Policy management API

IAM IAM

  • API Reference
    • Common request header and common response header
    • Data type
    • Error code
    • Feature Update Records
    • General Description
    • Introduction
    • Service domain
    • STS-Related Interfaces
  • API Reference_IAM
    • Common request header and common response header
    • Data type
    • Error code
    • General Description
    • Group management API
    • Introduction
    • Policy management API
    • Role Management Interfaces
    • Service domain
    • User management API
  • FAQs
    • Common Questions Overview
    • FAQs related to IAM users
    • FAQs related to product permissions
  • Function Release Records
  • Operation guide
    • Account Security Audit
    • Enterprise Account Integration
      • Federated Login Overview
      • IAM Role-based SSO
      • IAM User-based SSO
    • Group Management
    • Message Center
    • Permission Policies
      • ACL
      • Authorization
      • Managing IAM Policies
      • Permission Policy Overview
      • Policy Authentication Evaluation Logic
      • Strategy type
      • Tag-Based Authorization and Authentication
    • Role Management
      • Common scenarios
      • Create role
      • FAQs
      • Managing Roles
      • Overview
      • Related concepts
      • Using Roles
    • Settings
    • User
      • IAM User Operations
      • Two-Factor Authentication
      • User management
    • User Anomaly Behavior Analysis (Public Beta)
      • Risk Behavior Management
  • Operation records
    • Cloud Trail (Public Beta)
  • Product Announcement
    • Baidu Intelligent Cloud Enables Login Protection MFA Multi-Factor Authentication Notification for All Users
  • Product Description
    • Application scenarios
    • Concepts
    • Currently Supported Product Lines
    • Product functions
    • Product overview
    • System Restrictions
    • Enterprise Organization vs Identity and Access Management
  • Product pricing
    • Product pricing
  • Quick Start
    • Create groups and grant permissions
    • Creating IAM User Administrators
  • SDK
    • Go-SDK
      • Error handling
      • Group management API
      • Initialize SDK
      • Install the SDK Package
      • Overview
      • Policy management API
      • Role Management Interfaces
      • User management API
      • Version Change Records
    • Java-SDK
      • Error code
      • Group management API
      • Initialization
      • Install the SDK Package
      • Overview
      • Policy management API
      • Role Management Interfaces
      • User management API
      • Version Change Records
    • Python-SDK
      • Error code
      • Group management API
      • Initialization
      • Install the SDK Package
      • Overview
      • Policy management API
      • Role Management Interfaces
      • User management API
      • Version Change Records
  • Testing Knowledge Base SDK
  • Typical Practices
    • Baidu Intelligent Cloud Partner Guide to Creating IAM Users
    • User Management and Permission Assignment
All documents
menu
No results found, please re-enter

IAM IAM

  • API Reference
    • Common request header and common response header
    • Data type
    • Error code
    • Feature Update Records
    • General Description
    • Introduction
    • Service domain
    • STS-Related Interfaces
  • API Reference_IAM
    • Common request header and common response header
    • Data type
    • Error code
    • General Description
    • Group management API
    • Introduction
    • Policy management API
    • Role Management Interfaces
    • Service domain
    • User management API
  • FAQs
    • Common Questions Overview
    • FAQs related to IAM users
    • FAQs related to product permissions
  • Function Release Records
  • Operation guide
    • Account Security Audit
    • Enterprise Account Integration
      • Federated Login Overview
      • IAM Role-based SSO
      • IAM User-based SSO
    • Group Management
    • Message Center
    • Permission Policies
      • ACL
      • Authorization
      • Managing IAM Policies
      • Permission Policy Overview
      • Policy Authentication Evaluation Logic
      • Strategy type
      • Tag-Based Authorization and Authentication
    • Role Management
      • Common scenarios
      • Create role
      • FAQs
      • Managing Roles
      • Overview
      • Related concepts
      • Using Roles
    • Settings
    • User
      • IAM User Operations
      • Two-Factor Authentication
      • User management
    • User Anomaly Behavior Analysis (Public Beta)
      • Risk Behavior Management
  • Operation records
    • Cloud Trail (Public Beta)
  • Product Announcement
    • Baidu Intelligent Cloud Enables Login Protection MFA Multi-Factor Authentication Notification for All Users
  • Product Description
    • Application scenarios
    • Concepts
    • Currently Supported Product Lines
    • Product functions
    • Product overview
    • System Restrictions
    • Enterprise Organization vs Identity and Access Management
  • Product pricing
    • Product pricing
  • Quick Start
    • Create groups and grant permissions
    • Creating IAM User Administrators
  • SDK
    • Go-SDK
      • Error handling
      • Group management API
      • Initialize SDK
      • Install the SDK Package
      • Overview
      • Policy management API
      • Role Management Interfaces
      • User management API
      • Version Change Records
    • Java-SDK
      • Error code
      • Group management API
      • Initialization
      • Install the SDK Package
      • Overview
      • Policy management API
      • Role Management Interfaces
      • User management API
      • Version Change Records
    • Python-SDK
      • Error code
      • Group management API
      • Initialization
      • Install the SDK Package
      • Overview
      • Policy management API
      • Role Management Interfaces
      • User management API
      • Version Change Records
  • Testing Knowledge Base SDK
  • Typical Practices
    • Baidu Intelligent Cloud Partner Guide to Creating IAM Users
    • User Management and Permission Assignment
  • Document center
  • arrow
  • IAMIAM
  • arrow
  • SDK
  • arrow
  • Java-SDK
  • arrow
  • Policy management API
Table of contents on this page
  • Create Strategy
  • Query policies
  • Delete strategy
  • List policies
  • Associate user permissions
  • Revoke user permissions
  • List user permissions
  • Associate group permissions
  • Revoke group permissions
  • List the permissions associated with a group
  • Associate role permissions
  • Revoke role permissions
  • List role permissions

