Yes. You can revoke only derived access grants from the CLI. The root API key or access grant can be only removed and this should be done in the satellite UI. This will immediately invalidate all derived access grants.
No, it’s not possible and not considered as far as I know. But you can request this feature in the DCS feature requests - voting - Storj Community Forum (official) or Issues · storj/storj · GitHub
Because you are trying to revoke a root access grant. As I said - it’s not possible via CLI.
You need to have a derived access grant to revoke it.
For example
$ uplink share --readonly=false
...
Sharing access to satellite 12tRQrMTWUWwzwGh18i7Fqs67kmdhH9t6aToeiwbo5mfS2rUmo@us2.storj.io:7777
=========== ACCESS RESTRICTIONS ==========================================================
Download : Allowed
Upload : Allowed
Lists : Allowed
Deletes : Allowed
NotBefore : No restriction
NotAfter : No restriction
Paths : WARNING! The entire project is shared!
=========== SERIALIZED ACCESS WITH THE ABOVE RESTRICTIONS TO SHARE WITH OTHERS ===========
Access : 1Sfrjgorjgmorgiorg...
NEVER DO THIS ^^^^, this is only for test purpose!
You will get an access grant with full permissions, then you can revoke it by
$ uplink revoke 1Sfrjgorjgmorgiorg...
=========== SUCCESSFULLY REVOKED =========================================================
NOTE: It may take the satellite several minutes to process the revocation request,
depending on its caching policies.
No one command with the revoked access grant will work:
$ uplink --access 1Sfrjgorjgmorgiorg... ls
Error: uplink: uplink: permission denied (bucket: metaclient: Unauthorized API credentials)
It’s a placeholder for a serialized access grant, the 1Sfrjgorjgmorgiorg... in my example.
The revoke of the named access grant is not possible, I created a bug a while ago, it should be solved in [Tech Preview] Uplinkng (new enhanced uplink cli) and then merged to the uplink, when it matures.
But you can revoke the named access grant if you provide not the name but the access grant itself (you can take it from the config file, see uplink setup --help for tooltip --config-dir)