When a Resource Access Management (RAM) user's job responsibilities change or they leave your organization, you may need to detach policies to remove their permissions. This topic describes how to detach a policy from a RAM user.
After you detach a policy, the RAM user immediately loses the permissions defined in that policy. Before you proceed, confirm that the user no longer requires access to the resources governed by the policy.
Method 1: Detach a policy from the user details page
Log on to the RAM console as a RAM administrator.
In the left-side navigation pane, choose .
On the Users page, click the username of the target RAM user.
On the page that appears, click the Permissions tab.In the policy list, find the policy that you want to detach, and click Revoke Permission in the Actions column.
In the Revoke Permission message, click Revoke Permission.
Method 2: Detach a policy from the Authorization page
Log on to the RAM console as a RAM administrator.
In the left-side navigation pane, choose .
On the Permission page, find the policy grant that you want to detach and click Revoke Permission in the Actions column.
Alternatively, to remove multiple policy grants in bulk, select the checkboxes for the desired grants and click Revoke Permission at the bottom of the list.
In the Revoke Permission message, click Revoke Permission.