Creating an Access Policy

Function

Creates an access policy.

Debugging

You can debug this API through automatic authentication in API Explorer or use the SDK sample code generated by API Explorer.

Authorization Information

Each account has all the permissions required to call all APIs, but IAM users must be assigned the required permissions.

If you are using role/policy-based authorization, see Permissions Policies and Supported Actions for details on the required permissions.
If you are using identity policy-based authorization, no identity policy-based permission required for calling this API.

URI

POST /v2/{project_id}/access-policy

**Table 1** Path Parameters
Parameter	Mandatory	Type	Description
project_id	Yes	String	Project ID.

Request Parameters

**Table 2** Request body parameters
Parameter	Mandatory	Type	Description
policy	Yes	AccessPolicyInfo object	Access policy information.
policy_objects_list	No	Array of AccessPolicyObjectInfo objects	Objects to which the policy is applied.

**Table 3** AccessPolicyInfo
Parameter	Mandatory	Type	Description
policy_name	No	String	Policy name.
blacklist_type	No	String	Blacklist type. Currently, the blacklist supports only the Internet. INTERNET: Internet
access_control_type	No	String	Access control type, which defaults to ACCESS_TYPE. ACCESS_TYPE: access type IP_WHITE_LIST: IP address whitelist
ip_list	No	Array of IpInfo objects	IP addresses of a policy.
is_enable	No	Boolean	Whether the IP address whitelist takes effect. This value can be updated only separately. This value has the highest priority. If this value is transferred, only the policy's activation status will be changed.
is_block_all	No	Boolean	Whether the IP address whitelist prohibits access from all IP addresses. If is_enable is set to false, this value cannot be changed. This value can be updated only separately.
ip_total_count	No	Integer	Total number of policies.

**Table 4** IpInfo
Parameter	Mandatory	Type	Description
ip_address	Yes	String	IP address.
subnet_mask	Yes	String	Subnet mask.

**Table 5** AccessPolicyObjectInfo
Parameter	Mandatory	Type	Description
object_id	Yes	String	ID of an object in the blacklist.
object_type	Yes	String	Object type USER: user USERGROUP: user group
object_name	No	String	Object name This parameter will not be verified later.

Response Parameters

Status code: 200

Normal.

Status code: 400

**Table 6** Response body parameters
Parameter	Type	Description
error_code	String	Error code.
error_msg	String	Error message.
error_detail	String	Error Details.
encoded_authorization_message	String	Encrypted detailed reason for rejection. You can call the API decode-authorization-message of STS to decrypt the reason.

Status code: 401

**Table 7** Response body parameters
Parameter	Type	Description
error_code	String	Error code.
error_msg	String	Error message.
error_detail	String	Error Details.
encoded_authorization_message	String	Encrypted detailed reason for rejection. You can call the API decode-authorization-message of STS to decrypt the reason.

Status code: 403

**Table 8** Response body parameters
Parameter	Type	Description
error_code	String	Error code.
error_msg	String	Error message.
error_detail	String	Error Details.
encoded_authorization_message	String	Encrypted detailed reason for rejection. You can call the API decode-authorization-message of STS to decrypt the reason.

Status code: 404

**Table 9** Response body parameters
Parameter	Type	Description
error_code	String	Error code.
error_msg	String	Error message.
error_detail	String	Error Details.
encoded_authorization_message	String	Encrypted detailed reason for rejection. You can call the API decode-authorization-message of STS to decrypt the reason.

Status code: 405

**Table 10** Response body parameters
Parameter	Type	Description
error_code	String	Error code.
error_msg	String	Error message.
error_detail	String	Error Details.
encoded_authorization_message	String	Encrypted detailed reason for rejection. You can call the API decode-authorization-message of STS to decrypt the reason.

Status code: 500

**Table 11** Response body parameters
Parameter	Type	Description
error_code	String	Error code.
error_msg	String	Error message.
error_detail	String	Error Details.
encoded_authorization_message	String	Encrypted detailed reason for rejection. You can call the API decode-authorization-message of STS to decrypt the reason.

Status code: 503

**Table 12** Response body parameters
Parameter	Type	Description
error_code	String	Error code.
error_msg	String	Error message.
error_detail	String	Error Details.
encoded_authorization_message	String	Encrypted detailed reason for rejection. You can call the API decode-authorization-message of STS to decrypt the reason.

Example Requests

post /v2/{project_id}/access-policy

{
  "policy" : {
    "policy_name" : "PRIVATE_ACCESS",
    "blacklist_type" : "INTERNET"
  }
}

Example Responses

None

Status Codes

Status Code	Description
200	Normal.
400	The request cannot be understood by the server due to malformed syntax.
401	Authentication failed.
403	No operation permissions.
404	No resources found.
405	The method specified in the request is not allowed.
500	An internal service error occurred. For details about the error code, see the error code description.
503	Service unavailable.

Error Codes

See Error Codes.

Parent topic:Policy Group

Previous topic: Importing a Policy Group

Next topic: Query access policies

Feedback

Was this page helpful?

Helpful Not helpful

Provide feedback

Thank you very much for your feedback. We will continue working to improve the documentation.See the reply and handling status in My Cloud VOC.

The system is busy. Please try again later.

For any further questions, feel free to contact us through the chatbot.

Chatbot