# RevokePermissions
<a name="API_RevokePermissions"></a>

Revokes permissions to the principal to access metadata in the Data Catalog and data organized in underlying data storage such as Amazon S3.

## Request Syntax
<a name="API_RevokePermissions_RequestSyntax"></a>

```
POST /RevokePermissions HTTP/1.1
Content-type: application/json

{
   "CatalogId": "string",
   "Condition": { 
      "Expression": "string"
   },
   "Permissions": [ "string" ],
   "PermissionsWithGrantOption": [ "string" ],
   "Principal": { 
      "DataLakePrincipalIdentifier": "string"
   },
   "Resource": { 
      "Catalog": { 
         "Id": "string"
      },
      "Database": { 
         "CatalogId": "string",
         "Name": "string"
      },
      "DataCellsFilter": { 
         "DatabaseName": "string",
         "Name": "string",
         "TableCatalogId": "string",
         "TableName": "string"
      },
      "DataLocation": { 
         "CatalogId": "string",
         "ResourceArn": "string"
      },
      "LFTag": { 
         "CatalogId": "string",
         "TagKey": "string",
         "TagValues": [ "string" ]
      },
      "LFTagExpression": { 
         "CatalogId": "string",
         "Name": "string"
      },
      "LFTagPolicy": { 
         "CatalogId": "string",
         "Expression": [ 
            { 
               "TagKey": "string",
               "TagValues": [ "string" ]
            }
         ],
         "ExpressionName": "string",
         "ResourceType": "string"
      },
      "Table": { 
         "CatalogId": "string",
         "DatabaseName": "string",
         "Name": "string",
         "TableWildcard": { 
         }
      },
      "TableWithColumns": { 
         "CatalogId": "string",
         "ColumnNames": [ "string" ],
         "ColumnWildcard": { 
            "ExcludedColumnNames": [ "string" ]
         },
         "DatabaseName": "string",
         "Name": "string"
      }
   }
}
```

## URI Request Parameters
<a name="API_RevokePermissions_RequestParameters"></a>

The request does not use any URI parameters.

## Request Body
<a name="API_RevokePermissions_RequestBody"></a>

The request accepts the following data in JSON format.

 ** [CatalogId](#API_RevokePermissions_RequestSyntax) **   <a name="lakeformation-RevokePermissions-request-CatalogId"></a>
The identifier for the Data Catalog. By default, the account ID. The Data Catalog is the persistent metadata store. It contains database definitions, table definitions, and other control information to manage your Amazon Lake Formation environment.   
Type: String  
Length Constraints: Minimum length of 1. Maximum length of 255.  
Pattern: `[\u0020-\uD7FF\uE000-\uFFFD\uD800\uDC00-\uDBFF\uDFFF\t]*`   
Required: No

 ** [Condition](#API_RevokePermissions_RequestSyntax) **   <a name="lakeformation-RevokePermissions-request-Condition"></a>
A Lake Formation condition, which applies to permissions and opt-ins that contain an expression.  
Type: [Condition](API_Condition.md) object  
Required: No

 ** [Permissions](#API_RevokePermissions_RequestSyntax) **   <a name="lakeformation-RevokePermissions-request-Permissions"></a>
The permissions revoked to the principal on the resource. For information about permissions, see [Security and Access Control to Metadata and Data](https://docs.aws.amazon.com/lake-formation/latest/dg/security-data-access.html).  
Type: Array of strings  
Valid Values: `ALL | SELECT | ALTER | DROP | DELETE | INSERT | DESCRIBE | CREATE_DATABASE | CREATE_TABLE | DATA_LOCATION_ACCESS | CREATE_LF_TAG | ASSOCIATE | GRANT_WITH_LF_TAG_EXPRESSION | CREATE_LF_TAG_EXPRESSION | CREATE_CATALOG | SUPER_USER`   
Required: Yes

