Revoking revisions in AWS Data Exchange - AWS Data Exchange User Guide
Revoking a revision (AWS CLI)Revoking a single revision as a provider (console)Revoking multiple revisions as a provider (console)Editing a revocation reason as a provider (console)Viewing revoked revisions as a subscriber (console)

Revoking revisions in AWS Data Exchange

As a provider, you can revoke subscriber access to a specific revision at any time. This action is typically done by providers for compliance reasons. Revoking a revision doesn't delete the underlying assets. After you have revoked the revision, all subscribers receive an Amazon EventBridge (formerly known as CloudWatch Events) notification that the revision has been revoked. Subscribers can then view the reason for the revoked revision on the AWS Data Exchange console. Subscribers can’t export or query the data within a revoked revision.

To be able to revoke revisions, providers who manage their own IAM policies must add dataexchange:RevokeRevision as a new action. Providers who use the AWS Data Exchange managed policies don't need to make any changes.

After a revision is revoked, you can delete the assets of the revision by using the console or the AWS Data Exchange DeleteAsset API operation.

Revoking a revision (AWS CLI)

To revoke a revision (AWS CLI)

  1. Use the revoke-revision command to revoke a revision. 

    $ aws dataexchange revoke-revision \
--data-set-id $DATA_SET_ID \
--revision-id $REVISION_ID \
--comment 'Revoking Revision Example'

{
"Id": "ab7859881EXAMPLEdd3e8a4b88fc6a8d",
"Arn": "arn:aws:dataexchange:us-east-1:427362365172:data-sets/$DATA_SET_ID/revisions/$REVISION_ID",
"Comment": "Revoking Revision Example",
"CreatedAt": "2022-03-08T18:54:20.746Z",
"UpdatedAt": "2022-03-09T20:28:53.105Z",
"DataSetId": "24d30f8446a878237c35d011e7b22d0b",
"Finalized": true,
"Revoked": true,
"RevokedAt": "2022-03-09T20:28:53.105Z",
"RevocationComment": "revoking revision example"
}

  2. After a revision is revoked, you can delete the assets of the revision using the AWS Data Exchange DeleteAsset API operation.

Revoking a single revision as a provider (console)

To revoke revision as a provider (console)

  1. Open your web browser and sign in to the AWS Data Exchange console.

  2. In the left side navigation pane, for Publish data, choose Owned data sets.

  3. In Owned data sets, choose the data set that has the revision you want to revoke.

  4. On the Revisions tab, under Revisions, choose the revision.

  5. On the revision page, under Revision overview, for Actions, choose Revoke.

  6. In the Revoke revision dialog box, enter a short description of your reason for revoking the revision. Subscribers will see this description.

  7. Choose Revoke.

    The Status of the revision is set to Revoked.

    Warning

    This revokes the revision and all of its assets. Subscribers can view the reason for revocation but can’t access or export the assets. This action can't be undone.

  8. After a revision is revoked, you can delete the assets of the revision by navigating to the revision page, selecting the assets you want to delete in the Imported assets table, and then choosing Delete.

To edit the reason for a revoked revision, see Editing a revocation reason as a provider (console).

Revoking multiple revisions as a provider (console)

To revoke multiple revisions as a provider (console)

  1. Open your web browser and sign in to the AWS Data Exchange console.

  2. In the left side navigation pane, for Publish data, choose Owned data sets.

  3. In Owned data sets, choose the data set that has the revisions you want to revoke.

  4. On the Revisions tab, choose up to 10 revisions.

  5. Choose Revoke.

  6. In the Revoke {x} revisions dialog box, enter a short description of your reason for revoking the revisions. Subscribers will see this description. Then, choose Revoke.

    The Status of the revisions are set to Revoked.

    Warning

    This revokes the revisions and all of the assets. Subscribers can view the reason for revocation but can’t access or export the assets. This action can't be undone.

  7. After a revision is revoked, you can delete the assets of the revision by navigating to the revision page, selecting the assets you want to delete in the Imported assets table, and then choosing Delete.

To edit the reason for a revoked revision, see Editing a revocation reason as a provider (console).

Editing a revocation reason as a provider (console)

As a provider, you can edit the reason for the revocation after the revision has been revoked.

To edit a revocation revision as a provider (console)

  1. Open your web browser and sign in to the AWS Data Exchange console.

  2. In the left side navigation pane, for Publish data products, choose Owned data sets.

  3. In Owned data sets, choose the data set that has the revision you revoked.

  4. On the Revisions tab, choose the revoked revision.

  5. On the revision page, choose Edit revocation reason.

  6. In the Edit revocation revision dialog box, enter a short description of your reason for revoking the revision.

  7. Choose Save.

    The Status of the revision is set to Revoked.

    The updated revocation reason is displayed on the revision page.

Viewing revoked revisions as a subscriber (console)

To view a revoked revision as a subscriber (console)

  1. Open your web browser and sign in to the AWS Data Exchange console.

  2. From the left navigation pane, under My subscriptions, choose Entitled data.

  3. Under Products, choose a product, and then expand the data set under the product to see a list of revisions.

  4. On the data set page, under the Revisions tab, view the Status of the revision (Published or Revoked).

  5. Choose a revision.

  6. View the revision reason on the top of the revision detail page.