数据权限 - DELETE -->
+    <tr>
+      <td rowspan="3">DELETE</td>
+      <td>ANY</td>
+      <td>允许删除任意表的数据。</td>
+    </tr>
+    <tr>
+      <td>数据库</td>
+      <td>允许用户删除该数据库范围内的数据。</td>
+    </tr>
+    <tr>
+      <td>表</td>
+      <td>允许用户删除该表中的数据。</td>
+    </tr>
+  </tbody>
+</table>
+
+## 2.  SQL 语句
+
+### 2.1  用户与角色管理
+
+1. 创建用户（需 SECURITY 权限)
+
+```SQL
+CREATE USER <USERNAME> <PASSWORD>   
+eg: CREATE USER user1 'Passwd@202604';
+```
+
+2. 修改密码
+
+用户可以修改自己的密码，但修改其他用户密码需要具备 SECURITY 权限。
+
+```SQL
+ALTER USER <USERNAME> SET PASSWORD <password>
+eg: ALTER USER tempuser SET PASSWORD 'Newpwd@202604';
+```
+
+3. 删除用户（需 SECURITY 权限)
+
+```SQL
+DROP USER <USERNAME>
+eg: DROP USER user1;
+```
+
+4. 创建角色 (需 SECURITY 权限)
+
+```SQL
+CREATE ROLE <ROLENAME>
+eg: CREATE ROLE role1;
+```
+
+5. 删除角色 (需 SECURITY  权限)
+
+```SQL
+DROP ROLE <ROLENAME>
+eg: DROP ROLE role1;
+```
+
+6. 赋予用户角色 (需 SECURITY  权限)
+
+```SQL
+GRANT ROLE <ROLENAME> TO <USERNAME>
+eg: GRANT ROLE admin TO user1;
+```
+
+7. 移除用户角色  (需 SECURITY 权限)
+
+```SQL
+REVOKE ROLE <ROLENAME> FROM <USERNAME>
+eg: REVOKE ROLE admin FROM user1;
+```
+
+8. 列出所有用户（需 SECURITY 权限)
+
+```SQL
+LIST USER;
+```
+
+9. 列出所有的角色 (需 SECURITY 权限)
+
+```SQL
+LIST ROLE;
+```
+
+10. 列出指定角色下所有用户（需 SECURITY 权限)
+
+```SQL
+LIST USER OF ROLE <ROLENAME>
+eg: LIST USER OF ROLE roleuser;
+```
+
+11. 列出指定用户下的所有角色
+
+用户可以列出自己的角色，但列出其他用户的角色需要拥有 SECURITY 权限。
+
+```SQL
+LIST ROLE OF USER <USERNAME>
+eg: LIST ROLE OF USER tempuser;
+```
+
+12. 列出用户所有权限
+
+用户可以列出自己的权限信息，但列出其他用户的权限需要拥有 SECURITY 权限。
+
+```SQL
+LIST PRIVILEGES OF USER <USERNAME>
+eg: LIST PRIVILEGES OF USER tempuser;
+```
+
+13. 列出角色所有权限
+
+用户可以列出自己具有的角色的权限信息，列出其他角色的权限需要有 SECURITY 权限。
+
+```SQL
+LIST PRIVILEGES OF ROLE <ROLENAME>
+eg: LIST PRIVILEGES OF ROLE actor;
+```
+
+### 2.2  权限管理
+
+#### 2.2.1 授予权限
+
+1. 给用户授予管理用户的权限
+
+```SQL
+GRANT SECURITY TO USER <USERNAME>
+eg: GRANT SECURITY TO USER TEST_USER;
+```
+
+2. 给用户授予创建数据库及在数据库范围内创建表的权限，且允许用户在该范围内管理权限
+
+```SQL
+GRANT CREATE ON DATABASE <DATABASE> TO USER <USERNAME> WITH GRANT OPTION
+eg: GRANT CREATE ON DATABASE TESTDB TO USER TEST_USER WITH GRANT OPTION;
+```
+
+3. 给角色授予查询数据库的权限
+
+```SQL
+GRANT SELECT ON DATABASE <DATABASE>TO ROLE <ROLENAME>
+eg: GRANT SELECT ON DATABASE TESTDB TO ROLE TEST_ROLE;
+```
+
+4. 给用户授予查询表的权限
+
+```SQL
+GRANT SELECT ON <DATABASE>.<TABLENAME> TO USER <USERNAME>
+eg: GRANT SELECT ON TESTDB.TESTTABLE TO USER TEST_USER;
+```
+
+5. 给角色授予查询所有数据库及表的权限
+
+```SQL
+GRANT SELECT ON ANY TO ROLE <ROLENAME>
+eg: GRANT SELECT ON ANY TO ROLE TEST_ROLE;
+```
+
+6. ALL 语法糖：ALL 表示对象范围内所有权限，可以使用 ALL 字段灵活地授予权限。
+
+```SQL
+GRANT ALL TO USER TESTUSER;
+-- 将用户可以获取的所有权限授予给用户,包括全局权限和 ANY 范围的所有数据权限
+
+GRANT ALL ON ANY TO USER TESTUSER;
+-- 将 ANY 范围内可以获取的所有权限授予给用户，执行该语句后，用户将拥有在所有数据库上的所有数据权限
+
+GRANT ALL ON DATABASE TESTDB TO USER TESTUSER;
+-- 将 DB 范围内可以获取的所有权限授予给用户，执行该语句后，用户将拥有在该数据库上的所有数据权限
+
+GRANT ALL ON TABLE TESTTABLE TO USER TESTUSER;
+-- 将 TABLE 范围内可以获取的所有权限授予给用户，执行该语句后，用户将拥有在该表上的所有数据权限
+```
+
+#### 2.2.2 撤销权限
+
+1. 取消用户管理用户的权限
+
+```SQL
+REVOKE SECURITY FROM USER <USERNAME>
+eg: REVOKE SECURITY FROM USER TEST_USER;
+```
+
+2. 取消用户创建数据库及在数据库范围内创建表的权限
+
+```SQL
+REVOKE CREATE ON DATABASE <DATABASE> FROM USER <USERNAME>
+eg: REVOKE CREATE ON DATABASE TEST_DB FROM USER TEST_USER;
+```
+
+3. 取消用户查询表的权限
+
+```SQL
+REVOKE SELECT ON <DATABASE>.<TABLENAME> FROM USER <USERNAME>
+eg: REVOKE SELECT ON TESTDB.TESTTABLE FROM USER TEST_USER;
+```
+
+4. 取消用户查询所有数据库及表的权限
+
+```SQL
+REVOKE SELECT ON ANY FROM USER <USERNAME>
+eg: REVOKE SELECT ON ANY FROM USER TEST_USER;
+```
+
+5. ALL 语法糖：ALL 表示对象范围内所有权限，可以使用 ALL 字段灵活地撤销权限。
+
+```SQL
+REVOKE ALL FROM USER TESTUSER;
+-- 取消用户所有的全局权限以及 ANY 范围的所有数据权限
+
+REVOKE ALL ON ANY FROM USER TESTUSER;
+-- 取消用户 ANY 范围的所有数据权限，不会影响 DB 范围和 TABLE 范围的权限
+
+REVOKE ALL ON DATABASE TESTDB FROM USER TESTUSER;
+-- 取消用户在 DB 上的所有数据权限,不会影响 TABLE 权限
+
+REVOKE ALL ON TABLE TESTDB FROM USER TESTUSER;
+-- 取消用户在 TABLE 上的所有数据权限
+```
+
+#### 2.2.3 查看用户权限
+
+```SQL
+LIST PRIVILEGES OF USER <USERNAME>
+eg: LIST PRIVILEGES OF USER tempuser
+```
diff --git a/src/zh/UserGuide/Master/Table/SQL-Manual/SQL-Data-Sync_apache.md b/src/zh/UserGuide/Master/Table/SQL-Manual/SQL-Data-Sync_apache.md
new file mode 100644
index 000000000..13d050c9b
--- /dev/null
+++ b/src/zh/UserGuide/Master/Table/SQL-Manual/SQL-Data-Sync_apache.md
@@ -0,0 +1,239 @@
+<!--
+
+    Licensed to the Apache Software Foundation (ASF) under one
+    or more contributor license agreements.  See the NOTICE file
+    distributed with this work for additional information
+    regarding copyright ownership.  The ASF licenses this file
+    to you under the Apache License, Version 2.0 (the
+    "License"); you may not use this file except in compliance
+    with the License.  You may obtain a copy of the License at
+    
+        http://www.apache.org/licenses/LICENSE-2.0
+    
+    Unless required by applicable law or agreed to in writing,
+    software distributed under the License is distributed on an
+    "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+    KIND, either express or implied.  See the License for the
+    specific language governing permissions and limitations
+    under the License.
