Querying the Operation Protection Policy
Function
This API is used to query the operation protection policy.
The API can be called using both the global endpoint and region-specific endpoints. For IAM endpoints, see Regions and Endpoints.
Debugging
You can debug this API in API Explorer.
URI
GET /v3.0/OS-SECURITYPOLICY/domains/{domain_id}/protect-policy
Parameter |
Mandatory |
Type |
Description |
---|---|---|---|
domain_id |
Yes |
String |
Account ID. For details about how to obtain the account ID, see Obtaining Account, IAM User, Group, Project, Region, and Agency Information. |
Request Parameters
Parameter |
Mandatory |
Type |
Description |
---|---|---|---|
X-Auth-Token |
Yes |
String |
Access token issued to a user to bear its identity and permissions. For details about the permissions required by the token, see Actions. |
Response Parameters
Status code: 200
Parameter |
Type |
Description |
---|---|---|
protect_policy object |
Specifies the operation protection policy. |
Parameter |
Type |
Description |
---|---|---|
AllowUserBody object |
Specifies the attributes IAM users can modify. |
|
operation_protection |
boolean |
Specifies whether to enable operation protection. The value can be true or false. |
mobile |
String |
Specifies the mobile number used for verification. Example: 0852-123456789 |
admin_check |
String |
Specifies whether a person is designated for verification. If this parameter is set to on, you need to specify the scene parameter to designate a person for verification. If this parameter is set to off, the designated operator is responsible for verification. |
|
String |
Specifies the email address used for verification. An example value is example@email.com. |
scene |
String |
Specifies the verification method. This parameter is mandatory when admin_check is set to on. The value options are mobile and email. |
Parameter |
Type |
Description |
---|---|---|
manage_accesskey |
boolean |
Specifies whether IAM users are allowed to manage access keys by themselves. The value can be true or false. |
manage_email |
boolean |
Specifies whether IAM users are allowed to change their email addresses. The value can be true or false. |
manage_mobile |
boolean |
Specifies whether IAM users are allowed to change their mobile numbers. The value can be true or false. |
manage_password |
boolean |
Specifies whether IAM users are allowed to change their passwords. The value can be true or false. |
Example Request
Request for querying the operation protection policy
GET https://iam.myhuaweicloud.com/v3.0/OS-SECURITYPOLICY/domains/{domain_id}/protect-policy
Example Response
Status code: 200
The request is successful.
{ "protect_policy" : { "operation_protection" : false } }
Status code: 403
Access denied.
- Example 1
{ "error_msg" : "You are not authorized to perform the requested action.", "error_code" : "IAM.0002" }
- Example 2
{ "error_msg" : "Policy doesn't allow %(actions)s to be performed.", "error_code" : "IAM.0003" }
Status code: 404
The requested resource cannot be found.
{ "error_msg" : "Could not find %(target)s: %(target_id)s.", "error_code" : "IAM.0004" }
Status code: 500
Internal server error.
{ "error_msg" : "An unexpected error prevented the server from fulfilling your request.", "error_code" : "IAM.0006" }
Status Codes
Status Code |
Description |
---|---|
200 |
The request is successful. |
401 |
Authentication failed. |
403 |
Access denied. |
404 |
The requested resource cannot be found. |
500 |
Internal server error. |
Error Codes
For details, see Error Codes.
Feedback
Was this page helpful?
Provide feedbackThank you very much for your feedback. We will continue working to improve the documentation.See the reply and handling status in My Cloud VOC.
For any further questions, feel free to contact us through the chatbot.
Chatbot