Creating an Access Preview

Function

This API is used to create an access preview.

Authorization Information

Each account has all the permissions required to call all APIs, but IAM users must be assigned the following required identity policy-based permissions. For details about the required permissions, see Permissions Policies and Supported Actions.

Action	Access Level	Resource Type (*: required)	Condition Key	Alias	Dependencies
AccessAnalyzer:analyzer:createPreview	Write	analyzer *	g:ResourceTag/<tag-key>	-	-

URI

POST /v5/analyzers/{analyzer_id}/access-previews

**Table 1** Path Parameters
Parameter	Mandatory	Type	Description
analyzer_id	Yes	String	Unique identifier of an analyzer Minimum: 1 Maximum: 36

Request Parameters

**Table 2** Request body parameters
Parameter	Mandatory	Type	Description
configurations	Yes	Configuration object	Preview access settings.
resource_urn	Yes	String	Unique identifier of a resource.

**Table 3** Configuration
Parameter	Mandatory	Type	Description
iam_agency	No	IAMAgency object	IAM trust agency.
obs_bucket	No	OBSBucket object	OBS bucket.
kms_cmk	No	KMSCmk object	KMS key.

**Table 4** IAMAgency
Parameter	Mandatory	Type	Description
trust_policy	Yes	String	JSON policy document.

**Table 5** OBSBucket
Parameter	Mandatory	Type	Description
bucket_acl	No	String	String format of the bucket ACL XML file.
bucket_policy	No	String	JSON policy document.

**Table 6** KMSCmk
Parameter	Mandatory	Type	Description
grants	Yes	String	Used to authorize encryption keys.

Response Parameters

Status code: 201

**Table 7** Response body parameters
Parameter	Type	Description
access_preview_id	String	Unique identifier of an access preview.

Example Requests

Creating an access preview

POST https://{hostname}/v5/analyzers/{analyzer_id}/access-previews

{
  "resource_urn" : "iam::{domain_id}:agency:{agency_name}",
  "configurations" : {
    "iam_agency" : {
      "trust_policy" : "{\"Version\":\"5.0\",\"Statement\":[{\"Condition\":{\"StringMatch\":{\"g:PrincipalOrgId\":[\"org_id\"]}},\"Action\":[\"sts:agencies:assume\",\"sts::tagSession\",\"sts::setSourceIdentity\"],\"Effect\":\"Allow\",\"Principal\":{\"IAM\":[\"dd...\"]}}]}"
    }
  }
}

Example Responses

Status code: 201

Created

{
  "access_preview_id" : "{access_preview_id}"
}

Status Codes

Status Code	Description
201	Created

Error Codes

See Error Codes.

Parent topic: Access Preview

Previous topic: Access Preview

Next topic: Obtaining All Access Previews

Feedback

Was this page helpful?

Helpful Not helpful

Provide feedback

Thank you very much for your feedback. We will continue working to improve the documentation.See the reply and handling status in My Cloud VOC.

The system is busy. Please try again later.

Which of the following issues have you encountered?

Content is inconsistent with the product UI

Unclear descriptions

Lack of examples or code

Incorrect steps

Can't find what I need

Lack of best practices

Feedback (optional)

0/500

Select at least one type of issue, and enter your comments or suggestions.

Enter a maximum of 500 characters.

Submit Cancel

For any further questions, feel free to contact us through the chatbot.

Chatbot