DetachControlPolicy - Resource Management - Alibaba Cloud Documentation Center

Usage notes

After you detach an access control policy, the operations performed on resources by using members are not limited by the policy. Make sure that the detached policy meets your expectations. Otherwise, your business may be affected.

Both the system and custom access control policies can be detached. If an object has only one access control policy attached, the policy cannot be detached.

This topic provides an example on how to call the API operation to detach the custom control policy cp-jExXAqIYkwHN**** from the folder fd-ZDNPiT****.

Debugging

OpenAPI Explorer automatically calculates the signature value. For your convenience, we recommend that you call this operation in OpenAPI Explorer. OpenAPI Explorer dynamically generates the sample code of the operation for different SDKs.

Request parameters


Parameter	Type	Required	Example	Description
Action	String	Yes	DetachControlPolicy	The operation that you want to perform. Set the value to DetachControlPolicy.
PolicyId	String	Yes	cp-jExXAqIYkwHN****	The ID of the access control policy.
TargetId	String	Yes	fd-ZDNPiT****	The ID of the object from which you want to detach the access control policy. Access control policies can be attached to the following objects: Root folder Subfolders of the Root folder Members

For more information about common request parameters, see Common parameters.

Response parameters


Parameter	Type	Example	Description
RequestId	String	9EA4F962-1A2E-4AFE-BE0C-B14736FC46CC	The ID of the request.

Examples

Sample requests

https://resourcemanager.aliyuncs.com/?Action=DetachControlPolicy
&PolicyId=cp-jExXAqIYkwHN****
&TargetId=fd-ZDNPiT****
&<Common request parameters>

Sample success responses

XML format

HTTP/1.1 200 OK
Content-Type:application/xml

<?xml version="1.0" encoding="UTF-8" ?>
<DetachControlPolicyResponse>
	<RequestId>9EA4F962-1A2E-4AFE-BE0C-B14736FC46CC</RequestId>
</DetachControlPolicyResponse>

JSON format

HTTP/1.1 200 OK
Content-Type:application/json

{
  "RequestId" : "9EA4F962-1A2E-4AFE-BE0C-B14736FC46CC"
}

Error codes


HTTP status code	Error code	Error message	Description
400	NotSupport.DetachLastControlPolicy	It is not detach the last control policy on the target node.	The error message returned because you are not allowed to detach the only access control policy from the object.
404	EntityNotExists.Target	The specified target does not exist in the resource directory.	The error message returned because the specified object does not exist in the resource directory.

For a list of error codes, visit the API Error Center.