Queries the details of a permission policy.
Debugging
Request parameters
Parameter |
Type |
Required |
Example |
Description |
Action | String | Yes | DescribePolicy | The operation that you want to perform. Set the value to DescribePolicy. |
Name | String | Yes | policy_test | The name of the permission policy that you want to query. |
Response parameters
Parameter |
Type |
Example |
Description |
RequestId | String | f455324b-e229-4066-9f58-9c1cf3fe83a9 | The ID of the request, which is used to locate and troubleshoot issues. |
Arn | String | acs:kms:cn-hangzhou:119285303511****:policy/policy_test | The ARN of the permission policy. |
Name | String | policy_test | The name of the permission policy. |
Description | String | policy description | The description. |
KmsInstance | String | kst-hzz634e67d126u9p9**** | The scope of the permission policy. |
Permissions | Array of String | ["RbacPermission/Template/CryptoServiceKeyUser", "RbacPermission/Template/CryptoServiceSecretUser"] | The operations that can be performed. |
Resources | Array of String | ["secret/acs/ram/user/ram-secret", "secret/acs/ram/user/acr-master", "key/key-hzz63d9c8d3dfv8cv****"] | The key and secret that are allowed to access. |
AccessControlRules | String | {"NetworkRules":["kst-hzz62ee817bvyyr5x****.efkd","kst-hzz62ee817bvyyr5x****.eyyp"]} | The access control rule that is created for the permission policy. |
Examples
Sample requests
http(s)://[Endpoint]/?Action=DescribePolicy
&Name=policy_test
&Common request parameters
Sample success responses
XML
format
HTTP/1.1 200 OK
Content-Type:application/xml
<DescribePolicyResponse>
<RequestId>f455324b-e229-4066-9f58-9c1cf3fe83a9</RequestId>
<Arn>acs:kms:cn-hangzhou:119285303511****:policy/policy_test</Arn>
<Name>policy_test</Name>
<Description>policy description</Description>
<KmsInstance>kst-hzz634e67d126u9p9****</KmsInstance>
<Permissions>["RbacPermission/Template/CryptoServiceKeyUser", "RbacPermission/Template/CryptoServiceSecretUser"]</Permissions>
<Resources>["secret/acs/ram/user/ram-secret", "secret/acs/ram/user/acr-master", "key/key-hzz63d9c8d3dfv8cv****"]</Resources>
<AccessControlRules>{"NetworkRules":["kst-hzz62ee817bvyyr5x****.efkd","kst-hzz62ee817bvyyr5x****.eyyp"]}</AccessControlRules>
</DescribePolicyResponse>
JSON
format
HTTP/1.1 200 OK
Content-Type:application/json
{
"RequestId" : "f455324b-e229-4066-9f58-9c1cf3fe83a9",
"Arn" : "acs:kms:cn-hangzhou:119285303511****:policy/policy_test",
"Name" : "policy_test",
"Description" : "policy description",
"KmsInstance" : "kst-hzz634e67d126u9p9****",
"Permissions" : [ "[\"RbacPermission/Template/CryptoServiceKeyUser\", \"RbacPermission/Template/CryptoServiceSecretUser\"]" ],
"Resources" : [ "[\"secret/acs/ram/user/ram-secret\", \"secret/acs/ram/user/acr-master\", \"key/key-hzz63d9c8d3dfv8cv****\"]" ],
"AccessControlRules" : "{\"NetworkRules\":[\"kst-hzz62ee817bvyyr5x****.efkd\",\"kst-hzz62ee817bvyyr5x****.eyyp\"]}"
}
Error codes
For a list of error codes, see Service error codes.