Updates a custom policy

PUT 
/iam/policies/:id

This operation overwrites all fields excepting ID, including those omitted from the request, so be sure to specify all properties. Properties that you do not include are reset to empty values. The only exception is the policy ID, which is immutable; it can only be set at creation time.

While you can use this endpoint to update members on a policy, if that is the only property you wish to modify use one of these endpoints instead: Add policy members, Remove policy members, or Replace policy members.

Authorization Action:

iam:policies:update

Request

Path Parameters

id stringrequired

Unique ID. Cannot be changed.

application/json

Body

required

members string[]

Members affected by this policy.

statements object[]required
Statements for the policy.
Array [
effect compiuta.api.iam.v2.Statement.Effect
Possible values: [ALLOW, DENY]
Default value: ALLOW
actions string[]
Actions defined inline. May be empty. Best practices recommend that you use custom roles rather than inline actions where practical.
role string
The role defines a set of actions that the statement is scoped to.
resources string[]
Resources defined inline.
tenants string[]
The tenant list defines the set of resources that the statement is scoped to. May be empty.
]
name stringrequired

Name for this policy.

tenants string[]

List of tenants this policy belongs to.

Responses

200

A successful response.

application/json

Schema

Schema

policy object

name string

Name for the policy.

id string

Unique ID. Cannot be changed.

type compiuta.api.iam.v2.Type

Possible values: [COMPIUTA_MANAGED, CUSTOM]

Default value: COMPIUTA_MANAGED

members string[]

Members affected by this policy. May be empty.

statements object[]

Statements for the policy. Will contain one or more.

Array [

effect compiuta.api.iam.v2.Statement.Effect

Possible values: [ALLOW, DENY]

Default value: ALLOW

actions string[]

Actions defined inline. May be empty. Best practices recommend that you use custom roles rather than inline actions where practical.

role string

The role defines a set of actions that the statement is scoped to.

resources string[]

Resources defined inline.

tenants string[]

The tenant list defines the set of resources that the statement is scoped to. May be empty.

]

tenants string[]

List of tenants this policy belongs to. May be empty.

Example (from schema)

{
  "name": "My Updated Viewer Policy",
  "members": [
    "user:local:newuser",
    "team:local:newteam"
  ],
  "statements": [
    {
      "role": "viewer",
      "tenants": [
        "tenant1",
        "tenant2"
      ],
      "effect": "ALLOW"
    },
    {
      "role": "myRole",
      "tenants": [
        "exampleTenant"
      ],
      "effect": "ALLOW"
    }
  ],
  "tenants": []
}

default

An unexpected error response.

application/json

Schema

Schema

code int32
message string
details object[]
Array [
@type string
]

Example (from schema)

{
  "code": 0,
  "message": "string",
  "details": [
    {
      "@type": "string"
    }
  ]
}

Loading...