This topic describes how to revoke permissions from an IAM user when the IAM user does not require specific permissions or leaves the enterprise.
Method 1: Revoke permissions from an IAM user on the Subusers page
- Log in to the IAM console.
- In the left navigation pane, choose Identities > Subusers. The Subusers page appears.
- Click the username of the target IAM user, or click Details in the Actions column. The User details page appears.
- Click the Permissions tab.
- On the Personal authority tab, find the target policy and click Revoke in the Actions column.
- In the message that appears, click Confirm.
Method 2: Revoke permissions from an IAM user on the Grants page
- Log in to the IAM console.
- In the left navigation pane, choose Permissions > Grants. The Grants page appears.
- Find the target policy and click Revoke in the Actions column.
- In the message that appears, click OK.
Method 3: Revoke permissions from an IAM user on the Policies page
- Log in to the IAM console.
- In the left navigation pane, choose Permissions > Policies. The Policies page appears.
- Click the name of the target policy. The Policy details page appears.
- Click the Associated object tab.
- Find the target IAM user and click Remove in the Actions column.
- In the message that appears, click Confirm.