文档首页/ 云搜索服务 CSS/ API参考/ API V1/ 集群管理/ 自动创建委托 - CreateAgency
更新时间:2026-01-09 GMT+08:00
在线调试
CLI示例
查看PDF
分享

自动创建委托 - CreateAgency

功能介绍

当CSS预置委托不存在时,自动创建委托并赋予CSS依赖的权限。

当CSS预置委托存在时,去除依赖的高风险权限,设置为最小化权限。

调用方法

请参见如何调用API

授权信息

账号具备所有API的调用权限,如果使用账号下的IAM用户调用当前API,该IAM用户需具备调用API所需的权限。

  • 如果使用角色与策略授权,具体权限要求请参见权限和授权项
  • 如果使用身份策略授权,需具备如下身份策略权限。

    授权项

    访问级别

    资源类型(*为必须)

    条件键

    别名

    依赖的授权项

    css::createServiceAgency

    Write

    -

    -

    css:cluster:createServiceAgency
    • iam:agencies:listAgencies
    • iam:agencies:createAgency
    • iam:agencies:getAgency
    • iam:roles:listRoles
    • iam:roles:createRole
    • iam:permissions:grantRoleToAgency
    • iam:permissions:listRolesForAgency
    • iam:permissions:listRolesForAgencyOnProject
    • iam:permissions:revokeRoleFromAgency
    • iam:agencies:pass

URI

POST /v1.0/{project_id}/agency/create

表1 路径参数

参数

是否必选

参数类型

描述

project_id

String

参数解释

项目ID。获取方法请参见获取项目ID和名称

约束限制

不涉及

取值范围

账户的项目ID。

默认取值

不涉及

请求参数

表2 请求Body参数

参数

是否必选

参数类型

描述

domain_id

String

参数解释

账号ID,请参考查询指定条件下的项目列表

约束限制

不涉及。

取值范围

不涉及。

默认取值

不涉及。

domain_name

String

参数解释

账号名称,请参考认证鉴权

约束限制

不涉及。

取值范围

不涉及

默认取值

不涉及

type

String

参数解释

创建的委托类型。

约束限制

不涉及。

取值范围

  • obs:创建快照及日志备份依赖的委托权限。

  • vpc:版本升级、可用区切换、缩容、替换节点依赖的委托权限。

  • smn:使用alerting告警插件依赖的委托权限。

  • elb:负载均衡功能依赖的委托权限。

默认取值

不涉及。

响应参数

状态码:200

请求已成功。

请求示例

创建快照及日志备份依赖的委托请求示例。

POST https://{Endpoint}/v1.0/{project_id}/agency/create

{
  "domain_id" : "id",
  "domain_name" : "name",
  "type" : "obs"
}

响应示例

SDK代码示例

SDK代码示例如下。

创建快照及日志备份依赖的委托请求示例。

 1
 2
 3
 4
 5
 6
 7
 8
 9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
 
package com.huaweicloud.sdk.test;

import com.huaweicloud.sdk.core.auth.ICredential;
import com.huaweicloud.sdk.core.auth.BasicCredentials;
import com.huaweicloud.sdk.core.exception.ConnectionException;
import com.huaweicloud.sdk.core.exception.RequestTimeoutException;
import com.huaweicloud.sdk.core.exception.ServiceResponseException;
import com.huaweicloud.sdk.css.v1.region.CssRegion;
import com.huaweicloud.sdk.css.v1.*;
import com.huaweicloud.sdk.css.v1.model.*;


public class CreateAgencySolution {

    public static void main(String[] args) {
        // The AK and SK used for authentication are hard-coded or stored in plaintext, which has great security risks. It is recommended that the AK and SK be stored in ciphertext in configuration files or environment variables and decrypted during use to ensure security.
        // In this example, AK and SK are stored in environment variables for authentication. Before running this example, set environment variables CLOUD_SDK_AK and CLOUD_SDK_SK in the local environment
        String ak = System.getenv("CLOUD_SDK_AK");
        String sk = System.getenv("CLOUD_SDK_SK");
        String projectId = "{project_id}";

        ICredential auth = new BasicCredentials()
                .withProjectId(projectId)
                .withAk(ak)
                .withSk(sk);

