Obtaining Access Control Attributes for a Specified Instance
Function
This API is used to return a list of IAM Identity Center identity source attributes that have been configured to be used with attribute-based access control (ABAC) of a specified IAM Identity Center instance. It can be called only from the organization's management account or from a delegated administrator account of a cloud service.
URI
GET /v1/instances/{instance_id}/access-control-attribute-configuration
|
Parameter |
Mandatory |
Type |
Description |
|---|---|---|---|
|
instance_id |
Yes |
String |
Globally unique ID of an IAM Identity Center instance. |
Request Parameters
|
Parameter |
Mandatory |
Type |
Description |
|---|---|---|---|
|
X-Security-Token |
No |
String |
Security token (session token) of your temporary security credentials. If a temporary security credential is used, this header is required. Maximum length: 2048 |
Response Parameters
Status code: 200
|
Parameter |
Type |
Description |
|---|---|---|
|
Object |
List of IAM Identity Center identity source attributes that have been added to the ABAC configuration. |
|
|
status |
String |
ABAC attribute configuration status. Enumerated value:
|
|
status_reason |
String |
Details about the state of the specified attribute. |
|
Parameter |
Type |
Description |
|---|---|---|
|
Array of objects |
Attributes configured for ABAC in the IAM Identity Center instance. Array length: 0 - 20 |
|
Parameter |
Type |
Description |
|---|---|---|
|
key |
String |
Name of the attribute associated with the identity in the identity source. Minimum length: 1 Maximum length: 128 |
|
Object |
Mapping the specified attribute to the identity source. |
|
Parameter |
Type |
Description |
|---|---|---|
|
source |
Array of strings |
Mapping the specified attribute to the identity source. Minimum length: 0 Maximum length: 255 Array length: 1-1 |
Status code: 400
|
Parameter |
Type |
Description |
|---|---|---|
|
error_code |
String |
Error code. |
|
error_msg |
String |
Error message. |
|
request_id |
String |
Unique ID of a request. |
|
encoded_authorization_message |
String |
Encrypted error message. |
Status code: 403
|
Parameter |
Type |
Description |
|---|---|---|
|
error_code |
String |
Error code. |
|
error_msg |
String |
Error message. |
|
request_id |
String |
Unique ID of a request. |
|
encoded_authorization_message |
String |
Encrypted error message. |
Example Request
Obtaining access control attributes for a specified instance
GET https://{hostname}/v1/instances/{instance_id}/access-control-attribute-configuration
Example Response
Status code: 200
Successful
{
"instance_access_control_attribute_configuration" : {
"access_control_attributes" : [ {
"key" : "email",
"value" : {
"source" : [ "${path:emails[primary eq true].value}" ]
}
}, {
"key" : "displayName",
"value" : {
"source" : [ "${path:displayName}" ]
}
} ]
},
"status" : "ENABLED",
"status_reason" : null
}
Status Codes
For details, see Status Codes.
Error Codes
For details, see Error Codes.
Feedback
Was this page helpful?
Provide feedbackThank you very much for your feedback. We will continue working to improve the documentation.See the reply and handling status in My Cloud VOC.
For any further questions, feel free to contact us through the chatbot.
Chatbot
