All Products
Search
Document Center

Resource Management:CreateResourceShare

Last Updated:Mar 14, 2024

Creates a resource share.

Operation description

Resource Sharing allows you to share your resources with one or more accounts and access the resources shared by other accounts. For more information, see Resource Sharing overview.

This topic provides an example on how to call the API operation to create a resource share named test in the cn-hangzhou region to share the vSwitch vsw-bp183p93qs667muql**** with the member 172050525300**** in a resource directory. In this example, the management account of the resource directory is used to call this API operation.

Debugging

OpenAPI Explorer automatically calculates the signature value. For your convenience, we recommend that you call this operation in OpenAPI Explorer.

Authorization information

The following table shows the authorization information corresponding to the API. The authorization information can be used in the Action policy element to grant a RAM user or RAM role the permissions to call this API operation. Description:

  • Operation: the value that you can use in the Action element to specify the operation on a resource.
  • Access level: the access level of each operation. The levels are read, write, and list.
  • Resource type: the type of the resource on which you can authorize the RAM user or the RAM role to perform the operation. Take note of the following items:
    • The required resource types are displayed in bold characters.
    • If the permissions cannot be granted at the resource level, All Resources is used in the Resource type column of the operation.
  • Condition Key: the condition key that is defined by the cloud service.
  • Associated operation: other operations that the RAM user or the RAM role must have permissions to perform to complete the operation. To complete the operation, the RAM user or the RAM role must have the permissions to perform the associated operations.
OperationAccess levelResource typeCondition keyAssociated operation
resourcesharing:CreateResourceShareWrite
  • All Resources
    *
  • resourcesharing:RequestedAllowExternalTargets
  • resourcesharing:Target
none

Request parameters

ParameterTypeRequiredDescriptionExample
ResourceShareNamestringYes

The name of the resource share.

The name must be 1 to 50 characters in length.

The name can contain letters, digits, periods (.), underscores (_), and hyphens (-).

test
Resourcesobject []No

The information about the shared resources.

ResourceTypestringNo

The type of a shared resource.

Valid values of N: 1 to 5. This indicates that a maximum of five shared resources can be specified at a time.

For more information about the types of resources that can be shared, see Services that work with Resource Sharing.

Note Resources.N.ResourceId and Resources.N.ResourceType must be used in pairs.
VSwitch
ResourceIdstringNo

The ID of a shared resource.

Valid values of N: 1 to 5. This indicates that a maximum of five shared resources can be specified at a time.

Note Resources.N.ResourceId and Resources.N.ResourceType must be used in pairs.
vsw-bp183p93qs667muql****
TargetsarrayNo

The information about the principals.

stringNo

The information about a principal.

  • If the value of AllowExternalTargets is false, you can set this parameter to the ID of a resource directory, folder, or member.
  • If the value of AllowExternalTargets is true, you can set this parameter to the ID of an Alibaba Cloud account, resource directory, folder, or member or the name of an Alibaba Cloud service.

For more information, see Resource sharing modes, View the ID of a resource directory, View the ID of a folder, or View the ID of a member.

Valid values of N: 1 to 5. This indicates that a maximum of five principals can be specified at a time.

172050525300****
PermissionNamesarrayNo

The information about the permissions. If you do not configure this parameter, the system automatically associates the default permission for the specified resource type with the resource share. For more information, see Permission library.

stringNo

The name of a permission. If you do not configure this parameter, the system automatically associates the default permission for the specified resource type with the resource share. For more information, see Permission library.

AliyunRSDefaultPermissionVSwitch
AllowExternalTargetsbooleanNo

Specifies whether resources in the resource share can be shared with accounts outside the resource directory. Valid values:

  • false (default): Resources in the resource share can be shared only with accounts in the resource directory.
  • true: Resources in the resource share can be shared with both accounts in the resource directory and accounts outside the resource directory.
false
TargetPropertiesobject []No

The properties of the principal.

Note This parameter is available only when you specify an Alibaba Cloud service as a principal.
TargetIdstringNo

The ID of the principal.

