Create policy
- Print
- PDF
Create policy
- Print
- PDF
Article summary
Did you find this summary helpful?
Thank you for your feedback
This creates a policy.
API
- POST /policies
Request
Body
{
"policyName": "string",
"description": "string",
"permissions": [
{
"effect": "string",
"targets": [
{
"product": "string",
"actions": [
"string"
],
"resourceNrns": [
"string"
]
}
],
"condition": {
"operator": {
"key": "value"
}
}
}
]
}
Parameter | Required | Type | Restrictions | Description |
---|---|---|---|---|
policyName | Y | string | Policy Name | |
description | Y | string | Policy description | |
permissions | Y | array | Permission list | |
permissions.effect | Y | string | Permission status (currently only supports Allow) | |
permissions.targets | Y | array | Permission target | |
permissions.targets.product | Y | string | Target Service code | |
permissions.targets.actions | Y | array - | Following rules needs to be applied according to the Permission unit by service - Detailed action unit > Action name or View*, Change* - Get all or Change all unit > Get all: View*, Change all: Change* - Service unit > All permissions: asterisk(*) | Target action |
permissions.targets.resourceNrns | Y | array | If no NRN is specified, an asterisk (*) must be applied | Target resource nrns |
permissions.condition | N | object | Policy condition | |
permissions.condition.operator | N | string | Policy condition operator | |
permissions.condition.operator.key | N | string | Policy condition key | |
permissions.condition.operator.value | N | any | Policy condition value |
Response
- Response
{
"policyId": "string",
"policyName": "string",
"description": "string",
"validationResult": {
"details": [
{
"code": "string",
"location": "string",
"message": "string",
"type": "ERROR"
}
],
"success": true
}
}
Parameter name | Required | Type | Description |
---|---|---|---|
policyId | N | string | Policy ID |
policyName | N | string | Policy Name |
description | N | string | Policy description |
validationResult. | Y | object | Policy creation success status |
validationResult.success | Y | boolean | Policy creation success status |
validationResult.details | N | array | Validity check result details |
validationResult.details.code | N | string | Validity check detailed code |
validationResult.details.location | N | string | Validity check location |
validationResult.details.message | N | string | Validity check detailed message |
validationResult.details.type | N | string | Validity check result type (INFO, WARN, ERROR), failure when ERROR is included |
- Response example - Success
{
"policyId": "000000000-qwer-asdf-123456789012",
"policyName": "policy-test",
"description": "policy test ",
"validationResult": {
"success": true
}
}
- Response example - Failure
{
"validationResult": {
"success": false,
"details": [
{
"type": "ERROR",
"code": "iam.policy.invalidName.length.max",
"location": "policyName",
"message": "Policy name field must be less than 30 characters."
},
{
"type": "ERROR",
"code": "iam.error.requiredFieldIsMissing",
"location": "permissions",
"message": "The required value is missing."
}
]
}
}
Was this article helpful?