This page shows you how to turn off Gemini Cloud Assist.
For information about changing the settings that control sharing Gemini Cloud Assist prompts and responses with Google, see Configure prompt and response sharing for Gemini Cloud Assist.
Before you begin
In order to get the required permissions for turning off
Gemini Cloud Assist, ask your administrator to grant you the
Owner or Admin basic role (roles/owner or
roles/admin) on the project.
Both of these roles contain the permissions required to remove access for users and to disable services.
To see the exact permissions that are required, expand the Required permissions section:
Required permissions
resourcemanager.projects.getIamPolicyresourcemanager.projects.setIamPolicyserviceusage.services.disable- If you intend to use the Google Cloud console to turn off
Gemini Cloud Assist, you should also have the following
permissions:
serviceusage.services.getserviceusage.services.list
You might be able to get these permissions with other predefined roles or custom roles.
Turn off Gemini Cloud Assist
To turn off Gemini Cloud Assist, do the following:
Console
To limit access for specific users in your organization, remove Identity and Access Management permissions for Gemini Cloud Assist:
Go to the IAM & Admin page.
In the Principal column, find a principal for which you want to remove access to Gemini Cloud Assist, and then click Edit principal in that row.
In the Edit access pane, do the following:
Locate the Gemini for Google Cloud User role, and then click Delete role.
Locate the Gemini Cloud Assist User role, and then click Delete role.
Locate the Service Usage Consumer role, and then click Delete role.
Click Save.
Turn off the Gemini Cloud Assist API (
geminicloudassist.googleapis.com):Go to the Enabled APIs & services page.
To select the Google Cloud project where you want to disable the Gemini Cloud Assist API, do one of the following:
In the Select a recent project section, click a Google Cloud project.
Use the Select a resource dialog:
- Click Select project.
- In the Select a project dialog, click the name of the Google Cloud project for which you want to disable the API.
Click the Gemini Cloud Assist API entry. If you need help finding the API, use the Search field in the Google Cloud console toolbar.
Click stop Disable API.
Optional: If you are disabling all Gemini for Google Cloud products, then repeat the previous step to turn off the Gemini for Google Cloud API (
cloudaicompanion.googleapis.com).
gcloud
-
In the Google Cloud console, activate Cloud Shell.
To limit access for specific users in your organization, remove Identity and Access Management permissions for Gemini Cloud Assist:
Remove the role
roles/cloudaicompanion.userusing the commandgcloud projects remove-iam-policy-binding:gcloud projects remove-iam-policy-binding PROJECT_ID \ --member=PRINCIPAL --role=roles/cloudaicompanion.user
Replace the following:
PROJECT_ID: the ID of your Google Cloud project—for example,1234567890.PRINCIPAL: the identifier for the principal—for example,user:cloudysanfrancisco@gmail.com.
The output is a list of policy bindings.
Repeat the previous step for the following roles:
roles/geminicloudassist.userroles/serviceusage.serviceUsageConsumer
Turn off the Gemini Cloud Assist API (
geminicloudassist.googleapis.com) using the commandgcloud services disable:gcloud services disable geminicloudassist.googleapis.com
If successful, the command produces output similar to the following:
Waiting for async operation operations/acf.e9d0943b-55d9-4ac0-8af4-745e1b8983f8 to complete... Operation finished successfully.
Optional: If you are disabling all Gemini for Google Cloud products, then repeat the previous step to turn off the
cloudaicompanion.googleapis.comAPI.
API
These instructions use cURL to call API methods.
To limit access for specific users in your organization, remove Identity and Access Management permissions for Gemini Cloud Assist:
Create a JSON file that contains the following information:
{ "options": { "requestedPolicyVersion": 3 } }Retrieve the existing IAM policy for the project using the
projects.getIamPolicymethod:curl -X POST --data-binary @JSON_FILE_NAME \ -H "Authorization: Bearer $(gcloud auth print-access-token)" \ -H "Content-Type: application/json" \ "https://cloudresourcemanager.googleapis.com/v1/projects/PROJECT_ID:getIamPolicy"Replace the following:
JSON_FILE_NAME: the path for the JSON file that you created in the previous step.PROJECT_ID: the ID for the project.
If successful, the response returns the project's IAM policy.
Copy the project's IAM policy to an empty JSON file, and remove the users whose access you want to limit. You should remove any such users from the
membersfield for the following fields:"role": "roles/cloudaicompanion.user""role": "roles/geminicloudassist.user""role": "roles/serviceusage.serviceUsageConsumer"
Apply the updated IAM policy to the project using the
projects.setIamPolicymethod:curl -X POST --data-binary @JSON_FILE_NAME \ -H "Authorization: Bearer $(gcloud auth print-access-token)" \ -H "Content-Type: application/json" \ "https://cloudresourcemanager.googleapis.com/v1/projects/PROJECT_ID:setIamPolicy"Replace the following:
JSON_FILE_NAME: the path for the JSON file that you created in the previous step.PROJECT_ID: the ID for the project.
If successful, the response returns the project's updated IAM policy.
Turn off the Gemini Cloud Assist API (
geminicloudassist.googleapis.com) using theservices.disablemethod:curl -X POST \ -H "Authorization: Bearer $(gcloud auth print-access-token)" \ "https://serviceusage.googleapis.com/v1/projects/PROJECT_ID/services/geminicloudassist.googleapis.com:disable"
Replace
PROJECT_IDwith the ID of the project for which you are disabling Gemini Cloud Assist.If the command succeeds, it returns a
long-running operation, which includes anamefield. You can use the value in thenamefield to check the status of the operation.Optional: If you are disabling all Gemini for Google Cloud products, then repeat the previous step to turn off the
cloudaicompanion.googleapis.comAPI.