yexinru/doc-exports
1
0
Fork 0
forked from docs/doc-exports
Code Pull Requests Activity
Files
a41a4e0331fbc0beff63bb28fa59228cc9a751df
doc-exports/docs/iam/api-ref/en-us_topic_0079578166.html
weihongmin1 46d24ba358 IAM API 0401 Version 
Reviewed-by: Belejkanic, Lukas <lukas.belejkanic@t-systems.com>
Co-authored-by: weihongmin1 <weihongmin1@huawei.com>
Co-committed-by: weihongmin1 <weihongmin1@huawei.com>
2026-01-14 14:13:49 +00:00

404 lines
37 KiB
HTML
Raw Blame History

<a name="en-us_topic_0079578166"></a><a name="en-us_topic_0079578166"></a>
<h1 class="topictitle1">Querying the List of Permissions of an Agency on a Domain</h1>
<div id="body1507780947597"><div class="section" id="en-us_topic_0079578166__sd32cbb7d5afd415d8a47d1f36476f58e"><h4 class="sectiontitle">Function</h4><p id="en-us_topic_0079578166__p1652217297147">This API is used to query the list of permissions of an agency on a domain.</p>
</div>
<div class="section" id="en-us_topic_0079578166__s8bfb266fc6fd4b4fbcdb7c5b37fec0c3"><h4 class="sectiontitle">URI</h4><ul id="en-us_topic_0079578166__u3c6d72635d3d4f0eba1c1f37af7bb138"><li id="en-us_topic_0079578166__l38310aa7196a490f817e2dc9feea1a35">URI format<p id="en-us_topic_0079578166__afdd76c97ee124e938878c24f54de6623"><a name="en-us_topic_0079578166__l38310aa7196a490f817e2dc9feea1a35"></a><a name="l38310aa7196a490f817e2dc9feea1a35"></a>GET /v3.0/OS-AGENCY/domains/{domain_id}/agencies/{agency_id}/roles</p>
</li></ul>
<ul id="en-us_topic_0079578166__u40eefae65744424689f5c81886918671"><li id="en-us_topic_0079578166__lb205bb0fee53403db652442ca93048db">URI parameters
<div class="tablenoborder"><table cellpadding="4" cellspacing="0" summary="" id="en-us_topic_0079578166__t7d98a5ad17d24daa8e58656f6da291de" frame="border" border="1" rules="all"><thead align="left"><tr id="en-us_topic_0079578166__r5e7d0413da724067991bb18271aa331f"><th align="left" class="cellrowborder" valign="top" width="18.360000000000003%" id="mcps1.3.2.3.1.1.1.5.1.1"><p id="en-us_topic_0079578166__a3a948e8952044840bfe547d49baa12c7"><strong id="en-us_topic_0079578166__a173ae121cc9e48328ca613e72f2a1504">Parameter</strong></p>
</th>
<th align="left" class="cellrowborder" valign="top" width="18.48%" id="mcps1.3.2.3.1.1.1.5.1.2"><p id="en-us_topic_0079578166__a2b1a382248774519929c9fe14900ceed"><strong id="en-us_topic_0079578166__b842352706161940_1">Mandatory</strong></p>
</th>
<th align="left" class="cellrowborder" valign="top" width="18.33%" id="mcps1.3.2.3.1.1.1.5.1.3"><p id="en-us_topic_0079578166__af253bd8fb6384746a335ac225b05565b"><strong id="en-us_topic_0079578166__b842352706143526_1">Type</strong></p>
</th>
<th align="left" class="cellrowborder" valign="top" width="44.83%" id="mcps1.3.2.3.1.1.1.5.1.4"><p id="en-us_topic_0079578166__af46f0afead2b4f6aac8fa304ec0bc334"><strong id="en-us_topic_0079578166__b20601766145329_1">Description</strong></p>
</th>
</tr>
</thead>
<tbody><tr id="en-us_topic_0079578166__r8313928b14dc4dcd84b6a9f507104888"><td class="cellrowborder" valign="top" width="18.360000000000003%" headers="mcps1.3.2.3.1.1.1.5.1.1 "><p id="en-us_topic_0079578166__ac8d7ad96322f4179af858eb5c419e8d1">domain_id</p>
</td>
<td class="cellrowborder" valign="top" width="18.48%" headers="mcps1.3.2.3.1.1.1.5.1.2 "><p id="en-us_topic_0079578166__ab6a68ef3a12c48e2ad342c2f352de1f8">Yes</p>
</td>
<td class="cellrowborder" valign="top" width="18.33%" headers="mcps1.3.2.3.1.1.1.5.1.3 "><p id="en-us_topic_0079578166__a3f7ce8cf115c4393b7931d8fde530e4c">String</p>
</td>
<td class="cellrowborder" valign="top" width="44.83%" headers="mcps1.3.2.3.1.1.1.5.1.4 "><p id="en-us_topic_0079578166__a6aa971030c4748a698bb3b4898cd1305">ID of the current domain.</p>
</td>
</tr>
<tr id="en-us_topic_0079578166__r347ae7b1f64e41c98cee1ab0d52732cd"><td class="cellrowborder" valign="top" width="18.360000000000003%" headers="mcps1.3.2.3.1.1.1.5.1.1 "><p id="en-us_topic_0079578166__a7ea4dd5a3c8448e7b705f201030eec17">agency_id</p>
</td>
<td class="cellrowborder" valign="top" width="18.48%" headers="mcps1.3.2.3.1.1.1.5.1.2 "><p id="en-us_topic_0079578166__afff03be279884bdca910434905df5e21">Yes</p>
</td>
<td class="cellrowborder" valign="top" width="18.33%" headers="mcps1.3.2.3.1.1.1.5.1.3 "><p id="en-us_topic_0079578166__a237c5e94daba453680ae069a9fba48df">String</p>
</td>
<td class="cellrowborder" valign="top" width="44.83%" headers="mcps1.3.2.3.1.1.1.5.1.4 "><p id="en-us_topic_0079578166__a41754287d487497484900718c4a1be30">ID of an agency.</p>
</td>
</tr>
</tbody>
</table>
</div>
</li></ul>
</div>
<div class="section" id="en-us_topic_0079578166__sbe09a08b2e5841ff9f6808a1e714405c"><h4 class="sectiontitle">Request Parameters</h4><ul id="en-us_topic_0079578166__u76128a04a27c48908b5c7a79923a5d24"><li id="en-us_topic_0079578166__l80545ada7e8943b3a5a041802bdce280">Parameters in the request header
