Create policy
- Print
- PDF
Create policy
- Print
- PDF
Article Summary
Share feedback
Thanks for sharing your feedback!
This creates a policy.
API
- POST /policies
Requests
Body
{
"policyName": "string",
"description": "string",
"permissions": [
{
"effect": "string",
"targets": [
{
"product": "string",
"actions": [
"string"
],
"resourceNrns": [
"string"
]
}
]
}
]
}
| Parameter | Requirement status | Type | Restrictions | Description |
|---|---|---|---|---|
| policyName | Y | string | Policy name | |
| description | Y | string | Policy description | |
| permissions | Y | array | Permission list | |
| permissions.effect | Y | string | Permission status (currently only supports Allow) | |
| permissions.targets | Y | array | Permission target | |
| permissions.targets.product | Y | string | Target service code | |
| permissions.targets.actions | Y | array - | The following rules need to be applied according to the service-specific authority unit - Detailed action unit > Action name or View*, Change* - All views unit or All changes unit > All views: View* / All changes: Change* - Service units > Full authority: asterisk ( * ) | Target action |
| permissions.targets.resourceNrns | Y | array | If nrn is not specified, an asterisk ( * ) must be applied | Target resource nrns |
Responses
- Responses
{
"policyId": "string",
"policyName": "string",
"description": "string",
"validationResult": {
"details": [
{
"code": "string",
"location": "string",
"message": "string",
"type": "ERROR"
}
],
"success": true
}
}
| Parameter name | Requirement status | Type | Description |
|---|---|---|---|
| policyId | N | string | Policy ID |
| policyName | N | string | Policy name |
| description | N | string | Policy description |
| validationResult. | Y | object | Policy creation success status |
| validationResult.success | Y | boolean | Policy creation success status |
| validationResult.details | N | array | Validity check result details |
| validationResult.details.code | N | string | Validity check detailed code |
| validationResult.details.location | N | string | Validity check location |
| validationResult.details.message | N | string | Validity check detailed message |
| validationResult.details.type | N | string | Validity check result type (INFO, WARN, ERROR), failure when ERROR is included |
- Response examples - Success
{
"policyId": "000000000-qwer-asdf-123456789012",
"policyName": "policy-test",
"description": "policy test ",
"validationResult": {
"success": true
}
}
- Response examples - Failure
{
"validationResult": {
"success": false,
"details": [
{
"type": "ERROR",
"code": "iam.policy.invalidName.length.max",
"location": "policyName",
"message": "Policy name field must be less than 30 characters."
},
{
"type": "ERROR",
"code": "iam.error.requiredFieldIsMissing",
"location": "permissions",
"message": "The required field is missing."
}
]
}
}
Was this article helpful?