Detach an IAM policy from a user on Vultr. Remove the permissions defined in the policy document from the user through the Vultr API or Console interface.
Detaching a policy from a user revokes the permissions granted through that policy. The user retains any permissions assigned through other policies, roles, or groups.
This guide explains how to detach a policy from a user using the Vultr API.
Send a GET request to the List Policies endpoint to retrieve all policies in your organization.
$ curl "https://api.vultr.com/v2/policies" \
-X GET \
-H "Authorization: Bearer ${VULTR_API_KEY}"
Note the id of the policy you want to detach.
Send a GET request to the List Users with Policy endpoint to retrieve all users assigned to the policy. Replace {policy-id} with the id of the policy. Note the id of the user you want to detach.
$ curl "https://api.vultr.com/v2/policies/{policy-id}/users" \
-X GET \
-H "Authorization: Bearer ${VULTR_API_KEY}"
Send a DELETE request to the Detach Policy from User endpoint to detach the policy. Replace {policy-id} with the policy id and {user-id} with the user id.
$ curl "https://api.vultr.com/v2/policies/{policy-id}/users/{user-id}" \
-X DELETE \
-H "Authorization: Bearer ${VULTR_API_KEY}"
A successful detachment returns an HTTP 204 No Content response with no response body.