All Products
Search

This Product

    Resource Management:DetachPolicy

    Document Center

    Resource Management:DetachPolicy

    Last Updated:Dec 15, 2025

    Detaches a permission policy from an object. After you detach a policy from an object, the object does not have the operation permissions on the current resource group or the resources within the current account.

    Debugging

    You can run this interface directly in OpenAPI Explorer, saving you the trouble of calculating signatures. After running successfully, OpenAPI Explorer can automatically generate SDK code samples.

    Authorization information

    There is currently no authorization information disclosed in the API.

    Request parameters

    ParameterTypeRequiredDescriptionExample
    ResourceGroupIdstringYes

    The ID of the resource group or the ID of the Alibaba Cloud account to which the resource group belongs.

    This parameter specifies the resource group or Alibaba Cloud account for which you want to revoke permissions.

    		rg-9gLOoK****
    PolicyTypestringYes

    The type of the permission policy. Valid values:

    • Custom
    • System
    		Custom
    PolicyNamestringYes

    The name of the permission policy.

    The name must be 1 to 128 characters in length and can contain letters, digits, and hyphen (-).

    		OSS-Administrator
    PrincipalTypestringYes

    The type of the object to which you want to attach the permission policy. Valid values:

    • IMSUser: RAM user
    • IMSGroup: RAM user group
    • ServiceRole: RAM role
    		IMSUser
    PrincipalNamestringYes

    The name of the object to which you want to attach the permission policy.

    		alice@demo.onaliyun.com

    Response parameters

    ParameterTypeDescriptionExample
    object
    RequestIdstring

    The request ID.

    		697852FB-50D7-44D9-9774-530C31EAC572

    Examples

    Sample success responses

    JSONformat

    {
  "RequestId": "697852FB-50D7-44D9-9774-530C31EAC572"
}

    Error codes

    HTTP status codeError codeError messageDescription
    400InvalidParameter.PolicyTypeThe specified policy type is invalid.The specified policy type is invalid.
    404EntityNotExist.PolicyThe policy does not exist.The policy does not exist.
    404EntityNotExists.ResourceGroupThe specified resource group does not exist. You must first create a resource group.The specified resource group does not exist. You must first create a resource group.
    409Invalid.ResourceGroup.StatusYou cannot perform an operation on a resource group that is being created or deleted.You cannot perform an operation on a resource group that is being created or deleted.

    For a list of error codes, visit the Service error codes.

    Change history

    Change timeSummary of changesOperation
    No change history