- Navigation GuideYou are on a Command (operation) page with structural examples. Use the navigation breadcrumb if you would like to return to the Client landing page.
PutAccessControlRuleCommand
Adds a new access control rule for the specified organization. The rule allows or denies access to the organization for the specified IPv4 addresses, access protocol actions, user IDs and impersonation IDs. Adding a new rule with the same name as an existing rule replaces the older rule.
Example Syntax
Use a bare-bones client and the command you need to make an API call.
import { WorkMailClient, PutAccessControlRuleCommand } from "@aws-sdk/client-workmail"; // ES Modules import
// const { WorkMailClient, PutAccessControlRuleCommand } = require("@aws-sdk/client-workmail"); // CommonJS import
const client = new WorkMailClient(config);
const input = { // PutAccessControlRuleRequest
Name: "STRING_VALUE", // required
Effect: "ALLOW" || "DENY", // required
Description: "STRING_VALUE", // required
IpRanges: [ // IpRangeList
"STRING_VALUE",
],
NotIpRanges: [
"STRING_VALUE",
],
Actions: [ // ActionsList
"STRING_VALUE",
],
NotActions: [
"STRING_VALUE",
],
UserIds: [ // UserIdList
"STRING_VALUE",
],
NotUserIds: [
"STRING_VALUE",
],
OrganizationId: "STRING_VALUE", // required
ImpersonationRoleIds: [ // ImpersonationRoleIdList
"STRING_VALUE",
],
NotImpersonationRoleIds: [
"STRING_VALUE",
],
};
const command = new PutAccessControlRuleCommand(input);
const response = await client.send(command);
// {};
PutAccessControlRuleCommand Input
Parameter | Type | Description |
|---|
Parameter | Type | Description |
|---|---|---|
DescriptionRequired | string | undefined | The rule description. |
EffectRequired | AccessControlRuleEffect | undefined | The rule effect. |
NameRequired | string | undefined | The rule name. |
OrganizationIdRequired | string | undefined | The identifier of the organization. |
Actions | string[] | undefined | Access protocol actions to include in the rule. Valid values include |
ImpersonationRoleIds | string[] | undefined | Impersonation role IDs to include in the rule. |
IpRanges | string[] | undefined | IPv4 CIDR ranges to include in the rule. |
NotActions | string[] | undefined | Access protocol actions to exclude from the rule. Valid values include |
NotImpersonationRoleIds | string[] | undefined | Impersonation role IDs to exclude from the rule. |
NotIpRanges | string[] | undefined | IPv4 CIDR ranges to exclude from the rule. |
NotUserIds | string[] | undefined | User IDs to exclude from the rule. |
UserIds | string[] | undefined | User IDs to include in the rule. |
PutAccessControlRuleCommand Output
Parameter | Type | Description |
|---|
Parameter | Type | Description |
|---|---|---|
$metadataRequired | ResponseMetadata | Metadata pertaining to this request. |
Throws
Name | Fault | Details |
|---|
Name | Fault | Details |
|---|---|---|
| EntityNotFoundException | client | The identifier supplied for the user, group, or resource does not exist in your organization. |
| InvalidParameterException | client | One or more of the input parameters don't match the service's restrictions. |
| LimitExceededException | client | The request exceeds the limit of the resource. |
| OrganizationNotFoundException | client | An operation received a valid organization identifier that either doesn't belong or exist in the system. |
| OrganizationStateException | client | The organization must have a valid state to perform certain operations on the organization or its members. |
| ResourceNotFoundException | client | The resource cannot be found. |
| WorkMailServiceException | Base exception class for all service exceptions from WorkMail service. |