Documentation
Identity and Access Management
Role Management
Authorization management
Revoke permissions from an IAM role
Identity and Access Management
Role Management
Authorization management
Revoke permissions from an IAM role
Revoke permissions from an IAM role
Last updated:2021-10-29 17:57:30
This topic describes how to revoke permissions from an IAM role when the IAM role does not require specific permissions or leaves the enterprise.
Limits
The policy of a service-linked role is defined by the service. You cannot revoke permissions from the role.
Method 1: Revoke permissions from a role on the Roles page
- Log in to the IAM console.
- In the left navigation pane, click Roles.
- On the Roles page, click the name of the target role. The Role details page appears.
- Click the Permissions tab. In the policy list, find the target policy and click Revoke in the Actions column.
- In the message that appears, click OK.
Method 2: Revoke permissions from a role on the Grants page
- Log in to the IAM console.
- In the left navigation pane, choose Permissions > Grants. The Grants page appears.
- Find the target policy and click Revoke in the Actions column.
- In the message that appears, click OK.
Method 3: Revoke permissions from a role on the Policies page
- Log in to the IAM console.
- In the left navigation pane, choose Permissions > Policies. The Policies page appears.
- Click the name of the target policy. The Policy details page appears.
- Click the Associated object tab.
- Find the target object and click Remove in the Actions column.
- In the message that appears, click Confirm.
Did you find the above information helpful?
Unhelpful
Mostly Unhelpful
A little helpful
Helpful
Very helpful
What might be the problems?
Insufficient
Outdated
Unclear or awkward
Redundant or clumsy
Lack of context for the complex system or functionality
More suggestions
0/200
Please give us your feedback.
Submitted
Thank you for your feedback.