Removing access to a file share from other accounts
When you no longer want to allow another account or service to have access to your file share data, you can revoke their access at any time. To revoke access, first remove the IAM authorization. Removal of the IAM authorization prevents the other account or service from creating another accessor share and mount target. Then, delete the binding that connects the origin file share to the accessor shares. This action severs the network path, and puts the accessor share and the mount target that is attached to the accessor share in a failed state.
A failed accessor share and its associated mount targets can't become stable again and can't be reused. The accessor account can and needs to delete these resources.
Removing authorization
Removing an authorization in the consoleRemoving an authorization by using the CLIRemoving an authorization by using the API Removing an authorization by using Terraform
Deleting the bindings
- Select a file share from the list of file shares.
- On the File share details page, scroll to the Accessor share bindings section to locate the binding that you want to delete.
- At the end of the row of the binding, click the Actions icon and select Delete.
You can delete a share binding by using the is share-binding-delete
command. See the following example.
ibmcloud is share-accessor-binding-delete SHARE ACCESSOR_BINDING
You can programmatically delete a share binding by calling the /shares
method in the VPC API as shown in the following sample request.
curl -X DELETE "$vpc_api_endpoint/v1/shares/v1/shares/$share_id/bindings/$binding_id?version=2024-06-21&generation=2"
If you want to remove a binding by using Terraform, you need to delete the ibm_is_share_binding
resource. You can use the terraform destroy
command to conveniently destroy a remote object such as a single binding resource.
terraform destroy --target ibm_is_share_binding.example.id