Adding a Custom Policy
Function
This API is used to add a custom policy to a specified permission set. It can be called only from the organization's management account or from a delegated administrator account of a cloud service.
Authorization Information
The account root user has the permissions to call all APIs, but its IAM users must have the following identity policy-based permissions to call this API. For more information, see Permissions and Supported Actions.
|
Action |
Access Level |
Resource (*: Required) |
Condition Key |
Alias |
Dependencies |
|---|---|---|---|---|---|
|
IdentityCenter:permissionSet:attachCustomRole |
Permission_management |
instance * |
- |
- |
organizations:delegatedAdministrators:list |
|
permissionSet * |
g:ResourceTag/<tag-key> |
URI
PUT /v1/instances/{instance_id}/permission-sets/{permission_set_id}/custom-role
|
Parameter |
Mandatory |
Type |
Description |
|---|---|---|---|
|
instance_id |
Yes |
String |
Globally unique ID of an IAM Identity Center instance. |
|
permission_set_id |
Yes |
String |
Globally unique ID of a permission set. |
Request Parameters
|
Parameter |
Mandatory |
Type |
Description |
|---|---|---|---|
|
X-Security-Token |
No |
String |
Security token (session token) of your temporary security credentials. If a temporary security credential is used, this header is required. |
|
Parameter |
Mandatory |
Type |
Description |
|---|---|---|---|
|
custom_role |
Yes |
String |
Custom policy attached to a permission set. Minimum length: 1 Maximum length: 131,072 |
Response Parameters
Status code: 400
|
Parameter |
Type |
Description |
|---|---|---|
|
error_code |
String |
Error code. |
|
error_msg |
String |
Error message. |
|
request_id |
String |
Unique ID of a request. |
Status code: 403
|
Parameter |
Type |
Description |
|---|---|---|
|
error_code |
String |
Error code. |
|
error_msg |
String |
Error message. |
|
request_id |
String |
Unique ID of a request. |
|
encoded_authorization_message |
String |
Encrypted error message. |
Status code: 409
|
Parameter |
Type |
Description |
|---|---|---|
|
error_code |
String |
Error code. |
|
error_msg |
String |
Error message. |
|
request_id |
String |
Unique ID of a request. |
Example Request
Attaching a custom policy to a permission set
PUT https://{hostname}/v1/instances/{instance_id}/permission-sets/{permission_set_id}/custom-role
{
"custom_role" : "{\"Version\":\"1.1\",\"Statement\":[{\"Effect\":\"Allow\",\"Action\":[\"example:*:*\"]}]}"
}
Example Response
None
Status Codes
For details, see Status Codes.
Error Codes
For details, see Error Codes.
Feedback
Was this page helpful?
Provide feedbackThank you very much for your feedback. We will continue working to improve the documentation.See the reply and handling status in My Cloud VOC.
For any further questions, feel free to contact us through the chatbot.
Chatbot
