Querying All Entities Attached to a Specified Identity Policy

Function

This API is used to query all entities attached to a specified identity policy.

Authorization Information

Each account has all the permissions required to call all APIs, but IAM users must be assigned the following required identity policy-based permissions. For details about the required permissions, see Permissions Policies and Supported Actions.

Action	Access Level	Resource Type (*: required)	Condition Key	Alias	Dependencies
iam:policies:listEntitiesV5	List	policy *	-	-	-

URI

GET /v5/policies/{policy_id}/attached-entities

**Table 1** Path Parameters
Parameter	Mandatory	Type	Description
policy_id	Yes	String	Identity policy ID. The value contains 1 to 64 characters, including only letters, digits, and hyphens (-).

**Table 2** Query Parameters
Parameter	Mandatory	Type	Description
entity_type	No	String	Entity type, which can be user, group, or agency.
limit	No	Integer	Number of records displayed on each page. The value ranges from 1 to 200. The default value is 100. Minimum: 1 Maximum: 200 Default: 100
marker	No	String	Pagination marker. The value contains 4 to 400 characters, including only letters, digits, and the following special characters: +/=-_ Minimum: 4 Maximum: 400

Request Parameters

None

Response Parameters

Status code: 200

**Table 3** Response body parameters
Parameter	Type	Description
policy_agencies	Array of PolicyAgency objects	Agency and trust agency list.
policy_groups	Array of PolicyGroup objects	Group list.
policy_users	Array of PolicyUser objects	IAM user list.
page_info	PageInfo object	Pagination information.

**Table 4** PolicyAgency
Parameter	Type	Description
agency_id	String	Agency or trust agency ID. The value contains 1 to 64 characters, including only letters, digits, and hyphens (-).
attached_at	String	Time when an identity policy is attached.

**Table 5** PolicyGroup
Parameter	Type	Description
group_id	String	Group ID. The value contains 1 to 64 characters, including only letters, digits, and hyphens (-).
attached_at	String	Time when an identity policy is attached.

**Table 6** PolicyUser
Parameter	Type	Description
user_id	String	IAM user ID.
attached_at	String	Time when an identity policy is attached.

**Table 7** PageInfo
Parameter	Type	Description
next_marker	String	If this parameter exists, there are subsequent items that are not displayed in the current response body. The value can be used as the pagination marker parameter for the next request to obtain information about the next page. This API can be repeatedly called until this field does not exist.
current_count	Integer	Number of items returned on this page.

Status code: 403

**Table 8** Response body parameters
Parameter	Type	Description
error_code	String	Error code.
error_msg	String	Error message.
request_id	String	Request ID.
encoded_authorization_message	String	Encrypted authentication failure information, which can be decrypted using the STS5 decryption API.

Status code: 404

**Table 9** Response body parameters
Parameter	Type	Description
error_code	String	Error code.
error_msg	String	Error message.
request_id	String	Request ID.

Example Requests

Querying all entities attached to a specified identity policy

GET https://{endpoint}/v5/policies/{policy_id}/attached-entities

Example Responses

Status code: 200

Successful

{
  "policy_agencies" : [ {
    "agency_id" : "string",
    "attached_at" : "2023-09-25T09:29:06.817Z"
  } ],
  "policy_groups" : [ {
    "group_id" : "string",
    "attached_at" : "2023-09-25T09:29:06.817Z"
  } ],
  "policy_users" : [ {
    "user_id" : "string",
    "attached_at" : "2023-09-25T09:29:06.817Z"
  } ],
  "page_info" : {
    "next_marker" : "marker",
    "current_count" : 3
  }
}