Adding a Rule¶
Function¶
This API is used to add a rule.
Calling Method¶
For details, see Calling APIs.
URI¶
PUT /v1/resource-manager/domains/{domain_id}/policy-assignments
Parameter | Mandatory | Type | Description |
---|---|---|---|
domain_id | Yes | String | Specifies tags. Maximum: 36 |
Request Parameters¶
Parameter | Mandatory | Type | Description |
---|---|---|---|
X-Auth-Token | No | String | Specifies the invoker's token. |
X-Security-Token | No | String | Security token (session token) for temporary security credentials. This parameter is mandatory when you make an API call using temporary security credentials. |
Parameter | Mandatory | Type | Description |
---|---|---|---|
policy_assignment_type | No | String | Specifies the rule type. A rule type can be custom or builtin. If this parameter is not configured, builtin is used by default. |
name | Yes | String | Specifies the rule name. Maximum: 64 |
description | No | String | Specifies the rule description. Maximum: 512 |
period | No | String | Specifies the trigger period. You need to set this parameter when trigger type is set to periodic execution. |
policy_filter | No | PolicyFilterDefinition object | Specifies the policy filter of a rule. You need to set this parameter when trigger type is set to configuration change. |
policy_definition_id | No | String | Specifies the policy definition ID. To add a rule with a predefined policy, you need to set this parameter. Maximum: 36 |
custom_policy | No | CustomPolicy object | Specifies the custom rule. To create a custom rule, you need to set this parameter. |
parameters | No | Map<String,PolicyParameterValue> | Specifies the rule parameters. |
tags | No | Array of ResourceTag objects | Tags |
Parameter | Mandatory | Type | Description |
---|---|---|---|
region_id | No | String | Specifies the region ID. Maximum: 128 |
resource_provider | No | String | Specifies the cloud service name. Maximum: 128 |
resource_type | No | String | Specifies the resource type. Maximum: 128 |
resource_id | No | String | Specifies the resource ID. Maximum: 512 |
tag_key | No | String | Specifies the tag key. Maximum: 128 |
tag_value | No | String | Specifies the tag value. Maximum: 256 |
Parameter | Mandatory | Type | Description |
---|---|---|---|
function_urn | Yes | String | Specifies the URN of a custom function. Maximum: 1024 |
auth_type | Yes | String | Specifies how function is called by a custom rule. |
auth_value | No | Map<String,Object> | Specifies the parameter value for invoking a function by a custom rule. |
Parameter | Mandatory | Type | Description |
---|---|---|---|
value | No | Object | Specifies the value of the rule parameter. |
Parameter | Mandatory | Type | Description |
---|---|---|---|
key | Yes | String | Tag key. A tag key can contain up to 128 Unicode characters and must complay with the character set specifications in section 3.1. Minimum: 1 Maximum: 128 |
value | Yes | String | Tag value. A tag value can contain up to 255 Unicode characters and must comply with the character set specifications in section 3.2. Minimum: 0 Maximum: 255 |
Response Parameters¶
Status code: 200
Parameter | Type | Description |
---|---|---|
policy_assignment_type | String | Specifies the rule type, which can be builtin or custom. |
id | String | Specifies the rule ID. |
name | String | Specifies the rule name. |
description | String | Specifies the rule description. |
policy_filter | PolicyFilterDefinition object | Specifies the policy filter of a rule. |
period | String | Specifies how often the rule is triggered, which can be One_Hour, Three_Hours, Six_Hours, Twelve_Hours, or TwentyFour_Hours. |
state | String | Specifies the rule status. |
created | String | Specifies the time when the rule was added. |
updated | String | Specifies the time when the rule was modified. |
policy_definition_id | String | Specifies the ID of the policy used by the rule. |
custom_policy | CustomPolicy object | Specifies the custom rule. |
parameters | Map<String,PolicyParameterValue> | Specifies the rule parameters. |
tags | Array of ResourceTag objects | Tags |
created_by | String | Specifies the person who created the rule. |
target_type | String | traget_type is reserved for new features usage. In current version the result is null. |
target_id | String | target_id is reserved for new features usage. In current version the result is null. |
Parameter | Type | Description |
---|---|---|
region_id | String | Specifies the region ID. Maximum: 128 |
resource_provider | String | Specifies the cloud service name. Maximum: 128 |
resource_type | String | Specifies the resource type. Maximum: 128 |
resource_id | String | Specifies the resource ID. Maximum: 512 |
tag_key | String | Specifies the tag key. Maximum: 128 |
tag_value | String | Specifies the tag value. Maximum: 256 |
Parameter | Type | Description |
---|---|---|
function_urn | String | Specifies the URN of a custom function. Maximum: 1024 |
auth_type | String | Specifies how function is called by a custom rule. |
auth_value | Map<String,Object> | Specifies the parameter value for invoking a function by a custom rule. |
Parameter | Type | Description |
---|---|---|
value | Object | Specifies the value of the rule parameter. |
Parameter | Type | Description |
---|---|---|
key | String | Tag key. A tag key can contain up to 128 Unicode characters and must complay with the character set specifications in section 3.1. Minimum: 1 Maximum: 128 |
value | String | Tag value. A tag value can contain up to 255 Unicode characters and must comply with the character set specifications in section 3.2. Minimum: 0 Maximum: 255 |
Status code: 400
Parameter | Type | Description |
---|---|---|
error_code | String | Specifies the error code. |
error_msg | String | Specifies the error message. |
Status code: 403
Parameter | Type | Description |
---|---|---|
error_code | String | Specifies the error code. |
error_msg | String | Specifies the error message. |
Status code: 500
Parameter | Type | Description |
---|---|---|
error_code | String | Specifies the error code. |
error_msg | String | Specifies the error message. |
Example Requests¶
Create a rule named "allowed-images-by-id".
PUT https://{endpoint}/v1/resource-manager/domains/{domain_id}/policy-assignments
{
"name" : "allowed-images-by-id",
"description" : "The ECS resource is non-compliant if the image it used is not in the allowed list",
"parameters" : {
"listOfAllowedImages" : {
"value" : [ "ea0d6e0e-99c3-406d-a873-3bb45462b624" ]
}
},
"policy_filter" : {
"resource_provider" : "ecs",
"resource_type" : "cloudservers"
},
"policy_definition_id" : "5fa265c0aa1e6afc05a0ff07",
"tag" : [ {
"key" : "tagkey",
"value" : "tagValue"
} ]
}
Example Responses¶
Status code: 200
Operation succeeded.
{
"policy_assignment_type": "builtin",
"id": "66c486e8d58ed9173f4560ac",
"name": "allowed-images-by-id",
"description": "The ECS resource is non-compliant if the image it used is not in the allowed list",
"policy_filter": {
"region_id": null,
"resource_provider": "ecs",
"resource_type": "cloudservers",
"resource_id": null,
"tag_key": null,
"tag_value": null
},
"period": null,
"state": "Enabled",
"created": "2024-08-20T12:07:04.763Z",
"updated": "2024-08-20T12:07:04.763Z",
"policy_definition_id": "5fa265c0aa1e6afc05a0ff07",
"custom_policy": null,
"parameters": {
"listOfAllowedImages": {
"value": [
"ea0d6e0e-99c3-406d-a873-3bb45462b624"
]
}
},
"tags": [],
"created_by": "custom",
"target_type": null,
"target_id": null
}
Status Codes¶
Status Code | Description |
---|---|
200 | Operation succeeded. |
400 | Invalid parameters. |
403 | Authentication failed or you do not have the operation permissions. |
500 | Server error. |
Error Codes¶
See Error Codes.