Updating a Topic Policy¶
Description¶
API name
UpdateTopicAttribute
Function
Update a topic policy.
URI¶
URI format
PUT /v2/{project_id}/notifications/topics/{topic_urn}/attributes/{name}
Parameter description
Parameter
Mandatory
Type
Description
project_id
Yes
String
Project ID
topic_urn
Yes
String
Unique resource ID of a topic. You can obtain it by referring to Querying Topics.
name
Yes
String
Specifies the policy name.
Only specified policy names are supported. For details, see Topic Attribute List.
Request¶
Parameter description
Parameter
Mandatory
Type
Description
value
Yes
String
Topic attribute value
If you set name to access_policy, value is the topic attributes, and the maximum length of value is 30 KB.
If you set name to introduction, value is the topic introduction, and the maximum length of value is 120 bytes.
For details, see Table 1.
Table 1 Topic attribute values¶ Parameter
Description
Constraint
Version
Policy specification version
Only 2016-09-07 is supported.
Id
Policy ID, which uniquely identifies a policy
Id must be specified.
Statement
Statements used to configure a topic policy. Each topic policy may contain one or more statements. You can use statements to grant topic permissions to other users or cloud services.
A policy must contain at least one statement. For details about elements in a statement, see Table 2.
Table 2 Statement elements description¶ Element
Description
Constraint
Sid
Statement ID
The statement ID must be unique, for example, statement01 or statement02.
Effect
Statement effect
The effect can be Allow or Deny.
Principal
NotPrincipal
Principal: object to which the statement applies
NotPrincipal: object to which the statement does not apply
The following two types of objects are supported:
CSP: one or more cloud users
Service: one or more cloud services
Either the Principal or NotPrincipal element must be configured.
If you enter CSP, you must specify user information in the format urn:csp:iam::domainId:root. Obtain the domain ID of each user you specify.
If you enter Service, you must specify the cloud service names in lower case.
Action
NotAction
Action: allowed statement action
NotAction: statement action not allowed
You can use a wildcard character to configure a set of actions, for example, SMN:Update* and SMN:Delete*. If you only enter a wildcard character (
*) in a statement, all supported actions are allowed.
Either Action or NotAction must be configured.
The following actions are supported:
SMN:UpdateTopic
SMN:DeleteTopic
SMN:QueryTopicDetail
SMN:ListTopicAttributes
SMN:UpdateTopicAttribute
SMN:DeleteTopicAttributes
SMN:DeleteTopicAttributeByName
SMN:ListSubscriptionsByTopic
SMN:Subscribe
SMN:Unsubscribe
SMN:Publish
Resource
Specifies the topic the statement applies to.
Either Resource or NotResource must be configured.
You need to enter a topic URN.
NotResource
Specifies the topic the statement does not apply to.
Either Resource or NotResource must be configured.
You need to enter a topic URN.
Example request
PUT https://{SMN_Endpoint}/v2/{project_id}/notifications/topics/{topic_urn}/attributes/access_policy{ "value": "{ \"Version\": \"2016-09-07\", \"Id\": \"__default_policy_ID\", \"Statement\": [ { \"Sid\": \"__user_pub_0\", \"Effect\": \"Allow\", \"Principal\": { \"CSP\": [ \"urn:csp:iam::{domainID}:root\" ] }, \"Action\": [\"SMN:Publish\",\"SMN:QueryTopicDetail\"], \"Resource\": \"{topic_urn}\" }, { \"Sid\": \"__service_pub_0\", \"Effect\": \"Allow\", \"Principal\": { \"Service\": [\"obs\"] }, \"Action\": [\"SMN:Publish\",\"SMN:QueryTopicDetail\"], \"Resource\": \"{topic_urn}\" } ] }" }
Note
Replace {project_id}, {domainID}, and {topic_urn} with the actual values.
domainID indicates the user's account ID. To obtain it, log in to the SMN console, click My Credentials in the username drop-down list on the upper right.
Response¶
Parameter description
Parameter
Type
Description
request_id
String
Request ID, which is unique
Example response
{ "request_id":"6837531fd3f54550927b930180a706bf" }
Returned Value¶
See Returned Value.
Error Codes¶
See Error Codes.