Check policy validity
- Print
- PDF
Check policy validity
- Print
- PDF
Article summary
Did you find this summary helpful?
Thank you for your feedback
Available in Classic and VPC
Check the validity of the policy details before creating a policy.
Request
This section describes the request format. The method and URI are as follows:
| Method | URI |
|---|---|
| POST | /api/v1/policy/validation |
Request headers
For information about the headers common to all Sub Account APIs, see Sub Account request headers.
Request body
You can include the following data in the body of your request:
| Field | Type | Required | Description |
|---|---|---|---|
policyName | String | Required | Policy name
|
description | String | Optional | Description of the policy (byte)
|
permissions | Array | Required | Allowed permission list |
permissions
The following describes permissions.
| Field | Type | Required | Description |
|---|---|---|---|
effect | String | Required | Permission allowance
|
targets | Array | Required | Permission allowance target |
condition | Object | Optional | Policy condition |
condition.{operator} | Object | Optional | Policy condition operator |
condition.{operator}.{key} | Object | Optional | Policy condition key |
condition.{operator}.{value} | Array | Optional | Policy condition value |
targets
The following describes targets.
| Field | Type | Required | Description |
|---|---|---|---|
product | String | Required | Allowable service code |
actions | Array | Required | Allowable action
|
resourceNrns | Array | Required | NAVER Cloud Platform resource identification value for the allowable target
|
Request example
The request example is as follows:
curl --location --request POST 'https://subaccount.apigw.ntruss.com/api/v1/policy/48ac3260-****-****-****-246e96591594?withPermissions=true' \
--header 'x-ncp-apigw-timestamp: {Timestamp}' \
--header 'x-ncp-iam-access-key: {Access Key}' \
--header 'x-ncp-apigw-signature-v2: {API Gateway Signature}' \
--header 'Accept: application/json' \
--header 'Content-Type: application/json' \
--data '{
"policyName": "policy",
"description": "Testing",
"permissions": [
{
"effect": "Allow",
"targets": [
{
"product": "Server",
"actions": [
"View*"
],
"resourceNrns": [
"*"
]
}
]
}
]
}
Response
This section describes the response format.
Response body
The response body includes the following data:
| Field | Type | Required | Description |
|---|---|---|---|
details | Array | - | Validity check detailed results |
success | Boolean | - | Validity check results
|
details
The following describes details.
| Field | Type | Required | Description |
|---|---|---|---|
type | String | - | Check result type
|
code | String | - | Detailed code |
location | String | - | Check location |
message | String | - | Check result message |
Response status codes
For information about the HTTP status codes common to all Sub Account APIs, see Sub Account status codes.
Response example
The response example is as follows:
If the check results in a valid policy
The following is a sample response if the check results in a valid policy.
{
"success": true
}
If the check results in an invalid policy
The following is a sample response if the check results in an invalid policy.
{
"details": [
{
"type": "WARNING",
"code": "iam.policy.missingRelatedAction",
"location": "",
"message": "An associated action is missing. {Server=[View/getInitScriptList, Change/changeInitScript, View/getRootPasswordServerInstanceList, Change/setDetailedMonitoring]}"
}
],
"success": false
}
Was this article helpful?