<div class="tablenoborder"><table cellpadding="4" cellspacing="0" summary="" id="en-us_topic_0079578166__t2a3bcde88e2d42b9be2030e06757f78c" frame="border" border="1" rules="all"><thead align="left"><tr id="en-us_topic_0079578166__re9a6010114a74310bb1c8ec8266d6e97"><th align="left" class="cellrowborder" valign="top" width="19.36%" id="mcps1.3.3.2.1.1.1.5.1.1"><p id="en-us_topic_0079578166__a77a080ef749f42afa95c01469e004592"><strong id="en-us_topic_0079578166__b30308918144432">Parameter</strong></p>
</th>
<th align="left" class="cellrowborder" valign="top" width="17.130000000000003%" id="mcps1.3.3.2.1.1.1.5.1.2"><p id="en-us_topic_0079578166__a0caf369b338f4245b688e1aed95bca35"><strong id="en-us_topic_0079578166__b842352706161940_3">Mandatory</strong></p>
</th>
<th align="left" class="cellrowborder" valign="top" width="18.8%" id="mcps1.3.3.2.1.1.1.5.1.3"><p id="en-us_topic_0079578166__a685b8f9209e240c2a7efd856ec96033d"><strong id="en-us_topic_0079578166__b842352706143526_3">Type</strong></p>
</th>
<th align="left" class="cellrowborder" valign="top" width="44.71%" id="mcps1.3.3.2.1.1.1.5.1.4"><p id="en-us_topic_0079578166__a5d506e9a88e24b1a9a0535e44ae17d8d"><strong id="en-us_topic_0079578166__b20601766145329_3">Description</strong></p>
</th>
</tr>
</thead>
<tbody><tr id="en-us_topic_0079578166__r972bd6f6b6ee4d63934e1a1d42750953"><td class="cellrowborder" valign="top" width="19.36%" headers="mcps1.3.3.2.1.1.1.5.1.1 "><p id="en-us_topic_0079578166__afd051d13fc314e4ea3c17bfab535e24d">Content-Type</p>
</td>
<td class="cellrowborder" valign="top" width="17.130000000000003%" headers="mcps1.3.3.2.1.1.1.5.1.2 "><p id="en-us_topic_0079578166__a098126e39ffc4f5d9d02b96212f20ce1">Yes</p>
</td>
<td class="cellrowborder" valign="top" width="18.8%" headers="mcps1.3.3.2.1.1.1.5.1.3 "><p id="en-us_topic_0079578166__adff70bd574324ce7b97f9dfe8281ed25">String</p>
</td>
<td class="cellrowborder" valign="top" width="44.71%" headers="mcps1.3.3.2.1.1.1.5.1.4 "><p id="en-us_topic_0079578166__a221113d87e0d47dfa177321872a0e3b0">Fill <strong id="en-us_topic_0079578166__b842352706161331">application/json;charset=utf8</strong> in this field.</p>
</td>
</tr>
<tr id="en-us_topic_0079578166__r0e73be626aee42c8a1a7c3e3fbfad3ed"><td class="cellrowborder" valign="top" width="19.36%" headers="mcps1.3.3.2.1.1.1.5.1.1 "><p id="en-us_topic_0079578166__a79b10806bfd5435e9d72ebb166c35d75">X-Auth-Token</p>
</td>
<td class="cellrowborder" valign="top" width="17.130000000000003%" headers="mcps1.3.3.2.1.1.1.5.1.2 "><p id="en-us_topic_0079578166__a587216c2ae9845568e71784bd0a3404a">Yes</p>
</td>
<td class="cellrowborder" valign="top" width="18.8%" headers="mcps1.3.3.2.1.1.1.5.1.3 "><p id="en-us_topic_0079578166__a07df5795216b4ffd814764eef3c9890c">String</p>
</td>
<td class="cellrowborder" valign="top" width="44.71%" headers="mcps1.3.3.2.1.1.1.5.1.4 "><p id="en-us_topic_0079578166__a9db1120685df461f8c36a450120e7575">Authenticated token with the <strong id="en-us_topic_0079578166__b750798910387">Security Administrator</strong> permission.</p>
</td>
</tr>
</tbody>
</table>
</div>
</li></ul>
<ul id="en-us_topic_0079578166__u159bb30b38d9473189cf146ce1446eb0"><li id="en-us_topic_0079578166__l970fba04f15247a0916eaa6bbbaa0215">Example request<pre class="screen" id="en-us_topic_0079578166__s4b408cc7803447efafabd0c3e9c99769"><em id="en-us_topic_0079578166__i27450268112532">curl -i -k -H "X-Auth-Token:$token" -H 'Content-Type:application/json;charset=utf8' -X GET https://</em><em id="en-us_topic_0079578166__i20508912112532">sample.domain.com</em><em id="en-us_topic_0079578166__i45725828112532">/v3<em id="en-us_topic_0079578166__i1191040115510">.0/OS-AGENCY</em>/domains/<em id="en-us_topic_0079578166__i18971459307">b32d99a7778d4fd9aa5bc616c3dc4e5f</em>/agencies/37f90258b820472bbc8a0f4f0bfd720d/roles</em></pre>
</li></ul>
</div>
<div class="section" id="en-us_topic_0079578166__s755c4357c5ca4edba2badcd8d4f40c6e"><h4 class="sectiontitle">Response Parameters</h4><ul id="en-us_topic_0079578166__ul313453411610"><li id="en-us_topic_0079578166__li813414341264">Parameters in the response body
<div class="tablenoborder"><table cellpadding="4" cellspacing="0" summary="" id="en-us_topic_0079578166__table1197403313610" frame="border" border="1" rules="all"><thead align="left"><tr id="en-us_topic_0079578166__row7135103417619"><th align="left" class="cellrowborder" valign="top" width="19.39%" id="mcps1.3.4.2.1.1.1.5.1.1"><p id="en-us_topic_0079578166__p11351734662"><strong id="en-us_topic_0079578166__b161468144432">Parameter</strong></p>
</th>
