revoke_role_from_object_by_Name

Removes a role from the specified object.

Guardium automatically handles dependencies. For example, if you remove role accessmgr from a specific query, role accessmgr is also removed from any report based on that query.

This API is available in Guardium V9.5 and later.

REST API syntax

This API is available as a REST service with the DELETE method. Call this API as follows:
DELETE https://[Guardium hostname or IP address]:8443/restAPI/revoke_role_from_object_by_Name

GuardAPI syntax

revoke_role_from_object_by_Name parameter=value

Parameters

Parameter Value type Description
objectName String Required. The name of the object from which to revoke the role.
objectType String Required. The name of the object type. For valid values, call revoke_role_from_object_by_Name from the command line with --help=true.
role String Required. The name of the role to revoke. Specify any existing role. Specify all_roles to remove access to all roles.
api_target_host String

Specifies the target hosts where the API executes. Valid values:
  • all_managed: execute on all managed units but not the central manager
  • all: execute on all managed units and the central manager
  • group:<group name>: execute on all managed units identified by <group name>
  • host name or IP address of a managed unit: specified from the central manager to execute on a managed unit.  For example, api_target_host=10.0.1.123.
  • host name or IP address of the central manager: specified from a managed unit to execute on the central manager. For example, api_target_host=10.0.1.123.

IP addresses must conform to the IP mode of your network. For dual IP mode, use the same IP protocol with which the managed unit is registered with the central manager. For example, if the registration uses IPv6, specify an IPv6 address. The hostname is independent of IP mode and can be used with any mode.

GuardAPI example

grdapi revoke_role_from_object_by_Name objectType=Datasource objectName="swanSybase" role=admin