lbelejka/doc-exports
1
0
Fork 0
forked from docs/doc-exports
Code Pull Requests Activity

IAM API 0914 Version

Browse Source 
Reviewed-by: Belejkanic, Lukas <lukas.belejkanic@t-systems.com>
Co-authored-by: Wei, Hongmin <weihongmin1@huawei.com>
Co-committed-by: Wei, Hongmin <weihongmin1@huawei.com>
This commit is contained in:
Wei, Hongmin 2024-01-17 12:21:21 +00:00 committed by zuul
parent 5d85118b0f
commit 3ddf3f0f08
12 changed files with 27 additions and 21 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

6
docs/iam/api-ref/ALL_META.TXT.json
View File

@ -153,7 +153,7 @@
"uri":"en-us_topic_0064274720.html",
"product_code":"iam",
"code":"16",
"des":"This API is used to obtain an agency token. For example, after a trust relationship is established between A (deleting party) and B (delegated party), the delegated party",
"des":"This API is used to obtain an agency token. For example, after a trust relationship is established between A (delegating party) and B (delegated party), the delegated par",
"doc_type":"api",
"kw":"Obtaining an Agency Token,Token Management,API Reference",
"title":"Obtaining an Agency Token",
@ -705,8 +705,8 @@
"code":"71",
"des":"This API is used to query the user groups to which a specified role has been assigned.URI formatGET /v3/role_assignments{?role.id,user.id,group.id,scope.project.id,scope.",
"doc_type":"api",
"kw":"Querying Role Assignments,Permission Management,API Reference",
"title":"Querying Role Assignments",
"kw":"Querying Role Assignments (Discarded),Permission Management,API Reference",
"title":"Querying Role Assignments (Discarded)",
"githuburl":""
},
{

4
docs/iam/api-ref/CLASS.TXT.json
View File

@ -135,7 +135,7 @@
"code":"15"
},
{
"desc":"This API is used to obtain an agency token. For example, after a trust relationship is established between A (deleting party) and B (delegated party), the delegated party",
"desc":"This API is used to obtain an agency token. For example, after a trust relationship is established between A (delegating party) and B (delegated party), the delegated par",
"product_code":"iam",
"title":"Obtaining an Agency Token",
"uri":"en-us_topic_0064274720.html",
@ -632,7 +632,7 @@
{
"desc":"This API is used to query the user groups to which a specified role has been assigned.URI formatGET /v3/role_assignments{?role.id,user.id,group.id,scope.project.id,scope.",
"product_code":"iam",
"title":"Querying Role Assignments",
"title":"Querying Role Assignments (Discarded)",
"uri":"iam_11_0003.html",
"doc_type":"api",
"p_code":"68",

