Help Center/ Organizations/ API Reference/ APIs/ Managing Policies/ Enabling a Policy Type for a Root
Updated on 2024-10-21 GMT+08:00

Enabling a Policy Type for a Root

Function

This API is used to enable a policy type for a root of an organization. After you enable a policy type for the root, you can attach the policies of this type to the root, or any OU or account under the root. This is an asynchronous request executed in the background. You can use ListRoots to view the status of the policy types for the specified root. This API can be called only from the organization's management account.

Debugging

You can debug this API through automatic authentication in API Explorer or use the SDK sample code generated by API Explorer.

URI

POST https://{endpoint}/v1/organizations/policies/enable

Request Parameters

Table 1 Request header parameters

Parameter

Mandatory

Type

Description

X-Security-Token

No

String

Security token (session token) of your temporary security credentials. If a temporary security credential is used, this header is required.

Table 2 Request body parameters

Parameter

Mandatory

Type

Description

policy_type

Yes

String

Name of a policy type. It can be service_control_policy or tag_policy.

root_id

Yes

String

Unique ID of a root.

Response Parameters

Status code: 202

Table 3 Response body parameters

Parameter

Type

Description

root

RootDto object

Details about a root. A root is a top-level parent node in the hierarchy of an organization composed of OUs and accounts.

Table 4 RootDto

Parameter

Type

Description

id

String

Unique ID of a root.

urn

String

Uniform resource name of the root.

name

String

Root name.

policy_types

Array of PolicyTypeSummaryDto objects

Policy types that are currently enabled for the root. The policies of these types can be attached to the root or to its OUs or accounts.

created_at

String

Time when a root was created.

Table 5 PolicyTypeSummaryDto

Parameter

Type

Description

status

String

Status of the policy type associated with a root. To attach a policy of a specified type to a root or an OU or account in the root, the policy must be available in the organization and enabled for the root.

type

String

Name of a policy type. It can be service_control_policy or tag_policy.

Example Requests

Enabling a policy type for a root

POST https://{endpoint}/v1/organizations/policies/enable

{
  "policy_type" : "service_control_policy",
  "root_id" : "r-o1qqtqfo7xl427v7g"
}

Example Responses

Status code: 202

Successful.

{
  "root" : {
    "id" : "05261f923e80d3890f33c0056e9b3f80",
    "urn" : "organizations::0a6d25d23900d45c0faac010e0fb4de0:policy:o-fhkmi6mek7wlqdp6nideqhb47qwtjdsv/service_control_policy/p-b4wpejd02o66g0pvfinvsatp4t9krfum",
    "name" : "paas_iam_573331",
    "policy_types" : [ {
      "status" : "enabled",
      "type" : "service_control_policy"
    } ],
    "created_at" : "2022-09-22T02:23:21Z"
  }
}

Status Codes

Status Code

Description

202

Successful.

Error Codes

See Error Codes.