QueryPermissionList - BSS OpenAPI - Alibaba Cloud Documentation Center

Queries, by relationship ID, permissions granted to accounts between which a management-member relationship is established.

Debugging

OpenAPI Explorer automatically calculates the signature value. For your convenience, we recommend that you call this operation in OpenAPI Explorer.

Debug

Authorization information

The following table shows the authorization information corresponding to the API. The authorization information can be used in the Action policy element to grant a RAM user or RAM role the permissions to call this API operation. Description:

Operation: the value that you can use in the Action element to specify the operation on a resource.
Access level: the access level of each operation. The levels are read, write, and list.
Resource type: the type of the resource on which you can authorize the RAM user or the RAM role to perform the operation. Take note of the following items:
- The required resource types are displayed in bold characters.
- If the permissions cannot be granted at the resource level, All Resources is used in the Resource type column of the operation.
Condition Key: the condition key that is defined by the cloud service.
Associated operation: other operations that the RAM user or the RAM role must have permissions to perform to complete the operation. To complete the operation, the RAM user or the RAM role must have the permissions to perform the associated operations.

Operation	Access level	Resource type	Condition key	Associated operation
bssapi:QueryPermissionList	Read	All Resources *	none	none

Request parameters

Parameter	Type	Required	Description	Example
RelationId	long	Yes	The ID of the relationship. Set this parameter to the value of the RelationId response parameter returned by calling the QueryRelationList operation.	51463

Response parameters

Parameter	Type	Description	Example
	object
Code	string	The status code returned.	Success
Message	string	The message returned.	Successful!
RequestId	string	The ID of the request.	F6E29451-A3CD-4705-806D-0112D08F5C49
Success	boolean	Indicates whether the request is successful.	true
Data	object	The data returned.
EndTime	string	The time when the relationship expired. If no value is returned, the relationship is still valid.	2021-03-06T15:12Z
RelationType	string	The type of the relationship. Valid values: FinancialManagement and FinancialTrusteeship.	FinancialManagement
StartTime	string	The time when the relationship took effect. The time follows the ISO 8601 standard in the yyyy-MM-ddThh:mm:ssZ format. The time is displayed in UTC. For example, 2016-05-23T12:00:00Z indicates that the relationship took effect at 20:00:00 on May 23, 2016 (UTC+8).	2021-03-02T15:12Z
State	string	The status of the relationship. For more information about valid values of this parameter, see the enumeration values of the RelationshipStatusEnum type in the following table.	RELATED
MasterId	long	The ID of the management account.	1990699401005016
MemberId	long	The ID of the member.	1851253838840762
SetupTime	string	The time when the relationship was established. The time follows the ISO 8601 standard in the yyyy-MM-ddThh:mm:ssZ format. The time is displayed in UTC. For example, 2016-05-23T12:00:00Z indicates that the relationship was established at 20:00:00 on May 23, 2016 (UTC+8).	2021-03-02T15:12Z
PermissionList	object []	The list of permissions.
EndTime	string	The time when the permission expired. If no value is returned, the permission is still valid. The time follows the ISO 8601 standard in the yyyy-MM-ddThh:mm:ssZ format. The time is displayed in UTC. For example, 2016-05-23T12:00:00Z indicates that the permission expired at 20:00:00 on May 23, 2016 (UTC+8).	2021-03-05T15:12Z
StartTime	string	The time when the permission took effect. The time follows the ISO 8601 standard in the yyyy-MM-ddThh:mm:ssZ format. The time is displayed in UTC. For example, 2016-05-23T12:00:00Z indicates that the permission took effect at 20:00:00 on May 23, 2016 (UTC+8).	2021-03-02T15:12Z
PermissionCode	string	The code of the permission.	allow_synchronize_finance_identity
PermissionName	string	The name of the permission.	The management account shares the credit control identity with the member.

The following table describes the RelationshipStatusEnum type.

Enumeration value	Description	Remarks
INITIAL	The relationship is being initialized.	The relationship does not take effect.
CONFIRMING	The invitation is to be confirmed.	The relationship does not take effect.
REJECTED	The invitation is rejected.	The relationship does not take effect.
CONNECTION_CANCELED	The relationship is terminated.	The relationship does not take effect.
RELATED	The relationship is established.	The relationship is effective.
CHANGE_CONFIRMING	The effective relationship has changed and needs to be confirmed.	The relationship is effective.
CONNECTION_MASTER_CANCEL	The invitation is canceled.	The relationship does not take effect.

Examples

Sample success responses

JSONformat

{
  "Code": "Success",
  "Message": "Successful!",
  "RequestId": "F6E29451-A3CD-4705-806D-0112D08F5C49",
  "Success": true,
  "Data": {
    "EndTime": "2021-03-06T15:12Z",
    "RelationType": "FinancialManagement",
    "StartTime": "2021-03-02T15:12Z",
    "State": "RELATED",
    "MasterId": 1990699401005016,
    "MemberId": 1851253838840762,
    "SetupTime": "2021-03-02T15:12Z",
    "PermissionList": [
      {
        "EndTime": "2021-03-05T15:12Z",
        "StartTime": "2021-03-02T15:12Z",
        "PermissionCode": "allow_synchronize_finance_identity",
        "PermissionName": "The management account shares the credit control identity with the member.\n"
      }
    ]
  }
}

Error codes

HTTP status code	Error code	Error message
400	InvalidParameter	The specified request contains invalid parameters.
400	MissingParameter	The specified request lacks essential parameters.
500	InternalError	An error occurred in the internal server.

For a list of error codes, visit the Service error codes.