+
+-->
+# 数据同步
+
+本文档主要为数据同步功能的SQL语句，详细功能介绍及使用说明见 [数据同步](../User-Manual/Data-Sync_apache.md) 
+
+## 1.  创建任务
+
+**语法：**
+
+```SQL
+CREATE PIPE [IF NOT EXISTS] <PipeId> -- PipeId 是能够唯一标定任务的名字
+-- 数据抽取插件，可选插件
+WITH SOURCE (
+  [<parameter> = <value>,],
+)
+-- 数据处理插件，可选插件
+WITH PROCESSOR (
+  [<parameter> = <value>,],
+)
+-- 数据连接插件，必填插件
+WITH SINK (
+  [<parameter> = <value>,],
+)
+```
+
+**示例一：全量数据同步**
+
+```SQL
+create pipe A2B
+with sink (
+  'sink'='iotdb-thrift-sink',
+  'node-urls' = '127.0.0.1:6668', 
+)
+```
+
+**示例二：部分数据同步**
+
+```SQL
+create pipe A2B
+WITH SOURCE (
+  'source'= 'iotdb-source',
+  'mode.streaming' = 'true'  
+  'database-name'='db_b.*', 
+  'start-time' = '2023.08.23T08:00:00+00:00', 
+  'end-time' = '2023.10.23T08:00:00+00:00'
+) 
+with SINK (
+  'sink'='iotdb-thrift-async-sink',
+  'node-urls' = '127.0.0.1:6668', 
+)
+```
+
+**示例三：边云数据传输**
+
+* 在 B IoTDB 上执行下列语句，将 B 中数据同步至 A
+
+```SQL
+create pipe BA
+with source (
+   'database-name'='db_b.*', 
+   'table-name'='.*', 
+)
+with sink (
+  'sink'='iotdb-thrift-sink',
+  'node-urls' = '127.0.0.1:6667', 
+)
+```
+
+* 在 C IoTDB 上执行下列语句，将 C 中数据同步至 A
+
+```SQL
+create pipe CA
+with source (
+   'database-name'='db_c.*', 
+   'table-name'='.*', 
+)
+with sink (
+  'sink'='iotdb-thrift-sink',
+  'node-urls' = '127.0.0.1:6668', 
+)
+```
+
+* 在 D IoTDB 上执行下列语句，将 D 中数据同步至 A
+
+```SQL
+create pipe DA
+with source (
+   'database-name'='db_d.*', 
+   'table-name'='.*', 
+)
+with sink (
+  'sink'='iotdb-thrift-sink',
+  'node-urls' = '127.0.0.1:6669', 
+)
+```
+
+**示例四：级联数据传输**
+
+* 在 A IoTDB 上执行下列语句，将 A 中数据同步至 B
+
+```SQL
+create pipe AB
+with sink (
+  'sink'='iotdb-thrift-sink',
+  'node-urls' = '127.0.0.1:6668', 
+)
+```
+
+* 在 B IoTDB 上执行下列语句，将 B 中数据同步至 C
+
+```SQL
+create pipe BC
+with source (
+)
+with sink (
+  'sink'='iotdb-thrift-sink',
+  'node-urls' = '127.0.0.1:6669', 
+)
+```
+
+**示例五：压缩同步**
+
+```SQL
+create pipe A2B 
+with sink (
+ 'node-urls' = '127.0.0.1:6668', 
+ 'compressor' = 'snappy,lz4',
+ 'rate-limit-bytes-per-second'='1048576' 
+)
+```
+
+**示例六：加密同步**
+
+```SQL
+create pipe A2B
+with sink (
+  'sink'='iotdb-thrift-ssl-sink',
+  'node-urls'='127.0.0.1:6667',  
+  'ssl.trust-store-path'='pki/trusted', 
+  'ssl.trust-store-pwd'='root' 
+)
+```
+
+## 2. 开始任务
+
+**语法：**
+
+```SQL
+START PIPE<PipeId>
+```
+
+**示例：**
+
+```SQL
+START PIPE A2B
+```
+
+## 3. 停止任务
+
+**语法：**
+
+```SQL
+STOP PIPE <PipeId>
+```
+
+**示例：**
+
+```SQL
+STOP PIPE A2B
+```
+
+## 4. 删除任务
+
+**语法：**
+
+```SQL
+DROP PIPE [IF EXISTS] <PipeId>
+```
+
+**示例：**
+
+```SQL
+DROP PIPE IF EXISTS A2B
+```
+
+## 5. 查看任务
+
+**语法：**
+
+```SQL
+-- 查看全部任务
+SHOW PIPES
+-- 查看指定任务
+SHOW PIPE <PipeId>
+```
+
+**示例：**
+
+```SQL
+SHOW PIPES
+
+SHOW PIPE A2B
+```
+
+## 6. 修改任务
+
+**语法：**
+
+```SQL
+ALTER PIPE [IF EXISTS] <PipeId>
+    MODIFY/REPLACE SOURCE(...)
+    MODIFY/REPLACE PROCESSOR(...)
+    MODIFY/REPLACE SINK(...)
+```
+
+**示例：**
+
+```SQL
+ALTER PIPE A2B REPLACE SINK ('sink'='iotdb-thrift-sink', 'node-urls' = '127.0.0.1:6668');
+```
diff --git a/src/zh/UserGuide/Master/Table/SQL-Manual/SQL-Data-Sync_timecho.md b/src/zh/UserGuide/Master/Table/SQL-Manual/SQL-Data-Sync_timecho.md
new file mode 100644
index 000000000..e272c9053
--- /dev/null
+++ b/src/zh/UserGuide/Master/Table/SQL-Manual/SQL-Data-Sync_timecho.md
@@ -0,0 +1,320 @@
+<!--
+
+    Licensed to the Apache Software Foundation (ASF) under one
+    or more contributor license agreements.  See the NOTICE file
+    distributed with this work for additional information
+    regarding copyright ownership.  The ASF licenses this file
+    to you under the Apache License, Version 2.0 (the
+    "License"); you may not use this file except in compliance
+    with the License.  You may obtain a copy of the License at
+    
+        http://www.apache.org/licenses/LICENSE-2.0
+    
+    Unless required by applicable law or agreed to in writing,
+    software distributed under the License is distributed on an
+    "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+    KIND, either express or implied.  See the License for the
+    specific language governing permissions and limitations
+    under the License.
