remove_permission

remove_permission(**kwargs)

Revokes function-use permission from an Amazon Web Service or another Amazon Web Services account. You can get the ID of the statement from the output of GetPolicy.

See also: AWS API Documentation

Request Syntax

response = client.remove_permission(
    FunctionName='string',
    StatementId='string',
    Qualifier='string',
    RevisionId='string'
)

Parameters

• FunctionName (string) --

  [REQUIRED]

  The name of the Lambda function, version, or alias.

  Name formats

  • Function name – my-function (name-only), my-function:v1 (with alias).
  • Function ARN – arn:aws:lambda:us-west-2:123456789012:function:my-function .
  • Partial ARN – 123456789012:function:my-function .

  You can append a version number or alias to any of the formats. The length constraint applies only to the full ARN. If you specify only the function name, it is limited to 64 characters in length.

• StatementId (string) --

  [REQUIRED]

  Statement ID of the permission to remove.

• Qualifier (string) -- Specify a version or alias to remove permissions from a published version of the function.
• RevisionId (string) -- Update the policy only if the revision ID matches the ID that's specified. Use this option to avoid modifying a policy that has changed since you last read it.

Returns

None

Exceptions

• Lambda.Client.exceptions.ServiceException
• Lambda.Client.exceptions.ResourceNotFoundException
• Lambda.Client.exceptions.InvalidParameterValueException
• Lambda.Client.exceptions.TooManyRequestsException
• Lambda.Client.exceptions.PreconditionFailedException

Examples

The following example removes a permissions statement named xaccount from the PROD alias of a function named my-function.

response = client.remove_permission(
    FunctionName='my-function',
    Qualifier='PROD',
    StatementId='xaccount',
)

print(response)

Expected Output:

{
    'ResponseMetadata': {
        '...': '...',
    },
}