kendra:DisassociatePersonasFromEntities

Write

kendra:DisassociatePersonasFromEntities is a Write access-level action in the kendra service. Removes the specific permissions of users or groups in your AWS SSO identity source with access to your Amazon Kendra experience

Resource types

ARNs that kendra:DisassociatePersonasFromEntities can be scoped to in an IAM policy.

arn:${Partition}:kendra:${Region}:${Account}:index/${IndexId}/experience/${ExperienceId}
experience
arn:${Partition}:kendra:${Region}:${Account}:index/${IndexId}
index

Condition keys

Keys you can use in the Condition block of a policy that grants kendra:DisassociatePersonasFromEntities.

aws:ResourceTag/${TagKey} String

Filters access by the tags associated with the resource

Example IAM policy

A minimal policy that allows kendra:DisassociatePersonasFromEntities. Replace "Resource": "*" with a specific ARN to follow least privilege.

{
  "Version": "2012-10-17",
  "Statement": [
    {
      "Sid": "AllowKendraDisassociatePersonasFromEntities",
      "Effect": "Allow",
      "Action": "kendra:DisassociatePersonasFromEntities",
      "Resource": "*"
    }
  ]
}

Related actions in kendra

View all kendra actions →