+
+-->
+# 数据同步
+
+本文档主要为数据同步功能的SQL语句，详细功能介绍及使用说明见 [数据同步](../User-Manual/Data-Sync_timecho.md) 
+
+## 1.  创建任务
+
+**语法：**
+
+```SQL
+CREATE PIPE [IF NOT EXISTS] <PipeId> -- PipeId 是能够唯一标定任务的名字
+-- 数据抽取插件，可选插件
+WITH SOURCE (
+  [<parameter> = <value>,],
+)
+-- 数据处理插件，可选插件
+WITH PROCESSOR (
+  [<parameter> = <value>,],
+)
+-- 数据连接插件，必填插件
+WITH SINK (
+  [<parameter> = <value>,],
+)
+```
+
+**示例一：全量数据同步**
+
+```SQL
+create pipe A2B
+with sink (
+  'sink'='iotdb-thrift-sink',
+  'node-urls' = '127.0.0.1:6668', 
+)
+```
+
+**示例二：部分数据同步**
+
+```SQL
+create pipe A2B
+WITH SOURCE (
+  'source'= 'iotdb-source',
+  'mode.streaming' = 'true'  
+  'database-name'='db_b.*', 
+  'start-time' = '2023.08.23T08:00:00+00:00', 
+  'end-time' = '2023.10.23T08:00:00+00:00'
+) 
+with SINK (
+  'sink'='iotdb-thrift-async-sink',
+  'node-urls' = '127.0.0.1:6668', 
+)
+```
+
+**示例三：双向数据传输**
+
+* 在 A IoTDB 上执行下列语句
+
+```SQL
+create pipe AB
+with source (
+  'source.mode.double-living' ='true'
+)
+with sink (
+  'sink'='iotdb-thrift-sink',
+  'node-urls' = '127.0.0.1:6668', 
+)
+```
+
+* 在 B IoTDB 上执行下列语句
+
+```SQL
+create pipe BA
+with source (
+  'source.mode.double-living' ='true' 
+)
+with sink (
+  'sink'='iotdb-thrift-sink',
+  'node-urls' = '127.0.0.1:6667', 
+)
+```
+
+**示例四：边云数据传输**
+
+* 在 B IoTDB 上执行下列语句，将 B 中数据同步至 A
+
+```SQL
+create pipe BA
+with source (
+   'database-name'='db_b.*', 
+   'table-name'='.*', 
+)
+with sink (
+  'sink'='iotdb-thrift-sink',
+  'node-urls' = '127.0.0.1:6667', 
+)
+```
+
+* 在 C IoTDB 上执行下列语句，将 C 中数据同步至 A
+
+```SQL
+create pipe CA
+with source (
+   'database-name'='db_c.*', 
+   'table-name'='.*', 
+)
+with sink (
+  'sink'='iotdb-thrift-sink',
+  'node-urls' = '127.0.0.1:6668', 
+)
+```
+
+* 在 D IoTDB 上执行下列语句，将 D 中数据同步至 A
+
+```SQL
+create pipe DA
+with source (
+   'database-name'='db_d.*', 
+   'table-name'='.*', 
+)
+with sink (
+  'sink'='iotdb-thrift-sink',
+  'node-urls' = '127.0.0.1:6669', 
+)
+```
+
+**示例五：级联数据传输**
+
+* 在 A IoTDB 上执行下列语句，将 A 中数据同步至 B
+
+```SQL
+create pipe AB
+with sink (
+  'sink'='iotdb-thrift-sink',
+  'node-urls' = '127.0.0.1:6668', 
+)
+```
+
+* 在 B IoTDB 上执行下列语句，将 B 中数据同步至 C
+
+```SQL
+create pipe BC
+with source (
+)
+with sink (
+  'sink'='iotdb-thrift-sink',
+  'node-urls' = '127.0.0.1:6669', 
+)
+```
+
+**示例六：跨网闸数据传输**
+
+```SQL
+create pipe A2B
+with sink (
+  'sink'='iotdb-air-gap-sink',
+  'node-urls' = '10.53.53.53:9780', 
+)
+```
+
+**示例七：压缩同步**
+
+```SQL
+create pipe A2B 
+with sink (
+ 'node-urls' = '127.0.0.1:6668', 
+ 'compressor' = 'snappy,lz4',
+ 'rate-limit-bytes-per-second'='1048576' 
+)
+```
+
+**示例八：加密同步**
+
+```SQL
+create pipe A2B
+with sink (
+  'sink'='iotdb-thrift-ssl-sink',
+  'node-urls'='127.0.0.1:6667',  
+  'ssl.trust-store-path'='pki/trusted', 
+  'ssl.trust-store-pwd'='root' 
+)
+```
+
+**示例九：本地导出 Object 类型数据**
+
+```SQL
+CREATE PIPE tsfile_export_local
+WITH SOURCE (                           
+  'source' = 'iotdb-source',
+  'table-name' = 'test_table'
+)
+WITH PROCESSOR (
+  'processor' = 'do-nothing-processor'
+)
+WITH SINK (
+  'sink' = 'tsfile-local-sink',                         
+  'sink.local.target-path' = '/data/backup/export_2024' 
+  'sink.rate-limit-bytes-per-second' = '10485760'      
+);
+```
+
+**示例十：远程传输 Object 类型数据**
+
+* 该方式需提前注册 `tsfile_remote_sink` 插件
+
+```SQL
+CREATE PIPE tsfile_export_scp
+WITH SOURCE (
+  'source' = 'iotdb-source',
+  'table-name' = 'test_table'                        
+)
+WITH PROCESSOR (
+  'processor' = 'do-nothing-processor'
+)
+WITH SINK (
+  'sink' = 'tsfile_remote_sink',
+  'sink.file-mode' = 'scp',                          
+  'sink.scp.host' = '192.168.1.100',                 
+  'sink.scp.port' = '22',                            
+  'sink.scp.user' = 'backup_user',                  
+  'sink.scp.password' = 'ComplexPass123!',           
+  'sink.scp.remote-path' = '/remote/archive/',       
+  'sink.rate-limit-bytes-per-second' = '10485760'    
+);
+```
+
+## 2. 开始任务
+
+**语法：**
+
+```SQL
+START PIPE<PipeId>
+```
+
+**示例：**
+
+```SQL
+START PIPE A2B
+```
+
+## 3. 停止任务
+
+**语法：**
+
+```SQL
+STOP PIPE <PipeId>
+```
+
+**示例：**
+
+```SQL
+STOP PIPE A2B
+```
+
+## 4. 删除任务
+
+**语法：**
+
+```SQL
+DROP PIPE [IF EXISTS] <PipeId>
+```
+
+**示例：**
+
+```SQL
+DROP PIPE IF EXISTS A2B
+```
+
+## 5. 查看任务
+
+**语法：**
+
+```SQL
+-- 查看全部任务
+SHOW PIPES
+-- 查看指定任务
+SHOW PIPE <PipeId>
+```
+
+**示例：**
+
+```SQL
+SHOW PIPES
+
+SHOW PIPE A2B
+```
+
+## 6. 修改任务
+
+**语法：**
+
+```SQL
+ALTER PIPE [IF EXISTS] <PipeId>
+    MODIFY/REPLACE SOURCE(...)
+    MODIFY/REPLACE PROCESSOR(...)
+    MODIFY/REPLACE SINK(...)
+```
+
+**示例：**
+
+```SQL
+ALTER PIPE A2B REPLACE SINK ('sink'='iotdb-thrift-sink', 'node-urls' = '127.0.0.1:6668');
+```
diff --git a/src/zh/UserGuide/latest-Table/SQL-Manual/SQL-Authority-Management_apache.md b/src/zh/UserGuide/latest-Table/SQL-Manual/SQL-Authority-Management_apache.md
new file mode 100644
index 000000000..247e0d2ba
--- /dev/null
+++ b/src/zh/UserGuide/latest-Table/SQL-Manual/SQL-Authority-Management_apache.md
@@ -0,0 +1,371 @@
+<!--
+
+    Licensed to the Apache Software Foundation (ASF) under one
+    or more contributor license agreements.  See the NOTICE file
+    distributed with this work for additional information
+    regarding copyright ownership.  The ASF licenses this file
+    to you under the Apache License, Version 2.0 (the
+    "License"); you may not use this file except in compliance
+    with the License.  You may obtain a copy of the License at
+    
+        http://www.apache.org/licenses/LICENSE-2.0
+    
+    Unless required by applicable law or agreed to in writing,
+    software distributed under the License is distributed on an
+    "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+    KIND, either express or implied.  See the License for the
+    specific language governing permissions and limitations
+    under the License.
