Overview
Concepts
Domain name for API request: organization.intl.tencentcloudapi.com.
This API is used to create a special type of policy that can be attached to the enterprise organization Root node, enterprise department nodes, or enterprise member accounts.
A maximum of 20 requests can be initiated per second for this API.
The following request parameter list only provides API request parameters and some common parameters. For the complete common parameter list, see Common Request Parameters.
| Parameter Name | Required | Type | Description |
|---|---|---|---|
| Action | Yes | String | Common Params. The value used for this API: CreatePolicy. |
| Version | Yes | String | Common Params. The value used for this API: 2021-03-31. |
| Region | No | String | Common Params. This parameter is not required for this API. |
| Name | Yes | String | Policy name. The length ranges from 1 to 128 characters, and can contain chinese characters, english letters, digits, and underscores (_). |
| Content | Yes | String | Policy content. See the CAM policy syntax. |
| Type | Yes | String | Policy type. Valid values: SERVICE_CONTROL_POLICY: service control policy; TAG_POLICY: tag policy. The default value is SERVICE_CONTROL_POLICY. |
| Description | No | String | Policy description |
| Parameter Name | Type | Description |
|---|---|---|
| PolicyId | Integer | Policy ID |
| RequestId | String | The unique request ID, generated by the server, will be returned for every request (if the request fails to reach the server for other reasons, the request will not obtain a RequestId). RequestId is required for locating a problem. |
Create a policy
POST / HTTP/1.1
Host: organization.intl.tencentcloudapi.com
Content-Type: application/json
X-TC-Action: CreatePolicy
<Common request parameters>
{
"Content": "{\"version\":\"2.0\",\"statement\":[{\"effect\":\"allow\",\"action\":\"*\",\"resource\":\"*\"}]}",
"Description": "FullAccessPolicy",
"Name": "FullAccessPolicy",
"Type": "SERVICE_CONTROL_POLICY"
}
{
"Response": {
"PolicyId": 100001,
"RequestId": "fd498970-3ffb-440e-a3bf-f6faa43eeb08"
}
}
TencentCloud API 3.0 integrates SDKs that support various programming languages to make it easier for you to call APIs.
The following only lists the error codes related to the API business logic. For other error codes, see Common Error Codes.
| Error Code | Description |
|---|---|
| FailedOperation.OrganizationPolicyIsNotEnabled | Group policy is not enabled. |
| FailedOperation.PolicyFull | The number of user policies exceeds the limit. |
| FailedOperation.PolicyNameInUse | The policy name specified in the name field already exists. |
| InternalError | An internal error occurred. |
| InvalidParameter.ActionError | The Action field in the policy document is invalid. |
| InvalidParameter.ActionMiss | The operation does not exist in the policy syntax. |
| InvalidParameter.ActionNotExist | The operation does not exist in the policy syntax. |
| InvalidParameter.ActionServiceNotExist | The operation service does not exist in the policy syntax. |
| InvalidParameter.ConditionContentError | The condition content in policy syntax is incorrect. |
| InvalidParameter.ConditionError | The condition field in the policy document is invalid. |
| InvalidParameter.ConditionTypeError | The conditional operator in policy syntax is incorrect. |
| InvalidParameter.EffectError | The Effect field in the policy document is invalid. |
| InvalidParameter.NotSupportProduct | CAM does not support the resource type specified in the policy document. |
| InvalidParameter.ParamError | Parameter error. |
| InvalidParameter.PolicyDocumentError | The PolicyDocument field is invalid. |
| InvalidParameter.PolicyDocumentLengthOverLimit | The PolicyDocument field exceeds the length limit. |
| InvalidParameter.PolicyKeyDuplicated | The policy key of the tag policy content is duplicated. |
| InvalidParameter.PolicyNameError | The PolicyName field is invalid. |
| InvalidParameter.PolicyNameExisted | The policy name already exists. |
| InvalidParameter.PrincipalError | The principal field in the policy document is invalid. |
| InvalidParameter.PrincipalQcsError | PrincipalQcs error. |
| InvalidParameter.PrincipalQcsNotExist | PrincipalQcs does not exist. |
| InvalidParameter.PrincipalServiceNotExist | PrincipalService does not exist. |
| InvalidParameter.ReservedTagKey | System-Reserved tag keys qcloud, tencent, and project are creation prohibited. |
| InvalidParameter.ResourceContentError | The resource content in policy syntax is incorrect. |
| InvalidParameter.ResourceError | The Resource field in the policy document is invalid. |
| InvalidParameter.ResourceProjectError | The resource project in policy syntax is incorrect. |
| InvalidParameter.ResourceQcsError | Resource QCS error. |
| InvalidParameter.ResourceRegionError | The resource region in policy syntax is incorrect. |
| InvalidParameter.ResourceServiceNotExist | The service does not exist in the policy syntax. |
| InvalidParameter.ResourceUinError | The main account to which the resource belongs in policy syntax is incorrect. |
| InvalidParameter.StatementError | The Statement field in the policy document is invalid. |
| InvalidParameter.UnsupportedService | The current business does not support tag operations. |
| InvalidParameter.VersionError | The Version field in the policy document is invalid. |
| InvalidParameterValue.PolicyContentInvalid | Policy content is invalid. |
| LimitExceeded.TagPolicy | The number of tag policies exceeds the limit. |
| UnauthorizedOperation | Unauthorized operation. |
피드백