12
docs/iam/api-ref/en-us_topic_0057845564.html
View File

@ -8,7 +8,13 @@
</th>
</tr>
</thead>
<tbody><tr id="en-us_topic_0057845564__row931919124519"><td class="cellrowborder" valign="top" width="25%" headers="mcps1.3.1.1.3.1.1 "><p id="en-us_topic_0057845564__p12311219164519">2023-07-20</p>
<tbody><tr id="en-us_topic_0057845564__row3971104419402"><td class="cellrowborder" valign="top" width="25%" headers="mcps1.3.1.1.3.1.1 "><p id="en-us_topic_0057845564__p1097194419406">2023-09-14</p>
</td>
<td class="cellrowborder" valign="top" width="75%" headers="mcps1.3.1.1.3.1.2 "><p id="en-us_topic_0057845564__p10971124454013">This release incorporates the following change:</p>
<p id="en-us_topic_0057845564__p3650755134014">Modified examples in <a href="en-us_topic_0097949518.html">Obtaining a Temporary AK/SK</a>.</p>
</td>
</tr>
<tr id="en-us_topic_0057845564__row931919124519"><td class="cellrowborder" valign="top" width="25%" headers="mcps1.3.1.1.3.1.1 "><p id="en-us_topic_0057845564__p12311219164519">2023-07-20</p>
</td>
<td class="cellrowborder" valign="top" width="75%" headers="mcps1.3.1.1.3.1.2 "><p id="en-us_topic_0057845564__p931151914514">This release incorporates the following changes:</p>
<ul id="en-us_topic_0057845564__ul196919334392"><li id="en-us_topic_0057845564__li1069133318392">Modified content in <a href="iam_01_0008.html">API Overview</a>.</li><li id="en-us_topic_0057845564__li16691833173917">Modified content in <a href="en-us_topic_0057845612.html">Updating a SAML Identity Provider</a>.</li><li id="en-us_topic_0057845564__li12691433183917">Modified content in <a href="iam_02_0046.html">Action List</a>.</li></ul>
@ -77,7 +83,7 @@
<tr id="en-us_topic_0057845564__row1365893164917"><td class="cellrowborder" valign="top" width="25%" headers="mcps1.3.1.1.3.1.1 "><p id="en-us_topic_0057845564__p146591633493">2020-07-01</p>
</td>
<td class="cellrowborder" valign="top" width="75%" headers="mcps1.3.1.1.3.1.2 "><p id="en-us_topic_0057845564__p13659153114918">This release incorporates the following change:</p>
<div class="p" id="en-us_topic_0057845564__p237112153311">Added the following sections:<ul id="en-us_topic_0057845564__ul8767516161514"><li id="en-us_topic_0057845564__li13827193831310"><a href="iam_03_0001.html">Creating a Permanent Access Key</a></li><li id="en-us_topic_0057845564__li3827203812139"><a href="iam_03_0003.html">Listing Permanent Access Keys</a></li><li id="en-us_topic_0057845564__li128271038161318"><a href="iam_03_0002.html">Querying a Permanent Access Key</a></li><li id="en-us_topic_0057845564__li15827103891312"><a href="iam_03_0004.html">Modifying a Permanent Access Key</a></li><li id="en-us_topic_0057845564__li2827103881316"><a href="iam_03_0005.html">Deleting a Permanent Access Key</a></li><li id="en-us_topic_0057845564__li1282717388134"><a href="iam_08_0011.html">Modifying User Information (Including Email Address and Mobile Number) as the Administrator</a></li><li id="en-us_topic_0057845564__li48278384134"><a href="iam_11_0003.html">Querying Role Assignments</a></li></ul>
<div class="p" id="en-us_topic_0057845564__p237112153311">Added the following sections:<ul id="en-us_topic_0057845564__ul8767516161514"><li id="en-us_topic_0057845564__li13827193831310"><a href="iam_03_0001.html">Creating a Permanent Access Key</a></li><li id="en-us_topic_0057845564__li3827203812139"><a href="iam_03_0003.html">Listing Permanent Access Keys</a></li><li id="en-us_topic_0057845564__li128271038161318"><a href="iam_03_0002.html">Querying a Permanent Access Key</a></li><li id="en-us_topic_0057845564__li15827103891312"><a href="iam_03_0004.html">Modifying a Permanent Access Key</a></li><li id="en-us_topic_0057845564__li2827103881316"><a href="iam_03_0005.html">Deleting a Permanent Access Key</a></li><li id="en-us_topic_0057845564__li1282717388134"><a href="iam_08_0011.html">Modifying User Information (Including Email Address and Mobile Number) as the Administrator</a></li><li id="en-us_topic_0057845564__li48278384134"><a href="iam_11_0003.html">Querying Role Assignments (Discarded)</a></li></ul>
</div>
</td>
</tr>
@ -96,7 +102,7 @@
<tr id="en-us_topic_0057845564__row1428392575315"><td class="cellrowborder" valign="top" width="25%" headers="mcps1.3.1.1.3.1.1 "><p id="en-us_topic_0057845564__p122793845315">2019-01-09</p>
</td>
<td class="cellrowborder" valign="top" width="75%" headers="mcps1.3.1.1.3.1.2 "><p id="en-us_topic_0057845564__p166461532105315">This release incorporates the following changes:</p>
<ul id="en-us_topic_0057845564__ul8654632155318"><li id="en-us_topic_0057845564__li11660103295311">Added section <a href="iam_02_0007.html">Querying the Password Strength Policy</a>.</li><li id="en-us_topic_0057845564__li367953295311">Added section <a href="iam_02_0113.html">Querying the Password Strength Policy by Option</a>.</li><li id="en-us_topic_0057845564__li069673205311">Added <strong id="en-us_topic_0057845564__b842352706154918">password_expires_at</strong> to the request body in section <a href="en-us_topic_0057845638.html">Querying a User List</a>.</li><li id="en-us_topic_0057845564__li171233210538">Added <strong id="en-us_topic_0057845564__b1453627315">password_expires_at</strong> to the request body in section <a href="en-us_topic_0057845561.html">Querying Users in a User Group</a>.</li></ul>
<ul id="en-us_topic_0057845564__ul8654632155318"><li id="en-us_topic_0057845564__li11660103295311">Added section <a href="iam_02_0007.html">Querying the Password Strength Policy</a>.</li><li id="en-us_topic_0057845564__li367953295311">Added section <a href="iam_02_0113.html">Querying the Password Strength Policy by Option</a>.</li><li id="en-us_topic_0057845564__li069673205311">Added <strong id="en-us_topic_0057845564__b842352706154918">password_expires_at</strong> to the request body in section <a href="en-us_topic_0057845638.html">Querying a User List</a>.</li><li id="en-us_topic_0057845564__li171233210538">Added <strong id="en-us_topic_0057845564__b1035005931">password_expires_at</strong> to the request body in section <a href="en-us_topic_0057845561.html">Querying Users in a User Group</a>.</li></ul>
</td>
</tr>
<tr id="en-us_topic_0057845564__row3369622110364"><td class="cellrowborder" valign="top" width="25%" headers="mcps1.3.1.1.3.1.1 "><p id="en-us_topic_0057845564__p4503940610364">2018-10-08</p>

