Create policy
    • PDF

    Create policy

    • PDF

    Article summary

    This creates a policy.

    API

    • POST /policies

    Request

    Body

    {
      "policyName": "string",
      "description": "string",
      "permissions": [
        {
          "effect": "string",
          "targets": [
            {
              "product": "string",
              "actions": [
                "string"
              ],
              "resourceNrns": [
                "string"
              ]
            }
          ],
          "condition": {
            "operator": {
                "key": "value"
            }
          }
        }
      ]
    }
    
    ParameterRequiredTypeRestrictionsDescription
    policyNameYstringPolicy Name
    descriptionYstringPolicy description
    permissionsYarrayPermission list
    permissions.effectYstringPermission status (currently only supports Allow)
    permissions.targetsYarrayPermission target
    permissions.targets.productYstringTarget Service code
    permissions.targets.actionsYarray -Following rules needs to be applied according to the Permission unit by service
    - Detailed action unit > Action name or View*, Change*
    - Get all or Change all unit > Get all: View*, Change all: Change*
    - Service unit > All permissions: asterisk(*)
    Target action
    permissions.targets.resourceNrnsYarrayIf no NRN is specified, an asterisk (*) must be appliedTarget resource nrns
    permissions.conditionNobjectPolicy condition
    permissions.condition.operatorNstringPolicy condition operator
    permissions.condition.operator.keyNstringPolicy condition key
    permissions.condition.operator.valueNanyPolicy condition value

    Response

    • Response
    {
      "policyId": "string",
      "policyName": "string",
      "description": "string",
      "validationResult": {
        "details": [
          {
            "code": "string",
            "location": "string",
            "message": "string",
            "type": "ERROR"
          }
        ],
        "success": true
      }
    }
    
    Parameter nameRequiredTypeDescription
    policyIdNstringPolicy ID
    policyNameNstringPolicy Name
    descriptionNstringPolicy description
    validationResult.YobjectPolicy creation success status
    validationResult.successYbooleanPolicy creation success status
    validationResult.detailsNarrayValidity check result details
    validationResult.details.codeNstringValidity check detailed code
    validationResult.details.locationNstringValidity check location
    validationResult.details.messageNstringValidity check detailed message
    validationResult.details.typeNstringValidity check result type (INFO, WARN, ERROR), failure when ERROR is included
    • Response example - Success
    {
      "policyId": "000000000-qwer-asdf-123456789012",
      "policyName": "policy-test",
      "description": "policy test ",
      "validationResult": {
        "success": true
      }
    }
    
    • Response example - Failure
    {
      "validationResult": {
        "success": false,
        "details": [
          {
            "type": "ERROR",
            "code": "iam.policy.invalidName.length.max",
            "location": "policyName",
            "message": "Policy name field must be less than 30 characters."
          },
          {
            "type": "ERROR",
            "code": "iam.error.requiredFieldIsMissing",
            "location": "permissions",
            "message": "The required value is missing."
          }
        ]
      }
    }
    

    Was this article helpful?

    What's Next
    Changing your password will log you out immediately. Use the new password to log back in.
    First name must have atleast 2 characters. Numbers and special characters are not allowed.
    Last name must have atleast 1 characters. Numbers and special characters are not allowed.
    Enter a valid email
    Enter a valid password
    Your profile has been successfully updated.