+
+-->
+# 权限管理
+
+本文档为 V2.0.7 版本起权限管理的 SQL 手册，详细功能使用可见[权限管理](../User-Manual/Authority-Management-Upgrade_apache.md)，如需查阅 V2.0.7 版本之前权限管理的功能介绍可参考[权限管理](../User-Manual/Authority-Management_apache.md)
+
+## 1.  权限列表
+
+<table>
+  <tbody>
+    <tr>
+      <th>权限类型</th>
+      <th>权限名称</th>
+      <th>生效范围</th>
+      <th>描述</th>
+    </tr>
+    <!-- 全局权限 - SYSTEM -->
+    <tr>
+      <td rowspan="16">全局权限</td>
+      <td rowspan="6">SYSTEM</td>
+      <td rowspan="6">全局</td>
+      <td>允许用户创建、修改、删除数据库。</td>
+    </tr>
+    <tr>
+      <td>允许用户创建、修改、删除表及表视图。</td>
+    </tr>
+    <tr>
+      <td>允许用户创建、删除、查看用户自定义函数。</td>
+    </tr>
+    <tr>
+      <td>允许用户创建、开始、停止、删除、查看PIPE。允许用户创建、删除、查看PIPEPLUGINS。</td>
+    </tr>
+    <tr>
+      <td>允许用户查询、取消查询。允许用户查看变量。允许用户查看集群状态。</td>
+    </tr>
+    <tr>
+      <td>允许用户创建、删除、查看深度学习模型。</td>
+    </tr>
+    <!-- 全局权限 - SECURITY -->
+    <tr>
+      <td rowspan="10">SECURITY</td>
+      <td rowspan="10">全局</td>
+      <td>允许用户创建用户。</td>
+    </tr>
+    <tr>
+      <td>允许用户删除用户。</td>
+    </tr>
+    <tr>
+      <td>允许用户修改用户密码。</td>
+    </tr>
+    <tr>
+      <td>允许用户查看用户的权限信息。</td>
+    </tr>
+    <tr>
+      <td>允许用户列出所有用户。</td>
+    </tr>
+    <tr>
+      <td>允许用户创建角色。</td>
+    </tr>
+    <tr>
+      <td>允许用户删除角色。</td>
+    </tr>
+    <tr>
+      <td>允许用户查看角色的权限信息。</td>
+    </tr>
+    <tr>
+      <td>允许用户将角色授予某个用户或撤销。</td>
+    </tr>
+    <tr>
+      <td>允许用户列出所有角色。</td>
+    </tr>
+    <!-- 数据权限 - CREATE -->
+    <tr>
+      <td rowspan="15">数据权限</td>
+      <td rowspan="3">CREATE</td>
+      <td>ANY</td>
+      <td>允许创建任意表、创建任意数据库。</td>
+    </tr>
+    <tr>
+      <td>数据库</td>
+      <td>允许用户在该数据库下创建表；允许用户创建该名称的数据库。</td>
+    </tr>
+    <tr>
+      <td>表</td>
+      <td>允许用户创建该名称的表。</td>
+    </tr>
+    <!-- 数据权限 - ALTER -->
+    <tr>
+      <td rowspan="3">ALTER</td>
+      <td>ANY</td>
+      <td>允许修改任意表的定义、任意数据库的定义。</td>
+    </tr>
+    <tr>
+      <td>数据库</td>
+      <td>允许用户修改数据库的定义，允许用户修改数据库下表的定义。</td>
+    </tr>
+    <tr>
+      <td>表</td>
+      <td>允许用户修改表的定义。</td>
+    </tr>
+    <!-- 数据权限 - SELECT -->
+    <tr>
+      <td rowspan="3">SELECT</td>
+      <td>ANY</td>
+      <td>允许查询系统内任意数据库中任意表的数据。</td>
+    </tr>
+    <tr>
+      <td>数据库</td>
+      <td>允许用户查询该数据库中任意表的数据。</td>
+    </tr>
+    <tr>
+      <td>表</td>
+      <td>允许用户查询该表中的数据。执行多表查询时，数据库仅展示用户有权限访问的数据。</td>
+    </tr>
+    <!-- 数据权限 - INSERT -->
+    <tr>
+      <td rowspan="3">INSERT</td>
+      <td>ANY</td>
+      <td>允许任意数据库的任意表插入/更新数据。</td>
+    </tr>
+    <tr>
+      <td>数据库</td>
+      <td>允许用户向该数据库范围内任意表插入/更新数据。</td>
+    </tr>
+    <tr>
+      <td>表</td>
+      <td>允许用户向该表中插入/更新数据。</td>
+    </tr>
+    <!-- 数据权限 - DELETE -->
+    <tr>
+      <td rowspan="3">DELETE</td>
+      <td>ANY</td>
+      <td>允许删除任意表的数据。</td>
+    </tr>
+    <tr>
+      <td>数据库</td>
+      <td>允许用户删除该数据库范围内的数据。</td>
+    </tr>
+    <tr>
+      <td>表</td>
+      <td>允许用户删除该表中的数据。</td>
+    </tr>
+  </tbody>
+</table>
+
+## 2.  SQL 语句
+
+### 2.1  用户与角色管理
+
+1. 创建用户（需 SECURITY 权限)
+
+```SQL
+CREATE USER <USERNAME> <PASSWORD>   
+eg: CREATE USER user1 'passwd';
+```
+
+2. 修改密码
+
+用户可以修改自己的密码，但修改其他用户密码需要具备 SECURITY 权限。
+
+```SQL
+ALTER USER <USERNAME> SET PASSWORD <password>
+eg: ALTER USER tempuser SET PASSWORD 'newpwd';
+```
+
+3. 删除用户（需 SECURITY 权限)
+
+```SQL
+DROP USER <USERNAME>
+eg: DROP USER user1;
+```
+
+4. 创建角色 (需 SECURITY 权限)
+
+```SQL
+CREATE ROLE <ROLENAME>
+eg: CREATE ROLE role1;
+```
+
+5. 删除角色 (需 SECURITY  权限)
+
+```SQL
+DROP ROLE <ROLENAME>
+eg: DROP ROLE role1;
+```
+
+6. 赋予用户角色 (需 SECURITY  权限)
+
+```SQL
+GRANT ROLE <ROLENAME> TO <USERNAME>
+eg: GRANT ROLE admin TO user1;
+```
+
+7. 移除用户角色  (需 SECURITY 权限)
+
+```SQL
+REVOKE ROLE <ROLENAME> FROM <USERNAME>
+eg: REVOKE ROLE admin FROM user1;
+```
+
+8. 列出所有用户（需 SECURITY 权限)
+
+```SQL
+LIST USER;
+```
+
+9. 列出所有的角色 (需 SECURITY 权限)
+
+```SQL
+LIST ROLE;
+```
+
+10. 列出指定角色下所有用户（需 SECURITY 权限)
+
+```SQL
+LIST USER OF ROLE <ROLENAME>
+eg: LIST USER OF ROLE roleuser;
+```
+
+11. 列出指定用户下的所有角色
+
+用户可以列出自己的角色，但列出其他用户的角色需要拥有 SECURITY 权限。
+
+```SQL
+LIST ROLE OF USER <USERNAME>
+eg: LIST ROLE OF USER tempuser;
+```
+
+12. 列出用户所有权限
+
+用户可以列出自己的权限信息，但列出其他用户的权限需要拥有 SECURITY 权限。
+
+```SQL
+LIST PRIVILEGES OF USER <USERNAME>
+eg: LIST PRIVILEGES OF USER tempuser;
+```
+
+13. 列出角色所有权限
+
+用户可以列出自己具有的角色的权限信息，列出其他角色的权限需要有 SECURITY 权限。
+
+```SQL
+LIST PRIVILEGES OF ROLE <ROLENAME>
+eg: LIST PRIVILEGES OF ROLE actor;
+```
+
+### 2.2  权限管理
+
+#### 2.2.1 授予权限
+
+1. 给用户授予管理用户的权限
+
+```SQL
+GRANT SECURITY TO USER <USERNAME>
+eg: GRANT SECURITY TO USER TEST_USER;
+```
+
+2. 给用户授予创建数据库及在数据库范围内创建表的权限，且允许用户在该范围内管理权限
+
+```SQL
+GRANT CREATE ON DATABASE <DATABASE> TO USER <USERNAME> WITH GRANT OPTION
+eg: GRANT CREATE ON DATABASE TESTDB TO USER TEST_USER WITH GRANT OPTION;
+```
+
+3. 给角色授予查询数据库的权限
+
+```SQL
+GRANT SELECT ON DATABASE <DATABASE>TO ROLE <ROLENAME>
+eg: GRANT SELECT ON DATABASE TESTDB TO ROLE TEST_ROLE;
+```
+
+4. 给用户授予查询表的权限
+
+```SQL
+GRANT SELECT ON <DATABASE>.<TABLENAME> TO USER <USERNAME>
+eg: GRANT SELECT ON TESTDB.TESTTABLE TO USER TEST_USER;
+```
+
+5. 给角色授予查询所有数据库及表的权限
+
+```SQL
+GRANT SELECT ON ANY TO ROLE <ROLENAME>
+eg: GRANT SELECT ON ANY TO ROLE TEST_ROLE;
+```
+
+6. ALL 语法糖：ALL 表示对象范围内所有权限，可以使用 ALL 字段灵活地授予权限。
+
+```SQL
+GRANT ALL TO USER TESTUSER;
