Querying the Operation Protection Policy
Function
This API is used to query the operation protection policy.
The API can be called using both the global endpoint and region-specific endpoints.
Authorization Information
Each account is authorized to call all APIs, but its IAM users must obtain the required permissions. For details, see Permissions and Supported Actions.
URI
GET /v3.0/OS-SECURITYPOLICY/domains/{domain_id}/protect-policy
Parameter | Mandatory | Type | Description |
|---|---|---|---|
domain_id | Yes | String | Account ID. For details about how to obtain the account ID, see Obtaining Account, IAM User, Group, Project, Region, and Agency Information. |
Request Parameters
Parameter | Mandatory | Type | Description |
|---|---|---|---|
X-Auth-Token | Yes | String | Access token issued to a user to bear its identity and permissions. For details about the permissions required by the token, see Actions. |
Response Parameters
Status code: 200
Parameter | Type | Description |
|---|---|---|
protect_policy object | Specifies the operation protection policy. |
Parameter | Type | Description |
|---|---|---|
AllowUserBody object | Specifies the attributes IAM users can modify. | |
operation_protection | boolean | Specifies whether to enable operation protection. The value can be true or false. |
mobile | String | Specifies the mobile number used for verification. Example: |
admin_check | String | Specifies whether a person is designated for verification. The value on indicates that a specific person is designated for verification, and the value off indicates that the operator is designated for verification. |
String | Specifies the email address used for verification. An example value is example@email.com. | |
scene | String | Specifies the verification method. The value options are mobile and email. |
Parameter | Type | Description |
|---|---|---|
manage_accesskey | boolean | Definition Whether IAM users are allowed to manage their own AKs. Constraints N/A Range
Default Value true |
manage_email | boolean | Definition Whether to allow IAM users to change their email addresses. Constraints N/A Range
Default Value true |
manage_mobile | boolean | Definition Whether to allow IAM users to change their mobile numbers. Constraints N/A Range
Default Value true |
manage_password | boolean | Definition Whether to allow IAM users to change their passwords. Constraints N/A Range
Default Value true |
Example Request
Request for querying the operation protection policy
GET https://iam.myhuaweicloud.eu/v3.0/OS-SECURITYPOLICY/domains/{domain_id}/protect-policy Example Response
Status code: 200
The request is successful.
{
"protect_policy" : {
"operation_protection" : false
}
} Status code: 403
Access denied.
- Example 1
{
"error_msg" : "You are not authorized to perform the requested action.",
"error_code" : "IAM.0002"
} - Example 2
{
"error_msg" : "Policy doesn't allow %(actions)s to be performed.",
"error_code" : "IAM.0003"
} Status code: 404
The requested resource cannot be found.
{
"error_msg" : "Could not find %(target)s: %(target_id)s.",
"error_code" : "IAM.0004"
} Status code: 500
Internal server error.
{
"error_msg" : "An unexpected error prevented the server from fulfilling your request.",
"error_code" : "IAM.0006"
} Status Codes
Status Code | Description |
|---|---|
200 | The request is successful. |
401 | Authentication failed. |
403 | Access denied. |
404 | The requested resource cannot be found. |
500 | Internal server error. |
Error Codes
For details, see Error Codes.
Feedback
Was this page helpful?
Provide feedbackThank you very much for your feedback. We will continue working to improve the documentation.
