All Products
Search

This Product

    Key Management Service:DescribePolicy

    Document Center

    Key Management Service:DescribePolicy

    更新時間:Oct 11, 2023

    Queries the details of a permission policy.

    Debugging

    OpenAPI Explorer automatically calculates the signature value. For your convenience, we recommend that you call this operation in OpenAPI Explorer. OpenAPI Explorer dynamically generates the sample code of the operation for different SDKs.

    Request parameters

    Parameter

    Type

    Required

    Example

    Description
    Action String Yes DescribePolicy

    The operation that you want to perform. Set the value to DescribePolicy.

    Name String Yes policy_test

    The name of the permission policy that you want to query.

    Response parameters

    Parameter

    Type

    Example

    Description
    RequestId String f455324b-e229-4066-9f58-9c1cf3fe83a9

    The ID of the request, which is used to locate and troubleshoot issues.

    Arn String acs:kms:cn-hangzhou:119285303511****:policy/policy_test

    The ARN of the permission policy.

    Name String policy_test

    The name of the permission policy.

    Description String policy description

    The description.

    KmsInstance String kst-hzz634e67d126u9p9****

    The scope of the permission policy.

    Permissions Array of String ["RbacPermission/Template/CryptoServiceKeyUser", "RbacPermission/Template/CryptoServiceSecretUser"]

    The operations that can be performed.

    Resources Array of String ["secret/acs/ram/user/ram-secret", "secret/acs/ram/user/acr-master", "key/key-hzz63d9c8d3dfv8cv****"]

    The key and secret that are allowed to access.

    AccessControlRules String {"NetworkRules":["kst-hzz62ee817bvyyr5x****.efkd","kst-hzz62ee817bvyyr5x****.eyyp"]}

    The access control rule that is created for the permission policy.

    Examples

    Sample requests

    http(s)://[Endpoint]/?Action=DescribePolicy
&Name=policy_test
&Common request parameters

    Sample success responses

    XML format

    HTTP/1.1 200 OK
Content-Type:application/xml

<DescribePolicyResponse>
    <RequestId>f455324b-e229-4066-9f58-9c1cf3fe83a9</RequestId>
    <Arn>acs:kms:cn-hangzhou:119285303511****:policy/policy_test</Arn>
    <Name>policy_test</Name>
    <Description>policy  description</Description>
    <KmsInstance>kst-hzz634e67d126u9p9****</KmsInstance>
    <Permissions>["RbacPermission/Template/CryptoServiceKeyUser", "RbacPermission/Template/CryptoServiceSecretUser"]</Permissions>
    <Resources>["secret/acs/ram/user/ram-secret", "secret/acs/ram/user/acr-master", "key/key-hzz63d9c8d3dfv8cv****"]</Resources>
    <AccessControlRules>{"NetworkRules":["kst-hzz62ee817bvyyr5x****.efkd","kst-hzz62ee817bvyyr5x****.eyyp"]}</AccessControlRules>
</DescribePolicyResponse>

    JSON format

    HTTP/1.1 200 OK
Content-Type:application/json

{
  "RequestId" : "f455324b-e229-4066-9f58-9c1cf3fe83a9",
  "Arn" : "acs:kms:cn-hangzhou:119285303511****:policy/policy_test",
  "Name" : "policy_test",
  "Description" : "policy  description",
  "KmsInstance" : "kst-hzz634e67d126u9p9****",
  "Permissions" : [ "[\"RbacPermission/Template/CryptoServiceKeyUser\", \"RbacPermission/Template/CryptoServiceSecretUser\"]" ],
  "Resources" : [ "[\"secret/acs/ram/user/ram-secret\", \"secret/acs/ram/user/acr-master\", \"key/key-hzz63d9c8d3dfv8cv****\"]" ],
  "AccessControlRules" : "{\"NetworkRules\":[\"kst-hzz62ee817bvyyr5x****.efkd\",\"kst-hzz62ee817bvyyr5x****.eyyp\"]}"
}

    Error codes

    For a list of error codes, see Service error codes.