<th align="left" class="cellrowborder" valign="top" width="16.33%" id="mcps1.3.4.2.1.1.1.5.1.2"><p id="en-us_topic_0079578166__p1513513346616"><strong id="en-us_topic_0079578166__b842352706161940_5">Mandatory</strong></p>
</th>
<th align="left" class="cellrowborder" valign="top" width="19.54%" id="mcps1.3.4.2.1.1.1.5.1.3"><p id="en-us_topic_0079578166__p12135183418616"><strong id="en-us_topic_0079578166__b842352706143526_5">Type</strong></p>
</th>
<th align="left" class="cellrowborder" valign="top" width="44.74%" id="mcps1.3.4.2.1.1.1.5.1.4"><p id="en-us_topic_0079578166__p1913510342618"><strong id="en-us_topic_0079578166__b20601766145329_5">Description</strong></p>
</th>
</tr>
</thead>
<tbody><tr id="en-us_topic_0079578166__row61356341861"><td class="cellrowborder" valign="top" width="19.39%" headers="mcps1.3.4.2.1.1.1.5.1.1 "><p id="en-us_topic_0079578166__p191354341265"><a href="#en-us_topic_0079578166__li181366349618">roles</a></p>
</td>
<td class="cellrowborder" valign="top" width="16.33%" headers="mcps1.3.4.2.1.1.1.5.1.2 "><p id="en-us_topic_0079578166__p4135133417619">Yes</p>
</td>
<td class="cellrowborder" valign="top" width="19.54%" headers="mcps1.3.4.2.1.1.1.5.1.3 "><p id="en-us_topic_0079578166__p18135183419616">Array</p>
</td>
<td class="cellrowborder" valign="top" width="44.74%" headers="mcps1.3.4.2.1.1.1.5.1.4 "><p id="en-us_topic_0079578166__p16136734669">List of roles.</p>
</td>
</tr>
</tbody>
</table>
</div>
</li><li id="en-us_topic_0079578166__li181366349618"><a name="en-us_topic_0079578166__li181366349618"></a><a name="li181366349618"></a>roles
<div class="tablenoborder"><table cellpadding="4" cellspacing="0" summary="" id="en-us_topic_0079578166__table179862331160" frame="border" border="1" rules="all"><thead align="left"><tr id="en-us_topic_0079578166__row013633411613"><th align="left" class="cellrowborder" valign="top" width="23.169999999999998%" id="mcps1.3.4.2.2.1.1.4.1.1"><p id="en-us_topic_0079578166__p1713617342614"><strong id="en-us_topic_0079578166__b66528267144432">Parameter</strong></p>
</th>
<th align="left" class="cellrowborder" valign="top" width="23.51%" id="mcps1.3.4.2.2.1.1.4.1.2"><p id="en-us_topic_0079578166__p13136134667"><strong id="en-us_topic_0079578166__b842352706143526_7">Type</strong></p>
</th>
<th align="left" class="cellrowborder" valign="top" width="53.32%" id="mcps1.3.4.2.2.1.1.4.1.3"><p id="en-us_topic_0079578166__p1513683416619"><strong id="en-us_topic_0079578166__b20601766145329_7">Description</strong></p>
</th>
</tr>
</thead>
<tbody><tr id="en-us_topic_0079578166__row18563227195"><td class="cellrowborder" valign="top" width="23.169999999999998%" headers="mcps1.3.4.2.2.1.1.4.1.1 "><p id="en-us_topic_0079578166__p191371534562">catalog</p>
</td>
<td class="cellrowborder" valign="top" width="23.51%" headers="mcps1.3.4.2.2.1.1.4.1.2 "><p id="en-us_topic_0079578166__p1413711341862">String</p>
</td>
<td class="cellrowborder" valign="top" width="53.32%" headers="mcps1.3.4.2.2.1.1.4.1.3 "><p id="en-us_topic_0079578166__p8137183413612">Directory where a role locates.</p>
</td>
</tr>
<tr id="en-us_topic_0079578166__row1863711613194"><td class="cellrowborder" valign="top" width="23.169999999999998%" headers="mcps1.3.4.2.2.1.1.4.1.1 "><p id="en-us_topic_0079578166__p613712349613">display_name</p>
</td>
<td class="cellrowborder" valign="top" width="23.51%" headers="mcps1.3.4.2.2.1.1.4.1.2 "><p id="en-us_topic_0079578166__p51371334867">String</p>
</td>
<td class="cellrowborder" valign="top" width="53.32%" headers="mcps1.3.4.2.2.1.1.4.1.3 "><p id="en-us_topic_0079578166__p3137634366">Displayed name of a role.</p>
</td>
</tr>
<tr id="en-us_topic_0079578166__row1513613341768"><td class="cellrowborder" valign="top" width="23.169999999999998%" headers="mcps1.3.4.2.2.1.1.4.1.1 "><p id="en-us_topic_0079578166__p6136123420612">name</p>
</td>
<td class="cellrowborder" valign="top" width="23.51%" headers="mcps1.3.4.2.2.1.1.4.1.2 "><p id="en-us_topic_0079578166__p613717348616">String</p>
</td>
<td class="cellrowborder" valign="top" width="53.32%" headers="mcps1.3.4.2.2.1.1.4.1.3 "><p id="en-us_topic_0079578166__p61371534960">Name of a role.</p>
</td>
</tr>
<tr id="en-us_topic_0079578166__row230514375195"><td class="cellrowborder" valign="top" width="23.169999999999998%" headers="mcps1.3.4.2.2.1.1.4.1.1 "><p id="en-us_topic_0079578166__p71379346610"><a href="#en-us_topic_0079578166__li104346301296">policy</a></p>
</td>
<td class="cellrowborder" valign="top" width="23.51%" headers="mcps1.3.4.2.2.1.1.4.1.2 "><p id="en-us_topic_0079578166__p19137123416611">Dict</p>
</td>
<td class="cellrowborder" valign="top" width="53.32%" headers="mcps1.3.4.2.2.1.1.4.1.3 "><p id="en-us_topic_0079578166__p613733419619">Policy of a role.</p>
</td>
</tr>
