Setting up Landing Zone
Function
This API is used to create or update a landing zone in the current region.
URI
POST https://{endpoint}/v1/landing-zone/setup
Request Parameters
|
Parameter |
Mandatory |
Type |
Description |
|---|---|---|---|
|
identity_store_email |
No |
String |
Email address used by the administrator to create an Identity Center user for enrolling accounts. |
|
home_region |
Yes |
String |
Home region. |
|
setup_landing_zone_action_type |
Yes |
String |
Type of a landing zone. It can be CREATE, REPAIR, or UPDATE. |
|
region_configuration_list |
Yes |
Array of RegionConfigurationList objects |
Region where the account is enrolled. |
|
identity_center_status |
No |
String |
Whether to set IAM Identity Center for the landing zone. |
|
organization_structure_type |
No |
String |
Organization type. It can be STANDARD or NON_STANDARD. |
|
organization_structure |
Yes |
Array of OrganizationStructureBaseLine objects |
Account management system of the basic environment. |
|
deny_ungoverned_regions |
No |
Boolean |
Whether the governance policy for region deny is allowed. The default value is false. |
|
cloud_trail_type |
No |
Boolean |
Controls if organization aggregation is configured. |
|
kms_key_id |
No |
String |
Encrypted field. |
|
logging_configuration |
Yes |
LoggingConfiguration object |
Log configurations of the landing zone. |
|
baseline_version |
No |
String |
Baseline version. |
|
Parameter |
Mandatory |
Type |
Description |
|---|---|---|---|
|
region |
Yes |
String |
Region name. |
|
region_configuration_status |
Yes |
String |
Region status. |
|
Parameter |
Mandatory |
Type |
Description |
|---|---|---|---|
|
organizational_unit_name |
No |
String |
Name of a registered OU. |
|
organizational_unit_type |
Yes |
String |
Type of the registered OU. It can be a foundational OU or a custom OU. |
|
accounts |
No |
Array of AccountBaseline objects |
Basic information about an enrolled account. |
|
Parameter |
Mandatory |
Type |
Description |
|---|---|---|---|
|
account_name |
Yes |
String |
Name of an enrolled account. |
|
account_id |
No |
String |
A unique ID of an enrolled account. |
|
phone |
No |
String |
Mobile number. |
|
account_email |
No |
String |
Email address of an enrolled account. |
|
account_type |
Yes |
String |
Type of an enrolled account. It can be LOGGING or SECURITY. |
|
Parameter |
Mandatory |
Type |
Description |
|---|---|---|---|
|
logging_bucket_name |
No |
String |
Name of a log aggregation bucket. |
|
access_logging_bucket |
No |
AccessLoggingBucketBaseline object |
Basic settings of access logs. |
|
logging_bucket |
No |
LoggingBucketBaseline object |
Basic log settings. |
Response Parameters
Status code: 200
Request succeeded.
Status code: 403
|
Parameter |
Type |
Description |
|---|---|---|
|
error_code |
String |
Error code. |
|
error_msg |
String |
Error message. |
|
request_id |
String |
Unique ID of the request. |
|
encoded_authorization_message |
String |
Encrypted error message. |
|
details |
Array of ForbiddenErrorDetail objects |
Error message indicating no permissions for cross-service invoking. |
Example Requests
Creating or updating a landing zone in the current region
POST https://{endpoint}/v1/landing-zone/setup
{
"identity_store_email" : "string",
"home_region" : "string",
"setup_landing_zone_action_type" : "string",
"region_configuration_list" : [ {
"region" : "string",
"region_configuration_status" : "ENABLED"
} ],
"organization_structure" : [ {
"organizational_unit_name" : "string",
"organizational_unit_type" : "CORE",
"accounts" : [ {
"account_name" : "string",
"account_id" : "string",
"phone" : "string",
"account_email" : "string",
"account_type" : "LOGGING"
} ]
} ],
"deny_ungoverned_regions" : false,
"cloud_trail_type" : true,
"kms_key_id" : "",
"logging_configuration" : {
"logging_bucket" : {
"retention_days" : 5475
},
"access_logging_bucket" : {
"retention_days" : 5475
}
}
}
Example Responses
None
Status Codes
|
Status Code |
Description |
|---|---|
|
200 |
Request succeeded. |
|
403 |
No permissions. |
Error Codes
See Error Codes.
Feedback
Was this page helpful?
Provide feedbackThank you very much for your feedback. We will continue working to improve the documentation.See the reply and handling status in My Cloud VOC.
For any further questions, feel free to contact us through the chatbot.
Chatbot
