Updated on 2023-02-13 GMT+08:00

Querying a Topic Policy

Function

This API is used to query a topic policy.

URI

GET /v2/{project_id}/notifications/topics/{topic_urn}/attributes

Table 1 Path Parameters

Parameter

Mandatory

Type

Description

project_id

Yes

String

Specifies the project ID.For details about how to obtain the project ID, see Obtaining the Project ID.

topic_urn

Yes

String

Specifies the resource identifier of the topic, which is unique. To obtain the resource identifier, see Querying Topics.

Table 2 Query Parameters

Parameter

Mandatory

Type

Description

name

Yes

String

Specifies the topic policy name.Only specified policy names are supported. For details, see Topic Attribute List.

Request Parameters

Table 3 Request header parameters

Parameter

Mandatory

Type

Description

X-Auth-Token

Yes

String

Specifies a user token.

It can be obtained by calling an IAM API. The value of X-Subject-Token in the response header is the user token.

Response Parameters

Status code: 200

Table 4 Response body parameters

Parameter

Type

Description

request_id

String

Specifies the request ID, which is unique.

attributes

access_policy object

Specifies the attribute key-value pair. access_policy: topic access policy introduction: description of a topic

Table 5 access_policy

Parameter

Type

Description

Version

String

Specifies the policy specification version. Only 2016-09-07 is supported.

Id

String

Specifies the policy ID, which uniquely identifies a policy. Id must be specified.

Statement

Array of Statement objects

You can use statements to configure a topic policy. Each topic policy may contain one or more statements. You can use statements to grant topic operation permissions to other users or cloud services.

Table 6 Statement

Parameter

Type

Description

Sid

String

Specifies the statement ID. The statement ID must be unique, for example, statement01 or statement02.

Effect

String

Specifies the statement effect. The effect can be Allow or Deny.

Principal

String

Specifies the object the statement applies to. The following two types of objects are supported:

CSP indicates cloud users.

Service indicates cloud services.

Either the Principal or NotPrincipal element must be configured. Then, The format of the CSP object is urn:csp:iam::domainId:root, where domainId indicates the account ID of another user.

If you enter Service, you must specify the cloud service names in lower case.

NotPrincipal

String

NotPrincipal: Specifies the object that the statement does not apply to.

The following two types of objects are supported:

CSP indicates cloud users.

Service indicates cloud services.

Either the Principal or NotPrincipal element must be configured. Then, The format of the CSP object is urn:csp:iam::domainId:root, where domainId indicates the account ID of another user.

If you enter Service, you must specify the cloud service names in lower case.

Action

String

Specifies the allowed statement action.You can use a wildcard character to configure a type of actions, for example, SMN:Update* and SMN:Delete*. If you only enter a wildcard character (*) in a statement, all supported actions are configured.Either Action or NotAction must be configured.The following actions are supported:SMN:UpdateTopicSMN:DeleteTopicSMN:QueryTopicDetailSMN:ListTopicAttributesSMN:UpdateTopicAttributeSMN:DeleteTopicAttributesSMN:DeleteTopicAttributeByNameSMN:ListSubscriptionsByTopicSMN:SubscribeSMN:UnsubscribeSMN:Publish

NotAction

String

Specifies the statement action that is not allowed.You can use a wildcard character to configure a type of actions, for example, SMN:Update* and SMN:Delete*. If you only enter a wildcard character (*) in a statement, all supported actions are configured.Either Action or NotAction must be configured.The following actions are supported:SMN:UpdateTopicSMN:DeleteTopicSMN:QueryTopicDetailSMN:ListTopicAttributesSMN:UpdateTopicAttributeSMN:DeleteTopicAttributesSMN:DeleteTopicAttributeByNameSMN:ListSubscriptionsByTopicSMN:SubscribeSMN:UnsubscribeSMN:Publish

Resource

String

Specifies the topic the statement applies to.

Either Resource or NotResource must be configured. You need to enter a topic URN.

NotResource

String

Specifies the topic that the statement does not apply to.

Either Resource or NotResource must be configured. You need to enter a topic URN.

Status code: 400

Table 7 Response body parameters

Parameter

Type

Description

request_id

String

Specifies the request ID, which is unique.

code

String

Specifies the error code.

message

String

Describes the error message.

Status code: 403

Table 8 Response body parameters

Parameter

Type

Description

request_id

String

Specifies the request ID, which is unique.

code

String

Specifies the error code.

message

String

Describes the error message.

Status code: 404

Table 9 Response body parameters

Parameter

Type

Description

request_id

String

Specifies the request ID, which is unique.

code

String

Specifies the error code.

message

String

Describes the error message.

Status code: 500

Table 10 Response body parameters

Parameter

Type

Description

request_id

String

Specifies the request ID, which is unique.

code

String

Specifies the error code.

message

String

Describes the error message.

Example Requests

Querying a topic policy

GET https://{SMN_Endpoint}/v2/{project_id}/notifications/topics/urn:smn:regionId:8bad8a40e0f7462f8c1676e3f93a8183:test_create_topic_v2/attributes?name=access_policy

null

Example Responses

Status code: 200

OK

{
  "request_id" : "6837531fd3f54550927b930180a706bf",
  "attributes" : {
    "access_policy" : {
      "version" : "2016-09-07",
      "Id" : "__default_policy_ID",
      "Statement" : [ {
        "Sid" : "__user_pub_0",
        "Effect" : "Allow",
        "Principal" : [ {
          "CSP" : [ "urn:csp:iam::93dc1b4697ac493d9b7d089569f86b32:root" ]
        } ],
        "Action" : [ "SMN:Publish", "SMN:QueryTopicDetail" ],
        "Resource" : "urn:smn:regionId:8bad8a40e0f7462f8c1676e3f93a8183:aaa"
      }, {
        "Sid" : "__service_pub_0",
        "Effect" : "Allow",
        "Principal" : [ {
          "Service" : [ "obs" ]
        } ],
        "Action" : [ "SMN:Publish", "SMN:QueryTopicDetail" ],
        "Resource" : "urn:smn:regionId:8bad8a40e0f7462f8c1676e3f93a8183:aaa"
      } ]
    }
  }
}

Status Codes

Status Code

Description

200

OK

400

Bad Request

403

Unauthorized

404

Not Found

500

Internal Server Error

Error Codes

See Error Codes.