Removing Account Assignments
Function
This API is used to remove a principal's access from a specified account using a specified permission set. The principal can be either a user or a group in IAM Identity Center.
URI
POST /v1/instances/{instance_id}/account-assignments/delete
|
Parameter |
Mandatory |
Type |
Description |
|---|---|---|---|
|
instance_id |
Yes |
String |
Globally unique ID of an IAM Identity Center instance |
Request Parameters
|
Parameter |
Mandatory |
Type |
Description |
|---|---|---|---|
|
X-Security-Token |
No |
String |
Security token (session token) of your temporary security credentials. If a temporary security credential is used, this header is required. Maximum length: 2048 |
|
Parameter |
Mandatory |
Type |
Description |
|---|---|---|---|
|
permission_set_id |
Yes |
String |
Unique ID of a permission set |
|
principal_id |
Yes |
String |
Unique ID of a principal (for example, a user or group) in IAM Identity Center |
|
principal_type |
Yes |
String |
Principal type Enumerated value:
|
|
target_id |
Yes |
String |
ID of the target account |
|
target_type |
Yes |
String |
Target type Enumerated value:
|
Response Parameters
Status code: 200
|
Parameter |
Type |
Description |
|---|---|---|
|
Object |
Status object for the account assignment deletion operation |
|
Parameter |
Type |
Description |
|---|---|---|
|
created_date |
Long |
Creation date |
|
failure_reason |
String |
Failure cause |
|
permission_set_id |
String |
Unique ID of a permission set |
|
principal_id |
String |
Unique ID of a principal (for example, a user or group) in IAM Identity Center |
|
principal_type |
String |
Principal type of an operation Enumerated value:
|
|
request_id |
String |
Unique ID of a request |
|
status |
String |
Authorization status of a permission set Enumerated value:
|
|
target_id |
String |
Unique ID of a target principal |
|
target_type |
String |
Principal type Enumerated value:
|
Status code: 400
|
Parameter |
Type |
Description |
|---|---|---|
|
error_code |
String |
Error code |
|
error_msg |
String |
Error message |
|
request_id |
String |
Unique ID of a request |
Status code: 403
|
Parameter |
Type |
Description |
|---|---|---|
|
error_code |
String |
Error code |
|
error_msg |
String |
Error message |
|
request_id |
String |
Unique ID of a request |
Status code: 404
|
Parameter |
Type |
Description |
|---|---|---|
|
error_code |
String |
Error code |
|
error_msg |
String |
Error message |
|
request_id |
String |
Unique ID of a request |
Status code: 409
|
Parameter |
Type |
Description |
|---|---|---|
|
error_code |
String |
Error code |
|
error_msg |
String |
Error message |
|
request_id |
String |
Unique ID of a request |
Example Request
Removing an IAM Identity Center user access from a specified account using a specified permission set
POST https://{hostname}/v1/instances/{instance_id}/account-assignments/delete
{
"permission_set_id" : "848805579************03de60620a5",
"principal_id" : "ac6aa714-daa7-1aaa-aaa2-6715aaaa4dd9",
"principal_type" : "USER",
"target_id" : "5146d03d8aaaaaaaaaaaabbae60620a5",
"target_type" : "ACCOUNT"
}
Example Response
Status code: 200
Successful
{
"account_assignment_deletion_status" : {
"created_date" : 0,
"failure_reason" : "string",
"permission_set_id" : "string",
"principal_id" : "string",
"principal_type" : "USER",
"request_id" : "string",
"status" : "IN_PROGRESS",
"target_id" : "string",
"target_type" : "ACCOUNT"
}
}
Status Codes
For details, see Status Codes.
Error Codes
For details, see Error Codes.
Feedback
Was this page helpful?
Provide feedbackThank you very much for your feedback. We will continue working to improve the documentation.See the reply and handling status in My Cloud VOC.
For any further questions, feel free to contact us through the chatbot.
Chatbot
