Deploy a policy instance in a specified ACK cluster -

You can call the DeployPolicyInstance operation to deploy a policy instance in a specified Container Service for Kubernetes (ACK) cluster.

Debugging

OpenAPI Explorer automatically calculates the signature value. For your convenience, we recommend that you call this operation in OpenAPI Explorer. OpenAPI Explorer dynamically generates the sample code of the operation for different SDKs.

Request headers

This operation uses only common request headers. For more information, refer to the documentation of common request parameters.

Request syntax

POST /clusters/{cluster_id}/policies/{policy_name} HTTP/1.1

Request parameters


Parameter	Type	Position	Required	Example	Description
cluster_id	String	Path	Yes	c8155823d057948c69a****	The ID of the cluster.
policy_name	String	Path	Yes	ACKAllowedRepos	The name of the policy.
	Object	Body	No		The structure of the request.
action	String	Body	No	deny	The action of the policy. Valid values: `deny`: Deployments that match the policy are denied. `warn`: Alerts are generated for Deployments that match the policy.
namespaces	Array of String	Body	No	default	The applicable scope of the policy instance. If you leave this parameter empty, the policy instance is applicable in all namespaces of the cluster.
parameters	Map	Body	No	{ "repos": [ "registry-vpc.cn-hangzhou.aliyuncs.com/acs/", "registry.cn-hangzhou.aliyuncs.com/acs/" ] }	The parameters of the policy instance. For more information about the parameters supported by each policy, see Predefined security policies of ACK.

Response parameters


Parameter	Type	Example	Description
instances	Array of String	[ "allowed-repos-kqxnc" ]	The policy instances that are deployed.

Examples

Sample requests

POST /clusters/c8155823d057948c69a****/policies/ACKAllowedRepos HTTP/1.1
Content-Type:application/json

{
  "action" : "deny",
  "namespaces" : [ "default" ],
  "parameters": {
     "repos": [
          "registry-vpc.cn-hangzhou.aliyuncs.com/acs/",
          "registry.cn-hangzhou.aliyuncs.com/acs/"
     ]
  }
}

Sample success responses

XML format

HTTP/1.1 200 OK
Content-Type:application/xml

<DeployPolicyInstanceResponse>
    <instances>allowed-repos-kqxnc</instances>
</DeployPolicyInstanceResponse>

JSON format

HTTP/1.1 200 OK
Content-Type:application/json

{
  "instances" : [ "allowed-repos-kqxnc" ]
}

Error codes

For a list of error codes, see Service error codes.