<tr id="en-us_topic_0079578166__row313718341068"><td class="cellrowborder" valign="top" width="23.169999999999998%" headers="mcps1.3.4.2.2.1.1.4.1.1 "><p id="en-us_topic_0079578166__p18137134467">domain_id</p>
</td>
<td class="cellrowborder" valign="top" width="23.51%" headers="mcps1.3.4.2.2.1.1.4.1.2 "><p id="en-us_topic_0079578166__p313743413618">String</p>
</td>
<td class="cellrowborder" valign="top" width="53.32%" headers="mcps1.3.4.2.2.1.1.4.1.3 "><p id="en-us_topic_0079578166__p513712341267">ID of the domain to which a role belongs.</p>
</td>
</tr>
<tr id="en-us_topic_0079578166__row213718343620"><td class="cellrowborder" valign="top" width="23.169999999999998%" headers="mcps1.3.4.2.2.1.1.4.1.1 "><p id="en-us_topic_0079578166__p81372349620">type</p>
</td>
<td class="cellrowborder" valign="top" width="23.51%" headers="mcps1.3.4.2.2.1.1.4.1.2 "><p id="en-us_topic_0079578166__p1313712341069">String</p>
</td>
<td class="cellrowborder" valign="top" width="53.32%" headers="mcps1.3.4.2.2.1.1.4.1.3 "><p id="en-us_topic_0079578166__p81371134667">Display mode of a role.</p>
<ul id="en-us_topic_0079578166__ul39429552115057"><li id="en-us_topic_0079578166__li27932776115057"><strong id="en-us_topic_0079578166__b4067993711303">AX</strong>: A role is displayed at the domain layer.</li><li id="en-us_topic_0079578166__li59747396115057"><strong id="en-us_topic_0079578166__b674061011303">XA</strong>: A role is displayed at the project layer.</li><li id="en-us_topic_0079578166__li43940539115057"><strong id="en-us_topic_0079578166__b911853911303">AA</strong>: A role is displayed at both the domain and project layers.</li><li id="en-us_topic_0079578166__li14904528115057"><strong id="en-us_topic_0079578166__b17466753113117">XX</strong>: A role is not displayed at the domain or project layer.</li></ul>
</td>
</tr>
<tr id="en-us_topic_0079578166__row4137163412617"><td class="cellrowborder" valign="top" width="23.169999999999998%" headers="mcps1.3.4.2.2.1.1.4.1.1 "><p id="en-us_topic_0079578166__p141368349618">id</p>
</td>
<td class="cellrowborder" valign="top" width="23.51%" headers="mcps1.3.4.2.2.1.1.4.1.2 "><p id="en-us_topic_0079578166__p813643416614">String</p>
</td>
<td class="cellrowborder" valign="top" width="53.32%" headers="mcps1.3.4.2.2.1.1.4.1.3 "><p id="en-us_topic_0079578166__p19136934663">ID of a role.</p>
</td>
</tr>
<tr id="en-us_topic_0079578166__row113853412618"><td class="cellrowborder" valign="top" width="23.169999999999998%" headers="mcps1.3.4.2.2.1.1.4.1.1 "><p id="en-us_topic_0079578166__p18138173413613">description</p>
</td>
<td class="cellrowborder" valign="top" width="23.51%" headers="mcps1.3.4.2.2.1.1.4.1.2 "><p id="en-us_topic_0079578166__p1313863412612">String</p>
</td>
<td class="cellrowborder" valign="top" width="53.32%" headers="mcps1.3.4.2.2.1.1.4.1.3 "><p id="en-us_topic_0079578166__p3138734967">Description of a role.</p>
</td>
</tr>
</tbody>
</table>
</div>
</li><li id="en-us_topic_0079578166__li1326752811297"><p id="en-us_topic_0079578166__p5588250162913"><a name="en-us_topic_0079578166__li1326752811297"></a><a name="li1326752811297"></a>roles.links</p>
<div class="tablenoborder"><table cellpadding="4" cellspacing="0" summary="" id="en-us_topic_0079578166__table18267528192911" frame="border" border="1" rules="all"><thead align="left"><tr id="en-us_topic_0079578166__row3268152822913"><th align="left" class="cellrowborder" valign="top" width="23.169999999999998%" id="mcps1.3.4.2.3.2.1.4.1.1"><p id="en-us_topic_0079578166__p172681028132914">Parameter</p>
</th>
<th align="left" class="cellrowborder" valign="top" width="23.51%" id="mcps1.3.4.2.3.2.1.4.1.2"><p id="en-us_topic_0079578166__p17268728192915"><strong id="en-us_topic_0079578166__b106767626095929">Type</strong></p>
</th>
<th align="left" class="cellrowborder" valign="top" width="53.32%" id="mcps1.3.4.2.3.2.1.4.1.3"><p id="en-us_topic_0079578166__p172686286295">Description</p>
</th>
</tr>
</thead>
<tbody><tr id="en-us_topic_0079578166__row6268102892918"><td class="cellrowborder" valign="top" width="23.169999999999998%" headers="mcps1.3.4.2.3.2.1.4.1.1 "><p id="en-us_topic_0079578166__p132686288296">self</p>
</td>
<td class="cellrowborder" valign="top" width="23.51%" headers="mcps1.3.4.2.3.2.1.4.1.2 "><p id="en-us_topic_0079578166__p826872810294">String</p>
</td>
<td class="cellrowborder" valign="top" width="53.32%" headers="mcps1.3.4.2.3.2.1.4.1.3 "><p id="en-us_topic_0079578166__p0268202813292">Resource link.</p>
</td>
</tr>
<tr id="en-us_topic_0079578166__row726812872920"><td class="cellrowborder" valign="top" width="23.169999999999998%" headers="mcps1.3.4.2.3.2.1.4.1.1 "><p id="en-us_topic_0079578166__p526818281291">previous</p>
</td>