+-- 将用户可以获取的所有权限授予给用户,包括全局权限和 ANY 范围的所有数据权限
+
+GRANT ALL ON ANY TO USER TESTUSER;
+-- 将 ANY 范围内可以获取的所有权限授予给用户，执行该语句后，用户将拥有在所有数据库上的所有数据权限
+
+GRANT ALL ON DATABASE TESTDB TO USER TESTUSER;
+-- 将 DB 范围内可以获取的所有权限授予给用户，执行该语句后，用户将拥有在该数据库上的所有数据权限
+
+GRANT ALL ON TABLE TESTTABLE TO USER TESTUSER;
+-- 将 TABLE 范围内可以获取的所有权限授予给用户，执行该语句后，用户将拥有在该表上的所有数据权限
+```
+
+#### 2.2.2 撤销权限
+
+1. 取消用户管理用户的权限
+
+```SQL
+REVOKE SECURITY FROM USER <USERNAME>
+eg: REVOKE SECURITY FROM USER TEST_USER;
+```
+
+2. 取消用户创建数据库及在数据库范围内创建表的权限
+
+```SQL
+REVOKE CREATE ON DATABASE <DATABASE> FROM USER <USERNAME>
+eg: REVOKE CREATE ON DATABASE TEST_DB FROM USER TEST_USER;
+```
+
+3. 取消用户查询表的权限
+
+```SQL
+REVOKE SELECT ON <DATABASE>.<TABLENAME> FROM USER <USERNAME>
+eg: REVOKE SELECT ON TESTDB.TESTTABLE FROM USER TEST_USER;
+```
+
+4. 取消用户查询所有数据库及表的权限
+
+```SQL
+REVOKE SELECT ON ANY FROM USER <USERNAME>
+eg: REVOKE SELECT ON ANY FROM USER TEST_USER;
+```
+
+5. ALL 语法糖：ALL 表示对象范围内所有权限，可以使用 ALL 字段灵活地撤销权限。
+
+```SQL
+REVOKE ALL FROM USER TESTUSER;
+-- 取消用户所有的全局权限以及 ANY 范围的所有数据权限
+
+REVOKE ALL ON ANY FROM USER TESTUSER;
+-- 取消用户 ANY 范围的所有数据权限，不会影响 DB 范围和 TABLE 范围的权限
+
+REVOKE ALL ON DATABASE TESTDB FROM USER TESTUSER;
+-- 取消用户在 DB 上的所有数据权限,不会影响 TABLE 权限
+
+REVOKE ALL ON TABLE TESTDB FROM USER TESTUSER;
+-- 取消用户在 TABLE 上的所有数据权限
+```
+
+#### 2.2.3 查看用户权限
+
+```SQL
+LIST PRIVILEGES OF USER <USERNAME>
+eg: LIST PRIVILEGES OF USER tempuser
+```
diff --git a/src/zh/UserGuide/latest-Table/SQL-Manual/SQL-Authority-Management_timecho.md b/src/zh/UserGuide/latest-Table/SQL-Manual/SQL-Authority-Management_timecho.md
new file mode 100644
index 000000000..34fc1bf54
--- /dev/null
+++ b/src/zh/UserGuide/latest-Table/SQL-Manual/SQL-Authority-Management_timecho.md
@@ -0,0 +1,377 @@
+<!--
+
+    Licensed to the Apache Software Foundation (ASF) under one
+    or more contributor license agreements.  See the NOTICE file
+    distributed with this work for additional information
+    regarding copyright ownership.  The ASF licenses this file
+    to you under the Apache License, Version 2.0 (the
+    "License"); you may not use this file except in compliance
+    with the License.  You may obtain a copy of the License at
+    
+        http://www.apache.org/licenses/LICENSE-2.0
+    
+    Unless required by applicable law or agreed to in writing,
+    software distributed under the License is distributed on an
+    "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+    KIND, either express or implied.  See the License for the
+    specific language governing permissions and limitations
+    under the License.
+
+-->
+# 权限管理
+
+本文档为 V2.0.7 版本起权限管理的 SQL 手册，详细功能使用可见[权限管理](../User-Manual/Authority-Management-Upgrade_timecho.md)，如需查阅 V2.0.7 版本之前权限管理的功能介绍可参考[权限管理](../User-Manual/Authority-Management_timecho.md)
+
+## 1.  权限列表
+
+<table>
+  <tbody>
+    <tr>
+      <th>权限类型</th>
+      <th>权限名称</th>
+      <th>生效范围</th>
+      <th>描述</th>
+    </tr>
+    <!-- 全局权限 - SYSTEM -->
+    <tr>
+      <td rowspan="17">全局权限</td>
+      <td rowspan="6">SYSTEM</td>
+      <td rowspan="6">全局</td>
+      <td>允许用户创建、修改、删除数据库。</td>
+    </tr>
+    <tr>
+      <td>允许用户创建、修改、删除表及表视图。</td>
+    </tr>
+    <tr>
+      <td>允许用户创建、删除、查看用户自定义函数。</td>
+    </tr>
+    <tr>
+      <td>允许用户创建、开始、停止、删除、查看PIPE。允许用户创建、删除、查看PIPEPLUGINS。</td>
+    </tr>
+    <tr>
+      <td>允许用户查询、取消查询。允许用户查看变量。允许用户查看集群状态。</td>
+    </tr>
+    <tr>
+      <td>允许用户创建、删除、查看深度学习模型。</td>
+    </tr>
+    <!-- 全局权限 - SECURITY -->
+    <tr>
+      <td rowspan="10">SECURITY</td>
+      <td rowspan="10">全局</td>
+      <td>允许用户创建用户。</td>
+    </tr>
+    <tr>
+      <td>允许用户删除用户。</td>
+    </tr>
+    <tr>
+      <td>允许用户修改用户密码。</td>
+    </tr>
+    <tr>
+      <td>允许用户查看用户的权限信息。</td>
+    </tr>
+    <tr>
+      <td>允许用户列出所有用户。</td>
+    </tr>
+    <tr>
+      <td>允许用户创建角色。</td>
+    </tr>
+    <tr>
+      <td>允许用户删除角色。</td>
+    </tr>
+    <tr>
+      <td>允许用户查看角色的权限信息。</td>
+    </tr>
+    <tr>
+      <td>允许用户将角色授予某个用户或撤销。</td>
+    </tr>
+    <tr>
+      <td>允许用户列出所有角色。</td>
+    </tr>
+    <!-- 全局权限 - AUDIT（新增） -->
+    <tr>
+      <td>AUDIT</td>
+      <td>全局</td>
+      <td>允许用户维护审计日志的规则 允许用户查看审计日志。</td>
+    </tr>
+    <!-- 数据权限 - CREATE -->
+    <tr>
+      <td rowspan="15">数据权限</td>
+      <td rowspan="3">CREATE</td>
+      <td>ANY</td>
+      <td>允许创建任意表、创建任意数据库。</td>
+    </tr>
+    <tr>
+      <td>数据库</td>
+      <td>允许用户在该数据库下创建表；允许用户创建该名称的数据库。</td>
+    </tr>
+    <tr>
+      <td>表</td>
+      <td>允许用户创建该名称的表。</td>
+    </tr>
+    <!-- 数据权限 - ALTER -->
+    <tr>
+      <td rowspan="3">ALTER</td>
+      <td>ANY</td>
+      <td>允许修改任意表的定义、任意数据库的定义。</td>
+    </tr>
+    <tr>
+      <td>数据库</td>
+      <td>允许用户修改数据库的定义，允许用户修改数据库下表的定义。</td>
+    </tr>
+    <tr>
+      <td>表</td>
+      <td>允许用户修改表的定义。</td>
+    </tr>
+    <!-- 数据权限 - SELECT -->
+    <tr>
+      <td rowspan="3">SELECT</td>
+      <td>ANY</td>
+      <td>允许查询系统内任意数据库中任意表的数据。</td>
+    </tr>
+    <tr>
+      <td>数据库</td>
+      <td>允许用户查询该数据库中任意表的数据。</td>
+    </tr>
+    <tr>
+      <td>表</td>
+      <td>允许用户查询该表中的数据。执行多表查询时，数据库仅展示用户有权限访问的数据。</td>
+    </tr>
+    <!-- 数据权限 - INSERT -->
+    <tr>
+      <td rowspan="3">INSERT</td>
+      <td>ANY</td>
+      <td>允许任意数据库的任意表插入/更新数据。</td>
+    </tr>
+    <tr>
+      <td>数据库</td>
+      <td>允许用户向该数据库范围内任意表插入/更新数据。</td>