2
docs/iam/api-ref/en-us_topic_0057845579.html
View File

@ -8,7 +8,7 @@
</li>
<li class="ulchildlink"><strong><a href="en-us_topic_0057845603.html">Querying Role Details</a></strong><br>
</li>
<li class="ulchildlink"><strong><a href="iam_11_0003.html">Querying Role Assignments</a></strong><br>
<li class="ulchildlink"><strong><a href="iam_11_0003.html">Querying Role Assignments (Discarded)</a></strong><br>
</li>
<li class="ulchildlink"><strong><a href="en-us_topic_0057845571.html">Querying Permissions of a User Group Under a Domain</a></strong><br>
</li>

4
docs/iam/api-ref/en-us_topic_0057845583.html
View File

@ -2,7 +2,7 @@
<h1 class="topictitle1">Obtaining a User Token</h1>
<div id="body1559206849798"><div class="section" id="en-us_topic_0057845583__s5888597838b0425a92e3419fb766c7f5"><h4 class="sectiontitle">Function</h4><p id="en-us_topic_0057845583__p1691133013483">This API is used to obtain a token through username/password authentication. A token is a system object encapsulating the identity and permissions of a user. When calling the APIs of IAM or other cloud services, you can use this API to obtain a token for authentication.</p>
<div class="note" id="en-us_topic_0057845583__note6480102712573"><img src="public_sys-resources/note_3.0-en-us.png"><span class="notetitle"> </span><div class="notebody"><div class="p" id="en-us_topic_0057845583__p49441123175220">The validity period of a token is <strong id="en-us_topic_0057845583__b245411723218">24 hours</strong>. Cache the token to prevent frequent API calling. Ensure that the token is valid while you use it. Using a token that will soon expire may cause API calling failures. Obtaining a new token does not affect the validity of the existing token. The following operations will invalidate the existing token. After these operations are performed, obtain a new token.<ul id="en-us_topic_0057845583__ul183961935103512"><li id="en-us_topic_0057845583__li73961935173511">Changing the password or access key of your account or an IAM user: The token of your account or the user is invalidated.</li><li id="en-us_topic_0057845583__li339683512356">Deleting or disabling an IAM user: The token of the user is invalidated.</li><li id="en-us_topic_0057845583__li15396123513359">Changing the permissions of an IAM user: The token of the user is invalidated. For example, when the user is added to or removed from a user group, or when permissions of the group to which the user belongs are modified.</li></ul>
<div class="note" id="en-us_topic_0057845583__note6480102712573"><img src="public_sys-resources/note_3.0-en-us.png"><span class="notetitle"> </span><div class="notebody"><div class="p" id="en-us_topic_0057845583__p49441123175220">Tokens are valid for 24 hours and you can cache them to reduce the number of API calls needed. Ensure that the token is valid while you use it. Using a token that will soon expire may cause API calling failures. Obtaining a new token does not affect the validity of the existing token. The following operations will invalidate the existing token. After these operations are performed, obtain a new token.<ul id="en-us_topic_0057845583__ul183961935103512"><li id="en-us_topic_0057845583__li73961935173511">Changing the password or access key of your account or an IAM user: The token of your account or the user is invalidated.</li><li id="en-us_topic_0057845583__li339683512356">Deleting or disabling an IAM user: The token of the user is invalidated.</li><li id="en-us_topic_0057845583__li15396123513359">Changing the permissions of an IAM user: The token of the user is invalidated. For example, when the user is added to or removed from a user group, or when permissions of the group to which the user belongs are modified.</li></ul>
</div>
</div></div>
</div>
@ -335,7 +335,7 @@
</tbody>
</table>
</div>
