Use DetachUserPolicy
with an Amazon SDK or CLI
The following code examples show how to use DetachUserPolicy
.
Action examples are code excerpts from larger programs and must be run in context. You can see this action in context in the following code example:
- CLI
-
- Amazon CLI
-
To detach a policy from a user
This example removes the managed policy with the ARN
arn:aws:iam::123456789012:policy/TesterPolicy
from the userBob
.aws iam detach-user-policy \ --user-name Bob \ --policy-arn arn:aws:iam::123456789012:policy/TesterPolicy
This command produces no output.
For more information, see Changing permissions for an IAM user
in the Amazon IAM User Guide. -
For API details, see DetachUserPolicy
in Amazon CLI Command Reference.
-
- PowerShell
-
- Tools for PowerShell
-
Example 1: This example detaches the managed policy whose ARN is
arn:aws:iam::123456789012:policy/TesterPolicy
from the IAM user namedBob
.Unregister-IAMUserPolicy -UserName Bob -PolicyArn arn:aws:iam::123456789012:policy/TesterPolicy
Example 2: This example finds all the managed policies that are attached to the IAM user named
Theresa
and detaches those policies from the user.Get-IAMAttachedUserPolicyList -UserName Theresa | Unregister-IAMUserPolicy -Username Theresa
-
For API details, see DetachUserPolicy
in Amazon Tools for PowerShell Cmdlet Reference.
-
- Python
-
- SDK for Python (Boto3)
-
Note
There's more on GitHub. Find the complete example and learn how to set up and run in the Amazon Code Examples Repository
. def detach_policy(user_name, policy_arn): """ Detaches a policy from a user. :param user_name: The name of the user. :param policy_arn: The Amazon Resource Name (ARN) of the policy. """ try: iam.User(user_name).detach_policy(PolicyArn=policy_arn) logger.info("Detached policy %s from user %s.", policy_arn, user_name) except ClientError: logger.exception( "Couldn't detach policy %s from user %s.", policy_arn, user_name ) raise
-
For API details, see DetachUserPolicy in Amazon SDK for Python (Boto3) API Reference.
-
- Ruby
-
- SDK for Ruby
-
Note
There's more on GitHub. Find the complete example and learn how to set up and run in the Amazon Code Examples Repository
. # Detaches a policy from a user # # @param user_name [String] The name of the user # @param policy_arn [String] The ARN of the policy to detach # @return [Boolean] true if the policy was successfully detached, false otherwise def detach_user_policy(user_name, policy_arn) @iam_client.detach_user_policy( user_name: user_name, policy_arn: policy_arn ) @logger.info("Policy '#{policy_arn}' detached from user '#{user_name}' successfully.") true rescue Aws::IAM::Errors::NoSuchEntity @logger.error("Error detaching policy: Policy or user does not exist.") false rescue Aws::IAM::Errors::ServiceError => e @logger.error("Error detaching policy from user '#{user_name}': #{e.message}") false end
-
For API details, see DetachUserPolicy in Amazon SDK for Ruby API Reference.
-
- Rust
-
- SDK for Rust
-
Note
There's more on GitHub. Find the complete example and learn how to set up and run in the Amazon Code Examples Repository
. pub async fn detach_user_policy( client: &iamClient, user_name: &str, policy_arn: &str, ) -> Result<(), iamError> { client .detach_user_policy() .user_name(user_name) .policy_arn(policy_arn) .send() .await?; Ok(()) }
-
For API details, see DetachUserPolicy
in Amazon SDK for Rust API reference.
-
For a complete list of Amazon SDK developer guides and code examples, see Using IAM with an Amazon SDK. This topic also includes information about getting started and details about previous SDK versions.