Controlling who has access to an API is an integral part of development. For
example, as you test your API, you might want to automate redeploying updated
Cloud Endpoints configurations by using a service account that has the
permission to do so. By default, only the project owner can manage access to an
API. This page shows you how to grant and revoke access to your API by using the
GCP Console or the
gcloud command-line tool.
Google Groups are a convenient way to grant or revoke access to a collection of users. You can grant or revoke access for a whole group at once, instead of granting or revoking access one at a time for individual users or service accounts. You can also easily add members to and remove members from a Google Group instead of granting or revoking the Cloud IAM role for each member.
To revoke access to your API, remove the Cloud IAM role from the member who previously had the role.