</li><li id="en-us_topic_0057845583__lf3c28402a2ee4844bc99946ea67bf82d">Example response<div class="p" id="en-us_topic_0057845583__p01640289481"><a name="en-us_topic_0057845583__lf3c28402a2ee4844bc99946ea67bf82d"></a><a name="lf3c28402a2ee4844bc99946ea67bf82d"></a>The following is a sample request for obtaining a token for <strong id="en-us_topic_0057845583__b2121144012">user A</strong>. The login password of the user is <strong id="en-us_topic_0057845583__b469316832">**********</strong> and the domain name is <strong id="en-us_topic_0057845583__b1216955658">domain A</strong>. The scope of the token is <strong id="en-us_topic_0057845583__b2123750809">domain</strong>.<pre class="screen" id="en-us_topic_0057845583__screen0241121164815">Token information stored in the response header:
</li><li id="en-us_topic_0057845583__lf3c28402a2ee4844bc99946ea67bf82d">Example response<div class="p" id="en-us_topic_0057845583__p01640289481"><a name="en-us_topic_0057845583__lf3c28402a2ee4844bc99946ea67bf82d"></a><a name="lf3c28402a2ee4844bc99946ea67bf82d"></a>The following is a sample request for obtaining a token for <strong id="en-us_topic_0057845583__b1638089618">user A</strong>. The login password of the user is <strong id="en-us_topic_0057845583__b1140240084">**********</strong> and the domain name is <strong id="en-us_topic_0057845583__b844381976">domain A</strong>. The scope of the token is <strong id="en-us_topic_0057845583__b1219018751">domain</strong>.<pre class="screen" id="en-us_topic_0057845583__screen0241121164815">Token information stored in the response header:
X-Subject-Token:MIIDkgYJKoZIhvcNAQcCoIIDgzCCA38CAQExDTALBglghkgBZQMEAgEwgXXXXX...
Token information stored in the response body:

2
docs/iam/api-ref/en-us_topic_0064274720.html
View File

@ -1,7 +1,7 @@
<a name="en-us_topic_0064274720"></a><a name="en-us_topic_0064274720"></a>
<h1 class="topictitle1">Obtaining an Agency Token</h1>
<div id="body1559206849808"><div class="section" id="en-us_topic_0064274720__s5888597838b0425a92e3419fb766c7f5"><h4 class="sectiontitle">Function</h4><p id="en-us_topic_0064274720__p685312537484">This API is used to obtain an agency token. For example, after a trust relationship is established between A (deleting party) and B (delegated party), the delegated party B can use this API to obtain an agency token to manage A's resources that B is delegated to manage. However, B cannot use this agency token to manage its own resources. To do so, B needs to obtain a user token by referring to <a href="en-us_topic_0057845583.html">Obtaining a User Token</a>.</p>
<div id="body1559206849808"><div class="section" id="en-us_topic_0064274720__s5888597838b0425a92e3419fb766c7f5"><h4 class="sectiontitle">Function</h4><p id="en-us_topic_0064274720__p685312537484">This API is used to obtain an agency token. For example, after a trust relationship is established between A (delegating party) and B (delegated party), the delegated party B can use this API to obtain an agency token to manage A's resources that B is delegated to manage. However, B cannot use this agency token to manage its own resources. To do so, B needs to obtain a user token by referring to <a href="en-us_topic_0057845583.html">Obtaining a User Token</a>.</p>
<div class="note" id="en-us_topic_0064274720__nac695b8ae32b4d5086aacb56f63d69c1"><img src="public_sys-resources/note_3.0-en-us.png"><span class="notetitle"> </span><div class="notebody"><p id="en-us_topic_0064274720__p49441123175220">The validity period of a token is <strong id="en-us_topic_0064274720__b26888382462">24 hours</strong>. Cache the token to prevent frequent API calling. Ensure that the token is valid while you use it. Using a token that will soon expire may cause API calling failures. Obtaining a new token does not affect the validity of the existing token. </p>
</div></div>
</div>

