Granting Permissions to a User Group for a Global Service Project

Function

This API is provided for the administrator to grant permissions to a user group for a global service project. For details about the authorization scope, see System Permissions.

The API can be called using both the global endpoint and region-specific endpoints.

URI

PUT /v3/domains/{domain_id}/groups/{group_id}/roles/{role_id}

**Table 1** URI parameters
Parameter	Mandatory	Type	Description
domain_id	Yes	String	Account ID. For details about how to obtain the account ID, see Obtaining Account, IAM User, Group, Project, Region, and Agency Information.
group_id	Yes	String	User group ID. For details about how to obtain a user group ID, see Obtaining Account, IAM User, Group, Project, Region, and Agency Information.
role_id	Yes	String	Permission ID. For details about how to obtain a permission ID, see Listing Permissions. NOTE: To assign a custom policy that contains OBS operations to a user group, create two custom policies with the scope being set to global services and region-specific projects respectively and other parameters being the same, and then attach the two policies to the user group.

Request Parameters

**Table 2** Parameters in the request header
Parameter	Mandatory	Type	Description
Content-Type	Yes	String	Fill application/json;charset=utf8 in this field.
X-Auth-Token	Yes	String	Access token issued to a user to bear its identity and permissions. For details about the permissions required by the token, see Actions.

Response Parameters

None

Example Request

Request for granting permissions to a user group for a global service project

PUT https://iam.myhuaweicloud.eu/v3/domains/{domain_id}/groups/{group_id}/roles/{role_id}

Example Response

None

Status Codes

Status Code	Description
204	The authorization is successful.
400	Invalid parameters.
401	Authentication failed.
403	Access denied.
404	The requested resource cannot be found.
409	A resource conflict occurs.