<td class="cellrowborder" valign="top" width="23.51%" headers="mcps1.3.4.2.3.2.1.4.1.2 "><p id="en-us_topic_0079578166__p326852819295">String</p>
</td>
<td class="cellrowborder" valign="top" width="53.32%" headers="mcps1.3.4.2.3.2.1.4.1.3 "><p id="en-us_topic_0079578166__p7268142852910">Previous resource link. If the previous resource link is unavailable, this parameter is set to <strong id="en-us_topic_0079578166__b75443212910">null</strong>.</p>
</td>
</tr>
<tr id="en-us_topic_0079578166__row17268128132915"><td class="cellrowborder" valign="top" width="23.169999999999998%" headers="mcps1.3.4.2.3.2.1.4.1.1 "><p id="en-us_topic_0079578166__p62683287298">next</p>
</td>
<td class="cellrowborder" valign="top" width="23.51%" headers="mcps1.3.4.2.3.2.1.4.1.2 "><p id="en-us_topic_0079578166__p026810284299">String</p>
</td>
<td class="cellrowborder" valign="top" width="53.32%" headers="mcps1.3.4.2.3.2.1.4.1.3 "><p id="en-us_topic_0079578166__p20268528192918">Next resource link. If the next resource link is unavailable, this parameter is set to <strong id="en-us_topic_0079578166__b49191822390">null</strong>.</p>
</td>
</tr>
</tbody>
</table>
</div>
</li><li id="en-us_topic_0079578166__li104346301296"><p id="en-us_topic_0079578166__p1214071793012"><a name="en-us_topic_0079578166__li104346301296"></a><a name="li104346301296"></a>roles.policy</p>
<div class="tablenoborder"><table cellpadding="4" cellspacing="0" summary="" id="en-us_topic_0079578166__table94347303293" frame="border" border="1" rules="all"><thead align="left"><tr id="en-us_topic_0079578166__row1643419304299"><th align="left" class="cellrowborder" valign="top" width="23.169999999999998%" id="mcps1.3.4.2.4.2.1.4.1.1"><p id="en-us_topic_0079578166__p6434183052920">Parameter</p>
</th>
<th align="left" class="cellrowborder" valign="top" width="23.51%" id="mcps1.3.4.2.4.2.1.4.1.2"><p id="en-us_topic_0079578166__p4434530152913"><strong id="en-us_topic_0079578166__b64878777695929">Type</strong></p>
</th>
<th align="left" class="cellrowborder" valign="top" width="53.32%" id="mcps1.3.4.2.4.2.1.4.1.3"><p id="en-us_topic_0079578166__p1434113018290">Description</p>
</th>
</tr>
</thead>
<tbody><tr id="en-us_topic_0079578166__row643493015296"><td class="cellrowborder" valign="top" width="23.169999999999998%" headers="mcps1.3.4.2.4.2.1.4.1.1 "><p id="en-us_topic_0079578166__p164348308291"><a href="#en-us_topic_0079578166__li15880832182915">Depends</a></p>
</td>
<td class="cellrowborder" valign="top" width="23.51%" headers="mcps1.3.4.2.4.2.1.4.1.2 "><p id="en-us_topic_0079578166__p743423022912">Array of PolicyDepends objects</p>
</td>
<td class="cellrowborder" valign="top" width="53.32%" headers="mcps1.3.4.2.4.2.1.4.1.3 "><p id="en-us_topic_0079578166__p10434103016298">Dependency permissions.</p>
</td>
</tr>
<tr id="en-us_topic_0079578166__row2043473014299"><td class="cellrowborder" valign="top" width="23.169999999999998%" headers="mcps1.3.4.2.4.2.1.4.1.1 "><p id="en-us_topic_0079578166__p12434183012911"><a href="#en-us_topic_0079578166__li4700143314291">Statement</a></p>
</td>
<td class="cellrowborder" valign="top" width="23.51%" headers="mcps1.3.4.2.4.2.1.4.1.2 "><p id="en-us_topic_0079578166__p19434203072920">Array of PolicyStatement objects</p>
</td>
<td class="cellrowborder" valign="top" width="53.32%" headers="mcps1.3.4.2.4.2.1.4.1.3 "><p id="en-us_topic_0079578166__p12434143062912">Statement of the permission.</p>
</td>
</tr>
<tr id="en-us_topic_0079578166__row1343463016299"><td class="cellrowborder" valign="top" width="23.169999999999998%" headers="mcps1.3.4.2.4.2.1.4.1.1 "><p id="en-us_topic_0079578166__p3434183092911">Version</p>
</td>
<td class="cellrowborder" valign="top" width="23.51%" headers="mcps1.3.4.2.4.2.1.4.1.2 "><p id="en-us_topic_0079578166__p17434183062910">String</p>
</td>
<td class="cellrowborder" valign="top" width="53.32%" headers="mcps1.3.4.2.4.2.1.4.1.3 "><p id="en-us_topic_0079578166__p18435183015295">Policy version.</p>
<ul id="en-us_topic_0079578166__en-us_topic_0222594422_en-us_topic_0222037529_ul198821212388"><li id="en-us_topic_0079578166__en-us_topic_0222594422_en-us_topic_0222037529_li6883825387"><strong id="en-us_topic_0079578166__b210249847093135">1.0</strong>: System-defined role. Only a limited number of service-level roles are provided for authorization.</li><li id="en-us_topic_0079578166__en-us_topic_0222594422_en-us_topic_0222037529_li1688311216384"><strong id="en-us_topic_0079578166__b82256096793841">1.1</strong>: Policy. A policy defines the permissions required to perform actions on a specific cloud resource under certain conditions.</li></ul>
</td>
</tr>
</tbody>
</table>
</div>
