Querying Agency or Trust Agency Details
Function
This API is used to query agency or trust agency details.
Authorization Information
Each account has all the permissions required to call all APIs, but IAM users must be assigned the following required identity policy-based permissions. For details about the required permissions, see Permissions Policies and Supported Actions.
|
Action |
Access Level |
Resource Type (*: required) |
Condition Key |
Alias |
Dependencies |
|---|---|---|---|---|---|
|
iam:agencies:getV5 |
Read |
agency * |
g:ResourceTag/<tag-key> |
- |
- |
URI
GET /v5/agencies/{agency_id}
|
Parameter |
Mandatory |
Type |
Description |
|---|---|---|---|
|
agency_id |
Yes |
String |
Agency or trust agency ID. The value contains 1 to 64 characters, including only letters, digits, and hyphens (-). |
Request Parameters
None
Response Parameters
Status code: 200
|
Parameter |
Type |
Description |
|---|---|---|
|
agency |
AgencyEx object |
Agency or trust agency. |
|
Parameter |
Type |
Description |
|---|---|---|
|
urn |
String |
Uniform resource name. |
|
trust_policy |
String |
JSON format of the policy document of a trust agency's trust policy. Characters =, <, >, (, ), and | are special characters in the grammar and are not included in trust policies. The question mark (?) following an element indicates that the element is optional, for example, sid_block?. The vertical bar (|) separates options, and the parentheses enclose the options, for example, ("Allow" | "Deny"). When an element allows more than one value, use commas (,), and ellipsis (...), for example, [ <policy_statement>, <policy_statement>, ... ]. The following listing describes the trust policy language grammar: policy = {
<version_block>,
<statement_block>
}
<version_block> = "Version" : ("5.0")
<statement_block> = "Statement" : [ <policy_statement>, <policy_statement>, ... ]
<policy_statement> = {
<sid_block?>,
<principal_block>,
<effect_block>,
<action_block>,
<resource_block?>,
<condition_block?>
}
<sid_block> = "Sid" : <sid_string>
<principal_block> = ("Principal" | "NotPrincipal") : <principal_map>
<principal_map> = { <principal_map_entry>, <principal_map_entry>, ... }
<principal_map_entry> = ("IAM" | "Service") : [ <principal_id_string>, ... | <service_principal_string>, ... ]
<effect_block> = "Effect" : ("Allow" | "Deny")
<action_block> = ("Action" | "NotAction") : [ <action_string>, <action_string>, ... ]
<resource_block> = ("Resource" | "NotResource") : [ <resource_string>, <resource_string>, ... ]
<condition_block> = "Condition" : { <condition_map> }
<condition_map> = {
<condition_type_string> : { <condition_key_string> : <condition_value_list> },
<condition_type_string> : { <condition_key_string> : <condition_value_list> },
...
}
<condition_value_list> = ( <condition_value> | [ <condition_value>, <condition_value>, ... ] )
<condition_value> = "string" |
|
created_at |
String |
Time when an agency or trust agency was created. |
|
description |
String |
Description of an agency or trust agency. |
|
max_session_duration |
Integer |
Maximum session duration of an agency or trust agency. The default value is 3,600 seconds. The value ranges from 3,600 to 43,200. |
|
path |
String |
Resource path, which is an empty string by default. It consists of multiple character strings. Each character string must end with a slash (/) and can only contain letters, digits, and the following special characters: .,+@=_-, for example, foo/bar/. |
|
agency_id |
String |
Agency or trust agency ID. The value contains 1 to 64 characters, including only letters, digits, and hyphens (-). |
|
agency_name |
String |
Agency or trust agency name. The value contains 1 to 64 characters, including only letters, digits, and the following special characters: _+=,.@- |
|
trust_domain_id |
String |
Delegated account ID, which is only in agencies but not in trust agencies. |
|
trust_domain_name |
String |
Delegated account name, which is only in agencies but not in trust agencies. |
|
tags |
Array of Tag objects |
List of custom tags. |
|
Parameter |
Type |
Description |
|---|---|---|
|
tag_key |
String |
Tag key. The value can contain 1 to 64 characters. Letters, digits, spaces, and the following special characters are allowed: _.:=+-@. The key cannot start with a space or _sys_ or end with a space. Minimum: 1 Maximum: 64 |
|
tag_value |
String |
Tag value. The value can be an empty string or contain 0 to 128 characters. Letters, digits, spaces, and the following special characters are allowed: _.:/=+-@ Minimum: 0 Maximum: 128 |
Status code: 403
|
Parameter |
Type |
Description |
|---|---|---|
|
error_code |
String |
Error code. |
|
error_msg |
String |
Error message. |
|
request_id |
String |
Request ID. |
|
encoded_authorization_message |
String |
Encrypted authentication failure information, which can be decrypted using the STS5 decryption API. |
Status code: 404
|
Parameter |
Type |
Description |
|---|---|---|
|
error_code |
String |
Error code. |
|
error_msg |
String |
Error message. |
|
request_id |
String |
Request ID. |
Example Requests
Querying agency details
GET https://{endpoint}/v5/agencies/{agency_id}
Example Responses
Status code: 200
Successful
{
"agency" : {
"urn" : "iam::accountid:agency:name",
"trust_policy" : "{\"Version\":\"5.0\",\"Statement\":[{\"Action\":[\"sts:agencies:assume\",\"sts::tagSession\",\"sts::setSourceIdentity\"],\"Effect\":\"Allow\",\"Principal\":{\"IAM\":[\"xxx\"]}}]}",
"created_at" : "2023-09-21T01:17:19.590Z",
"description" : "description",
"max_session_duration" : 3600,
"path" : "",
"agency_id" : "string",
"agency_name" : "name",
"trust_domain_id" : null,
"trust_domain_name" : null,
"tags" : [ {
"tag_key" : "key",
"tag_value" : "value"
} ]
}
}
Status Codes
|
Status Code |
Description |
|---|---|
|
200 |
Successful |
|
403 |
Forbidden |
|
404 |
Not found |
Error Codes
See Error Codes.
Feedback
Was this page helpful?
Provide feedbackThank you very much for your feedback. We will continue working to improve the documentation.See the reply and handling status in My Cloud VOC.
For any further questions, feel free to contact us through the chatbot.
Chatbot
