Querying Details About a Custom Identity Policy

Function

This API is used to query details about a custom identity policy in a specified permission set.

URI

GET /v1/instances/{instance_id}/permission-sets/{permission_set_id}/custom-policy

**Table 1** Path parameters
Parameter	Mandatory	Type	Description
instance_id	Yes	String	Globally unique ID of an IAM Identity Center instance
permission_set_id	Yes	String	Globally unique ID of a permission set

Request Parameters

**Table 2** Parameters in the request header
Parameter	Mandatory	Type	Description
X-Security-Token	No	String	Security token (session token) of your temporary security credentials. If a temporary security credential is used, this header is required. Maximum length: 2048

Response Parameters

Status code: 200

**Table 3** Parameters in the response body
Parameter	Type	Description
custom_policy	String	Custom identity policy added to the permission set Minimum length: 1 Maximum length: 131,072

Status code: 400

**Table 4** Parameters in the response body
Parameter	Type	Description
error_code	String	Error code
error_msg	String	Error message
request_id	String	Unique ID of a request
encoded_authorization_message	String	Encrypted error message

Status code: 403

**Table 5** Parameters in the response body
Parameter	Type	Description
error_code	String	Error code
error_msg	String	Error message
request_id	String	Unique ID of a request
encoded_authorization_message	String	Encrypted error message

Example Request

Querying details about a custom identity policy in a specified permission set

GET https://{hostname}/v1/instances/{instance_id}/permission-sets/{permission_set_id}/custom-policy

Example Response

Status code: 200

{
  "custom_policy" : "{\"Version\":\"5.0\",\"Statement\":[{\"Effect\":\"Deny\",\"Action\":[\"organizations:ous:delete\"],\"Condition\":{\"StringEquals\":{\"g:ResourceAccount\":[\"0a6d25d23900d45c0faac010e0fb4de0\"]}}}]}"
}