PutAccessControlRule - Amazon WorkMail
Request SyntaxRequest ParametersResponse ElementsErrorsSee Also

PutAccessControlRule

Adds a new access control rule for the specified organization. The rule allows or denies access to the organization for the specified IPv4 addresses, access protocol actions, user IDs and impersonation IDs. Adding a new rule with the same name as an existing rule replaces the older rule.

Request Syntax

{
   "Actions": [ "string" ],
   "Description": "string",
   "Effect": "string",
   "ImpersonationRoleIds": [ "string" ],
   "IpRanges": [ "string" ],
   "Name": "string",
   "NotActions": [ "string" ],
   "NotImpersonationRoleIds": [ "string" ],
   "NotIpRanges": [ "string" ],
   "NotUserIds": [ "string" ],
   "OrganizationId": "string",
   "UserIds": [ "string" ]
}

Request Parameters

For information about the parameters that are common to all actions, see Common Parameters.

The request accepts the following data in JSON format.

Actions

Access protocol actions to include in the rule. Valid values include ActiveSync, AutoDiscover, EWS, IMAP, SMTP, WindowsOutlook, and WebMail.

Type: Array of strings

Array Members: Minimum number of 0 items. Maximum number of 10 items.

Length Constraints: Minimum length of 1. Maximum length of 64.

Pattern: [a-zA-Z]+

Required: No

Description

The rule description.

Type: String

Length Constraints: Minimum length of 0. Maximum length of 255.

Pattern: [\u0020-\u00FF]+

Required: Yes

Effect

The rule effect.

Type: String

Valid Values: ALLOW | DENY

Required: Yes

ImpersonationRoleIds

Impersonation role IDs to include in the rule.

Type: Array of strings

Array Members: Minimum number of 0 items. Maximum number of 10 items.

Length Constraints: Minimum length of 1. Maximum length of 64.

Pattern: [a-zA-Z0-9_-]+

Required: No

IpRanges

IPv4 CIDR ranges to include in the rule.

Type: Array of strings

Array Members: Minimum number of 0 items. Maximum number of 1024 items.

Length Constraints: Minimum length of 1. Maximum length of 18.

Pattern: ^(([0-9]|[1-9][0-9]|1[0-9]{2}|2[0-4][0-9]|25[0-5])\.){3}([0-9]|[1-9][0-9]|1[0-9]{2}|2[0-4][0-9]|25[0-5])/([0-9]|[12][0-9]|3[0-2])$

Required: No

Name

The rule name.

Type: String

Length Constraints: Minimum length of 1. Maximum length of 64.

Pattern: [a-zA-Z0-9_-]+

Required: Yes

NotActions

Access protocol actions to exclude from the rule. Valid values include ActiveSync, AutoDiscover, EWS, IMAP, SMTP, WindowsOutlook, and WebMail.

Type: Array of strings

Array Members: Minimum number of 0 items. Maximum number of 10 items.

Length Constraints: Minimum length of 1. Maximum length of 64.

Pattern: [a-zA-Z]+

Required: No

NotImpersonationRoleIds

Impersonation role IDs to exclude from the rule.

Type: Array of strings

Array Members: Minimum number of 0 items. Maximum number of 10 items.

Length Constraints: Minimum length of 1. Maximum length of 64.

Pattern: [a-zA-Z0-9_-]+

Required: No

NotIpRanges

IPv4 CIDR ranges to exclude from the rule.

Type: Array of strings

Array Members: Minimum number of 0 items. Maximum number of 1024 items.

Length Constraints: Minimum length of 1. Maximum length of 18.

Pattern: ^(([0-9]|[1-9][0-9]|1[0-9]{2}|2[0-4][0-9]|25[0-5])\.){3}([0-9]|[1-9][0-9]|1[0-9]{2}|2[0-4][0-9]|25[0-5])/([0-9]|[12][0-9]|3[0-2])$

Required: No

NotUserIds

User IDs to exclude from the rule.

Type: Array of strings

Array Members: Minimum number of 0 items. Maximum number of 10 items.

Length Constraints: Minimum length of 12. Maximum length of 256.

Required: No

OrganizationId

The identifier of the organization.

Type: String

Length Constraints: Fixed length of 34.

Pattern: ^m-[0-9a-f]{32}$

Required: Yes

UserIds

User IDs to include in the rule.

Type: Array of strings

Array Members: Minimum number of 0 items. Maximum number of 10 items.

Length Constraints: Minimum length of 12. Maximum length of 256.

Required: No

Response Elements

If the action is successful, the service sends back an HTTP 200 response with an empty HTTP body.

Errors

For information about the errors that are common to all actions, see Common Errors.

EntityNotFoundException

The identifier supplied for the user, group, or resource does not exist in your organization.

HTTP Status Code: 400

InvalidParameterException

One or more of the input parameters don't match the service's restrictions.

HTTP Status Code: 400

LimitExceededException

The request exceeds the limit of the resource.

HTTP Status Code: 400

OrganizationNotFoundException

An operation received a valid organization identifier that either doesn't belong or exist in the system.

HTTP Status Code: 400

OrganizationStateException

The organization must have a valid state to perform certain operations on the organization or its members.

HTTP Status Code: 400

ResourceNotFoundException

The resource cannot be found.

HTTP Status Code: 400

See Also

For more information about using this API in one of the language-specific AWS SDKs, see the following: