Detach an IAM policy from a group on Vultr. Revoke the permissions defined in the policy from all group members through the Vultr API or Console interface.
Detaching a policy from a group revokes the permissions granted through that policy for all group members. Members retain any permissions assigned through other policies, roles, or other groups.
This guide explains how to detach a policy from a group using the Vultr API.
Send a GET request to the List Policies endpoint to retrieve all policies in your organization.
$ curl "https://api.vultr.com/v2/policies" \
-X GET \
-H "Authorization: Bearer ${VULTR_API_KEY}"
Note the id of the policy you want to detach.
Send a GET request to the List Groups with Policy endpoint to retrieve all groups assigned to the policy. Replace {policy-id} with the id of the policy. Note the id of the group you want to detach.
$ curl "https://api.vultr.com/v2/policies/{policy-id}/groups" \
-X GET \
-H "Authorization: Bearer ${VULTR_API_KEY}"
Send a DELETE request to the Detach Policy from Group endpoint to detach the policy. Replace {policy-id} with the policy id and {group-id} with the group id.
$ curl "https://api.vultr.com/v2/policies/{policy-id}/groups/{group-id}" \
-X DELETE \
-H "Authorization: Bearer ${VULTR_API_KEY}"
A successful detachment returns an HTTP 204 No Content response with no response body.