You can revoke permissions that are no longer required from a Resource Access Management (RAM) user group. This topic describes how to revoke permissions from a RAM user group. You can use one of the following methods to revoke permissions from a RAM user group:
After you revoke permissions from a RAM user group, the RAM users in the RAM user group no longer have the permissions to access specific resources. Before you revoke permissions from a RAM user group, make sure that the operation meets your business requirements.
Method 1: Revoke permissions from a RAM user group on the Groups page
Log on to the RAM console as a RAM administrator.
In the left-side navigation pane, choose .
On the Group page, click the name of a group.
On the page that appears, click the Permissions tab, find the policy that you want to manage, and then click Revoke Permission in the Actions column.
In the Revoke Permission message, click Revoke Permission.
Method 2: Revoke permissions from a RAM user group on the Grants page
Log on to the RAM console as a RAM administrator.
In the left-side navigation pane, choose .
On the Permission page, find the authorization record that you want to manage and click Revoke Permission in the Actions column.
You can also select multiple authorization records and click Revoke Permission below the authorization record list to revoke multiple authorization records from multiple RAM user groups at a time.
In the Revoke Permission message, click Revoke Permission.