post
/v1/iam/policiesCreate policy
Create a new policy in the current organization
Request Body
requiredContent-Type: application/json
name
stringrequireddescription
stringoptionaldocument
objectrequiredIAM-style policy document
Responses
201
Policy created
Content-Type: application/json
policy
objectoptional400
Invalid request parameters
Content-Type: application/json
error
objectrequired401
Authentication required or token invalid
Content-Type: application/json
error
objectrequired403
Insufficient permissions
Content-Type: application/json
error
objectrequired409
Resource conflict (e.g., already exists, invalid state)
Content-Type: application/json
error
objectrequired500
Internal server error
Content-Type: application/json
error
objectrequiredcurl -X POST "https://api.spo1.mycloud.com/v1/iam/policies" \-H "Authorization: Bearer YOUR_ACCESS_TOKEN" \-H "Content-Type: application/json" \-d '{"name": "S3BucketAccess","description": "string","document": {"version": "2024-01-01","statements": [{"sid": "AllowS3Read","effect": "allow","actions": ["s3:GetObject","s3:ListBucket"],"resources": ["my-bucket/*","my-bucket"],"conditions": [{"operator": "equals","key": "s3:prefix","values": ["home/","shared/"]}]}]}}'
Response
Policy created
{"policy": {"id": "550e8400-e29b-41d4-a716-446655440000","crn": "crn::iam:policy:550e8400-e29b-41d4-a716-446655440000","name": "S3BucketAccess","description": "Allow read/write access to specific S3 bucket","document": {"version": "2024-01-01","statements": [{"sid": "AllowS3Read","effect": "allow","actions": ["s3:GetObject","s3:ListBucket"],"resources": ["my-bucket/*","my-bucket"],"conditions": [{"operator": "equals","key": "s3:prefix","values": ["home/","shared/"]}]}]},"created_at": "2024-01-15T10:30:00Z","updated_at": "2024-01-15T10:30:00Z"}}