+    </tr>
+    <tr>
+      <td>表</td>
+      <td>允许用户向该表中插入/更新数据。</td>
+    </tr>
+    <!-- 数据权限 - DELETE -->
+    <tr>
+      <td rowspan="3">DELETE</td>
+      <td>ANY</td>
+      <td>允许删除任意表的数据。</td>
+    </tr>
+    <tr>
+      <td>数据库</td>
+      <td>允许用户删除该数据库范围内的数据。</td>
+    </tr>
+    <tr>
+      <td>表</td>
+      <td>允许用户删除该表中的数据。</td>
+    </tr>
+  </tbody>
+</table>
+
+## 2.  SQL 语句
+
+### 2.1  用户与角色管理
+
+1. 创建用户（需 SECURITY 权限)
+
+```SQL
+CREATE USER <USERNAME> <PASSWORD>   
+eg: CREATE USER user1 'Passwd@202604';
+```
+
+2. 修改密码
+
+用户可以修改自己的密码，但修改其他用户密码需要具备 SECURITY 权限。
+
+```SQL
+ALTER USER <USERNAME> SET PASSWORD <password>
+eg: ALTER USER tempuser SET PASSWORD 'Newpwd@202604';
+```
+
+3. 删除用户（需 SECURITY 权限)
+
+```SQL
+DROP USER <USERNAME>
+eg: DROP USER user1;
+```
+
+4. 创建角色 (需 SECURITY 权限)
+
+```SQL
+CREATE ROLE <ROLENAME>
+eg: CREATE ROLE role1;
+```
+
+5. 删除角色 (需 SECURITY  权限)
+
+```SQL
+DROP ROLE <ROLENAME>
+eg: DROP ROLE role1;
+```
+
+6. 赋予用户角色 (需 SECURITY  权限)
+
+```SQL
+GRANT ROLE <ROLENAME> TO <USERNAME>
+eg: GRANT ROLE admin TO user1;
+```
+
+7. 移除用户角色  (需 SECURITY 权限)
+
+```SQL
+REVOKE ROLE <ROLENAME> FROM <USERNAME>
+eg: REVOKE ROLE admin FROM user1;
+```
+
+8. 列出所有用户（需 SECURITY 权限)
+
+```SQL
+LIST USER;
+```
+
+9. 列出所有的角色 (需 SECURITY 权限)
+
+```SQL
+LIST ROLE;
+```
+
+10. 列出指定角色下所有用户（需 SECURITY 权限)
+
+```SQL
+LIST USER OF ROLE <ROLENAME>
+eg: LIST USER OF ROLE roleuser;
+```
+
+11. 列出指定用户下的所有角色
+
+用户可以列出自己的角色，但列出其他用户的角色需要拥有 SECURITY 权限。
+
+```SQL
+LIST ROLE OF USER <USERNAME>
+eg: LIST ROLE OF USER tempuser;
+```
+
+12. 列出用户所有权限
+
+用户可以列出自己的权限信息，但列出其他用户的权限需要拥有 SECURITY 权限。
+
+```SQL
+LIST PRIVILEGES OF USER <USERNAME>
+eg: LIST PRIVILEGES OF USER tempuser;
+```
+
+13. 列出角色所有权限
+
+用户可以列出自己具有的角色的权限信息，列出其他角色的权限需要有 SECURITY 权限。
+
+```SQL
+LIST PRIVILEGES OF ROLE <ROLENAME>
+eg: LIST PRIVILEGES OF ROLE actor;
+```
+
+### 2.2  权限管理
+
+#### 2.2.1 授予权限
+
+1. 给用户授予管理用户的权限
+
+```SQL
+GRANT SECURITY TO USER <USERNAME>
+eg: GRANT SECURITY TO USER TEST_USER;
+```
+
+2. 给用户授予创建数据库及在数据库范围内创建表的权限，且允许用户在该范围内管理权限
+
+```SQL
+GRANT CREATE ON DATABASE <DATABASE> TO USER <USERNAME> WITH GRANT OPTION
+eg: GRANT CREATE ON DATABASE TESTDB TO USER TEST_USER WITH GRANT OPTION;
+```
+
+3. 给角色授予查询数据库的权限
+
+```SQL
+GRANT SELECT ON DATABASE <DATABASE>TO ROLE <ROLENAME>
+eg: GRANT SELECT ON DATABASE TESTDB TO ROLE TEST_ROLE;
+```
+
+4. 给用户授予查询表的权限
+
+```SQL
+GRANT SELECT ON <DATABASE>.<TABLENAME> TO USER <USERNAME>
+eg: GRANT SELECT ON TESTDB.TESTTABLE TO USER TEST_USER;
+```
+
+5. 给角色授予查询所有数据库及表的权限
+
+```SQL
+GRANT SELECT ON ANY TO ROLE <ROLENAME>
+eg: GRANT SELECT ON ANY TO ROLE TEST_ROLE;
+```
+
+6. ALL 语法糖：ALL 表示对象范围内所有权限，可以使用 ALL 字段灵活地授予权限。
+
+```SQL
+GRANT ALL TO USER TESTUSER;
+-- 将用户可以获取的所有权限授予给用户,包括全局权限和 ANY 范围的所有数据权限
+
+GRANT ALL ON ANY TO USER TESTUSER;
+-- 将 ANY 范围内可以获取的所有权限授予给用户，执行该语句后，用户将拥有在所有数据库上的所有数据权限
+
+GRANT ALL ON DATABASE TESTDB TO USER TESTUSER;
+-- 将 DB 范围内可以获取的所有权限授予给用户，执行该语句后，用户将拥有在该数据库上的所有数据权限
+
+GRANT ALL ON TABLE TESTTABLE TO USER TESTUSER;
+-- 将 TABLE 范围内可以获取的所有权限授予给用户，执行该语句后，用户将拥有在该表上的所有数据权限
+```
+
+#### 2.2.2 撤销权限
+
+1. 取消用户管理用户的权限
+
+```SQL
+REVOKE SECURITY FROM USER <USERNAME>
+eg: REVOKE SECURITY FROM USER TEST_USER;
+```
+
+2. 取消用户创建数据库及在数据库范围内创建表的权限
+
+```SQL
+REVOKE CREATE ON DATABASE <DATABASE> FROM USER <USERNAME>
+eg: REVOKE CREATE ON DATABASE TEST_DB FROM USER TEST_USER;
+```
+
+3. 取消用户查询表的权限
+
+```SQL
+REVOKE SELECT ON <DATABASE>.<TABLENAME> FROM USER <USERNAME>
+eg: REVOKE SELECT ON TESTDB.TESTTABLE FROM USER TEST_USER;
+```
+
+4. 取消用户查询所有数据库及表的权限
+
+```SQL
+REVOKE SELECT ON ANY FROM USER <USERNAME>
+eg: REVOKE SELECT ON ANY FROM USER TEST_USER;
+```
+
+5. ALL 语法糖：ALL 表示对象范围内所有权限，可以使用 ALL 字段灵活地撤销权限。
+
+```SQL
+REVOKE ALL FROM USER TESTUSER;
+-- 取消用户所有的全局权限以及 ANY 范围的所有数据权限
+
+REVOKE ALL ON ANY FROM USER TESTUSER;
+-- 取消用户 ANY 范围的所有数据权限，不会影响 DB 范围和 TABLE 范围的权限
+
+REVOKE ALL ON DATABASE TESTDB FROM USER TESTUSER;
+-- 取消用户在 DB 上的所有数据权限,不会影响 TABLE 权限
+
+REVOKE ALL ON TABLE TESTDB FROM USER TESTUSER;
+-- 取消用户在 TABLE 上的所有数据权限
+```
+
+#### 2.2.3 查看用户权限
+
+```SQL
+LIST PRIVILEGES OF USER <USERNAME>
+eg: LIST PRIVILEGES OF USER tempuser
+```
diff --git a/src/zh/UserGuide/latest-Table/SQL-Manual/SQL-Data-Sync_apache.md b/src/zh/UserGuide/latest-Table/SQL-Manual/SQL-Data-Sync_apache.md
new file mode 100644
index 000000000..13d050c9b
--- /dev/null
+++ b/src/zh/UserGuide/latest-Table/SQL-Manual/SQL-Data-Sync_apache.md
@@ -0,0 +1,239 @@
+<!--
+
+    Licensed to the Apache Software Foundation (ASF) under one
+    or more contributor license agreements.  See the NOTICE file
+    distributed with this work for additional information
+    regarding copyright ownership.  The ASF licenses this file
+    to you under the Apache License, Version 2.0 (the
+    "License"); you may not use this file except in compliance
+    with the License.  You may obtain a copy of the License at
+    
+        http://www.apache.org/licenses/LICENSE-2.0
+    
+    Unless required by applicable law or agreed to in writing,
+    software distributed under the License is distributed on an
+    "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+    KIND, either express or implied.  See the License for the
+    specific language governing permissions and limitations
+    under the License.
