Enables the control policy feature.
Operation description
A control policy is a type of access control policy in Resource Directory based on your resource structure, such as folders and member accounts. You can use a control policy to manage the permissions boundaries for resource access across levels of your Resource Directory. This helps you establish consistent access control principles for your entire organization or for specific parts of it. A control policy only defines a permissions boundary and does not grant permissions. You must use RAM within a member account to grant permissions to an identity to access your resources. For more information, see Overview of control policies.
Try it now
Test
RAM authorization
|
Action |
Access level |
Resource type |
Condition key |
Dependent action |
|
resourcemanager:EnableControlPolicy |
update |
*ResourceDirectory
|
None | None |
Request parameters
|
Parameter |
Type |
Required |
Description |
Example |
No parameters required.
Response elements
|
Element |
Type |
Description |
Example |
|
object |
The response. |
||
| EnablementStatus |
string |
The status of the control policy feature. Valid values:
|
PendingEnable |
| RequestId |
string |
The request ID. |
8CE7BD95-EFFA-4911-A1E0-BD4412697FEB |
| ControlPolicyType |
string |
RESOURCE_CONTROL_POLICY |
Examples
Success response
JSON format
{
"EnablementStatus": "PendingEnable",
"RequestId": "8CE7BD95-EFFA-4911-A1E0-BD4412697FEB",
"ControlPolicyType": "RESOURCE_CONTROL_POLICY"
}
Error codes
|
HTTP status code |
Error code |
Error message |
Description |
|---|---|---|---|
| 409 | Throttling.EnableControlPolicy | The enable operation is too frequent. Please try again in %s minute(s). | The operation is frequently performed. Wait %s minutes and try again. |
| 409 | Throttling.EnableResourceControlPolicy | The enable operation is too frequent. Please try again in %s minute(s). |
See Error Codes for a complete list.
Release notes
See Release Notes for a complete list.