Note TargetProperties.N.TargetId and TargetProperties.N.Property must be used in pairs.
172050525300****
PropertystringNo

The property parameter of the principal. For example, you can specify a parameter that indicates the time range for resource sharing. Valid values of timeRangeType:

  • timeRange: a specific time range
  • day: all day
Note TargetProperties.N.TargetId and TargetProperties.N.Property must be used in pairs.
{ "timeRange":{ "timeRangeType":"timeRange", "beginAtTime":"00:00", "timezone":"UTC+8", "endAtTime":"19:59" } }

Response parameters

ParameterTypeDescriptionExample
object

The returned result.

RequestIdstring

The request ID.

2C3FA051-61DC-4F3E-81E9-E4830524DF4B
ResourceShareobject

The information about the resource share.

UpdateTimestring

The time when the resource share was updated.

2020-12-03T08:02:22.413Z
ResourceShareNamestring

The name of the resource share.

test
ResourceShareOwnerstring

The owner of the resource share.

151266687691****
CreateTimestring

The time when the resource share was created.

2020-12-03T08:02:22.413Z
ResourceShareIdstring

The ID of the resource share.

rs-qSkW1HBY****
ResourceShareStatusstring

The status of the resource share. Valid values:

  • Active: The resource share is enabled.
  • Pending: The resource share is associated with one or more resource sharing invitations that are waiting for confirmation.
  • Deleting: The resource share is being deleted.
  • Deleted: The resource share is deleted.
Note The system automatically deletes the records of resource shares in the Deleted state within 48 hours to 96 hours after you delete the resource shares.
Active
AllowExternalTargetsboolean

Indicates whether resources in the resource share can be shared with accounts outside the resource directory. Valid values:

  • false: Resources in the resource share can be shared only with accounts in the resource directory.
  • true: Resources in the resource share can be shared with both accounts in the resource directory and accounts outside the resource directory.
false

Examples

Sample success responses

JSONformat

{
  "RequestId": "2C3FA051-61DC-4F3E-81E9-E4830524DF4B",
  "ResourceShare": {
    "UpdateTime": "2020-12-03T08:02:22.413Z",
    "ResourceShareName": "test",
    "ResourceShareOwner": "151266687691****",
    "CreateTime": "2020-12-03T08:02:22.413Z",
    "ResourceShareId": "rs-qSkW1HBY****",
    "ResourceShareStatus": "Active",
    "AllowExternalTargets": false
  }
}

