Updated on 2024-04-30 GMT+08:00

Creating a Permission Policy

Function

This API is used to create a permission policy.

URI

POST /v1/permissions/rules

Request Parameters

Table 1 Request header parameters

Parameter

Mandatory

Type

Description

X-Auth-Token

Yes

String

Identity authentication information

Minimum: 1

Maximum: 16384

Table 2 Request body parameters

Parameter

Mandatory

Type

Description

metadata

Yes

CreateRuleObjectMeta object

Basic information about the object. Metadata is a collection of attributes.

spec

Yes

RuleSpec object

Detailed description of an object. UCS creates or updates objects by defining or updating spec.

Table 3 CreateRuleObjectMeta

Parameter

Mandatory

Type

Description

name

Yes

String

Permission policy name

Minimum: 1

Maximum: 63

Table 4 RuleSpec

Parameter

Mandatory

Type

Description

iamuserids

No

Array of strings

IAM user information associated with a permission policy

type

No

String

Permission policy type. The value can be readonly, develop, admin, or custom.

contents

No

Array of Content objects

Permission policy content

description

No

String

Permission policy description

Minimum: 0

Maximum: 255

Table 5 Content

Parameter

Mandatory

Type

Description

verbs

No

Array of strings

Action list

resources

No

Array of strings

Resource list

Response Parameters

Status code: 201

Table 6 Response body parameters

Parameter

Type

Description

uid

String

Permission policy UID

Example Requests

Creating a permission policy

https://ucs.myhuaweicloud.com/v1/permissions/rules

{
  "metadata" : {
    "name" : "xxxxx"
  },
  "spec" : {
    "type" : "admin",
    "iamUserIDs" : [ "xxxxx" ]
  }
}

Example Responses

Status code: 201

The permission policy has been created (the UID of the permission policy is returned).

{
  "uid" : "xxxx-xxxx-xxxx-xxxx"
}

Status Codes

Status Code

Description

201

The permission policy has been created (the UID of the permission policy is returned).

400

Client request error. The server could not execute the request.

500

Internal server error.

Error Codes

See Error Codes.