        CssClient client = CssClient.newBuilder()
                .withCredential(auth)
                .withRegion(CssRegion.valueOf("<YOUR REGION>"))
                .build();
        CreateAgencyRequest request = new CreateAgencyRequest();
        ResourceTenant body = new ResourceTenant();
        body.withType("obs");
        body.withDomainName("name");
        body.withDomainId("id");
        request.withBody(body);
        try {
            CreateAgencyResponse response = client.createAgency(request);
            System.out.println(response.toString());
        } catch (ConnectionException e) {
            e.printStackTrace();
        } catch (RequestTimeoutException e) {
            e.printStackTrace();
        } catch (ServiceResponseException e) {
            e.printStackTrace();
            System.out.println(e.getHttpStatusCode());
            System.out.println(e.getRequestId());
            System.out.println(e.getErrorCode());
            System.out.println(e.getErrorMsg());
        }
    }
}

创建快照及日志备份依赖的委托请求示例。

 1
 2
 3
 4
 5
 6
 7
 8
 9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
 
# coding: utf-8

import os
from huaweicloudsdkcore.auth.credentials import BasicCredentials
from huaweicloudsdkcss.v1.region.css_region import CssRegion
from huaweicloudsdkcore.exceptions import exceptions
from huaweicloudsdkcss.v1 import *

if __name__ == "__main__":
    # The AK and SK used for authentication are hard-coded or stored in plaintext, which has great security risks. It is recommended that the AK and SK be stored in ciphertext in configuration files or environment variables and decrypted during use to ensure security.
    # In this example, AK and SK are stored in environment variables for authentication. Before running this example, set environment variables CLOUD_SDK_AK and CLOUD_SDK_SK in the local environment
    ak = os.environ["CLOUD_SDK_AK"]
    sk = os.environ["CLOUD_SDK_SK"]
    projectId = "{project_id}"

    credentials = BasicCredentials(ak, sk, projectId)

    client = CssClient.new_builder() \
        .with_credentials(credentials) \
        .with_region(CssRegion.value_of("<YOUR REGION>")) \
        .build()

    try:
        request = CreateAgencyRequest()
        request.body = ResourceTenant(
            type="obs",
            domain_name="name",
            domain_id="id"
        )
        response = client.create_agency(request)
        print(response)
    except exceptions.ClientRequestException as e:
        print(e.status_code)
        print(e.request_id)
        print(e.error_code)
        print(e.error_msg)

创建快照及日志备份依赖的委托请求示例。

 1
 2
 3
 4
 5
 6
 7
 8
 9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
 
package main

import (
	"fmt"
	"github.com/huaweicloud/huaweicloud-sdk-go-v3/core/auth/basic"
    css "github.com/huaweicloud/huaweicloud-sdk-go-v3/services/css/v1"
	"github.com/huaweicloud/huaweicloud-sdk-go-v3/services/css/v1/model"
    region "github.com/huaweicloud/huaweicloud-sdk-go-v3/services/css/v1/region"
)

func main() {
    // The AK and SK used for authentication are hard-coded or stored in plaintext, which has great security risks. It is recommended that the AK and SK be stored in ciphertext in configuration files or environment variables and decrypted during use to ensure security.
    // In this example, AK and SK are stored in environment variables for authentication. Before running this example, set environment variables CLOUD_SDK_AK and CLOUD_SDK_SK in the local environment
    ak := os.Getenv("CLOUD_SDK_AK")
    sk := os.Getenv("CLOUD_SDK_SK")
    projectId := "{project_id}"

    auth := basic.NewCredentialsBuilder().
        WithAk(ak).
        WithSk(sk).
        WithProjectId(projectId).
        Build()

    client := css.NewCssClient(
        css.CssClientBuilder().
            WithRegion(region.ValueOf("<YOUR REGION>")).
            WithCredential(auth).
            Build())

    request := &model.CreateAgencyRequest{}
	request.Body = &model.ResourceTenant{
		Type: "obs",
		DomainName: "name",
		DomainId: "id",
	}
	response, err := client.CreateAgency(request)
	if err == nil {
        fmt.Printf("%+v\n", response)
    } else {
        fmt.Println(err)
    }
}

更多编程语言的SDK代码示例,请参见API Explorer的代码示例页签,可生成自动对应的SDK代码示例。

状态码

状态码

描述

200

请求已成功。

400

非法请求。

建议直接修改该请求,不要重试该请求。

403

请求被拒绝访问。

返回该状态码,表明请求能够到达服务端,且服务端能够理解用户请求,但是拒绝做更多的事情,因为该请求被设置为拒绝访问,建议直接修改该请求,不要重试该请求。

错误码

请参见错误码

父主题: 集群管理

相关文档