Querying a Governance Policy Enabled for a Registered OU
Function
This API is used to query details about a governance policy enabled for a registered OU in an organization.
Authorization Information
Each account root user has all the permissions required to call all APIs, but IAM users must be assigned the following required identity policy-based permissions. For details about the required permissions, see Permissions Policies and Supported Actions.
|
Action |
Access Level |
Resource Type (*: required) |
Condition Key |
Alias |
Dependencies |
|---|---|---|---|---|---|
|
rgc:controlsForOrganizationalUnit:get |
Read |
- |
- |
- |
- |
URI
GET /v1/governance/managed-organizational-units/{managed_organizational_unit_id}/controls/{control_id}
|
Parameter |
Mandatory |
Type |
Description |
|---|---|---|---|
|
managed_organizational_unit_id |
Yes |
String |
ID of a registered OU. |
|
control_id |
Yes |
String |
Governance policy ID. |
Request Parameters
None
Response Parameters
Status code: 200
|
Parameter |
Type |
Description |
|---|---|---|
|
control |
EnabledControl object |
Enabled governance policies. |
|
regions |
Array of RegionConfigurationList objects |
Region information. |
|
state |
String |
Status. |
|
message |
String |
Status description. |
|
version |
String |
Version of the current governance policy. |
|
Parameter |
Type |
Description |
|---|---|---|
|
manage_account_id |
String |
Management account ID. |
|
control_identifier |
String |
Governance policy ID. |
|
name |
String |
Name of a governance policy. |
|
description |
String |
Description of a governance policy. |
|
control_objective |
String |
Pre-defined objective that the governance policy helps you enforce. |
|
behavior |
String |
Type of a governance policy. A governance policy can be preventive, detective, or proactive. |
|
owner |
String |
Source of a governance policy. |
|
regional_preference |
String |
Region options. It can be regional or global. |
|
Parameter |
Type |
Description |
|---|---|---|
|
region |
String |
Region name. |
|
region_configuration_status |
String |
Region status, which can be ENABLE or DISABLE. |
Status code: 403
|
Parameter |
Type |
Description |
|---|---|---|
|
error_code |
String |
Error code. |
|
error_msg |
String |
Error message. |
|
request_id |
String |
Unique ID of the request. |
|
encoded_authorization_message |
String |
Encrypted error message. |
|
details |
Array of ForbiddenErrorDetail objects |
Error message indicating no permissions for cross-service invoking. |
Example Requests
Querying details about a governance policy enabled for a registered OU in an organization
GET https://{endpoint}/v1/governance/managed-organizational-units/{managed_organizational_unit_id}/controls/{control_id}
Example Responses
Status code: 200
Request succeeded.
{
"control" : {
"manage_account_id" : "string",
"control_identifier" : "string",
"name" : "string",
"description" : "string",
"control_objective" : "string",
"behavior" : "string",
"owner" : "string",
"regional_preference" : "string"
},
"regions" : [ {
"region" : "string",
"region_configuration_status" : "string"
} ],
"state" : "string",
"message" : "string",
"version" : "string"
}
Status Codes
|
Status Code |
Description |
|---|---|
|
200 |
Request succeeded. |
|
403 |
No permissions. |
Error Codes
See Error Codes.
Feedback
Was this page helpful?
Provide feedbackThank you very much for your feedback. We will continue working to improve the documentation.See the reply and handling status in My Cloud VOC.
For any further questions, feel free to contact us through the chatbot.
Chatbot