</li><li id="en-us_topic_0079578166__li15880832182915"><a name="en-us_topic_0079578166__li15880832182915"></a><a name="li15880832182915"></a>roles.policy.Depends
<div class="tablenoborder"><table cellpadding="4" cellspacing="0" summary="" id="en-us_topic_0079578166__table208801432152912" frame="border" border="1" rules="all"><thead align="left"><tr id="en-us_topic_0079578166__row1788093222911"><th align="left" class="cellrowborder" valign="top" width="23.169999999999998%" id="mcps1.3.4.2.5.1.1.4.1.1"><p id="en-us_topic_0079578166__p1588063262910">Parameter</p>
</th>
<th align="left" class="cellrowborder" valign="top" width="23.51%" id="mcps1.3.4.2.5.1.1.4.1.2"><p id="en-us_topic_0079578166__p788063212920"><strong id="en-us_topic_0079578166__b206612234495929">Type</strong></p>
</th>
<th align="left" class="cellrowborder" valign="top" width="53.32%" id="mcps1.3.4.2.5.1.1.4.1.3"><p id="en-us_topic_0079578166__p288033218295"><strong id="en-us_topic_0079578166__b605821360">Description</strong></p>
</th>
</tr>
</thead>
<tbody><tr id="en-us_topic_0079578166__row6880133282917"><td class="cellrowborder" valign="top" width="23.169999999999998%" headers="mcps1.3.4.2.5.1.1.4.1.1 "><p id="en-us_topic_0079578166__p888073292916">catalog</p>
</td>
<td class="cellrowborder" valign="top" width="23.51%" headers="mcps1.3.4.2.5.1.1.4.1.2 "><p id="en-us_topic_0079578166__p118811332152910">String</p>
</td>
<td class="cellrowborder" valign="top" width="53.32%" headers="mcps1.3.4.2.5.1.1.4.1.3 "><p id="en-us_topic_0079578166__p38819325292">Service catalog of the permission.</p>
</td>
</tr>
<tr id="en-us_topic_0079578166__row1188183252910"><td class="cellrowborder" valign="top" width="23.169999999999998%" headers="mcps1.3.4.2.5.1.1.4.1.1 "><p id="en-us_topic_0079578166__p1888120329293">display_name</p>
</td>
<td class="cellrowborder" valign="top" width="23.51%" headers="mcps1.3.4.2.5.1.1.4.1.2 "><p id="en-us_topic_0079578166__p10881113212299">String</p>
</td>
<td class="cellrowborder" valign="top" width="53.32%" headers="mcps1.3.4.2.5.1.1.4.1.3 "><p id="en-us_topic_0079578166__p3881132142915">Display name of the permission.</p>
</td>
</tr>
</tbody>
</table>
</div>
</li><li id="en-us_topic_0079578166__li4700143314291"><a name="en-us_topic_0079578166__li4700143314291"></a><a name="li4700143314291"></a>roles.policy.Statement
<div class="tablenoborder"><table cellpadding="4" cellspacing="0" summary="" id="en-us_topic_0079578166__table813445145518" frame="border" border="1" rules="all"><thead align="left"><tr id="en-us_topic_0079578166__row1413415110559"><th align="left" class="cellrowborder" valign="top" width="20%" id="mcps1.3.4.2.6.1.1.4.1.1"><p id="en-us_topic_0079578166__p213495117552">Parameter</p>
</th>
<th align="left" class="cellrowborder" valign="top" width="20%" id="mcps1.3.4.2.6.1.1.4.1.2"><p id="en-us_topic_0079578166__p191343518559">Type</p>
</th>
<th align="left" class="cellrowborder" valign="top" width="60%" id="mcps1.3.4.2.6.1.1.4.1.3"><p id="en-us_topic_0079578166__p18134751195514">Description</p>
</th>
</tr>
</thead>
<tbody><tr id="en-us_topic_0079578166__row7134175110555"><td class="cellrowborder" valign="top" width="20%" headers="mcps1.3.4.2.6.1.1.4.1.1 "><p id="en-us_topic_0079578166__en-us_topic_0222594422_en-us_topic_0222037529_p168901420383">Action</p>
</td>
<td class="cellrowborder" valign="top" width="20%" headers="mcps1.3.4.2.6.1.1.4.1.2 "><p id="en-us_topic_0079578166__en-us_topic_0222594422_en-us_topic_0222037529_p138901122384">Array of strings</p>
</td>
<td class="cellrowborder" valign="top" width="60%" headers="mcps1.3.4.2.6.1.1.4.1.3 "><p id="en-us_topic_0079578166__en-us_topic_0222594422_en-us_topic_0222037529_p18901127381">Specific operation permissions on a resource. For details about supported actions, see "Permissions and Supported Actions" in the API Reference of cloud services.</p>
<div class="note" id="en-us_topic_0079578166__en-us_topic_0222594422_en-us_topic_0222037529_note7891172113817"><span class="notetitle"> NOTE: </span><div class="notebody"><ul id="en-us_topic_0079578166__en-us_topic_0222594422_en-us_topic_0222037529_ul198929211384"><li id="en-us_topic_0079578166__en-us_topic_0222594422_en-us_topic_0222037529_li1289212215385">Format: <em id="en-us_topic_0079578166__i566304440102337">Service name</em>:<em id="en-us_topic_0079578166__i478802904102337">Resource type</em>:<em id="en-us_topic_0079578166__i1571221795102337">Action</em>, for example, <strong id="en-us_topic_0079578166__b332155306102337">vpc:ports:create</strong></li><li id="en-us_topic_0079578166__en-us_topic_0222594422_en-us_topic_0222037529_li1989202143819"><em id="en-us_topic_0079578166__i135296921694018">Service name</em>: indicates the service name, such as <strong id="en-us_topic_0079578166__b204982740894018">ecs</strong>, <strong id="en-us_topic_0079578166__b92712906094018">evs</strong>, or <strong id="en-us_topic_0079578166__b155990159194018">vpc</strong>. Only lowercase letters are allowed. Resource types and actions are not case-sensitive. You can use an asterisk (*) to represent all actions.</li><li id="en-us_topic_0079578166__en-us_topic_0222594422_en-us_topic_0222037529_li168921627389">In the case of a custom policy for agencies, this parameter value should be <em id="en-us_topic_0079578166__i867606059102429">"Action": ["iam:tokens:assume"]</em>.</li></ul>