2
docs/iam/api-ref/en-us_topic_0066154565.html
View File

@ -90,7 +90,7 @@
</table>
</div>
</li></ul>
<ul id="en-us_topic_0066154565__ul11844153743114"><li id="en-us_topic_0066154565__li584483713311">Example request<pre class="screen" id="en-us_topic_0066154565__screen1484413714310"><em id="en-us_topic_0066154565__i5844137113119">curl -i -k -H "X-Auth-Token:$token" -H 'Content-Type:application/json;charset=utf8' -X POST d '{"project":{"domain_id":"acf2ffabba974fae8f30378ffde2c...","name":"region_test1"}}' https://sample.domain.com/v3/projects</em></pre>
<ul id="en-us_topic_0066154565__ul11844153743114"><li id="en-us_topic_0066154565__li584483713311">Example request<pre class="screen" id="en-us_topic_0066154565__screen1484413714310"><em id="en-us_topic_0066154565__i5844137113119">curl -i -k -H "X-Auth-Token:$token" -H 'Content-Type:application/json;charset=utf8' -X POST -d '{"project":{"domain_id":"acf2ffabba974fae8f30378ffde2c...","name":"region_test1"}}' https://sample.domain.com/v3/projects</em></pre>
</li></ul>
</div>
<div class="section" id="en-us_topic_0066154565__section78443371318"><h4 class="sectiontitle">Response Parameters</h4><p id="en-us_topic_0066154565__p61281107184757"> Example response</p>

4
docs/iam/api-ref/en-us_topic_0097949518.html
View File

@ -193,7 +193,7 @@
"assume_role": {
"domain_id": "411edb4b634144f587ffc88f9bbdxxx",
"xrole_name": "testagency",
"duration_seconds": "3600"
"duration_seconds": 3600
}
}
}
@ -207,7 +207,7 @@
],
"token": {
"id": "MIIDkgYJKoZIhvcNAQcCoIIDgzCCA38CAQExDTALBglghkgBZQMEAgEwgXXXXX...",
"duration_seconds": "900"
"duration_seconds": 900
}
}
}

2
docs/iam/api-ref/iam_01_0008.html
View File

@ -325,7 +325,7 @@
<td class="cellrowborder" valign="top" width="70.58%" headers="mcps1.3.8.2.1.3.1.2 "><p id="iam_01_0008__p1050234162710">Provided for the administrator to query permission information.</p>
</td>
</tr>
<tr id="iam_01_0008__row1616794922416"><td class="cellrowborder" valign="top" width="29.42%" headers="mcps1.3.8.2.1.3.1.1 "><p id="iam_01_0008__p12167184922413"><a href="iam_11_0003.html">Querying Role Assignments</a></p>
<tr id="iam_01_0008__row1616794922416"><td class="cellrowborder" valign="top" width="29.42%" headers="mcps1.3.8.2.1.3.1.1 "><p id="iam_01_0008__p12167184922413"><a href="iam_11_0003.html">Querying Role Assignments (Discarded)</a></p>
</td>
<td class="cellrowborder" valign="top" width="70.58%" headers="mcps1.3.8.2.1.3.1.2 "><p id="iam_01_0008__p731616172419">Query the user groups to which a specified role has been assigned.</p>
</td>

