revoke_role_from_object_by_id
Removes a role from the specified object.
Guardium automatically handles dependencies. For example, if you remove role 7 from a specific query, role 7 is also removed from any report based on that query.
This API is available in Guardium V9.5 and later.
REST API syntax
This API is available as a REST service with the
DELETE
method. Call this API as follows:
DELETE https://[Guardium hostname or IP address]:8443/restAPI/revoke_role_from_object_by_id
GuardAPI syntax
revoke_role_from_object_by_id parameter=value
Parameters
Parameter | Value type | Description |
---|---|---|
objectId | Integer | Required. The ID of the object from which to revoke the role. |
objectTypeId | Integer | Required. The ID of the object type. For valid values, call revoke_role_from_object_by_id from the command line with --help=true .
|
roleId | Integer | Required. The ID of the role to revoke from the object. Specify any existing role ID or specify -1 to revoke access to all roles. |
api_target_host | String |
Specifies the target hosts where the API executes. Valid values:
IP addresses must conform to the IP mode of your network. For dual IP mode, use the same IP protocol with which the managed unit is registered with the central manager. For example, if the registration uses IPv6, specify an IPv6 address. The hostname is independent of IP mode and can be used with any mode. |
GuardAPI example
grdapi revoke_role_from_object_by_id objectTypeId=13 objectId=5 role=-1