 ** [PermissionsWithGrantOption](#API_RevokePermissions_RequestSyntax) **   <a name="lakeformation-RevokePermissions-request-PermissionsWithGrantOption"></a>
Indicates a list of permissions for which to revoke the grant option allowing the principal to pass permissions to other principals.  
Type: Array of strings  
Valid Values: `ALL | SELECT | ALTER | DROP | DELETE | INSERT | DESCRIBE | CREATE_DATABASE | CREATE_TABLE | DATA_LOCATION_ACCESS | CREATE_LF_TAG | ASSOCIATE | GRANT_WITH_LF_TAG_EXPRESSION | CREATE_LF_TAG_EXPRESSION | CREATE_CATALOG | SUPER_USER`   
Required: No

 ** [Principal](#API_RevokePermissions_RequestSyntax) **   <a name="lakeformation-RevokePermissions-request-Principal"></a>
The principal to be revoked permissions on the resource.  
Type: [DataLakePrincipal](API_DataLakePrincipal.md) object  
Required: Yes

 ** [Resource](#API_RevokePermissions_RequestSyntax) **   <a name="lakeformation-RevokePermissions-request-Resource"></a>
The resource to which permissions are to be revoked.  
Type: [Resource](API_Resource.md) object  
Required: Yes

## Response Syntax
<a name="API_RevokePermissions_ResponseSyntax"></a>

```
HTTP/1.1 200
```

## Response Elements
<a name="API_RevokePermissions_ResponseElements"></a>

If the action is successful, the service sends back an HTTP 200 response with an empty HTTP body.

## Errors
<a name="API_RevokePermissions_Errors"></a>

For information about the errors that are common to all actions, see [Common Error Types](CommonErrors.md).

 ** ConcurrentModificationException **   
Two processes are trying to modify a resource simultaneously.    
 ** Message **   
A message describing the problem.
HTTP Status Code: 400

 ** EntityNotFoundException **   
A specified entity does not exist.    
 ** Message **   
A message describing the problem.
HTTP Status Code: 400

 ** InvalidInputException **   
The input provided was not valid.    
 ** Message **   
A message describing the problem.
HTTP Status Code: 400

## See Also
<a name="API_RevokePermissions_SeeAlso"></a>

For more information about using this API in one of the language-specific Amazon SDKs, see the following:
+  [Amazon Command Line Interface V2](https://docs.amazonaws.cn/goto/cli2/lakeformation-2017-03-31/RevokePermissions) 
+  [Amazon SDK for .NET V4](https://docs.amazonaws.cn/goto/DotNetSDKV4/lakeformation-2017-03-31/RevokePermissions) 
+  [Amazon SDK for C\$1\$1](https://docs.amazonaws.cn/goto/SdkForCpp/lakeformation-2017-03-31/RevokePermissions) 
+  [Amazon SDK for Go v2](https://docs.amazonaws.cn/goto/SdkForGoV2/lakeformation-2017-03-31/RevokePermissions) 
+  [Amazon SDK for Java V2](https://docs.amazonaws.cn/goto/SdkForJavaV2/lakeformation-2017-03-31/RevokePermissions) 
+  [Amazon SDK for JavaScript V3](https://docs.amazonaws.cn/goto/SdkForJavaScriptV3/lakeformation-2017-03-31/RevokePermissions) 
+  [Amazon SDK for Kotlin](https://docs.amazonaws.cn/goto/SdkForKotlin/lakeformation-2017-03-31/RevokePermissions) 
+  [Amazon SDK for PHP V3](https://docs.amazonaws.cn/goto/SdkForPHPV3/lakeformation-2017-03-31/RevokePermissions) 
+  [Amazon SDK for Python](https://docs.amazonaws.cn/goto/boto3/lakeformation-2017-03-31/RevokePermissions) 
+  [Amazon SDK for Ruby V3](https://docs.amazonaws.cn/goto/SdkForRubyV3/lakeformation-2017-03-31/RevokePermissions)