更新设备策略信息
功能介绍
应用服务器可调用此接口在物联网平台更新策略。
调用方法
请参见如何调用API。
URI
PUT /v5/iot/{project_id}/device-policies/{policy_id}
参数 |
是否必选 |
参数类型 |
描述 |
---|---|---|---|
project_id |
是 |
String |
参数说明:项目ID。获取方法请参见 获取项目ID 。 |
policy_id |
是 |
String |
策略ID |
请求参数
参数 |
是否必选 |
参数类型 |
描述 |
---|---|---|---|
X-Auth-Token |
否 |
String |
参数说明:用户Token。通过调用IAM服务 获取IAM用户Token接口获取,接口返回的响应消息头中“X-Subject-Token”就是需要获取的用户Token。简要的获取方法样例请参见 Token认证。 |
Instance-Id |
否 |
String |
参数说明:实例ID。物理多租下各实例的唯一标识,建议携带该参数,在使用专业版时必须携带该参数。您可以在IoTDA管理控制台界面,选择左侧导航栏“总览”页签查看当前实例的ID,具体获取方式请参考查看实例详情 。 |
参数 |
是否必选 |
参数类型 |
描述 |
---|---|---|---|
policy_name |
否 |
String |
参数说明:策略名称。 取值范围:长度不超过128,只允许字母、数字、下划线(_)、连接符(-)的组合。 |
statement |
否 |
Array of Statement objects |
参数说明:策略文档。 |
参数 |
是否必选 |
参数类型 |
描述 |
---|---|---|---|
effect |
是 |
String |
指定是允许还是拒绝该操作。既有允许(ALLOW)又有拒绝(DENY)的授权语句时,遵循拒绝(DENY)优先的原则。
|
actions |
是 |
Array of strings |
用于指定策略允许或拒绝的操作。格式为:服务名:资源:操作。当前支持的操作类型如下:
|
resources |
是 |
Array of strings |
用于指定允许或拒绝对其执行操作的资源。格式为:资源类型:资源名称。如设备订阅的资源为:topic:/v1/${devices.deviceId}/test/hello。 取值范围:资源列表长度最小为1,最大为10,列表中的资源取值范围:仅支持字母,数字,以及/{}$=+#?*:._-组合。 |
响应参数
状态码: 200
参数 |
参数类型 |
描述 |
---|---|---|
app_id |
String |
参数说明:资源空间ID。 |
policy_id |
String |
策略ID。 |
policy_name |
String |
策略名称。 |
statement |
Array of Statement objects |
策略文档。 |
create_time |
String |
在物联网平台创建策略的时间。格式:yyyyMMdd'T'HHmmss'Z',如20151212T121212Z。 |
update_time |
String |
在物联网平台更新策略的时间。格式:yyyyMMdd'T'HHmmss'Z',如20151212T121212Z。 |
参数 |
参数类型 |
描述 |
---|---|---|
effect |
String |
指定是允许还是拒绝该操作。既有允许(ALLOW)又有拒绝(DENY)的授权语句时,遵循拒绝(DENY)优先的原则。
|
actions |
Array of strings |
用于指定策略允许或拒绝的操作。格式为:服务名:资源:操作。当前支持的操作类型如下:
|
resources |
Array of strings |
用于指定允许或拒绝对其执行操作的资源。格式为:资源类型:资源名称。如设备订阅的资源为:topic:/v1/${devices.deviceId}/test/hello。 取值范围:资源列表长度最小为1,最大为10,列表中的资源取值范围:仅支持字母,数字,以及/{}$=+#?*:._-组合。 |
请求示例
更新设备策略
PUT https://{endpoint}/v5/iot/{project_id}/device-policies/{policy_id} { "policy_name" : "testPolicy", "statement" : [ { "effect" : "ALLOW", "actions" : [ "iotda:devices:publish", "iotda:devices:subscribe" ], "resources" : [ "topic:/v1/${devices.deviceId}/test/hello", "topic:/v1/${devices.productId}/test/hello" ] } ] }
响应示例
状态码: 200
OK
{ "app_id" : "jeQDJQZltU8iKgFFoW060F5SGZka", "policy_id" : "5c90fa7d3c4e4405e8525079", "policy_name" : "testPolicy", "statement" : [ { "effect" : "ALLOW", "actions" : [ "iotda:devices:publish", "iotda:devices:subscribe" ], "resources" : [ "topic:/v1/${devices.deviceId}/test/hello", "topic:/v1/${devices.productId}/test/hello" ] } ], "create_time" : "20230810T070547Z", "update_time" : "20230810T070547Z" }
SDK代码示例
SDK代码示例如下。
更新设备策略
1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60 61 62 63 64 65 66 67 68 69 70 71 72 73 |
package com.huaweicloud.sdk.test; import com.huaweicloud.sdk.core.auth.ICredential; import com.huaweicloud.sdk.core.auth.AbstractCredentials; import com.huaweicloud.sdk.core.auth.BasicCredentials; import com.huaweicloud.sdk.core.exception.ConnectionException; import com.huaweicloud.sdk.core.exception.RequestTimeoutException; import com.huaweicloud.sdk.core.exception.ServiceResponseException; import com.huaweicloud.sdk.core.region.Region; import com.huaweicloud.sdk.iotda.v5.*; import com.huaweicloud.sdk.iotda.v5.model.