Granting Permissions to a User Group of a Domain

Function

This API is used to grant permissions to a user group of a domain. A role is a set of permissions and represents a group of actions.

URI

  • URI format

    PUT /v3/domains/{domain_id}/groups/{group_id}/roles/{role_id}

  • URI parameters

    Parameter

    Mandatory

    Type

    Description

    domain_id

    Yes

    String

    ID of the domain which a user group belongs to. For details about how to obtain the domain ID, see Obtaining User, Account, User Group, Project, and Agency Information.

    group_id

    Yes

    String

    ID of a user group. For details about how to obtain the group ID, see Obtaining User, Account, User Group, Project, and Agency Information.

    role_id

    Yes

    String

    ID of a role. For details about how to obtain the role ID, see Querying a Role List.

    Note

    To assign a custom policy that contains OBS operations to a user group, create two custom policies with the scope being set to global services and region-specific projects respectively and other parameters being the same, and then attach the two policies to the user group.

Request Parameters

  • Parameters in the request header

    Parameter

    Mandatory

    Type

    Description

    X-Auth-Token

    Yes

    String

    Authenticated token with the Security Administrator permission.

  • Example request

    curl -i -k -H "X-Auth-Token:$token" -H 'Content-Type:application/json;charset=utf8' -X PUT https://sample.domain.com/v3/domains/d54061ebcb5145dd814f8eb3fe9b7ac0/groups/47d79cabc2cf4c35b13493d919a5bb3d/roles/e62d9ba0d6a544cd878d9e8a4663f6e2
    

Response Parameters

None

Status Codes

Status Code

Description

204

The request is successful.

400

The server failed to process the request.

401

Authentication failed.

403

Access denied.

404

The requested resource cannot be found.

409

A resource conflict occurs.