</div></div>
</td>
</tr>
<tr id="en-us_topic_0079578166__row313445115511"><td class="cellrowborder" valign="top" width="20%" headers="mcps1.3.4.2.6.1.1.4.1.1 "><p id="en-us_topic_0079578166__en-us_topic_0222594422_en-us_topic_0222037529_p0893229385">Effect</p>
</td>
<td class="cellrowborder" valign="top" width="20%" headers="mcps1.3.4.2.6.1.1.4.1.2 "><p id="en-us_topic_0079578166__en-us_topic_0222594422_en-us_topic_0222037529_p089314213814">String</p>
</td>
<td class="cellrowborder" valign="top" width="60%" headers="mcps1.3.4.2.6.1.1.4.1.3 "><p id="en-us_topic_0079578166__en-us_topic_0222594422_en-us_topic_0222037529_p7894928389">Effect of the permission. The value can be <strong id="en-us_topic_0079578166__b236430324103054">Allow</strong> or <strong id="en-us_topic_0079578166__b2035340429103054">Deny</strong>. If both Allow and Deny statements are found in a policy, the authentication starts from the Deny statements.</p>
<p id="en-us_topic_0079578166__en-us_topic_0222594422_en-us_topic_0222037529_p19894922385">The options are as follows:</p>
<ul id="en-us_topic_0079578166__en-us_topic_0222594422_en-us_topic_0222037529_ul5894626382"><li id="en-us_topic_0079578166__en-us_topic_0222594422_en-us_topic_0222037529_li78943233813">Allow</li><li id="en-us_topic_0079578166__en-us_topic_0222594422_en-us_topic_0222037529_li1589514218388">Deny</li></ul>
</td>
</tr>
<tr id="en-us_topic_0079578166__row213445116559"><td class="cellrowborder" valign="top" width="20%" headers="mcps1.3.4.2.6.1.1.4.1.1 "><p id="en-us_topic_0079578166__en-us_topic_0222594422_en-us_topic_0222037529_p0896726380">Condition</p>
</td>
<td class="cellrowborder" valign="top" width="20%" headers="mcps1.3.4.2.6.1.1.4.1.2 "><p id="en-us_topic_0079578166__en-us_topic_0222594422_en-us_topic_0222037529_p158964253813">Object</p>
</td>
<td class="cellrowborder" valign="top" width="60%" headers="mcps1.3.4.2.6.1.1.4.1.3 "><p id="en-us_topic_0079578166__p139313435469">Conditions for the permission to take effect. </p>
<div class="note" id="en-us_topic_0079578166__note122334794612"><span class="notetitle"> NOTE: </span><div class="notebody"><p id="en-us_topic_0079578166__p1276712344919">Take the condition in the sample request as an example, the values of the condition key (<strong id="en-us_topic_0079578166__b185645212494157">obs:prefix</strong>) and string (<strong id="en-us_topic_0079578166__b70259254194157">public</strong>) must be equal (<strong id="en-us_topic_0079578166__b187955200694157">StringEquals</strong>).</p>
<pre class="screen" id="en-us_topic_0079578166__screen18948143318464"> "Condition": {
"StringEquals": {
"obs:prefix": [
"public"
]
}
}</pre>
</div></div>
</td>
</tr>
<tr id="en-us_topic_0079578166__row4135151195511"><td class="cellrowborder" valign="top" width="20%" headers="mcps1.3.4.2.6.1.1.4.1.1 "><p id="en-us_topic_0079578166__en-us_topic_0222594422_en-us_topic_0222037529_p118971025385">Resource</p>
</td>
<td class="cellrowborder" valign="top" width="20%" headers="mcps1.3.4.2.6.1.1.4.1.2 "><p id="en-us_topic_0079578166__en-us_topic_0222594422_en-us_topic_0222037529_p98981421388">Object</p>
</td>
<td class="cellrowborder" valign="top" width="60%" headers="mcps1.3.4.2.6.1.1.4.1.3 "><p id="en-us_topic_0079578166__en-us_topic_0222594422_en-us_topic_0222037529_p3898132153811">Cloud resource. </p>
<div class="note" id="en-us_topic_0079578166__en-us_topic_0222594422_en-us_topic_0222037529_note18991626384"><span class="notetitle"> NOTE: </span><div class="notebody"><ul id="en-us_topic_0079578166__en-us_topic_0222594422_en-us_topic_0222037529_ul179003213387"><li id="en-us_topic_0079578166__en-us_topic_0222594422_en-us_topic_0222037529_li179003213387">Five-segment format that can contain asterisks (*): <em id="en-us_topic_0079578166__i1424216414100">::::</em>, for example, <strong id="en-us_topic_0079578166__b8242114115108">obs:<em id="en-us_topic_0079578166__i32421410103">:</em>:bucket:*</strong>.</li><li id="en-us_topic_0079578166__en-us_topic_0222594422_en-us_topic_0222037529_li14900142203814">The region segment can be <strong id="en-us_topic_0079578166__b83914622494229">*</strong> or a region accessible to the user. The service must exist and the specified resource must belong to the service.</li><li id="en-us_topic_0079578166__en-us_topic_0222594422_en-us_topic_0222037529_li09009243819">In the case of a custom policy for agencies, the type of this parameter is <strong id="en-us_topic_0079578166__b1640792965103259">Object</strong>, and the value should be <em id="en-us_topic_0079578166__i1983722935103259">"Resource": {"uri": ["/iam/agencies/agencyTest"]}</em>.</li></ul>