*; import java.util.List; import java.util.ArrayList; public class UpdateDevicePolicySolution { public static void main(String[] args) { // The AK and SK used for authentication are hard-coded or stored in plaintext, which has great security risks. It is recommended that the AK and SK be stored in ciphertext in configuration files or environment variables and decrypted during use to ensure security. // In this example, AK and SK are stored in environment variables for authentication. Before running this example, set environment variables CLOUD_SDK_AK and CLOUD_SDK_SK in the local environment String ak = System.getenv("CLOUD_SDK_AK"); String sk = System.getenv("CLOUD_SDK_SK"); // ENDPOINT:请在控制台的"总览"界面的"平台接入地址"中查看“应用侧”的https接入地址。 String iotdaEndpoint = "<YOUR ENDPOINT>"; String projectId = "{project_id}"; ICredential auth = new BasicCredentials() .withProjectId(projectId) // 标准版/企业版需要使用衍生算法,基础版请删除配置"withDerivedPredicate"; .withDerivedPredicate(AbstractCredentials.DEFAULT_DERIVED_PREDICATE) // Used in derivative ak/sk authentication scenarios .withAk(ak) .withSk(sk); IoTDAClient client = IoTDAClient.newBuilder() .withCredential(auth) // 标准版/企业版:需自行创建Region对象,基础版:请使用IoTDARegion的region对象,如"withRegion(IoTDARegion.CN_NORTH_4)" .withRegion(new Region("cn-north-4", iotdaEndpoint)) .build(); UpdateDevicePolicyRequest request = new UpdateDevicePolicyRequest(); request.withPolicyId("{policy_id}"); UpdateDevicePolicy body = new UpdateDevicePolicy(); List<String> listStatementResources = new ArrayList<>(); listStatementResources.add("topic:/v1/${devices.deviceId}/test/hello"); listStatementResources.add("topic:/v1/${devices.productId}/test/hello"); List<String> listStatementActions = new ArrayList<>(); listStatementActions.add("iotda:devices:publish"); listStatementActions.add("iotda:devices:subscribe"); List<Statement> listbodyStatement = new ArrayList<>(); listbodyStatement.add( new Statement() .withEffect("ALLOW") .withActions(listStatementActions) .withResources(listStatementResources) ); body.withStatement(listbodyStatement); body.withPolicyName("testPolicy"); request.withBody(body); try { UpdateDevicePolicyResponse response = client.updateDevicePolicy(request); System.out.println(response.toString()); } catch (ConnectionException e) { e.printStackTrace(); } catch (RequestTimeoutException e) { e.printStackTrace(); } catch (ServiceResponseException e) { e.printStackTrace(); System.out.println(e.getHttpStatusCode()); System.out.println(e.getRequestId()); System.out.println(e.getErrorCode()); System.out.println(e.getErrorMsg()); } } } |
更新设备策略
1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 |
# coding: utf-8 import os from huaweicloudsdkcore.auth.credentials import BasicCredentials from huaweicloudsdkcore.auth.credentials import DerivedCredentials from huaweicloudsdkcore.region.region import Region as coreRegion from huaweicloudsdkcore.exceptions import exceptions from huaweicloudsdkiotda.v5 import * if __name__ == "__main__": # The AK and SK used for authentication are hard-coded or stored in plaintext, which has great security risks. It is recommended that the AK and SK be stored in ciphertext in configuration files or environment variables and decrypted during use to ensure security. # In this example, AK and SK are stored in environment variables for authentication. Before running this example, set environment variables CLOUD_SDK_AK and CLOUD_SDK_SK in the local environment ak = os.environ["CLOUD_SDK_AK"] sk = os.environ["CLOUD_SDK_SK"] // ENDPOINT:请在控制台的"总览"界面的"平台接入地址"中查看“应用侧”的https接入地址。 