RevokeUserPermission - Data Management - Alibaba Cloud Documentation Center

Revokes the permissions on instances, databases, and tables from a user.

Debugging

You can run this interface directly in OpenAPI Explorer, saving you the trouble of calculating signatures. After running successfully, OpenAPI Explorer can automatically generate SDK code samples.

Debug

Authorization information

The following table shows the authorization information corresponding to the API. The authorization information can be used in the Action policy element to grant a RAM user or RAM role the permissions to call this API operation. Description:

Operation: the value that you can use in the Action element to specify the operation on a resource.
Access level: the access level of each operation. The levels are read, write, and list.
Resource type: the type of the resource on which you can authorize the RAM user or the RAM role to perform the operation. Take note of the following items:
- The required resource types are displayed in bold characters.
- If the permissions cannot be granted at the resource level, All Resources is used in the Resource type column of the operation.
Condition Key: the condition key that is defined by the cloud service.
Associated operation: other operations that the RAM user or the RAM role must have permissions to perform to complete the operation. To complete the operation, the RAM user or the RAM role must have the permissions to perform the associated operations.

Operation	Access level	Resource type	Condition key	Associated operation
dms:RevokeUserPermission	delete	All Resources ``	none	none

Request parameters

Parameter	Type	Required	Description	Example
Tid	long	No	The tenant ID. You can call the GetUserActiveTenant operation to query the tenant ID.	3***
UserId	string	Yes	The user ID. You can call the ListUsers or GetUser operation to query the ID of the user.	51****
DsType	string	Yes	The type of the object on which you want to revoke permissions from a user. Valid values: INSTANCE: instances. DATABASE: physical databases. LOGIC_DATABASE: logical databases. TABLE: physical tables. LOGIC_TABLE: logical tables.	DATABASE
InstanceId	long	No	The database instance ID. You must specify this parameter if you revoke a permission from the database instance. You can call the ListInstances or GetInstance operation to query the ID of the database instance.	174****
DbId	string	No	The database ID. The database can be a physical database or a logical database. To query the ID of a physical database, call the ListDatabases or SearchDatabase operation. To query the ID of a logical database, call the ListLogicDatabases or SearchDatabase operation.	1860****
Logic	boolean	No	Specifies whether the database is a logical database. Valid values: true: The database is a logical database. false: The database is a physical database. Note If the database is a logical database, set this parameter to true. If the database is a physical database, set this parameter to false.	false
TableId	string	No	The table ID. You must specify this parameter if you revoke a permission from the table. You can call the ListTables operation to query the table ID.	13****
TableName	string	No	The name of the table. You can call the ListTables operation to query the table name.	table_name
PermTypes	string	Yes	The type of the permissions. Valid values: QUERY: query permissions. EXPORT: export permissions. CORRECT: change permissions. LOGIN: logon permissions. PERF: query permissions on the performance details of an instance.	CORRECT
UserAccessId	string	Yes	The permission ID. You can call the ListUserPermission operation to query the permission ID.	774****

Response parameters

Parameter	Type	Description	Example
	object
RequestId	string	The request ID.	A99CD576-1E18-4E86-931E-C3CCE56D****
ErrorCode	string	The error code that is returned.	MissingUserId
ErrorMessage	string	The error message that is returned.	UserId is mandatory for this action.
Success	boolean	Indicates whether the request was successful. Valid values: true false	true

Examples

Sample success responses

JSONformat

{
  "RequestId": "A99CD576-1E18-4E86-931E-C3CCE56D****",
  "ErrorCode": "MissingUserId",
  "ErrorMessage": "UserId is mandatory for this action.",
  "Success": true
}

Error codes

For a list of error codes, visit the Service error codes.

Change history

Change time	Summary of changes	Operation

No change history