</div></div>
</td>
</tr>
</tbody>
</table>
</div>
</li><li id="en-us_topic_0079578166__li121381341063">Example response (successful request)<pre class="screen" id="en-us_topic_0079578166__screen171381234365">{
"roles": [
{
"catalog": "BASE",
"display_name": "Tenant Guest",
"name": "readonly",
"policy": {
"Version": "1.0",
"Statement": [
{
"Action": [
"::Get",
"::List"
],
"Effect": "Allow"
},
{
"Action": [
"identity:*"
],
"Effect": "Deny"
}
]
},
"domain_id": null,
"type": "AA",
"id": "b32d99a7778d4fd9aa5bc616c3dc4e5f",
"description": "Tenant Guest"
}
]
}</pre>
</li></ul>
<ul id="en-us_topic_0079578166__ud472617eb5d84d06b5db7931227eea30"><li id="en-us_topic_0079578166__l013a3611efa84a10ab64c16502fd05d6">Example response (request failed)<pre class="screen" id="en-us_topic_0079578166__scb109a0c141f4d448d353c3400f70aa7">{
"error": {
"message": "You are not authorized to perform the requested action: identity:list_domain_grants",
"code": 403,
"title": "Forbidden"
}
}</pre>
</li></ul>
</div>
<div class="section" id="en-us_topic_0079578166__s61c00aab956c432ba03074959ed97c58"><h4 class="sectiontitle">Status Codes</h4>
<div class="tablenoborder"><table cellpadding="4" cellspacing="0" summary="" id="en-us_topic_0079578166__td9cdd0aa9a2048778249267ea06f9361" frame="border" border="1" rules="all"><thead align="left"><tr id="en-us_topic_0079578166__r3567e198c0744e369984c1f162ec41de"><th align="left" class="cellrowborder" valign="top" width="50%" id="mcps1.3.5.2.1.3.1.1"><p id="en-us_topic_0079578166__a30f580137070413ab9f3c2e85a2d3747"><strong id="en-us_topic_0079578166__b59437520144432">Status Code</strong></p>
</th>
<th align="left" class="cellrowborder" valign="top" width="50%" id="mcps1.3.5.2.1.3.1.2"><p id="en-us_topic_0079578166__aa7e5f4ef91364bf18b5661a24a54f365"><strong id="en-us_topic_0079578166__b20601766145329_9">Description</strong></p>
</th>
</tr>
</thead>
<tbody><tr id="en-us_topic_0079578166__rf109a271314f4533becfe89639b11125"><td class="cellrowborder" valign="top" width="50%" headers="mcps1.3.5.2.1.3.1.1 "><p id="en-us_topic_0079578166__ae814884cbfa34eb886df4cccf6afab3b">200</p>
</td>
<td class="cellrowborder" valign="top" width="50%" headers="mcps1.3.5.2.1.3.1.2 "><p id="en-us_topic_0079578166__a645dfe888dec4eb2a4f0f99a73f774be">The request is successful.</p>
</td>
</tr>
<tr id="en-us_topic_0079578166__r80e2f92d56104c9d921b35a0d7732cca"><td class="cellrowborder" valign="top" width="50%" headers="mcps1.3.5.2.1.3.1.1 "><p id="en-us_topic_0079578166__a0d1fa62314bf4f6bbd1e8178b7729781">401</p>
</td>
<td class="cellrowborder" valign="top" width="50%" headers="mcps1.3.5.2.1.3.1.2 "><p id="en-us_topic_0079578166__a2a01fc84be644bbb9809f31ff2b584da">Authentication failed.</p>
</td>
</tr>
<tr id="en-us_topic_0079578166__r59d0b76d477f40039857ceac885bb2b2"><td class="cellrowborder" valign="top" width="50%" headers="mcps1.3.5.2.1.3.1.1 "><p id="en-us_topic_0079578166__ab5b46fe2535c4d969b3033a979ef32b2">403</p>
</td>
<td class="cellrowborder" valign="top" width="50%" headers="mcps1.3.5.2.1.3.1.2 "><p id="en-us_topic_0079578166__a39f539005cab4265aea430356e5c82c3">Access denied.</p>
</td>
</tr>
<tr id="en-us_topic_0079578166__r37396180afcc486c9db290bb55d645f8"><td class="cellrowborder" valign="top" width="50%" headers="mcps1.3.5.2.1.3.1.1 "><p id="en-us_topic_0079578166__ae59d58ae92af44eaa9dc1656d13d292d">404</p>
</td>
<td class="cellrowborder" valign="top" width="50%" headers="mcps1.3.5.2.1.3.1.2 "><p id="en-us_topic_0079578166__aad60d8a5e4754e139481963b3c283568">The requested resource cannot be found.</p>
</td>
</tr>
<tr id="en-us_topic_0079578166__r7f56ad93b7e34d7e8e6da5a37f433d4b"><td class="cellrowborder" valign="top" width="50%" headers="mcps1.3.5.2.1.3.1.1 "><p id="en-us_topic_0079578166__a7b2f3b7c3e694ef6a598609a1962e87c">500</p>
</td>
<td class="cellrowborder" valign="top" width="50%" headers="mcps1.3.5.2.1.3.1.2 "><p id="en-us_topic_0079578166__a6168166f84cf4f4392a4fb6ae92d152c">Internal server error.</p>
</td>
</tr>
</tbody>
</table>
</div>
</div>
</div>
<div>
<div class="familylinks">
<div class="parentlink"><strong>Parent topic:</strong> <a href="en-us_topic_0079467612.html">Agency Management</a></div>
</div>
</div>
View Git Blame Copy Permalink