Help Center/ Ubiquitous Cloud Native Service/ API Reference/ API/ Permissions Management/ Creating a Permission Policy
Updated on 2025-12-01 GMT+08:00
View PDF
Share

Creating a Permission Policy

Function

This API is used to create a permission policy.

URI

POST /v1/permissions/rules

Request Parameters

Table 1 Request header parameters

Parameter

Mandatory

Type

Description

X-Auth-Token

No

String

Identity authentication information. Requests for calling an API can be authenticated using either a token or AK/SK. If token-based authentication is used, this parameter is mandatory and must be set to a user token.
Table 2 Request body parameters

Parameter

Mandatory

Type

Description

metadata

Yes

CreateRuleObjectMeta object

Basic information about the object. Metadata is a collection of attributes.

spec

Yes

RuleSpec object

Detailed description of an object. UCS creates or updates objects by defining or updating spec.
Table 3 CreateRuleObjectMeta

Parameter

Mandatory

Type

Description

name

Yes

String

Permission policy name
Table 4 RuleSpec

Parameter

Mandatory

Type

Description

iamUserIDs

No

Array of strings

IAM user information associated with a permission policy

type

No

String

Permission policy type. The value can be readonly, develop, admin, or custom.

contents

No

Array of Content objects

Permission policy content

description

No

String

Permission policy description
Table 5 Content

Parameter

Mandatory

Type

Description

verbs

No

Array of strings

Action list

resources

No

Array of strings

Resource list

Response Parameters

Status code: 201

Table 6 Response body parameters

Parameter

Type

Description

uid

String

Permission policy UID

Status code: 400

Table 7 Response body parameters

Parameter

Type

Description

-

String

-

Status code: 500

Table 8 Response body parameters

Parameter

Type

Description

-

String

-

Example Requests

Creating a permission policy

https://ucs.myhuaweicloud.com/v1/permissions/rules

{
  "metadata" : {
    "name" : "xxxxx"
  },
  "spec" : {
    "type" : "admin",
    "iamUserIDs" : [ "xxxxx" ]
  }
}

Example Responses

Status code: 201

The permission policy has been created (the UID of the permission policy is returned).

{
  "uid" : "xxxx-xxxx-xxxx-xxxx"
}

Status Codes

Status Code

Description

201

The permission policy has been created (the UID of the permission policy is returned).

400

Client request error. The server could not execute the request.

500

Internal server error.

Error Codes

See Error Codes.

Parent topic: Permissions Management