Error codes

HTTP status codeError codeError messageDescription
400InvalidParameter.ResourceShareNameThe ResourceShareName is invalid.The ResourceShareName parameter is invalid.
400InvalidParameter.ResourceShareName.LengthThe maximum length of ResourceShareName exceeds 50 characters.The length of ResourceShareName cannot exceed 50 characters.
400InvalidParameter.ResourcesThe Resources is invalid.The specified shared resource is invalid.
400InvalidParameter.Resources.DuplicateThe Resources contains duplicate values.The specified Resources parameter contains duplicate values.
400InvalidParameter.Resources.LengthThe maximum number of Resources exceeds 5.The number of specified shared resources cannot exceed 5.
400InvalidParameter.TargetsThe Targets is invalid.The specified Targets parameter is invalid.
400InvalidParameter.Targets.DuplicateThe Targets contains duplicate values.The specified Targets parameter contains duplicate values.
400InvalidParameter.Targets.LengthThe maximum number of Targets exceeds 5.The number of Targets values cannot exceed 5.
400InvalidTargetThe shared target does not exist in the resource directory.The specified Targets value is not a member in the resource directory.
400InvalidParameterThe specified parameter is invalid.The specified parameter is invalid.
400MissingParameter.ResourceShareNameYou must specify ResourceShareName.The ResourceShareName parameter is missing.
400InvalidParameter.ResourceTypeThe ResourceType is invalid.The specified ResourceType parameter is invalid.
400InvalidParameter.PermissionNames.DuplicateThe PermissionNames duplicate values.Duplicate values are specified for the PermissionNames parameter.
400InvalidParameter.PermissionNames.LengthThe maximum length of PermissionNames exceeds quota limit.The length of the value specified for the PermissionNames parameter exceeds the limit.
400InvalidParameter.TargetPropertiesThe TargetProperties is invalid.The TargetProperties is invalid.
400InvalidParameter.TargetProperties.DuplicateThe TargetProperties contains duplicate values.TargetProperties contains duplicate parameters.
400InvalidParameter.TargetProperties.LengthThe TargetProperties beyond the length limit.The TargetProperties beyond the length limit.
404EntityNotExists.PermissionThe resource share permission does not exist.You do not have the required permissions.
409NotEnableSharingWithResourceDirectoryYou have not enabled sharing with your Resource Directory.You have not enabled sharing with Resource Directory.
409AccountNotInResourceDirectoryThe account is not a master or a member of a resource directory.The specified Targets value is not a member in the resource directory.
409QuotaExceeded.ResourceShare.CountThe maximum number of ResourceShare exceeds the limit.The maximum number of ResourceShare exceeds the limit.
409EntityAlreadyExists.ResourceShareThe specified resource share ID already exists.The specified resource share ID already exists.
409QuotaExceeded.SharedResource.CountThe maximum number of shared resources per account exceeds the limit.The maximum number of Resources values per account is exceeded.
409ShareWithYourselfYou cannot share resources with yourself.You cannot share resources with yourself.
409NotManagementAccountOnly the management account of the service is allowed to share such resources.Only the management account of the resource directory can be used to share the current type of resource. If you still want to use the current account, contact the owner of the management account to configure the current account as a delegated administrator account of the trusted service to which the resource belongs.
409QuotaExceeded.PendingInvitationsThe maximum number of pending invitations exceeds the limit.The number of invitations exceeds the upper limit.
409InvalidTarget.LegalEntityMismatchThe target account does not have the same legal entity as the resource owner account.The enterprise name of the principal is inconsistent with that of the resource owner.
409ExternalTargetsNotAllowed.ResourceTypeThe resource share includes resource types that cannot be shared with accounts outside the resource directory.The resource share contains resources that do not support this operation.
409InvalidTarget.SiteMismatchCross-site resource sharing is not supported.The principal and resource owner are registered at different sites.
409NotSupport.Service.ExistInOtherResourceShareThe resource type has been shared to the target service through other resourceShare. Please share it in the same resourceShare.-
409NotSupport.Service.AssociateConflictThe same resource cannot be shared repeatedly to the target service.-

For a list of error codes, visit the Service error codes.

Change history

Change timeSummary of changesOperation
2024-01-23The Error code has changed. The request parameters of the API has changedsee changesets
Change itemChange content
Error CodesThe Error code has changed.
    delete Error Codes: 400
    delete Error Codes: 404
    delete Error Codes: 409
Input ParametersThe request parameters of the API has changed.
    Added Input Parameters: TargetProperties
2024-01-03The Error code has changedsee changesets
Change itemChange content
Error CodesThe Error code has changed.
    Error Codes 400 change
    Error Codes 409 change
    delete Error Codes: 404
2023-04-07The Error code has changedsee changesets
Change itemChange content
Error CodesThe Error code has changed.
    Error Codes 409 change
    delete Error Codes: 400
    delete Error Codes: 404
2023-04-07The Error code has changedsee changesets
Change itemChange content
Error CodesThe Error code has changed.
    Error Codes 409 change
    delete Error Codes: 400
    delete Error Codes: 404
2023-04-03The Error code has changed. The request parameters of the API has changedsee changesets
Change itemChange content
Error CodesThe Error code has changed.
    delete Error Codes: 400
    delete Error Codes: 404
    delete Error Codes: 409
Input ParametersThe request parameters of the API has changed.
    delete Input Parameters: ResourceGroupId
2023-03-02API Description Update. The Error code has changed. The request parameters of the API has changedsee changesets
Change itemChange content
API DescriptionAPI Description Update.
Error CodesThe Error code has changed.
    delete Error Codes: 400
    delete Error Codes: 404
    delete Error Codes: 409
Input ParametersThe request parameters of the API has changed.
    Added Input Parameters: ResourceGroupId