2
docs/iam/api-ref/iam_02_0006.html
View File

@ -746,7 +746,7 @@
</td>
<td class="cellrowborder" valign="top" width="19.98%" headers="mcps1.3.1.1.6.1.3 "><p id="iam_02_0006__en-us_topic_0255491954_p559917482528">The length [input uri length] of a resource URI exceeds 1,500 characters.</p>
</td>
<td class="cellrowborder" valign="top" width="20%" headers="mcps1.3.1.1.6.1.4 "><p id="iam_02_0006__en-us_topic_0255491954_p65995482520">A resource URI contains more than 1500 characters.</p>
<td class="cellrowborder" valign="top" width="20%" headers="mcps1.3.1.1.6.1.4 "><p id="iam_02_0006__en-us_topic_0255491954_p65995482520">A resource URI contains more than 1,500 characters.</p>
</td>
<td class="cellrowborder" valign="top" width="25%" headers="mcps1.3.1.1.6.1.5 "><p id="iam_02_0006__en-us_topic_0255491954_p14599174855214">Check the length of each resource URI.</p>
</td>

6
docs/iam/api-ref/iam_10_0011.html
View File

@ -311,7 +311,7 @@
</td>
<td class="cellrowborder" valign="top" width="20%" headers="mcps1.3.4.8.2.4.1.2 "><p id="iam_10_0011__en-us_topic_0289135272_p94631213104914">Array of strings</p>
</td>
<td class="cellrowborder" valign="top" width="60%" headers="mcps1.3.4.8.2.4.1.3 "><p id="iam_10_0011__en-us_topic_0289135272_p10463113154911">Specific operation permissions on a resource. For details about supported actions, see "Permissions and Supported Actions" in the API Reference of cloud services.</p>
<td class="cellrowborder" valign="top" width="60%" headers="mcps1.3.4.8.2.4.1.3 "><p id="iam_10_0011__en-us_topic_0289135272_p10463113154911">Specific operation permissions on a resource. A maximum of 100 actions are allowed. For details about supported actions, see "Permissions Policies and Supported Actions" in the API Reference of cloud services.</p>
<div class="note" id="iam_10_0011__en-us_topic_0289135272_note12909136494"><span class="notetitle"> NOTE: </span><div class="notebody"><ul id="iam_10_0011__en-us_topic_0289135272_ul18463413124913"><li id="iam_10_0011__en-us_topic_0289135272_li12463613124917">The value format is <em id="iam_10_0011__en-us_topic_0289135272_i7113667413">Service name</em>:<em id="iam_10_0011__en-us_topic_0289135272_i71141665413">Resource type</em>:<em id="iam_10_0011__en-us_topic_0289135272_i51144624113">Operation</em>, for example, <strong id="iam_10_0011__en-us_topic_0289135272_b411446114118">vpc:ports:create</strong>.</li><li id="iam_10_0011__en-us_topic_0289135272_li446361324920"><em id="iam_10_0011__en-us_topic_0289135272_i207037724114">Service name</em>: indicates the product name, such as <strong id="iam_10_0011__en-us_topic_0289135272_b3703117164116">ecs</strong>, <strong id="iam_10_0011__en-us_topic_0289135272_b107036774117">evs</strong>, or <strong id="iam_10_0011__en-us_topic_0289135272_b47037711417">vpc</strong>. Only lowercase letters are allowed. Resource types and operations are not case-sensitive. You can use an asterisk (*) to represent all operations.</li><li id="iam_10_0011__en-us_topic_0289135272_li14463161374917">In the case of a custom policy for agencies, this parameter should be set to <em id="iam_10_0011__en-us_topic_0289135272_i19321314114112">"Action": ["iam:agencies:assume"]</em>.</li></ul>
</div></div>
</td>
@ -329,7 +329,7 @@
</td>
<td class="cellrowborder" valign="top" width="20%" headers="mcps1.3.4.8.2.4.1.2 "><p id="iam_10_0011__en-us_topic_0289135272_p1464713174910">Object</p>
</td>
<td class="cellrowborder" valign="top" width="60%" headers="mcps1.3.4.8.2.4.1.3 "><p id="iam_10_0011__en-us_topic_0289135272_p139313435469">Conditions for the permission to take effect. For details, see .</p>
