AttachControlPolicy - - Alibaba Cloud Documentation Center

Usage notes

After you attach an access control policy, the operations performed on resources by using members are limited by the policy. Make sure that the attached policy meets your expectations. Otherwise, your business may be affected.

By default, the system access control policy FullAliyunAccess is attached to each folder and member.

The access control policy that is attached to a folder also applies to all its subfolders and all members in the subfolders.

A maximum of 10 access control policies can be attached to a folder or member.

This topic provides an example on how to call the API operation to attach the custom access control policy cp-jExXAqIYkwHN**** to the folder fd-ZDNPiT****.

Debugging

OpenAPI Explorer automatically calculates the signature value. For your convenience, we recommend that you call this operation in OpenAPI Explorer. OpenAPI Explorer dynamically generates the sample code of the operation for different SDKs.

Request parameters


Parameter	Type	Required	Example	Description
Action	String	Yes	AttachControlPolicy	The operation that you want to perform. Set the value to AttachControlPolicy.
PolicyId	String	Yes	cp-jExXAqIYkwHN****	The ID of the access control policy.
TargetId	String	Yes	fd-ZDNPiT****	The ID of the object to which you want to attach the access control policy. Access control policies can be attached to the following objects: Root folder Subfolders of the Root folder Members

For more information about common request parameters, see Common parameters.

Response parameters


Parameter	Type	Example	Description
RequestId	String	95060F1D-6990-4645-8920-A81D1BBFE992	The ID of the request.

Examples

Sample requests

https://resourcemanager.aliyuncs.com/?Action=AttachControlPolicy
&PolicyId=cp-jExXAqIYkwHN****
&TargetId=fd-ZDNPiT****
&<Common request parameters>

Sample success responses

XML format

HTTP/1.1 200 OK
Content-Type:application/xml

<?xml version="1.0" encoding="UTF-8" ?>
<AttachControlPolicyResponse>
	<RequestId>95060F1D-6990-4645-8920-A81D1BBFE992</RequestId>
</AttachControlPolicyResponse>

JSON format

HTTP/1.1 200 OK
Content-Type:application/json

{
  "RequestId" : "95060F1D-6990-4645-8920-A81D1BBFE992"
}

Error codes


HTTP status code	Error code	Error message	Description
404	EntityNotExists.Target	The specified target does not exist in the resource directory.	The error message returned because the specified object does not exist in the resource directory.

For a list of error codes, visit the API Error Center.