AWS Control Tower 2018-05-10
- Client: Aws\ControlTower\ControlTowerClient
- Service ID: controltower
- Version: 2018-05-10
This page describes the parameters and results for the operations of the AWS Control Tower (2018-05-10), and shows how to use the Aws\ControlTower\ControlTowerClient object to call the described operations. This documentation is specific to the 2018-05-10 API version of the service.
Operation Summary
Each of the following operations can be created from a client using
$client->getCommand('CommandName'), where "CommandName" is the
name of one of the following operations. Note: a command is a value that
encapsulates an operation and the parameters used to create an HTTP request.
You can also create and send a command immediately using the magic methods
available on a client object: $client->commandName(/* parameters */).
You can send the command asynchronously (returning a promise) by appending the
word "Async" to the operation name: $client->commandNameAsync(/* parameters */).
- DisableControl ( array $params = [] )
This API call turns off a control.
- EnableControl ( array $params = [] )
This API call activates a control.
- GetControlOperation ( array $params = [] )
Returns the status of a particular EnableControl or DisableControl operation.
- ListEnabledControls ( array $params = [] )
Lists the controls enabled by AWS Control Tower on the specified organizational unit and the accounts it contains.
Paginators
Paginators handle automatically iterating over paginated API results. Paginators are associated with specific API operations, and they accept the parameters that the corresponding API operation accepts. You can get a paginator from a client class using getPaginator($paginatorName, $operationParameters). This client supports the following paginators:
Operations
DisableControl
$result = $client->disableControl([/* ... */]); $promise = $client->disableControlAsync([/* ... */]);
This API call turns off a control. It starts an asynchronous operation that deletes AWS resources on the specified organizational unit and the accounts it contains. The resources will vary according to the control that you specify.
Parameter Syntax
$result = $client->disableControl([
'controlIdentifier' => '<string>', // REQUIRED
'targetIdentifier' => '<string>', // REQUIRED
]);
Parameter Details
Members
Result Syntax
[
'operationIdentifier' => '<string>',
]
Result Details
Members
Errors
-
The input fails to satisfy the constraints specified by an AWS service.
-
Updating or deleting a resource can cause an inconsistent state.
-
ServiceQuotaExceededException:
Request would cause a service quota to be exceeded. The limit is 10 concurrent operations.
-
Unexpected error during processing of request.
-
User does not have sufficient access to perform this action.
-
Request was denied due to request throttling.
-
Request references a resource which does not exist.
EnableControl
$result = $client->enableControl([/* ... */]); $promise = $client->enableControlAsync([/* ... */]);
This API call activates a control. It starts an asynchronous operation that creates AWS resources on the specified organizational unit and the accounts it contains. The resources created will vary according to the control that you specify.
Parameter Syntax
$result = $client->enableControl([
'controlIdentifier' => '<string>', // REQUIRED
'targetIdentifier' => '<string>', // REQUIRED
]);
Parameter Details
Members
Result Syntax
[
'operationIdentifier' => '<string>',
]
Result Details
Members
Errors
-
The input fails to satisfy the constraints specified by an AWS service.
-
Updating or deleting a resource can cause an inconsistent state.
-
ServiceQuotaExceededException:
Request would cause a service quota to be exceeded. The limit is 10 concurrent operations.
-
Unexpected error during processing of request.
-
User does not have sufficient access to perform this action.
-
Request was denied due to request throttling.
-
Request references a resource which does not exist.
GetControlOperation
$result = $client->getControlOperation([/* ... */]); $promise = $client->getControlOperationAsync([/* ... */]);
Returns the status of a particular EnableControl or DisableControl operation. Displays a message in case of error. Details for an operation are available for 90 days.
Parameter Syntax
$result = $client->getControlOperation([
'operationIdentifier' => '<string>', // REQUIRED
]);
Parameter Details
Members
Result Syntax
[
'controlOperation' => [
'endTime' => <DateTime>,
'operationType' => 'ENABLE_CONTROL|DISABLE_CONTROL',
'startTime' => <DateTime>,
'status' => 'SUCCEEDED|FAILED|IN_PROGRESS',
'statusMessage' => '<string>',
],
]
Result Details
Members
- controlOperation
-
- Required: Yes
- Type: ControlOperation structure
Errors
-
The input fails to satisfy the constraints specified by an AWS service.
-
Unexpected error during processing of request.
-
User does not have sufficient access to perform this action.
-
Request was denied due to request throttling.
-
Request references a resource which does not exist.
ListEnabledControls
$result = $client->listEnabledControls([/* ... */]); $promise = $client->listEnabledControlsAsync([/* ... */]);
Lists the controls enabled by AWS Control Tower on the specified organizational unit and the accounts it contains.
Parameter Syntax
$result = $client->listEnabledControls([
'maxResults' => <integer>,
'nextToken' => '<string>',
'targetIdentifier' => '<string>', // REQUIRED
]);
Parameter Details
Members
Result Syntax
[
'enabledControls' => [
[
'controlIdentifier' => '<string>',
],
// ...
],
'nextToken' => '<string>',
]
Result Details
Members
- enabledControls
-
- Required: Yes
- Type: Array of EnabledControlSummary structures
Lists the controls enabled by AWS Control Tower on the specified organizational unit and the accounts it contains.
- nextToken
-
- Type: string
Retrieves the next page of results. If the string is empty, the current response is the end of the results.
Errors
-
The input fails to satisfy the constraints specified by an AWS service.
-
Unexpected error during processing of request.
-
User does not have sufficient access to perform this action.
-
Request was denied due to request throttling.
-
Request references a resource which does not exist.
Shapes
AccessDeniedException
Description
User does not have sufficient access to perform this action.
Members
ConflictException
Description
Updating or deleting a resource can cause an inconsistent state.
Members
ControlOperation
Description
An operation performed by the control.
Members
- endTime
-
- Type: timestamp (string|DateTime or anything parsable by strtotime)
The time that the operation finished.
- operationType
-
- Type: string
One of
ENABLE_CONTROLorDISABLE_CONTROL. - startTime
-
- Type: timestamp (string|DateTime or anything parsable by strtotime)
The time that the operation began.
- status
-
- Type: string
One of
IN_PROGRESS,SUCEEDED, orFAILED. - statusMessage
-
- Type: string
If the operation result is
FAILED, this string contains a message explaining why the operation failed.
EnabledControlSummary
Description
A summary of enabled controls.
Members
InternalServerException
Description
Unexpected error during processing of request.
Members
ResourceNotFoundException
Description
Request references a resource which does not exist.
Members
ServiceQuotaExceededException
Description
Request would cause a service quota to be exceeded. The limit is 10 concurrent operations.
Members
ThrottlingException
Description
Request was denied due to request throttling.