This page shows you how to turn off Gemini Cloud Assist.
For information about changing the settings that control sharing Gemini Cloud Assist prompts and responses with Google, see Configure prompt and response sharing for Gemini Cloud Assist.
Before you begin
In order to get the required permissions for turning off
Gemini Cloud Assist, ask your administrator to grant you the
Owner or Admin basic role (roles/owner
or
roles/admin
) on the project.
Both of these roles contain the permissions required to remove access for users and to disable services.
To see the exact permissions that are required, expand the Required permissions section:
Required permissions
resourcemanager.projects.getIamPolicy
resourcemanager.projects.setIamPolicy
serviceusage.services.disable
- If you intend to use the Google Cloud console to turn off
Gemini Cloud Assist, you should also have the following
permissions:
serviceusage.services.get
serviceusage.services.list
You might be able to get these permissions with other predefined roles or custom roles.
Turn off Gemini Cloud Assist
To turn off Gemini Cloud Assist, do the following:
Console
To limit access for specific users in your organization, remove Identity and Access Management permissions for Gemini Cloud Assist:
Go to the IAM & Admin page.
In the Principal column, find a principal for which you want to remove access to Gemini Cloud Assist, and then click
Edit principal in that row.In the Edit access pane, do the following:
Locate the Gemini for Google Cloud User role, and then click
Delete role.Locate the Gemini Cloud Assist User role, and then click
Delete role.Locate the Service Usage Consumer role, and then click
Delete role.
Click Save.
Turn off the Gemini Cloud Assist API (
geminicloudassist.googleapis.com
):Go to the Enabled APIs & services page.
To select the Google Cloud project where you want to disable the Gemini Cloud Assist API, do one of the following:
In the Select a recent project section, click a Google Cloud project.
Use the Select a resource dialog:
- Click Select project.
- In the Select a project dialog, click the name of the Google Cloud project for which you want to disable the API.
Click the Gemini Cloud Assist API entry. If you need help finding the API, use the Search field in the Google Cloud console toolbar.
Click stop Disable API.
Optional: If you are disabling all Gemini for Google Cloud products, then repeat the previous step to turn off the Gemini for Google Cloud API (
cloudaicompanion.googleapis.com
).
gcloud
-
In the Google Cloud console, activate Cloud Shell.
To limit access for specific users in your organization, remove Identity and Access Management permissions for Gemini Cloud Assist:
Remove the role
roles/cloudaicompanion.user
using the commandgcloud projects remove-iam-policy-binding
:gcloud projects remove-iam-policy-binding PROJECT_ID \ --member=PRINCIPAL --role=roles/cloudaicompanion.user
Replace the following:
PROJECT_ID
: the ID of your Google Cloud project—for example,1234567890
.PRINCIPAL
: the identifier for the principal—for example,user:cloudysanfrancisco@gmail.com
.
The output is a list of policy bindings.
Repeat the previous step for the following roles:
roles/geminicloudassist.user
roles/serviceusage.serviceUsageConsumer
Turn off the Gemini Cloud Assist API (
geminicloudassist.googleapis.com
) using the commandgcloud services disable
:gcloud services disable geminicloudassist.googleapis.com
If successful, the command produces output similar to the following:
Waiting for async operation operations/acf.e9d0943b-55d9-4ac0-8af4-745e1b8983f8 to complete... Operation finished successfully.
Optional: If you are disabling all Gemini for Google Cloud products, then repeat the previous step to turn off the
cloudaicompanion.googleapis.com
API.
API
These instructions use cURL
to call API methods.
To limit access for specific users in your organization, remove Identity and Access Management permissions for Gemini Cloud Assist:
Create a JSON file that contains the following information:
{ "options": { "requestedPolicyVersion": 3 } }
Retrieve the existing IAM policy for the project using the
projects.getIamPolicy
method:curl -X POST --data-binary @JSON_FILE_NAME \ -H "Authorization: Bearer $(gcloud auth print-access-token)" \ -H "Content-Type: application/json" \ "https://cloudresourcemanager.googleapis.com/v1/projects/PROJECT_ID:getIamPolicy"
Replace the following:
JSON_FILE_NAME
: the path for the JSON file that you created in the previous step.PROJECT_ID
: the ID for the project.
If successful, the response returns the project's IAM policy.
Copy the project's IAM policy to an empty JSON file, and remove the users whose access you want to limit. You should remove any such users from the
members
field for the following fields:"role": "roles/cloudaicompanion.user
""role": "roles/geminicloudassist.user
""role": "roles/serviceusage.serviceUsageConsumer
"
Apply the updated IAM policy to the project using the
projects.setIamPolicy
method:curl -X POST --data-binary @JSON_FILE_NAME \ -H "Authorization: Bearer $(gcloud auth print-access-token)" \ -H "Content-Type: application/json" \ "https://cloudresourcemanager.googleapis.com/v1/projects/PROJECT_ID:setIamPolicy"
Replace the following:
JSON_FILE_NAME
: the path for the JSON file that you created in the previous step.PROJECT_ID
: the ID for the project.
If successful, the response returns the project's updated IAM policy.
Turn off the Gemini Cloud Assist API (
geminicloudassist.googleapis.com
) using theservices.disable
method:curl -X POST \ -H "Authorization: Bearer $(gcloud auth print-access-token)" \ "https://serviceusage.googleapis.com/v1/projects/PROJECT_ID/services/geminicloudassist.googleapis.com:disable"
Replace
PROJECT_ID
with the ID of the project for which you are disabling Gemini Cloud Assist.If the command succeeds, it returns a
long-running operation
, which includes aname
field. You can use the value in thename
field to check the status of the operation.Optional: If you are disabling all Gemini for Google Cloud products, then repeat the previous step to turn off the
cloudaicompanion.googleapis.com
API.