iotdaEndpoint = "<YOUR ENDPOINT>"; projectId = "{project_id}" credentials = BasicCredentials(ak, sk, projectId).with_derived_predicate(DerivedCredentials.get_default_derived_predicate()) client = IoTDAClient.new_builder() \ .with_credentials(credentials) \ # 标准版/企业版:需要使用自行创建的Region对象,基础版:请选择IoTDAClient中的Region对象 如: .with_region(IoTDARegion.CN_NORTH_4) .with_region(coreRegion(id="cn-north-4", endpoint=endpoint)) \ .build() try: request = UpdateDevicePolicyRequest() request.policy_id = "{policy_id}" listResourcesStatement = [ "topic:/v1/${devices.deviceId}/test/hello", "topic:/v1/${devices.productId}/test/hello" ] listActionsStatement = [ "iotda:devices:publish", "iotda:devices:subscribe" ] listStatementbody = [ Statement( effect="ALLOW", actions=listActionsStatement, resources=listResourcesStatement ) ] request.body = UpdateDevicePolicy( statement=listStatementbody, policy_name="testPolicy" ) response = client.update_device_policy(request) print(response) except exceptions.ClientRequestException as e: print(e.status_code) print(e.request_id) print(e.error_code) print(e.error_msg) |
更新设备策略
1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60 61 62 63 64 |
package main import ( "fmt" "github.com/huaweicloud/huaweicloud-sdk-go-v3/core/auth/basic" iotda "github.com/huaweicloud/huaweicloud-sdk-go-v3/services/iotda/v5" "github.com/huaweicloud/huaweicloud-sdk-go-v3/services/iotda/v5/model" region "github.com/huaweicloud/huaweicloud-sdk-go-v3/core/region" core_auth "github.com/huaweicloud/huaweicloud-sdk-go-v3/core/auth" ) func main() { // The AK and SK used for authentication are hard-coded or stored in plaintext, which has great security risks. It is recommended that the AK and SK be stored in ciphertext in configuration files or environment variables and decrypted during use to ensure security. // In this example, AK and SK are stored in environment variables for authentication. Before running this example, set environment variables CLOUD_SDK_AK and CLOUD_SDK_SK in the local environment ak := os.Getenv("CLOUD_SDK_AK") sk := os.Getenv("CLOUD_SDK_SK") // endpoint:请在控制台的"总览"界面的"平台接入地址"中查看"应用侧"的https接入地址 endpoint := "<YOUR ENDPOINT>" projectId := "{project_id}" auth := basic.NewCredentialsBuilder(). WithAk(ak). WithSk(sk). WithProjectId(projectId). // 企业版/标准版需要使用衍生算法,基础版请删除该配置"WithDerivedPredicate" WithDerivedPredicate(core_auth.GetDefaultDerivedPredicate()). // Used in derivative ak/sk authentication scenarios Build() client := iotda.NewIoTDAClient( iotda.IoTDAClientBuilder(). // 标准版/企业版需要自行创建region,基础版使用IoTDARegion中的region对象 WithRegion(region.NewRegion("cn-north-4", endpoint)). WithCredential(auth). Build()) request := &model.UpdateDevicePolicyRequest{} request.PolicyId = "{policy_id}" var listResourcesStatement = []string{ "topic:/v1/${devices.deviceId}/test/hello", "topic:/v1/${devices.productId}/test/hello", } var listActionsStatement = []string{ "iotda:devices:publish", "iotda:devices:subscribe", } var listStatementbody = []model.Statement{ { Effect: "ALLOW", Actions: listActionsStatement, Resources: listResourcesStatement, }, } policyNameUpdateDevicePolicy:= "testPolicy" request.Body = &model.UpdateDevicePolicy{ Statement: &listStatementbody, PolicyName: &policyNameUpdateDevicePolicy, } response, err := client.UpdateDevicePolicy(request) if err == nil { fmt.Printf("%+v\n", response) } else { fmt.Println(err) } } |
更多编程语言的SDK代码示例,请参见API Explorer的代码示例页签,可生成自动对应的SDK代码示例。
状态码
状态码 |
描述 |
---|---|
200 |
OK |
400 |
Bad Request |
401 |
Unauthorized |
403 |
Forbidden |
404 |
Not Found |
500 |
Internal Server Error |
错误码
请参见错误码。