Edit policy

Available in Classic and VPC

Edit User Created policy information.

Request

This section describes the request format. The method and URI are as follows:

Method	URI
PUT	/api/v1/policies/{policyId}

Request headers

For information about the headers common to all Sub Account APIs, see Sub Account request headers.

Request path parameters

You can use the following path parameters with your request:

Field	Type	Required	Description
`policyId`	String	Required	Policy ID See Get policy list

Request body

You can include the following data in the body of your request:

Field	Type	Required	Description
`description`	String	Optional	Description of the policy (byte) 0-300
`permissions`	Array	Required	Allowed permission list

`permissions`

The following describes permissions.

Field	Type	Required	Description
`effect`	String	Required	Permission allowance `Allow` (Valid value)
`targets`	Array	Required	Permission allowance target
`condition`	Object	Optional	Policy condition
`condition.{operator}`	Object	Optional	Policy condition operator
`condition.{operator}.{key}`	Object	Optional	Policy condition key
`condition.{operator}.{value}`	Array	Optional	Policy condition value

`targets`

The following describes targets.

Field	Type	Required	Description
`product`	String	Required	Allowable service code See Permission information by service
`actions`	Array	Required	Allowable action See Permission information by service to apply as follows Detailed action unit: Enter the action name All query units: Enter `View` All change units: Enter `Change` Service unit: Enter an asterisk (*)
`resourceNrns`	Array	Required	NAVER Cloud Platform resource identification value for the allowable target Enter an asterisk (*) when not specifying

Request example

The request example is as follows:

curl --location --request PUT 'https://subaccount.apigw.ntruss.com/api/v1/policies/48ac3260-****-****-****-246e96591594' \
--header 'x-ncp-apigw-timestamp: {Timestamp}' \
--header 'x-ncp-iam-access-key: {Access Key}' \
--header 'x-ncp-apigw-signature-v2: {API Gateway Signature}' \
--header 'Accept: application/json' \
--header 'Content-Type: application/json' \
--data '{
    "description": "mypolicy-test",
    "permissions": [
        {
            "effect": "Allow",
            "targets": [
                {
                    "product": "AiTEMS",
                    "actions": [
                        "View*",
                        "Change*"
                    ],
                    "resourceNrns": [
                        "*"
                    ]
                }
            ],
            "condition": {
                "StringEquals": {
                    "ncp:principalName": [
                        "abc",
                        "bcd"
                    ]
                }
            }
        }
    ]
}'

Response

This section describes the response format.

Response body

The response body includes the following data:

Field	Type	Required	Description
`policyId`	String	-	Policy ID
`policyName`	String	-	Policy Name
`description`	String	-	Policy description
`validationResult`	Object	-	Validity check results
`validationResult.details`	Array	-	Validity check detailed results
`validationResult.success`	Boolean	-	Validity check results `true` \| `false` `true`: valid `false`: invalid

`validationResult.details`

The following describes validationResult.details.

Field	Type	Required	Description
`type`	String	-	Check result type `INFO` \| `WARNING` \| `ERROR` `ERROR` indicates a failed validity check
`code`	String	-	Detailed code
`location`	String	-	Check location
`message`	String	-	Check result message

Response status codes

For information about the HTTP status codes common to all Sub Account APIs, see Sub Account status codes.

Response example

The response example is as follows:

{
  "policyId": "ec5a5dd0-****-****-****-246e966ebeb4",
  "policyName": "mypolicy2",
  "description": "mypolicy-test",
  "validationResult": {
    "details": [],
    "success": true
  }
}