Creating a Permission Policy

Function

This API is used to create a permission policy.

URI

POST /v1/permissions/rules

Request Parameters

**Table 1** Request header parameters
Parameter	Mandatory	Type	Description
X-Auth-Token	Yes	String	Identity authentication information Minimum: 1 Maximum: 16384

**Table 2** Request body parameters
Parameter	Mandatory	Type	Description
metadata	Yes	CreateRuleObjectMeta object	Basic information about the object. Metadata is a collection of attributes.
spec	Yes	RuleSpec object	Detailed description of an object. UCS creates or updates objects by defining or updating spec.

**Table 3** CreateRuleObjectMeta
Parameter	Mandatory	Type	Description
name	Yes	String	Permission policy name Minimum: 1 Maximum: 63

**Table 4** RuleSpec
Parameter	Mandatory	Type	Description
iamuserids	No	Array of strings	IAM user information associated with a permission policy
type	No	String	Permission policy type. The value can be readonly, develop, admin, or custom.
contents	No	Array of Content objects	Permission policy content
description	No	String	Permission policy description Minimum: 0 Maximum: 255

**Table 5** Content
Parameter	Mandatory	Type	Description
verbs	No	Array of strings	Action list
resources	No	Array of strings	Resource list

Response Parameters

Status code: 201

**Table 6** Response body parameters
Parameter	Type	Description
uid	String	Permission policy UID

Example Requests

Creating a permission policy

https://ucs.myhuaweicloud.com/v1/permissions/rules

{
  "metadata" : {
    "name" : "xxxxx"
  },
  "spec" : {
    "type" : "admin",
    "iamUserIDs" : [ "xxxxx" ]
  }
}

Example Responses

Status code: 201

The permission policy has been created (the UID of the permission policy is returned).

{
  "uid" : "xxxx-xxxx-xxxx-xxxx"
}

Status Codes

Status Code	Description
201	The permission policy has been created (the UID of the permission policy is returned).
400	Client request error. The server could not execute the request.
500	Internal server error.