Policy management API
Updated at:2025-10-27
Create Strategy
Create a permission policy with reference to the following codes:
Python
1def create_policy():
2 iam_client = IamClient(iam_sample_conf.config)
3# Policy creation request as dict
4# Set policy name
5# Set policy description
6# Set policy content document, string serialized in ACL format
7 create_policy_request = {"name": "test_policy", "description": "create policy: test_policy_1",
8 "document": '{ "accessControlList": [ { "region": "bj", "resource": [ "*" ], "effect":'
9 '"Allow", "service": "bce:bos", "permission": [ "READ" ] } ] } '}
10 response = iam_client.create_policy(create_policy_request)
11 print(response)Query policies
Query a permission policy with reference to the following codes:
Python
1def get_policy():
2 iam_client = IamClient(iam_sample_conf.config)
3
4# Policy name
5 policy_name = b"test_policy"
6# Policy type to be queried: “system” for system policies; “custom” for custom policies
7 policy_type = b"Custom"
8 response = iam_client.get_policy(policy_name=policy_name, policy_type=policy_type)
9 print(response)Delete strategy
Delete a permission policy with reference to the following codes:
Python
1def delete_policy():
2 iam_client = IamClient(iam_sample_conf.config)
3
4# Policy name
5 policy_name = b"test_policy"
6 response = iam_client.delete_policy(policy_name=policy_name)
7 print(response)(policyName);
8}List policies
List permission policies. When policyType is System, list built-in system policies with reference to the following codes:
Python
1def list_policy():
2 iam_client = IamClient(iam_sample_conf.config)
3
4# Policy type to be queried: “system” for system policies; “custom” for custom policies
5 policy_type = b"Custom"
6# Keyword filtering
7 name_filter = b"test"
8 response = iam_client.list_policy(policy_type=policy_type, name_filter=name_filter)
9 print(response)Associate user permissions
Associate permission policies with a user with reference to the following codes:
Python
1def attach_policy_to_user():
2 iam_client = IamClient(iam_sample_conf.config)
3
4# User requiring policy association
5 user_name = b"test_user"
6# Associated policies
7 policy_name = b"test_policy"
8# Policy type to be queried: “system” for system policies; “custom” for custom policies
9 policy_type = b"Custom"
10 response = iam_client.attach_policy_to_user(user_name, policy_name, policy_type)
11 print(response)Revoke user permissions
Revoke a permission policy associated with an IAM user with reference to the following codes:
Python
1def detach_policy_from_user():
2 iam_client = IamClient(iam_sample_conf.config)
3# User requiring policy association
4 user_name = b"test_user"
5# Associated policies
6 policy_name = b"test_policy"
7# Policy type to be queried: “system” for system policies; “custom” for custom policies
8 policy_type = b"Custom"
9 response = iam_client.detach_policy_from_user(user_name, policy_name, policy_type)
10 print(response)List user permissions
List a permission policy associated with a user with reference to the following codes:
Python
1def list_policies_from_user():
2 iam_client = IamClient(iam_sample_conf.config)
3
4# Username
5 user_name = b"test_user"
6 response = iam_client.list_policies_from_user(user_name)
7 print(response)Associate group permissions
Associate a permission policy with a group with reference to the following codes:
Python
1def attach_policy_to_group():
2 iam_client = IamClient(iam_sample_conf.config)
3# Group requiring associated policies
4 group_name = b"test_group"
5# Associated policies
6 policy_name = b"test_policy"
7# Policy type to be queried: “system” for system policies; “custom” for custom policies
8 policy_type = b"Custom"
9 response = iam_client.attach_policy_to_group(group_name, policy_name, policy_type)
10 print(response)Revoke group permissions
Revoke a permission policy associated with a group with reference to the following codes:
Python
1def detach_policy_from_group():
2 iam_client = IamClient(iam_sample_conf.config)
3# Group requiring associated policies
4 group_name = b"test_group"
5# Associated policies
6 policy_name = b"test_policy"
7# Policy type to be queried: “system” for system policies; “custom” for custom policies
8 policy_type = b"Custom"
9 response = iam_client.detach_policy_from_group(group_name, policy_name, policy_type)
10 print(response)List the permissions associated with a group
List a permission policy associated with a group with reference to the following codes:
Python
1def list_policies_from_group():
2 iam_client = IamClient(iam_sample_conf.config)
3# Group name
4 group_name = b"test_group"
5 response = iam_client.list_policies_from_group(group_name)
6 print(response)Associate role permissions
Associate a permission policy with a role with reference to the following codes:
Python
1def attach_policy_to_role():
2 iam_client = IamClient(iam_sample_conf.config)
3# Role requiring associated policies
4 role_name = b"test_role"
5# Associated policies
6 policy_name = b"test_policy"
7# Policy type to be queried: “system” for system policies; “custom” for custom policies
8 policy_type = b"Custom"
9 response = iam_client.attach_policy_to_role(role_name, policy_name, policy_type)
10 print(response)Revoke role permissions
Revoke a permission policy associated with a role with reference to the following codes:
Python
1def detach_policy_from_role():
2 iam_client = IamClient(iam_sample_conf.config)
3# Role requiring associated policies
4 role_name = b"test_role"
5# Associated policies
6 policy_name = b"test_policy"
7# Policy type to be queried: “system” for system policies; “custom” for custom policies
8 policy_type = b"Custom"
9 response = iam_client.detach_policy_from_role(role_name, policy_name, policy_type)
10 print(response)List role permissions
List a permission policy associated with a role with reference to the following codes:
Python
1def list_policies_from_role():
2 iam_client = IamClient(iam_sample_conf.config)
3# Role name
4 role_name = b"test_role"
5 response = iam_client.list_policies_from_role(role_name)
6 print(response)