Delete realms and attachments
Stay organized with collections Save and categorize content based on your preferences.

This document explains how to delete realms and attachments. After you create a realm, you can't edit it. If you want to make changes to the realm, you must delete it and create a new realm.

Required roles

For all SSE providers:

To get the permissions that you need to delete realms and attachments, ask your administrator to grant you the Compute Network Admin (roles/compute.networkAdmin) IAM role on the project. For more information about granting roles, see Manage access to projects, folders, and organizations.

You might also be able to get the required permissions through custom roles or other predefined roles.
For Symantec Cloud SWG:

To ensure that Network Security Service Account has the necessary permissions to delete attachments and their corresponding Symantec locations, ask your administrator to grant Network Security Service Account the Secret Manager Secret Accessor (roles/secretmanager.secretAccessor) IAM role on the project.
Important: You must grant this role to Network Security Service Account, not to your user account. Failure to grant the role to the correct principal might result in permission errors.
For more information about granting roles, see Manage access to projects, folders, and organizations.

Your administrator might also be able to give Network Security Service Account the required permissions through custom roles or other predefined roles.

Additionally, make sure that the API credentials you stored in Secret Manager when you created the realm are still valid. If the credentials aren't valid, create and upload a new API key.

Delete attachments

To delete attachments, run the gcloud beta network-security secure-access-connect attachments delete command command:

gcloud beta network-security secure-access-connect attachments delete ATTACHMENT_ID \
    --project=PROJECT_ID \
    --location=REGION

Replace the following:

ATTACHMENT_ID: the attachment ID
PROJECT_ID: the project that contains the attachment
REGION: the region where the attachment is located

Delete realms

You must delete all attachments before you can delete a realm. To delete a realm, run the gcloud beta network-security secure-access-connect realms delete command:

gcloud beta network-security secure-access-connect realms delete REALM_ID \
    --project=PROJECT_ID