Managing Permissions of a User Group

You can modify or delete permissions of a user group on its details page.

You can view or modify user group permissions on the Permissions page of the IAM console.

Modifying the permissions of a user group affects the permissions of all users in the user group.
Permissions of the default user group admin cannot be modified.

Click a user group (for example, the developer group) to go to the details page, and view the group permissions on the Permissions tab.
Click Delete in the row that contains the role or policy you want to delete.
Figure 1 Deleting an assigned permission
Click OK.
On the Permissions tab, click Authorize.
Figure 2 Assigning permissions to a user group
Select desired permissions and a scope, and click OK.
Go back to the Permissions tab to view the modified group permissions.
Figure 3 Permissions assigned

To revoke a policy or role attached to a user group, do the following:

Log in to the IAM console. In the navigation pane, choose User Groups.
Click the name of the user group to go to the group details page.

Figure 4 Clicking a user group name
On the Permissions tab, click Delete in the row that contains the role or policy you want to delete.

Figure 5 Revoking permissions
In the displayed dialog box, click OK.

To revoke multiple policies or roles attached to a user group, do as follows:

Log in to the IAM console. In the navigation pane, choose User Groups.
Click the name of the user group to go to the group details page.

Figure 6 Viewing a user group
On the Permissions page, select the roles or policies you want to delete and click Delete above the list.

Figure 7 Batch deleting permissions
In the displayed dialog box, click OK.