为指定用户附加指定策略
注1:可以为用户附加全局系统策略或自定义策略。
注2:金山云的IAM只支持托管策略(managed policy),不支持内嵌策略(inline policy)。
返回API概览
| 名称 | 类型 | 必须 | 长度限制(字符) | 参数格式 | 描述 |
|---|---|---|---|---|---|
| Action | String | 是 | 确定值 | [a-zA-Z]+ |
操作接口名,系统规定参数,取值:AttachUserPolicy |
| PolicyKrn | String | 是 | 最短是25,最长2048 | 格式:krn:ksc:iam::account-id:policy/policy-name | 待附加的策略标识 |
| UserName | String | 是 | 最短1,最长64 | [\w+=,.@-]+ |
策略的附加目标用户名 |
无
| 错误代码(Code) | 错误消息(Message) | HTTP 状态码 | 中文描述(语义) |
|---|---|---|---|
| InvalidParameterValue | An value must be supplied for the input parameter %s. | 400 | 输入参数%s的值不能为空,具体参数名在%s说明 |
| InvalidParameterValue | An invalid or out-of-range value was supplied for the input parameter %s. | 400 | 输入参数 %s的值无效、不合法或者超出范围,具体参数名在%s说明 |
| PolicyNoSuchEntity | The request was rejected because it referenced 'Policy' that does not exist. | 404 | 请求被拒绝,因其引用的“策略”不存在 |
| UserNoSuchEntity | The request was rejected because it referenced 'User' that does not exist. | 404 | 请求被拒绝,因其引用的“用户”不存在 |
| UserPolicyLimitExceeded | The request was rejected because it attempted to attach policy to the user that beyond the current KSC account limits. | 409 | 请求被拒绝,因其欲为用户附加的策略数量超过当前账户限制(用户被附加的策略数量限制为5) |
| UserPolicyAlreadyExists | The request was rejected because it attempted to attach a policy to user that the policy already attached to the user | 409 | 请求被拒绝,因用户已经附加过该策略 |
https://iam.api.ksyun.com/?Action=AttachUserPolicy
&PolicyKrn=krn:ksc:iam::12345678901234567890:policy/IAMadmin
&UserName=Bob
&公共请求参数<AttachUserPolicyResponse>
<ResponseMetadata>
<RequestId>560a7123-108e-4fdf-b193-70fdd68147f9</RequestId>
</ResponseMetadata>
</AttachUserPolicyResponse>{
"ResponseMetadata": {
"RequestId": "71d21ab4-c380-427b-bab8-e05e4838f7c1"
}
}