+
+-->
+# 数据同步
+
+本文档主要为数据同步功能的SQL语句，详细功能介绍及使用说明见 [数据同步](../User-Manual/Data-Sync_apache.md) 
+
+## 1.  创建任务
+
+**语法：**
+
+```SQL
+CREATE PIPE [IF NOT EXISTS] <PipeId> -- PipeId 是能够唯一标定任务的名字
+-- 数据抽取插件，可选插件
+WITH SOURCE (
+  [<parameter> = <value>,],
+)
+-- 数据处理插件，可选插件
+WITH PROCESSOR (
+  [<parameter> = <value>,],
+)
+-- 数据连接插件，必填插件
+WITH SINK (
+  [<parameter> = <value>,],
+)
+```
+
+**示例一：全量数据同步**
+
+```SQL
+create pipe A2B
+with sink (
+  'sink'='iotdb-thrift-sink',
+  'node-urls' = '127.0.0.1:6668', 
+)
+```
+
+**示例二：部分数据同步**
+
+```SQL
+create pipe A2B
+WITH SOURCE (
+  'source'= 'iotdb-source',
+  'mode.streaming' = 'true'  
+  'database-name'='db_b.*', 
+  'start-time' = '2023.08.23T08:00:00+00:00', 
+  'end-time' = '2023.10.23T08:00:00+00:00'
+) 
+with SINK (
+  'sink'='iotdb-thrift-async-sink',
+  'node-urls' = '127.0.0.1:6668', 
+)
+```
+
+**示例三：边云数据传输**
+
+* 在 B IoTDB 上执行下列语句，将 B 中数据同步至 A
+
+```SQL
+create pipe BA
+with source (
+   'database-name'='db_b.*', 
+   'table-name'='.*', 
+)
+with sink (
+  'sink'='iotdb-thrift-sink',
+  'node-urls' = '127.0.0.1:6667', 
+)
+```
+
+* 在 C IoTDB 上执行下列语句，将 C 中数据同步至 A
+
+```SQL
+create pipe CA
+with source (
+   'database-name'='db_c.*', 
+   'table-name'='.*', 
+)
+with sink (
+  'sink'='iotdb-thrift-sink',
+  'node-urls' = '127.0.0.1:6668', 
+)
+```
+
+* 在 D IoTDB 上执行下列语句，将 D 中数据同步至 A
+
+```SQL
+create pipe DA
+with source (
+   'database-name'='db_d.*', 
+   'table-name'='.*', 
+)
+with sink (
+  'sink'='iotdb-thrift-sink',
+  'node-urls' = '127.0.0.1:6669', 
+)
+```
+
+**示例四：级联数据传输**
+
+* 在 A IoTDB 上执行下列语句，将 A 中数据同步至 B
+
+```SQL
+create pipe AB
+with sink (
+  'sink'='iotdb-thrift-sink',
+  'node-urls' = '127.0.0.1:6668', 
+)
+```
+
+* 在 B IoTDB 上执行下列语句，将 B 中数据同步至 C
+
+```SQL
+create pipe BC
+with source (
+)
+with sink (
+  'sink'='iotdb-thrift-sink',
+  'node-urls' = '127.0.0.1:6669', 
+)
+```
+
+**示例五：压缩同步**
+
+```SQL
+create pipe A2B 
+with sink (
+ 'node-urls' = '127.0.0.1:6668', 
+ 'compressor' = 'snappy,lz4',
+ 'rate-limit-bytes-per-second'='1048576' 
+)
+```
+
+**示例六：加密同步**
+
+```SQL
+create pipe A2B
+with sink (
+  'sink'='iotdb-thrift-ssl-sink',
+  'node-urls'='127.0.0.1:6667',  
+  'ssl.trust-store-path'='pki/trusted', 
+  'ssl.trust-store-pwd'='root' 
+)
+```
+
+## 2. 开始任务
+
+**语法：**
+
+```SQL
+START PIPE<PipeId>
+```
+
+**示例：**
+
+```SQL
+START PIPE A2B
+```
+
+## 3. 停止任务
+
+**语法：**
+
+```SQL
+STOP PIPE <PipeId>
+```
+
+**示例：**
+
+```SQL
+STOP PIPE A2B
+```
+
+## 4. 删除任务
+
+**语法：**
+
+```SQL
+DROP PIPE [IF EXISTS] <PipeId>
+```
+
+**示例：**
+
+```SQL
+DROP PIPE IF EXISTS A2B
+```
+
+## 5. 查看任务
+
+**语法：**
+
+```SQL
+-- 查看全部任务
+SHOW PIPES
+-- 查看指定任务
+SHOW PIPE <PipeId>
+```
+
+**示例：**
+
+```SQL
+SHOW PIPES
+
+SHOW PIPE A2B
+```
+
+## 6. 修改任务
+
+**语法：**
+
+```SQL
+ALTER PIPE [IF EXISTS] <PipeId>
+    MODIFY/REPLACE SOURCE(...)
+    MODIFY/REPLACE PROCESSOR(...)
+    MODIFY/REPLACE SINK(...)
+```
+
+**示例：**
+
+```SQL
+ALTER PIPE A2B REPLACE SINK ('sink'='iotdb-thrift-sink', 'node-urls' = '127.0.0.1:6668');
+```
diff --git a/src/zh/UserGuide/latest-Table/SQL-Manual/SQL-Data-Sync_timecho.md b/src/zh/UserGuide/latest-Table/SQL-Manual/SQL-Data-Sync_timecho.md
new file mode 100644
index 000000000..e272c9053
--- /dev/null
+++ b/src/zh/UserGuide/latest-Table/SQL-Manual/SQL-Data-Sync_timecho.md
@@ -0,0 +1,320 @@
+<!--
+
+    Licensed to the Apache Software Foundation (ASF) under one
+    or more contributor license agreements.  See the NOTICE file
+    distributed with this work for additional information
+    regarding copyright ownership.  The ASF licenses this file
+    to you under the Apache License, Version 2.0 (the
+    "License"); you may not use this file except in compliance
+    with the License.  You may obtain a copy of the License at
+    
+        http://www.apache.org/licenses/LICENSE-2.0
+    
+    Unless required by applicable law or agreed to in writing,
+    software distributed under the License is distributed on an
+    "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+    KIND, either express or implied.  See the License for the
+    specific language governing permissions and limitations
+    under the License.
