Help Center> Identity and Access Management> API Reference> API> Permissions Management> Granting Permissions to a User Group for a Global Service Project
Updated on 2023-07-05 GMT+08:00

Granting Permissions to a User Group for a Global Service Project

Function

This API is provided for the administrator to grant permissions to a user group for a global service project. For details about the authorization scope, see System Permissions.

The API can be called using both the global endpoint and region-specific endpoints. For IAM endpoints, see Regions and Endpoints.

URI

PUT /v3/domains/{domain_id}/groups/{group_id}/roles/{role_id}

Table 1 URI parameters

Parameter

Mandatory

Type

Description

domain_id

Yes

String

Account ID. For details about how to obtain the account ID, see Obtaining Account, IAM User, Group, Project, Region, and Agency Information.

group_id

Yes

String

User group ID. For details about how to obtain a user group ID, see Obtaining Account, IAM User, Group, Project, Region, and Agency Information.

role_id

Yes

String

Permission ID. For details about how to obtain a permission ID, see Listing Permissions.

NOTE:

To assign a custom policy that contains OBS operations to a user group, create two custom policies with the scope being set to global services and region-specific projects respectively and other parameters being the same, and then attach the two policies to the user group.

Request Parameters

Table 2 Parameters in the request header

Parameter

Mandatory

Type

Description

Content-Type

Yes

String

Fill application/json;charset=utf8 in this field.

X-Auth-Token

Yes

String

Access token issued to a user to bear its identity and permissions.

For details about the permissions required by the token, see Actions.

Response Parameters

None

Example Request

Request for granting permissions to a user group for a global service project

PUT https://iam.myhuaweicloud.com/v3/domains/{domain_id}/groups/{group_id}/roles/{role_id}

Example Response

None

Status Codes

Status Code

Description

204

The authorization is successful.

400

Invalid parameters.

401

Authentication failed.

403

Access denied.

404

The requested resource cannot be found.

409

A resource conflict occurs.

Error Codes

None