All Products
Search
Document Center

ApsaraVideo VOD:DetachAppPolicyFromIdentity

Last Updated:May 22, 2024

Revokes application permissions from the specified identity. The identity may a RAM user or RAM role.

Operation description

Note You can grant a maximum of 10 application permissions to a RAM user or RAM role.

Debugging

OpenAPI Explorer automatically calculates the signature value. For your convenience, we recommend that you call this operation in OpenAPI Explorer.

Authorization information

There is currently no authorization information disclosed in the API.

Request parameters

ParameterTypeRequiredDescriptionExample
IdentityTypestringYes

The type of the identity. Valid values:

  • RamUser: RAM user
  • RamRole: RAM role
RamUser
IdentityNamestringYes

The ID of the RAM user or the name of the RAM role.

  • Specifies the ID of the RAM user for this parameter if you set IdentityType to RamUser.
  • Specifies the name of the RAM role for this parameter if you set IdentityType to RamRole.
test****name
AppIdstringYes

The ID of the application. This parameter is optional if you set PolicyNames to VODAppAdministratorAccess. This parameter is required if you set PolicyNames to a value other than VODAppAdministratorAccess.

  • Default value: app-1000000.
  • For more information, see Overview .
app-****
PolicyNamesstringYes

The name of the policy. Separate multiple names with commas (,). Only system policies are supported.

  • VODAppFullAccess: permissions to manage all resources in an application
  • VODAppReadOnlyAccess: permissions to read all resources in an application
  • VODAppAdministratorAccess: permissions of the application administrator
VODAppFullAccess

Response parameters

ParameterTypeDescriptionExample
object
RequestIdstring

The ID of the request.

25818875-5F78-4A13-****-D7393642C
NonExistPolicyNamesarray

The name of the policy that was not found.

string

The name of the policy that was not found.

test****1
FailedPolicyNamesarray

The names of the policies that failed to be granted to the RAM user or RAM role.

string

The name of the policy that failed to be granted to the RAM user or RAM role.

test****2

Examples

Sample success responses

JSONformat

{
  "RequestId": "25818875-5F78-4A13-****-D7393642C",
  "NonExistPolicyNames": [
    "test****1"
  ],
  "FailedPolicyNames": [
    "test****2"
  ]
}

Error codes

For a list of error codes, visit the Service error codes.

Change history

Change timeSummary of changesOperation
No change history

Common errors

The following table describes the common errors that this operation can return.

Error codeError messageHTTP status codeDescription
OperationDenied.NotOpenAppServiceThe app service is not open.403The error message returned because the multi-application service has not been activated.
Forbidden.OperateAppUser not authorized to operate app.403The error message returned because you are not authorized to manage the application.