Customizing Policies

CodeArts Req provides permissions enough for the account administrator to manage all CodeArts projects. You can also customize more fine-grained policies for granting permissions.

You can create custom policies in either of the following ways:

Visual editor: Select cloud services, actions, resources, and request conditions. This does not require knowledge of the policy syntax.
JSON: Create a policy in JSON format or edit the JSON strings of an existing policy.

This section provides examples of common CodeArts Req custom policies.

Example Custom Policy

Example
To grant the permissions for querying projects, creators, and members. Select the fine-grained permissions shown in custom IAM policies.

Figure 1 JSON view

CodeArts Req Fine-grained Operation Permissions

Table 1 lists all fine-grained operation permissions in CodeArts Req.

**Table 1** Fine-grained operation permissions in CodeArts Req
Operation	Description	Detail
projectmanConfig:template:update	Set project templates	Grant this permission to modify project templates by choosing Project Templates.
projectmanConfig:template:delete	Delete project templates	Grant this permission to delete project templates by choosing Project Templates.
projectmanConfig:projectCreator:list	View permitted users who can create projects	Grant this permission to view the permitted users by choosing Project Creators.
projectmanConfig:projectCreator:update	Set member account permissions for creating projects	Grant this permission to set member accounts who have the permissions for creating projects by choosing Project Creators.
projectmanConfig:project:list	View projects under a tenant	Grant this permission to view all projects by choosing Projects and Members.
projectmanConfig:member:join	Join a project under a tenant	Grant this permission to join any projects by choosing Projects and Members. By default, a newly added member is assigned the Project Manager role.
projectmanConfig:project:delete	Delete projects	Grant this permission to delete projects by choosing Projects and Members.
projectmanConfig:memberManagement:list	View members of all projects	Grant this permission to view all members by choosing Projects and Members.
projectmanConfig:memberManagement:delete	Delete any project member under a tenant	Grant this permission to remove one or more project members by choosing Projects and Members.
projectmanConfig:systemSettingField:set	Set a new work item creator	Grant this permission to set a user as the work item creator.
projectmanConfig:enterprise:bind	Bind an enterprise project	Grant this permission to bind a CodeArts project to an enterprise project when creating or upgrading enterprise projects.

Parent topic: Permissions Management

Previous topic: Creating a User and Granting Permissions

Feedback

Was this page helpful?

Helpful Not helpful

Provide feedback

Thank you very much for your feedback. We will continue working to improve the documentation.

The system is busy. Please try again later.

Which of the following issues have you encountered?

Content is inconsistent with the product UI

Unclear descriptions

Lack of examples or code

Incorrect steps

Can't find what I need

Lack of best practices

Feedback (optional)

0/500

Select at least one type of issue, and enter your comments or suggestions.

Enter a maximum of 500 characters.

Submit Cancel