EnableControl
This API call activates a control. It starts an asynchronous operation that creates AWS resources on the specified organizational unit and the accounts it contains. The resources created will vary according to the control that you specify. For usage examples, see the AWS Control Tower User Guide.
Request Syntax
POST /enable-control HTTP/1.1
Content-type: application/json
{
"controlIdentifier": "string",
"parameters": [
{
"key": "string",
"value": JSON value
}
],
"tags": {
"string" : "string"
},
"targetIdentifier": "string"
}URI Request Parameters
The request does not use any URI parameters.
Request Body
The request accepts the following data in JSON format.
- controlIdentifier
-
The ARN of the control. Only Strongly recommended and Elective controls are permitted, with the exception of the Region deny control. For information on how to find the
controlIdentifier, see the overview page.Type: String
Length Constraints: Minimum length of 20. Maximum length of 2048.
Pattern:
^arn:aws[0-9a-zA-Z_\-:\/]+$Required: Yes
- parameters
-
A list of input parameter values, which are specified to configure the control when you enable it.
Type: Array of EnabledControlParameter objects
Required: No
-
Tags to be applied to the
EnabledControlresource.Type: String to string map
Map Entries: Minimum number of 0 items. Maximum number of 200 items.
Key Length Constraints: Minimum length of 1. Maximum length of 128.
Value Length Constraints: Minimum length of 0. Maximum length of 256.
Required: No
- targetIdentifier
-
The ARN of the organizational unit. For information on how to find the
targetIdentifier, see the overview page.Type: String
Length Constraints: Minimum length of 20. Maximum length of 2048.
Pattern:
^arn:aws[0-9a-zA-Z_\-:\/]+$Required: Yes
Response Syntax
HTTP/1.1 200
Content-type: application/json
{
"arn": "string",
"operationIdentifier": "string"
}Response Elements
If the action is successful, the service sends back an HTTP 200 response.
The following data is returned in JSON format by the service.
- arn
-
The ARN of the
EnabledControlresource.Type: String
Length Constraints: Minimum length of 20. Maximum length of 2048.
Pattern:
^arn:aws[0-9a-zA-Z_\-:\/]+$ - operationIdentifier
-
The ID of the asynchronous operation, which is used to track status. The operation is available for 90 days.
Type: String
Length Constraints: Fixed length of 36.
Pattern:
^[a-f0-9]{8}-[a-f0-9]{4}-[a-f0-9]{4}-[a-f0-9]{4}-[a-f0-9]{12}$
Errors
For information about the errors that are common to all actions, see Common Errors.
- AccessDeniedException
-
You do not have sufficient access to perform this action.
HTTP Status Code: 403
- ConflictException
-
Updating or deleting the resource can cause an inconsistent state.
HTTP Status Code: 409
- InternalServerException
-
An unexpected error occurred during processing of a request.
HTTP Status Code: 500
- ResourceNotFoundException
-
The request references a resource that does not exist.
HTTP Status Code: 404
- ServiceQuotaExceededException
-
The request would cause a service quota to be exceeded. The limit is 10 concurrent operations.
HTTP Status Code: 402
- ThrottlingException
-
The request was denied due to request throttling.
HTTP Status Code: 429
- ValidationException
-
The input does not satisfy the constraints specified by an AWS service.
HTTP Status Code: 400
See Also
For more information about using this API in one of the language-specific AWS SDKs, see the following:
