Detaches an access control policy.

Usage notes

After you detach an access control policy, the operations performed on resources by using members are not limited by the policy. Make sure that the detached policy meets your expectations. Otherwise, your business may be affected.

Both the system and custom access control policies can be detached. If an object has only one access control policy attached, the policy cannot be detached.

This topic provides an example on how to call the API operation to detach the custom control policy cp-jExXAqIYkwHN**** from the folder fd-ZDNPiT****.

Debugging

OpenAPI Explorer automatically calculates the signature value. For your convenience, we recommend that you call this operation in OpenAPI Explorer. OpenAPI Explorer dynamically generates the sample code of the operation for different SDKs.

Request parameters

Parameter Type Required Example Description
Action String Yes DetachControlPolicy

The operation that you want to perform. Set the value to DetachControlPolicy.

PolicyId String Yes cp-jExXAqIYkwHN****

The ID of the access control policy.

TargetId String Yes fd-ZDNPiT****

The ID of the object from which you want to detach the access control policy. Access control policies can be attached to the following objects:

  • Root folder
  • Subfolders of the Root folder
  • Members

For more information about common request parameters, see Common parameters.

Response parameters

Parameter Type Example Description
RequestId String 9EA4F962-1A2E-4AFE-BE0C-B14736FC46CC

The ID of the request.

Examples

Sample requests

https://resourcemanager.aliyuncs.com/?Action=DetachControlPolicy
&PolicyId=cp-jExXAqIYkwHN****
&TargetId=fd-ZDNPiT****
&<Common request parameters>

Sample success responses

XML format

HTTP/1.1 200 OK
Content-Type:application/xml

<?xml version="1.0" encoding="UTF-8" ?>
<DetachControlPolicyResponse>
	<RequestId>9EA4F962-1A2E-4AFE-BE0C-B14736FC46CC</RequestId>
</DetachControlPolicyResponse>

JSON format

HTTP/1.1 200 OK
Content-Type:application/json

{
  "RequestId" : "9EA4F962-1A2E-4AFE-BE0C-B14736FC46CC"
}

Error codes

HTTP status code Error code Error message Description
400 NotSupport.DetachLastControlPolicy It is not detach the last control policy on the target node. The error message returned because you are not allowed to detach the only access control policy from the object.
404 EntityNotExists.Target The specified target does not exist in the resource directory. The error message returned because the specified object does not exist in the resource directory.

For a list of error codes, visit the API Error Center.