Help Center/ Organizations/ API Reference/ APIs/ Managing Policies/ Disabling a Policy Type in a Root
Updated on 2024-10-21 GMT+08:00

Disabling a Policy Type in a Root

Function

This API is used to disable a policy type in a root. A policy of a specific type can be attached to entities in a root only if that policy type is enabled in the root. After you call this API, you can no longer attach any policies of the specified type to that root or any OU or account in the root. This is an asynchronous request executed in the background. You can use ListRoots to view the status of the policy types for the specified root. This API can be called only from the organization's management account.

Debugging

You can debug this API through automatic authentication in API Explorer or use the SDK sample code generated by API Explorer.

URI

POST https://{endpoint}/v1/organizations/policies/disable

Request Parameters

Table 1 Request header parameters

Parameter

Mandatory

Type

Description

X-Security-Token

No

String

Security token (session token) of your temporary security credentials. If a temporary security credential is used, this header is required.

Table 2 Request body parameters

Parameter

Mandatory

Type

Description

policy_type

Yes

String

Name of a policy type. It can be service_control_policy or tag_policy.

root_id

Yes

String

Unique ID of a root.

Response Parameters

Status code: 202

Table 3 Response body parameters

Parameter

Type

Description

root

RootDto object

Details about a root. A root is a top-level parent node in the hierarchy of an organization composed of OUs and accounts.

Table 4 RootDto

Parameter

Type

Description

id

String

Unique ID of a root.

urn

String

Uniform resource name of the root.

name

String

Root name.

policy_types

Array of PolicyTypeSummaryDto objects

Policy types that are currently enabled for the root. The policies of these types can be attached to the root or to its OUs or accounts.

created_at

String

Time when a root was created.

Table 5 PolicyTypeSummaryDto

Parameter

Type

Description

status

String

Status of the policy type associated with a root. To attach a policy of a specified type to a root or an OU or account in the root, the policy must be available in the organization and enabled for the root.

type

String

Name of a policy type. It can be service_control_policy or tag_policy.

Example Requests

Disabling a policy type in a root

POST https://{endpoint}/v1/organizations/policies/disable

{
  "policy_type" : "service_control_policy",
  "root_id" : "r-o1qqtqfo7xl427v7g"
}

Example Responses

Status code: 202

Successful.

{
  "root" : {
    "id" : "05261f923e80d3890f33c0056e9b3f80",
    "urn" : "organizations::0a6d25d23900d45c0faac010e0fb4de0:policy:o-fhkmi6mek7wlqdp6nideqhb47qwtjdsv/service_control_policy/p-b4wpejd02o66g0pvfinvsatp4t9krfum",
    "name" : "paas_iam_573331",
    "policy_types" : [ {
      "status" : "enabled",
      "type" : "service_control_policy"
    } ],
    "created_at" : "2022-09-22T02:23:21Z"
  }
}

Status Codes

Status Code

Description

202

Successful.

Error Codes

See Error Codes.