1. API Description
Domain name for API request: cam.tencentcloudapi.com.
This API (CreatePolicy) is used to create a policy.
A maximum of 10 requests can be initiated per second for this API.
2. Input Parameters
The following request parameter list only provides API request parameters and some common parameters. For the complete common parameter list, see Common Request Parameters.
| Parameter Name | Required | Type | Description |
|---|---|---|---|
| Action | Yes | String | Common parameter. The value used for this API: CreatePolicy. |
| Version | Yes | String | Common parameter. The value used for this API: 2019-01-16. |
| Region | No | String | Common parameter. This parameter is not required for this API. |
| PolicyName | Yes | String | Policy name |
| PolicyDocument | Yes | String | Policy document, such as {"version":"2.0","statement":[{"action":"name/sts:AssumeRole","effect":"allow","principal":{"service":["cloudaudit.cloud.tencent.com","cls.cloud.tencent.com"]}}]}, where principal is used to specify the resources that the role is authorized to access. For more information on this parameter, please see the RoleInfo output parameter of the GetRole API |
| Description | No | String | Policy description |
3. Output Parameters
| Parameter Name | Type | Description |
|---|---|---|
| PolicyId | Integer | ID of newly added policy |
| RequestId | String | The unique request ID, which is returned for each request. RequestId is required for locating a problem. |
4. Example
Example1 Creating a policy
This example shows you how to create a policy that allows all COS APIs to access all COS resources.
Input Example
https://cam.tencentcloudapi.com/?Action=CreatePolicy
&PolicyName=test-2019-04-29
&Description=%E6%B5%8B%E8%AF%95%E7%AD%96%E7%95%A5
&PolicyDocument=%7B%22version%22%3A%222.0%22%2C%22statement%22%3A%5B%7B%22effect%22%3A%22allow%22%2C%22action%22%3A%5B%22name%2Fcos%3A%2A%22%5D%2C%22resource%22%3A%5B%22%2A%22%5D%7D%5D%7D
&<Common request parameters>Output Example
{
"Response": {
"PolicyId": 17698703,
"RequestId": "89360f78-b1dd-4e43-aa91-ecb2c8b8f282"
}
}5. Developer Resources
API Explorer
This tool allows online call, signature authentication, SDK code generation and quick search of APIs to greatly improve the efficiency of using TencentCloud APIs.
SDK
TencentCloud API 3.0 integrates SDKs that support various programming languages to make it easier for you to call APIs.
- Tencent Cloud SDK 3.0 for Python
- Tencent Cloud SDK 3.0 for Java
- Tencent Cloud SDK 3.0 for PHP
- Tencent Cloud SDK 3.0 for Go
- Tencent Cloud SDK 3.0 for NodeJS
- Tencent Cloud SDK 3.0 for .NET
Command Line Interface
6. Error Code
The following only lists the error codes related to the API business logic. For other error codes, see Common Error Codes.
| Error Code | Description |
|---|---|
| FailedOperation.PolicyFull | The number of user policies has exceeded the limit. |
| FailedOperation.PolicyNameInUse | The policy name specified by the PolicyName field already exists. |
| InternalError.SystemError | Internal error. |
| InvalidParameter.ActionError | Action field of policy document invalid. |
| InvalidParameter.AttachmentFull | Limit on number of authorization object associated policies in the principal field reached. |
| InvalidParameter.ConditionError | condition field of policy document invalid. |
| InvalidParameter.DescriptionLengthOverlimit | The input parameter description cannot exceed 300 bytes in length. |
| InvalidParameter.EffectError | Effect field of policy document invalid. |
| InvalidParameter.NotSupportProduct | CAM does not support the resource type specified in the policy document. |
| InvalidParameter.ParamError | Invalid input parameter. |
| InvalidParameter.PolicyDocumentError | PolicyDocument field invalid. |
| InvalidParameter.PolicyDocumentLengthOverLimit | PolicyDocument field exceeds length restriction. |
| InvalidParameter.PolicyNameError | PolicyName field invalid. |
| InvalidParameter.PrincipalError | principal field of policy document invalid. |
| InvalidParameter.ResourceError | Resource field of policy document invalid. |
| InvalidParameter.StatementError | Statement field of policy document invalid. |
| InvalidParameter.UserNotExist | Authorization object of principal field does not exist. |
| InvalidParameter.VersionError | Version field of policy document invalid. |
| ResourceNotFound.GroupNotExist | User group does not exist. |
| ResourceNotFound.NotFound | Resource does not exist. |
| ResourceNotFound.UserNotExist | User does not exist. |
