Updated on 2024-11-06 GMT+08:00

Update Device Policy Information

Function

This API is used by an application to update a policy on the IoT platform.

Debugging

You can debug this API through automatic authentication in API Explorer or use the SDK sample code generated by API Explorer.

URI

PUT /v5/iot/{project_id}/device-policies/{policy_id}

Table 1 Path Parameters

Parameter

Mandatory

Type

Description

project_id

Yes

String

Parameter description: project ID. For details about how to obtain the project ID, see Obtaining a Project ID.

policy_id

Yes

String

Policy ID.

Request Parameters

Table 2 Request header parameters

Parameter

Mandatory

Type

Description

X-Auth-Token

No

String

Parameter description: user token. Obtain the token by calling the IAM API for obtaining a user token through password authentication. In the returned response header, X-Subject-Token is the desired user token. For details about how to obtain the token, see Token Authentication.

Instance-Id

No

String

Parameter description: instance ID. Unique identifier of each instance in the physical multi-tenant scenario. Mandatory for professional editions and recommended in other cases. Log in to the IoTDA console and choose Overview in the navigation pane to view the instance ID. For details, see Viewing Instance Details.

Table 3 Request body parameters

Parameter

Mandatory

Type

Description

policy_name

No

String

Parameter description: policy name. Value: The value can contain a maximum of 128 characters. Only letters, digits, underscores (_), and hyphens (-) are allowed.

statement

No

Array of Statement objects

Parameter description: policy document.

Table 4 Statement

Parameter

Mandatory

Type

Description

effect

Yes

String

Specifies whether to allow or reject the operation. If there are both ALLOW and DENY statements, the DENY statement takes precedence.

  • ALLOW

  • DENY

actions

Yes

Array of strings

Specifies the operation allowed or denied by the policy. Format: Service name:Resource:Operation. Options:

  • iotda:devices:publish: The device uses MQTT to publish messages.

  • iotda:devices:subscribe: The device uses MQTT to subscribe to messages.

resources

Yes

Array of strings

Specifies the resource on which the operation is allowed or rejected. Format: Resource type:Resource name. For example, the resource subscribed by the device is topic:/v1/${devices.deviceId}/test/hello.

Value: Length of the resource list: 1 to 10. Only letters, digits, and special characters (/{}$=+#?*:._-) are allowed.

Response Parameters

Status code: 200

Table 5 Response body parameters

Parameter

Type

Description

app_id

String

Parameter description: resource space ID.

policy_id

String

Policy ID.

policy_name

String

Policy name.

statement

Array of Statement objects

Policy documents.

create_time

String

Time when the policy was created on the IoT platform. The value is in the format of yyyyMMdd'T'HHmmss'Z', for example, 20151212T121212Z.

update_time

String

Time when the policy was updated on the IoT platform. The value is in the format of yyyyMMdd'T'HHmmss'Z', for example, 20151212T121212Z.

Table 6 Statement

Parameter

Type

Description

effect

String

Specifies whether to allow or reject the operation. If there are both ALLOW and DENY statements, the DENY statement takes precedence.

  • ALLOW

  • DENY

actions

Array of strings

Specifies the operation allowed or denied by the policy. Format: Service name:Resource:Operation. Options:

  • iotda:devices:publish: The device uses MQTT to publish messages.

  • iotda:devices:subscribe: The device uses MQTT to subscribe to messages.

resources

Array of strings

Specifies the resource on which the operation is allowed or rejected. Format: Resource type:Resource name. For example, the resource subscribed by the device is topic:/v1/${devices.deviceId}/test/hello.

Value: Length of the resource list: 1 to 10. Only letters, digits, and special characters (/{}$=+#?*:._-) are allowed.

Example Requests

Updates a device policy.

PUT https://{endpoint}/v5/iot/{project_id}/device-policies/{policy_id}

{
  "policy_name" : "testPolicy",
  "statement" : [ {
    "effect" : "ALLOW",
    "actions" : [ "iotda:devices:publish", "iotda:devices:subscribe" ],
    "resources" : [ "topic:/v1/${devices.deviceId}/test/hello", "topic:/v1/${devices.productId}/test/hello" ]
  } ]
}

Example Responses

Status code: 200

OK

{
  "app_id" : "jeQDJQZltU8iKgFFoW060F5SGZka",
  "policy_id" : "5c90fa7d3c4e4405e8525079",
  "policy_name" : "testPolicy",
  "statement" : [ {
    "effect" : "ALLOW",
    "actions" : [ "iotda:devices:publish", "iotda:devices:subscribe" ],
    "resources" : [ "topic:/v1/${devices.deviceId}/test/hello", "topic:/v1/${devices.productId}/test/hello" ]
  } ],
  "create_time" : "20230810T070547Z",
  "update_time" : "20230810T070547Z"
}

Status Codes

Status Code

Description

200

OK

400

Bad Request

401

Unauthorized

403

Forbidden

404

Not Found

500

Internal Server Error

Error Codes

See Error Codes.