[ aws . resourcegroupstaggingapi ]
Removes the specified tags from the specified resources. When you specify a tag key, the action removes both that key and its associated value. The operation succeeds even if you attempt to remove tags from a resource that were already removed. Note the following:
To remove tags from a resource, you need the necessary permissions for the service that the resource belongs to as well as permissions for removing tags. For more information, see the documentation for the service whose resource you want to untag.
You can only tag resources that are located in the specified Amazon Web Services Region for the calling Amazon Web Services account.
Minimum permissions
In addition to the tag:UntagResources
permission required by this operation, you must also have the remove tags permission defined by the service that created the resource. For example, to remove the tags from an Amazon EC2 instance using the UntagResources
operation, you must have both of the following permissions:
tag:UntagResource
ec2:DeleteTags
See also: AWS API Documentation
See ‘aws help’ for descriptions of global parameters.
untag-resources
--resource-arn-list <value>
--tag-keys <value>
[--cli-input-json | --cli-input-yaml]
[--generate-cli-skeleton <value>]
--resource-arn-list
(list)
Specifies a list of ARNs of the resources that you want to remove tags from.
An ARN (Amazon Resource Name) uniquely identifies a resource. For more information, see Amazon Resource Names (ARNs) and Amazon Web Services Service Namespaces in the Amazon Web Services General Reference .
(string)
Syntax:
"string" "string" ...
--tag-keys
(list)
Specifies a list of tag keys that you want to remove from the specified resources.
(string)
Syntax:
"string" "string" ...
--cli-input-json
| --cli-input-yaml
(string)
Reads arguments from the JSON string provided. The JSON string follows the format provided by --generate-cli-skeleton
. If other arguments are provided on the command line, those values will override the JSON-provided values. It is not possible to pass arbitrary binary values using a JSON-provided value as the string will be taken literally. This may not be specified along with --cli-input-yaml
.
--generate-cli-skeleton
(string)
Prints a JSON skeleton to standard output without sending an API request. If provided with no value or the value input
, prints a sample input JSON that can be used as an argument for --cli-input-json
. Similarly, if provided yaml-input
it will print a sample input YAML that can be used with --cli-input-yaml
. If provided with the value output
, it validates the command inputs and returns a sample output JSON for that command.
See ‘aws help’ for descriptions of global parameters.
To remove a tag from a resource
The following untag-resources
example removes the specified tag keys and any associated values from the specified resource.
aws resourcegroupstaggingapi untag-resources \
--resource-arn-list arn:aws:s3:::awsexamplebucket \
--tag-keys Environment CostCenter
Output:
{
"FailedResourcesMap": {}
}
For more information, see UntagResources in the Resource Groups Tagging API Reference.
FailedResourcesMap -> (map)
A map containing a key-value pair for each failed item that couldn’t be untagged. The key is the ARN of the failed resource. The value is a
FailureInfo
object that contains an error code, a status code, and an error message. If there are no errors, theFailedResourcesMap
is empty.key -> (string)
value -> (structure)
Information about the errors that are returned for each failed resource. This information can include
InternalServiceException
andInvalidParameterException
errors. It can also include any valid error code returned by the Amazon Web Services service that hosts the resource that the ARN key represents.The following are common error codes that you might receive from other Amazon Web Services services:
InternalServiceException – This can mean that the Resource Groups Tagging API didn’t receive a response from another Amazon Web Services service. It can also mean that the resource type in the request is not supported by the Resource Groups Tagging API. In these cases, it’s safe to retry the request and then call GetResources to verify the changes.
AccessDeniedException – This can mean that you need permission to call the tagging operations in the Amazon Web Services service that contains the resource. For example, to use the Resource Groups Tagging API to tag a Amazon CloudWatch alarm resource, you need permission to call both `
TagResources
https://docs.aws.amazon.com/resourcegroupstagging/latest/APIReference/API_TagResources.html`__ and `TagResource
https://docs.aws.amazon.com/AmazonCloudWatch/latest/APIReference/API_TagResource.html`__ in the CloudWatch API.For more information on errors that are generated from other Amazon Web Services services, see the documentation for that service.
StatusCode -> (integer)
The HTTP status code of the common error.
ErrorCode -> (string)
The code of the common error. Valid values include
InternalServiceException
,InvalidParameterException
, and any valid error code returned by the Amazon Web Services service that hosts the resource that you want to tag.ErrorMessage -> (string)
The message of the common error.