Updated on 2025-07-15 GMT+08:00

Creating a Permission Policy

Function

This API is used to create a permission policy.

URI

POST /v1/permissions/rules

Request Parameters

Table 1 Parameters in the request header

Parameter

Mandatory

Type

Description

X-Auth-Token

Yes

String

Identity authentication information

Table 2 Parameters in the request body

Parameter

Mandatory

Type

Description

metadata

Yes

CreateRuleObjectMeta object

Basic information about the permission policy. Metadata is a collection of attributes.

spec

Yes

RuleSpec object

Details about the permission policy. UCS creates or updates the permission policy by spec.

Table 3 CreateRuleObjectMeta

Parameter

Mandatory

Type

Description

name

Yes

String

Permission policy name

Table 4 RuleSpec

Parameter

Mandatory

Type

Description

iamuserids

No

Array of strings

Information of IAM users associated with a permission policy

type

No

String

Permission policy type. The value can be readonly, develop, admin, or custom.

contents

No

Array of Content objects

Permission policy content

description

No

String

Permission policy description

Table 5 Content

Parameter

Mandatory

Type

Description

verbs

No

Array of strings

Action list

resources

No

Array of strings

Resource list

Response Parameters

Status code: 201

Table 6 Parameters in the response body

Parameter

Type

Description

uid

String

Permission policy UID

Status code: 400

Table 7 Parameters in the response body

Parameter

Type

Description

-

String

Status code: 500

Table 8 Parameters in the response body

Parameter

Type

Description

-

String

Example Requests

Creating a permissions policy

https://ucs.myhuaweicloud.com/v1/permissions/rules

{
  "metadata" : {
    "name" : "xxxxx"
  },
  "spec" : {
    "type" : "admin",
    "iamUserIDs" : [ "xxxxx" ]
  }
}

Example Responses

Status code: 201

The UID of the new permission policy has been returned.

{
  "uid" : "xxxx-xxxx-xxxx-xxxx"
}

Status Codes

Status Code

Description

201

The UID of the new permission policy has been returned.

400

Client request error. The server could not execute the request.

500

Internal server error.

Error Codes

See Error Codes.