+
+-->
+# 数据同步
+
+本文档主要为数据同步功能的SQL语句，详细功能介绍及使用说明见 [数据同步](../User-Manual/Data-Sync_timecho.md) 
+
+## 1.  创建任务
+
+**语法：**
+
+```SQL
+CREATE PIPE [IF NOT EXISTS] <PipeId> -- PipeId 是能够唯一标定任务的名字
+-- 数据抽取插件，可选插件
+WITH SOURCE (
+  [<parameter> = <value>,],
+)
+-- 数据处理插件，可选插件
+WITH PROCESSOR (
+  [<parameter> = <value>,],
+)
+-- 数据连接插件，必填插件
+WITH SINK (
+  [<parameter> = <value>,],
+)
+```
+
+**示例一：全量数据同步**
+
+```SQL
+create pipe A2B
+with sink (
+  'sink'='iotdb-thrift-sink',
+  'node-urls' = '127.0.0.1:6668', 
+)
+```
+
+**示例二：部分数据同步**
+
+```SQL
+create pipe A2B
+WITH SOURCE (
+  'source'= 'iotdb-source',
+  'mode.streaming' = 'true'  
+  'database-name'='db_b.*', 
+  'start-time' = '2023.08.23T08:00:00+00:00', 
+  'end-time' = '2023.10.23T08:00:00+00:00'
+) 
+with SINK (
+  'sink'='iotdb-thrift-async-sink',
+  'node-urls' = '127.0.0.1:6668', 
+)
+```
+
+**示例三：双向数据传输**
+
+* 在 A IoTDB 上执行下列语句
+
+```SQL
+create pipe AB
+with source (
+  'source.mode.double-living' ='true'
+)
+with sink (
+  'sink'='iotdb-thrift-sink',
+  'node-urls' = '127.0.0.1:6668', 
+)
+```
+
+* 在 B IoTDB 上执行下列语句
+
+```SQL
+create pipe BA
+with source (
+  'source.mode.double-living' ='true' 
+)
+with sink (
+  'sink'='iotdb-thrift-sink',
+  'node-urls' = '127.0.0.1:6667', 
+)
+```
+
+**示例四：边云数据传输**
+
+* 在 B IoTDB 上执行下列语句，将 B 中数据同步至 A
+
+```SQL
+create pipe BA
+with source (
+   'database-name'='db_b.*', 
+   'table-name'='.*', 
+)
+with sink (
+  'sink'='iotdb-thrift-sink',
+  'node-urls' = '127.0.0.1:6667', 
+)
+```
+
+* 在 C IoTDB 上执行下列语句，将 C 中数据同步至 A
+
+```SQL
+create pipe CA
+with source (
+   'database-name'='db_c.*', 
+   'table-name'='.*', 
+)
+with sink (
+  'sink'='iotdb-thrift-sink',
+  'node-urls' = '127.0.0.1:6668', 
+)
+```
+
+* 在 D IoTDB 上执行下列语句，将 D 中数据同步至 A
+
+```SQL
+create pipe DA
+with source (
+   'database-name'='db_d.*', 
+   'table-name'='.*', 
+)
+with sink (
+  'sink'='iotdb-thrift-sink',
+  'node-urls' = '127.0.0.1:6669', 
+)
+```
+
+**示例五：级联数据传输**
+
+* 在 A IoTDB 上执行下列语句，将 A 中数据同步至 B
+
+```SQL
+create pipe AB
+with sink (
+  'sink'='iotdb-thrift-sink',
+  'node-urls' = '127.0.0.1:6668', 
+)
+```
+
+* 在 B IoTDB 上执行下列语句，将 B 中数据同步至 C
+
+```SQL
+create pipe BC
+with source (
+)
+with sink (
+  'sink'='iotdb-thrift-sink',
+  'node-urls' = '127.0.0.1:6669', 
+)
+```
+
+**示例六：跨网闸数据传输**
+
+```SQL
+create pipe A2B
+with sink (
+  'sink'='iotdb-air-gap-sink',
+  'node-urls' = '10.53.53.53:9780', 
+)
+```
+
+**示例七：压缩同步**
+
+```SQL
+create pipe A2B 
+with sink (
+ 'node-urls' = '127.0.0.1:6668', 
+ 'compressor' = 'snappy,lz4',
+ 'rate-limit-bytes-per-second'='1048576' 
+)
+```
+
+**示例八：加密同步**
+
+```SQL
+create pipe A2B
+with sink (
+  'sink'='iotdb-thrift-ssl-sink',
+  'node-urls'='127.0.0.1:6667',  
+  'ssl.trust-store-path'='pki/trusted', 
+  'ssl.trust-store-pwd'='root' 
+)
+```
+
+**示例九：本地导出 Object 类型数据**
+
+```SQL
+CREATE PIPE tsfile_export_local
+WITH SOURCE (                           
+  'source' = 'iotdb-source',
+  'table-name' = 'test_table'
+)
+WITH PROCESSOR (
+  'processor' = 'do-nothing-processor'
+)
+WITH SINK (
+  'sink' = 'tsfile-local-sink',                         
+  'sink.local.target-path' = '/data/backup/export_2024' 
+  'sink.rate-limit-bytes-per-second' = '10485760'      
+);
+```
+
+**示例十：远程传输 Object 类型数据**
+
+* 该方式需提前注册 `tsfile_remote_sink` 插件
+
+```SQL
+CREATE PIPE tsfile_export_scp
+WITH SOURCE (
+  'source' = 'iotdb-source',
+  'table-name' = 'test_table'                        
+)
+WITH PROCESSOR (
+  'processor' = 'do-nothing-processor'
+)
+WITH SINK (
+  'sink' = 'tsfile_remote_sink',
+  'sink.file-mode' = 'scp',                          
+  'sink.scp.host' = '192.168.1.100',                 
+  'sink.scp.port' = '22',                            
+  'sink.scp.user' = 'backup_user',                  
+  'sink.scp.password' = 'ComplexPass123!',           
+  'sink.scp.remote-path' = '/remote/archive/',       
+  'sink.rate-limit-bytes-per-second' = '10485760'    
+);
+```
+
+## 2. 开始任务
+
+**语法：**
+
+```SQL
+START PIPE<PipeId>
+```
+
+**示例：**
+
+```SQL
+START PIPE A2B
+```
+
+## 3. 停止任务
+
+**语法：**
+
+```SQL
+STOP PIPE <PipeId>
+```
+
+**示例：**
+
+```SQL
+STOP PIPE A2B
+```
+
+## 4. 删除任务
+
+**语法：**
+
+```SQL
+DROP PIPE [IF EXISTS] <PipeId>
+```
+
+**示例：**
+
+```SQL
+DROP PIPE IF EXISTS A2B
+```
+
+## 5. 查看任务
+
+**语法：**
+
+```SQL
+-- 查看全部任务
+SHOW PIPES
+-- 查看指定任务
+SHOW PIPE <PipeId>
+```
+
+**示例：**
+
+```SQL
+SHOW PIPES
+
+SHOW PIPE A2B
+```
+
+## 6. 修改任务
+
+**语法：**
+
+```SQL
+ALTER PIPE [IF EXISTS] <PipeId>
+    MODIFY/REPLACE SOURCE(...)
+    MODIFY/REPLACE PROCESSOR(...)
+    MODIFY/REPLACE SINK(...)
+```
+
+**示例：**
+
+```SQL
+ALTER PIPE A2B REPLACE SINK ('sink'='iotdb-thrift-sink', 'node-urls' = '127.0.0.1:6668');
+```