Updated on 2024-10-21 GMT+08:00

Creating a Policy

Function

This API is used to create a policy of the specified type. It can be called only from the organization's management account.

Debugging

You can debug this API through automatic authentication in API Explorer or use the SDK sample code generated by API Explorer.

URI

POST https://{endpoint}/v1/organizations/policies

Request Parameters

Table 1 Request header parameters

Parameter

Mandatory

Type

Description

X-Security-Token

No

String

Security token (session token) of your temporary security credentials. If a temporary security credential is used, this header is required.

X-Language

No

String

Language of the returned results.

Table 2 Request body parameters

Parameter

Mandatory

Type

Description

content

Yes

String

Policy text content to be added to the new policy.

description

Yes

String

Optional description to be assigned to the policy.

name

Yes

String

Name to be assigned to the policy.

type

Yes

String

Type of the policy to be created. It can be service_control_policy or tag_policy.

tags

No

Array of TagDto objects

List of tags you want to attach to the new policy.

Table 3 TagDto

Parameter

Mandatory

Type

Description

key

Yes

String

Identifier or name of the tag key.

value

Yes

String

String value associated with the tag key. You can set the tag value to an empty string, but cannot set it to NULL.

Response Parameters

Status code: 201

Table 4 Response body parameters

Parameter

Type

Description

policy

PolicyDto object

Details about a policy.

Table 5 PolicyDto

Parameter

Type

Description

content

String

Text content of the policy.

policy_summary

PolicySummaryDto object

Information about a policy (policy content not included).

Table 6 PolicySummaryDto

Parameter

Type

Description

is_builtin

Boolean

A boolean value indicating whether the specified policy is a system policy. If the value is true, the policy is a system policy. You can attach the policy to roots, OUs, or accounts, but you cannot edit it.

description

String

Description of the policy.

id

String

Unique ID of the policy.

urn

String

Uniform resource name of the policy.

name

String

Name of the policy.

type

String

Policy type. It can be service_control_policy or tag_policy.

Example Requests

Creating a policy

POST https://{endpoint}/v1/organizations/policies

{
  "content" : "{\"Version\":\"5.0\",\"Statement\":[{\"Sid\":\"Statement1\",\"Effect\":\"Allow\",\"Action\":[\"*\"],\"Resource\":[\"*\"]}]}",
  "description" : "auto0923160642938XHxSPolicydesc",
  "name" : "auto092316064293806EYPolicyName",
  "type" : "service_control_policy",
  "tags" : [ {
    "key" : "keystring",
    "value" : "valuestring"
  } ]
}

Example Responses

Status code: 201

Successful.

{
  "policy" : {
    "content" : "{\"Version\":\"5.0\",\"Statement\":[{\"Sid\":\"Statement1\",\"Effect\":\"Allow\",\"Action\":[\"*\"],\"Resource\":[\"*\"]}]}",
    "policy_summary" : {
      "is_builtin" : false,
      "description" : "auto0923160642938XHxSPolicydesc",
      "id" : "p-b4wpejd02o66g0pvfinvsatp4t9krfum",
      "urn" : "organizations::0a6d25d23900d45c0faac010e0fb4de0:policy:o-fhkmi6mek7wlqdp6nideqhb47qwtjdsv/service_control_policy/p-b4wpejd02o66g0pvfinvsatp4t9krfum",
      "name" : "auto092316064293806EYPolicyName",
      "type" : "service_control_policy"
    }
  }
}

Status Codes

Status Code

Description

201

Successful.

Error Codes

See Error Codes.