<td class="cellrowborder" valign="top" width="60%" headers="mcps1.3.4.8.2.4.1.3 "><p id="iam_10_0011__en-us_topic_0289135272_p139313435469">Conditions for the permission to take effect. A maximum of 10 conditions are allowed. For details, see "Creating a Custom Policy" in the <em id="iam_10_0011__en-us_topic_0289135272_i9861155045517">Identity and Access Management User Guide</em>.</p>
<div class="note" id="iam_10_0011__en-us_topic_0289135272_note122334794612"><span class="notetitle"> NOTE: </span><div class="notebody"><p id="iam_10_0011__en-us_topic_0289135272_p1276712344919">Take the condition in the sample request as an example, the values of the condition key (<strong id="iam_10_0011__en-us_topic_0289135272_b1880322519376">obs:prefix</strong>) and string (<strong id="iam_10_0011__en-us_topic_0289135272_b1780302516374">public</strong>) must be equal (<strong id="iam_10_0011__en-us_topic_0289135272_b148031425163718">StringEquals</strong>).</p>
<pre class="screen" id="iam_10_0011__en-us_topic_0289135272_screen18948143318464"> "Condition": {
"StringEquals": {
@ -345,7 +345,7 @@
</td>
<td class="cellrowborder" valign="top" width="20%" headers="mcps1.3.4.8.2.4.1.2 "><p id="iam_10_0011__en-us_topic_0289135272_p9464513184917">Array of strings</p>
</td>
<td class="cellrowborder" valign="top" width="60%" headers="mcps1.3.4.8.2.4.1.3 "><p id="iam_10_0011__en-us_topic_0289135272_p194641713174920">Cloud resource. </p>
<td class="cellrowborder" valign="top" width="60%" headers="mcps1.3.4.8.2.4.1.3 "><p id="iam_10_0011__en-us_topic_0289135272_p194641713174920">Cloud resource. The array can contain a maximum of 10 resource strings, and each string cannot exceed 128 characters.</p>
<div class="note" id="iam_10_0011__en-us_topic_0289135272_note13001713124918"><span class="notetitle"> NOTE: </span><div class="notebody"><ul id="iam_10_0011__en-us_topic_0289135272_ul746419130491"><li id="iam_10_0011__en-us_topic_0289135272_li44645139490">Format: <em id="iam_10_0011__en-us_topic_0289135272_i719713305413">::::</em>. For example, <strong id="iam_10_0011__en-us_topic_0289135272_b320119304410">obs:</strong><strong id="iam_10_0011__en-us_topic_0289135272_b122022030114112"><em id="iam_10_0011__en-us_topic_0289135272_i20202193014411">:</em></strong><strong id="iam_10_0011__en-us_topic_0289135272_b172022030184110">:bucket:*</strong>. Asterisks are allowed.</li><li id="iam_10_0011__en-us_topic_0289135272_li846491311499">The region segment can be <strong id="iam_10_0011__en-us_topic_0289135272_b1230913113419">*</strong> or a region accessible to the user. The specified resource must belong to the corresponding service that actually exists.</li><li id="iam_10_0011__en-us_topic_0289135272_li18464213194914">In the case of a custom policy for agencies, the type of this parameter is Object, and the value should be set to <em id="iam_10_0011__en-us_topic_0289135272_i477353319411">"Resource": {"uri": ["/iam/agencies/07805acaba800fdd4fbdc00b8f888c7c"]}</em>.</li></ul>
</div></div>
</td>

2
docs/iam/api-ref/iam_11_0003.html
View File

@ -1,6 +1,6 @@
<a name="iam_11_0003"></a><a name="iam_11_0003"></a>
<h1 class="topictitle1">Querying Role Assignments</h1>
<h1 class="topictitle1">Querying Role Assignments (Discarded)</h1>
<div id="body1584340837695"><div class="section" id="iam_11_0003__section59620919411"><h4 class="sectiontitle">Function</h4><p id="iam_11_0003__p731616172419">This API is used to query the user groups to which a specified role has been assigned.</p>
</div>
<div class="section" id="iam_11_0003__section15818105219411"><h4 class="sectiontitle">URI</h4><ul id="iam_11_0003__ul342333164213"><li id="iam_11_0003__li542412310423">URI format<p id="iam_11_0003__p998514512422"><a name="iam_11_0003__li542412310423"></a><a name="li542412310423"></a>GET /v3/role_assignments{?role.id,user.id,group.id,scope.project.id,scope.domain.id, scope.OS-INHERIT:inherited_to,include_subtree}</p>