Message & SMS Custom Policies
You can create custom policies to supplement system-defined Message & SMS policies. For the actions supported for custom policies, see Permissions and Supported Actions.
You can create custom policies in either of the following ways:
- Visual editor: Select cloud services, actions, resources, and request conditions. This does not require knowledge of policy syntax.
- JSON: Create a policy in the JSON format from scratch or based on an existing policy.
For details, see Creating a Custom Policy. The following section contains examples of common Message & SMS custom policies.
Message & SMS Custom Policies
- Example 1: Authorizing a user to query the number of SMS applications
{ "Version": "1.1", "Statement": [ { "Effect": "Allow", "Action": [ "msgsms:applications:getCount" ] } ] }
- Example 2: Denying SMS template deletion
A policy with only "Deny" permissions must be used in conjunction with other policies to take effect. If the policies assigned to a user contain both "Allow" and "Deny", the "Deny" permissions take precedence over the "Allow" permissions.
For example, if you want to assign all of the permissions of the MSGSMS FullAccess policy to a user, except for deleting SMS templates, you can create a custom policy to deny only SMS template deletion. When you apply both the MSGSMS FullAccess policy and the custom policy denying SMS template deletion, since "Deny" always takes precedence over "Allow", the "Deny" will be applied for that one conflicting permission. The user will then be able to perform all operations on SMS templates except deleting SMS templates. The following is an example of a deny policy.
{ "Version": "1.1", "Statement": [ { "Effect": "Deny", "Action": [ "msgsms:templates:delete" ] } ] }
Feedback
Was this page helpful?
Provide feedbackThank you very much for your feedback. We will continue working to improve the documentation.