Domain name for API request: organization.intl.tencentcloudapi.com.
This API is used to add policies to permission configurations.
A maximum of 20 requests can be initiated per second for this API.
The following request parameter list only provides API request parameters and some common parameters. For the complete common parameter list, see Common Request Parameters.
Parameter Name | Required | Type | Description |
---|---|---|---|
Action | Yes | String | Common Params. The value used for this API: AddPermissionPolicyToRoleConfiguration. |
Version | Yes | String | Common Params. The value used for this API: 2021-03-31. |
Region | No | String | Common Params. This parameter is not required. |
ZoneId | Yes | String | Space ID. |
RoleConfigurationId | Yes | String | Permission configuration ID. |
RolePolicyType | Yes | String | Permission policy type. Valid values: System: system policy, namely the CAM system policy reused; Custom: custom policy, namely the custom policy prepared according to the CAM permission policy syntax and structure. |
RolePolicyNames.N | No | Array of String | Permission policy name, supporting up to 20 policies, with each policy having a maximum of 32 characters. If you need to add a system policy, it is recommended to use the RolePolicies parameter. For custom policies, the array length is up to 1. |
RolePolicies.N | No | Array of PolicyDetail | Details of an added system policy. |
CustomPolicyDocument | No | String | Custom policy content, which contains up to 4096 characters. When RolePolicyType is Inline, this parameter must be configured. For details, see the permission policy syntax and structure. |
Parameter Name | Type | Description |
---|---|---|
RequestId | String | The unique request ID, generated by the server, will be returned for every request (if the request fails to reach the server for other reasons, the request will not obtain a RequestId). RequestId is required for locating a problem. |
This example shows you how to add policies to permission configurations.
POST / HTTP/1.1
Host: organization.intl.tencentcloudapi.com
Content-Type: application/json
X-TC-Action: AddPermissionPolicyToRoleConfiguration
<Common request parameters>
{
"ZoneId": "z-29wm2iwn",
"RoleConfigurationId": "rc-aiwmsiw",
"RolePolicyType": "System",
"RolePolicyNames": [
"TestPolicy"
],
"CustomPolicyDocument": "{\"statement\":{\"action\":[\"name/cvm:*\",\"name/vpc:*\",\"name/cos:*\",\"name/cmqtopic:*\",\"name/cmqqueue:*\"],\"effect\":\"allow\",\"resource\":\"*\"},\"version\":\"2.0\"}"
}
{
"Response": {
"RequestId": "e297543a-80de-4039-83c8-9d324545"
}
}
TencentCloud API 3.0 integrates SDKs that support various programming languages to make it easier for you to call APIs.
The following only lists the error codes related to the API business logic. For other error codes, see Common Error Codes.
Error Code | Description |
---|---|
FailedOperation.CustomPolicyOverUpperLimit | Custom policies bound to the permission configuration exceed the upper limit. |
FailedOperation.DBOperationError | SQL execution error. |
FailedOperation.IdentityCenterNotOpen | The CIC service is not enabled. |
FailedOperation.SystemPolicyOverUpperLimit | System policies bound to the permission configuration exceed the upper limit. |
FailedOperation.ZoneIdNotExist | The user zoneId of the CIC service does not exist. |
InvalidParameter.BindPolicyNameNotAllowed | The permission configuration cannot be bound to this policy. |
InvalidParameter.ParamError | Parameter error. |
InvalidParameter.PolicyDocumentEmpty | The custom policy content cannot be empty. |
InvalidParameter.PolicyNameAlreadyExists | The policy name already exists. |
InvalidParameter.PolicyNameSizeOverUpperLimit | The policy name exceeds the length limit. |
InvalidParameter.RoleConfigurationNotExist | The permission configuration does not exist. |
Was this page helpful?