Revoking a Grant
You can revoke a grant on the KMS console in either of the following scenarios:
- A grantee does not need the custom key grant. (The grantee can either tell the user who has created the grant to revoke the grant or call the necessary API to revoke the grant directly.)
- You do not want the grantee to have the grant.
When a grant is revoked, the grantee does not have the corresponding permission anymore. However, if the grantee has created the same grant to another user, permission of that user will not be affected.
This section describes how to revoke a grant on the KMS console.
Prerequisites
You have created a grant.
Procedure
- Log in to the management console.
- Click
in the upper left corner of the management console and select a region or project. - Click
on the left. Choose . - Click the alias of the target custom key to view its details.
- In the row of a grantee, click Revoke Grant.
- If verification is not enabled, enter DELETE in the confirmation dialog box, and click OK.
If you have enabled deletion verification, select a verification mode, click Get Code, enter the code, and click OK.
To disable operation protection, go to the Security Settings page, click Disable next to Operation Protection in the Critical Operations tab, or click Disable Operation Protection on the deletion page.
Feedback
Was this page helpful?
Provide feedbackThank you very much for your feedback. We will continue working to improve the documentation.See the reply and handling status in My Cloud VOC.
For any further questions, feel free to contact us through the chatbot.
Chatbot
