Understand the access impact when a user is removed from a Vultr IAM group. The user loses inherited permissions but retains any directly assigned access.
When a user is removed from a group, they immediately lose all permissions they inherited through that group, including any roles and permission policies attached to the group. There is no delay and no additional action required.
However, only the access inherited through that specific group is revoked. The user retains:
For example, if a user belongs to both a DevOps group and a Billing group, removing them from the DevOps group revokes only the permissions granted by that group. Their access through the Billing group and any direct assignments remains unaffected.