edit-icon download-icon

ListEntitiesForPolicy

Last Updated: Nov 10, 2017

Interface description

Lists entities referencing an authorization policy.

Request parameters

Action

  • Type: String
  • Required: Yes
  • Description: Required. The parameter value is “ListEntitiesForPolicy”.

PolicyType

  • Type: String
  • Required: Yes
  • Description: Authorization policy type. Value: “System” or “Custom”.

PolicyName

  • Type: String
  • Required: Yes
  • Description: Authorization policy name.

Return parameters

Groups

  • Type: Group Type Array
  • Description: Group information set.

Users

  • Type: User Type Array
  • Description: User information set.

Roles

  • Type: Role Type Array
  • Description: Role information set.

Required permissions

Action

ram:ListEntitiesForPolicy

Resource

acs:ram:*:${AccountId}:group/${PolicyName}

Error messages

InvalidParameter.PolicyType
  • HTTP Status: 400
  • Error Message: The parameter - “PolicyType” is incorrect.
InvalidParameter.PolicyName.InvalidChars
  • HTTP Status: 400
  • Error Message: The parameter - “PolicyNam” contains invalid chars.
InvalidParameter.PolicyName.Length
  • HTTP Status: 400
  • Error Message: The parameter - “PolicyName” beyond the length limit.
EntityNotExist.Policy
  • HTTP Status: 404
  • Error Message: The policy does not exist.

Operation examples

Request example

  1. https://ram.aliyuncs.com/?Action=ListEntitiesForPolicy
  2. &PolicyName=OSS-Administrator
  3. &PolicyType=Custom
  4. &<Public request parameters>

Return example

XML format

  1. <ListEntitiesForPolicyResponse>
  2. <RequestId>7B8A4E7D-6CFF-471D-84DF-195A7A241ECB</RequestId>
  3. <Groups>
  4. <Group>
  5. <GroupName>QA-Team</GroupName>
  6. <Comments>Test team</Comments>
  7. <AttachDate>2015-01-23T12:33:18Z</AttachDate>
  8. </Group>
  9. <Group>
  10. <GroupName>Dev-Team</GroupName>
  11. <Comments>Development team</Comments>
  12. <AttachDate>2015-02-18T17:22:08Z</AttachDate>
  13. </Group>
  14. </Groups>
  15. <Users>
  16. <User>
  17. <UserId>1227489245380721</UserId>
  18. <UserName>zhangqiang</UserName>
  19. <DisplayName>zhangqiang</DisplayName>
  20. <AttachDate>2015-01-23T12:33:18Z</AttachDate>
  21. </User>
  22. <User>
  23. <UserId>1406498224724456</UserId>
  24. <UserName>lili</UserName>
  25. <DisplayName>lili</DisplayName>
  26. <AttachDate>2015-02-18T17:22:08Z</AttachDate>
  27. </User>
  28. </Users>
  29. <Roles>
  30. <Role>
  31. <RoleId>901234567890123</RoleId>
  32. <RoleName>ECSAdmin</RoleName>
  33. <Arn>acs:ram::1234567890123456:role/ECSAdmin</Arn>
  34. <Description>ECS Administrator role</Description>
  35. <AttachDate>2015-01-23T12:33:18Z</AttachDate>
  36. </Role>
  37. <Role>
  38. <RoleId>901234567890456</RoleId>
  39. <RoleName>OSSReadonlyAccess</RoleName>
  40. <Description>OSS read-only access role</Description>
  41. <Arn>acs:ram::1234567890123456:role/OSSReadonlyAccess</Arn>
  42. <AttachDate>2015-01-23T12:33:18Z</AttachDate>
  43. </Role>
  44. </Roles>
  45. </ListEntitiesForPolicyResponse>

JSON format

  1. {
  2. "RequestId" : "7B8A4E7D-6CFF-471D-84DF-195A7A241ECB",
  3. "Groups" : {
  4. "Group" : [
  5. {
  6. "GroupName": "QA-Team",
  7. "Comments": "Test team",
  8. "AttachDate" : "2015-01-23T12:33:18Z"
  9. },
  10. {
  11. "GroupName": "Dev-Team",
  12. "Comments": "Development team",
  13. "AttachDate" : "2015-02-18T17:22:08Z"
  14. }
  15. ]
  16. },
  17. "Users" : {
  18. "User" : [
  19. {
  20. "UserId" : "1227489245380721",
  21. "UserName" : "zhangqiang",
  22. "DisplayName": "zhangqiang",
  23. "AttachDate" : "2015-01-23T12:33:18Z"
  24. },
  25. {
  26. "UserId" : "1406498224724456",
  27. "UserName" : "lili",
  28. "DisplayName": "lili",
  29. "AttachDate" : "2015-02-18T17:22:08Z"
  30. }
  31. ]
  32. },
  33. "Roles" : {
  34. "Role" : [
  35. {
  36. "RoleId" : "1227489245380721",
  37. "RoleName" : "ECSAdmin",
  38. "Arn": "acs:ram::1234567890123456:role/ECSAdmin",
  39. "Description": "ECS Administrator role",
  40. "AttachDate" : "2015-01-23T12:33:18Z"
  41. },
  42. {
  43. "RoleId" : "1406498224724456",
  44. "RoleName" : "OSSReadonlyAccess",
  45. "Arn": "acs:ram::1234567890123456:role/OSSReadonlyAccess",
  46. "Description": "OSS administrator read-only permission",
  47. "AttachDate" : "2015-02-18T17:22:08Z"
  48. }
  49. ]
  50. }
  51. }
Thank you! We've received your feedback.