Contact UsGet started
© 2024 Iron Hive LLC Belgrade

Revoking subject's access

Written by
Updated at November 20, 2024

Note

This feature is in the Preview stage. To get access, contact tech support or your account manager.

Cloud Infrastructure Entitlement Management provides a centralized view of the list of accesses to the organization's resources available to the subjects and groups and revoke them as needed.

Accesses can be revoked by a user with the admin, resource-manager.admin, organization-manager.admin, resource-manager.clouds.owner, or organization-manager.organizations.owner role, or with the admin role for the service to whose resource the subject’s access is being revoked.

To revoke a subject's access (role) for a resource:

  1. Open the list of the subject's accesses and select the one you want to revoke.

    Use filtering by resource ID, role ID, or access assignment method (Directly appointed or Assigned via group), if required.

  2. Revoke access based on the assignment method used:

    If access is assigned to the subject directly (the Group field is left blank):

    1. In the row with the access you need, click and select Revoke access.
    2. In the window that opens, verify info on the resource you are revoking access to and select the roles to revoke.
    3. Click Revoke all (or Revoke selected if you left some roles unselected).

    If access is assigned to the subject through a group (the Group field contains the group name and ID), such access cannot be revoked from the subject. Instead, you can either remove the subject from this user group or revoke the access from the whole group.

    • To remove a subject from a user group:

      1. In the row with the access, click and select Remove from group.
      2. In the window that opens, review the list of accesses the subject will lose when removed from the group, and click Remove.

      You cannot remove a subject from a system group or public group. To revoke access granted through one of these groups, you have to revoke that access from the whole group.

    • To revoke access from the whole group, open the list of accesses for that group and follow the guide on how to revoke directly assigned access.

    See also

Previous
Viewing a list of access permissions
Next
Overview