Policy management API

Updated at:2025-10-27

Create Strategy

Create a permission policy with reference to the following codes:

Java 
1public CreatePolicyResponse createPolicy(IamClient client) {
2    CreatePolicyRequest createPolicyRequest = new CreatePolicyRequest();
3 // Set policy name
4    createPolicyRequest.setName("test_policy_name");
5 // Set policy description
6    createPolicyRequest.setDescription("test_policy_description");
7 // Policy content, the string obtained after ACL format serialization
8    createPolicyRequest.setDocument("{\"accessControlList\": [{\"region\":\"bj\",\"service\":\"bcc\",\"resource\":[\"*\"]," +
9                "\"permission\":[\"*\"],\"effect\":\"Allow\"}]}");
10                
11    client.createPolicy(createPolicyRequest);
12}

Query policies

Query a permission policy with reference to the following codes:

Java 
1public void getPolicy(IamClient client) {
2 // Policy name
3    String policyName = "test_policy_name";
4 // Policy type to be queried: System for system policies; Custom for custom policies
5    String policyType = "System";
6    
7    client.getPolicy(policyName, policyType);
8}

Delete strategy

Delete a permission policy with reference to the following codes:

Java 
1public void deletePolicy(IamClient client) {
2 // Policy name
3    String policyName = "test_policy_name";
4    client.deletePolicy(policyName);
5}

List policies

List permission policies. When policyType is System, list built-in system policies with reference to the following codes:

Java 
1public void listPolicy(IamClient client) {
2 // Policy type to be queried: System for system policies; Custom for custom policies
3    String policyType = "System";
4    
5    client.listPolicy(policyType);
6}

Associate user permissions

Associate permission policies with a user with reference to the following codes:

Java 
1public void attachPolicyToUser(IamClient client) {
2 // Username
3    String userName = "test_user_name";
4 // Policy name
5    String policyName = "test_policy_name";
6 // Policy type
7    String policyType = "System";
8    
9    client.attachPolicyToUser(userName, policyName, policyType);
10}

Revoke user permissions

Revoke a permission policy associated with an IAM user with reference to the following codes:

Java 
1public void detachPolicyFromUser(IamClient client) {
2 // Username
3    String userName = "test_user_name";
4 // Policy name
5    String policyName = "test_policy_name";
6 // Policy type
7    String policyType = "System";
8    
9    client.detachPolicyFromUser(userName,policyName, policyType)
10}

List user permissions

List a permission policy associated with a user with reference to the following codes:

Java 
1public void listPoliciesForUser(IamClient client) {
2 // Username
3    String userName = "test_user_name";
4    
5    return client.listPoliciesForUser(userName)
6}

Associate group permissions

Associate a permission policy with a group with reference to the following codes:

Java 
1public void attachPolicyToGroup(IamClient client) {
2 // Group name
3    String groupName = "test_group_name";
4 // Policy name
5    String policyName = "test_policy_name";
6 // Policy type
7    String policyType = "System";
8    
9    client.attachPolicyToGroup(userName, policyName, policyType);
10}

Revoke group permissions

Revoke a permission policy associated with a group with reference to the following codes:

Java 
1public void detachPolicyFromGroup(IamClient client) {
2 // Group name
3    String groupName = "test_group_name";
4 // Policy name
5    String policyName = "test_policy_name";
6 // Policy type
7    String policyType = "System";
8    
9    client.detachPolicyFromGroup(groupName, policyName, policyType);
10}

List the permissions associated with a group

List a permission policy associated with a group with reference to the following codes:

Java 
1public void listPoliciesForGroup(IamClient client) {
2 // Group name
3    String groupName = "test_group_name";
4    
5    client.listPoliciesForUser(groupName);
6}

Associate role permissions

Associate a permission policy with a role with reference to the following codes:

Java 
1public void attachPolicyToRole(IamClient client) {
2 // Role name
3    String roleName = "test_role_name";
4 // Policy name
5    String policyName = "test_policy_name";
6 // Policy type
7    String policyType = "System";
8    
9    client.attachPolicyToRole(roleName, policyName, policyType);
10}

Revoke role permissions

Revoke a permission policy associated with a role with reference to the following codes:

Java 
1public void detachPolicyFromRole(IamClient client) {
2 // Role name
3    String roleName = "test_role_name";
4 // Policy name
5    String policyName = "test_policy_name";
6 // Policy type
7    String policyType = "System";
8    
9    client.detachPolicyFromRole(roleName, policyName, policyType);
10}

List role permissions

List a permission policy associated with a role with reference to the following codes:

Java 
1public void listPoliciesForRole(IamClient client) {
2 // Role name
3    String roleName = "test_role_name";
4    client.listPoliciesForRole(roleName);
5}

Previous
Overview
Next
Role Management Interfaces