Get policy

Available in Classic and VPC

Get policy details.

Request

This section describes the request format. The method and URI are as follows:

Method	URI
GET	/api/v1/policies/{policyId}

Request headers

For information about the headers common to all Sub Account APIs, see Sub Account request headers.

Request path parameters

You can use the following path parameters with your request:

Field	Type	Required	Description
`policyId`	String	Required	Policy ID See Get policy list

Request query parameters

You can use the following query parameters with your request:

Field	Type	Required	Description
`withPermissions`	Boolean	Optional	Whether to display detailed permissions for a policy `true` \| `false` (default) `true`: display `false`: not display

Request example

The request example is as follows:

curl --location --request GET 'https://subaccount.apigw.ntruss.com/api/v1/policies/48ac3260-****-****-****-246e96591594?withPermissions=true' \
--header 'x-ncp-apigw-timestamp: {Timestamp}' \
--header 'x-ncp-iam-access-key: {Access Key}' \
--header 'x-ncp-apigw-signature-v2: {API Gateway Signature}' \
--header 'Accept: application/json'

Response

This section describes the response format.

Response body

The response body includes the following data:

Field	Type	Required	Description
`policyId`	String	-	Policy ID
`policyName`	String	-	Policy Name
`policyType`	String	-	Policy type `SYSTEM_MANAGED` \| `USER_CREATED` `SYSTEM_MANAGED`: System Managed Policies `USER_CREATED`: User Created Policies
`policyDesc`	String	-	Policy description
`nrn`	String	-	NAVER Cloud Platform resource identification value for policy
`permissions`	Array	-	Allowed permission list Display if `withPermissions` is `true`

`permissions`

The following describes permissions.

Field	Type	Required	Description
`effect`	String	-	Permission allowance `Allow` (Valid value)
`targets`	Array	-	Permission allowance target
`condition`	Object	-	Policy condition Display if the policy includes a condition
`condition.{operator}`	Object	-	Policy condition operator
`condition.{operator}.{key}`	Object	-	Policy condition key
`condition.{operator}.{value}`	Array	-	Policy condition value

`targets`

The following describes targets.

Field	Type	Required	Description
`product`	String	-	Allowable service code
`actions`	Array	-	Allowable action
`resourceNrns`	Array	-	NAVER Cloud Platform resource identification value for allowable target

Response status codes

For information about the HTTP status codes common to all Sub Account APIs, see Sub Account status codes.

Response example

The response example is as follows:

{
  "policyId": "b38802f0-****-****-****-246e966ebec4",
  "policyName": "mypolicy",
  "policyType": "USER_CREATED",
  "policyDesc": "my policy",
  "nrn": "nrn:PUB:IAM::5*****8:Policy/b38802f0-****-****-****-246e966ebec4",
  "permissions": [
    {
      "effect": "Allow",
      "targets": [
        {
          "product": "VPCServer",
          "actions": [
            "Change*",
            "View*"
          ],
          "resourceNrns": [
            "nrn:PUB:VPCServer::5*****8:*"
          ]
        }
      ],
      "condition": {
        "StringEquals": {
          "ncp:principalName": [
            "abc"
          ]
        }
      }
    },
    {
      "effect": "Allow",
      "targets": [
        {
          "product": "ExternalAccess",
          "actions": [
            "Change*",
            "View*"
          ],
          "resourceNrns": [
            "nrn:PUB:ExternalAccess::5*****8:*"
          ]
        }
      ],
      "condition": {}
    }
  ]
}