Page History

...

• removeIAMPolicyFromIAMGroup
  1. String id - UUID of the IAM group. Required
  2. List<String> policies- comma separated list of policy ids that are going to be revoked from the IAM group

• attachIAMPolicyToAccount
  1. String id - UUID of the IAM policy. Required
  2. List<String> accounts - comma separated list of account id that the policy will attach to
     
     
• removeIAMPolicyFromAccount
  1. String id - UUID of the IAM group. Required
  2. List<String> accounts- comma separated list of account ids 

• addIAMPermissionToIAMPolicy
  1. String id - UUID of the IAM policy. Required
  createIAMPermission
  2. String action - name of the API allowed/denied. Required
  3. String permission - "Allow"/ "Deny"entityType
  4. String scope- ("Account" / "Domain" / "Resource")
  5. String scope id - UUID of the ScopeString resourceType

• removeIAMPermissionFromIAMPolicy
  addIAMPermissionToIAMPolicy
  1. String id - UUID of the IAM policy. Required
  2. List<String> permissionIds - comma separated list of permission ids that are going to be added to the IAM policy
  removeIAMPermissionFromIAMPolicy
  1. String action - name of the API allowed/denied. Required
  2. String entityType
  3. String scope- ("Account" / "Domain" / "Resource")
  4. String scope
  5. String id - UUID of the IAM policy. RequiredList<String> permission Ids - comma separated list of permission ids that are going to be removed from the IAM policyScope

In Phase1, these new IAM APIs are only limited to root admin.

...