CreateOrganization - Amazon WorkMail

CreateOrganization

Creates a new Amazon WorkMail organization. Optionally, you can choose to associate an existing AWS Directory Service directory with your organization. If an AWS Directory Service directory ID is specified, the organization alias must match the directory alias. If you choose not to associate an existing directory with your organization, then we create a new Amazon WorkMail directory for you. For more information, see Adding an organization in the Amazon WorkMail Administrator Guide.

You can associate multiple email domains with an organization, then set your default email domain from the Amazon WorkMail console. You can also associate a domain that is managed in an Amazon Route 53 public hosted zone. For more information, see Adding a domain and Choosing the default domain in the Amazon WorkMail Administrator Guide.

Optionally, you can use a customer managed master key from AWS Key Management Service (AWS KMS) to encrypt email for your organization. If you don't associate an AWS KMS key, Amazon WorkMail creates a default AWS managed master key for you.

Request Syntax

{ "Alias": "string", "ClientToken": "string", "DirectoryId": "string", "Domains": [ { "DomainName": "string", "HostedZoneId": "string" } ], "EnableInteroperability": boolean, "KmsKeyArn": "string" }

Request Parameters

For information about the parameters that are common to all actions, see Common Parameters.

The request accepts the following data in JSON format.

Alias

The organization alias.

Type: String

Length Constraints: Minimum length of 1. Maximum length of 62.

Pattern: ^(?!d-)([\da-zA-Z]+)([-][\da-zA-Z]+)*

Required: Yes

ClientToken

The idempotency token associated with the request.

Type: String

Length Constraints: Minimum length of 1. Maximum length of 128.

Pattern: [\x21-\x7e]+

Required: No

DirectoryId

The AWS Directory Service directory ID.

Type: String

Length Constraints: Fixed length of 12.

Pattern: ^d-[0-9a-f]{10}$

Required: No

Domains

The email domains to associate with the organization.

Type: Array of Domain objects

Array Members: Minimum number of 0 items. Maximum number of 5 items.

Required: No

EnableInteroperability

When true, allows organization interoperability between Amazon WorkMail and Microsoft Exchange. Can only be set to true if an AD Connector directory ID is included in the request.

Type: Boolean

Required: No

KmsKeyArn

The Amazon Resource Name (ARN) of a customer managed master key from AWS KMS.

Type: String

Length Constraints: Minimum length of 20. Maximum length of 2048.

Pattern: arn:aws:kms:[a-z0-9-]*:[a-z0-9-]+:[A-Za-z0-9][A-Za-z0-9:_/+=,@.-]{0,1023}

Required: No

Response Syntax

{ "OrganizationId": "string" }

Response Elements

If the action is successful, the service sends back an HTTP 200 response.

The following data is returned in JSON format by the service.

OrganizationId

The organization ID.

Type: String

Length Constraints: Fixed length of 34.

Pattern: ^m-[0-9a-f]{32}$

Errors

For information about the errors that are common to all actions, see Common Errors.

DirectoryInUseException

The directory is already in use by another WorkMail organization in the same account and Region.

HTTP Status Code: 400

DirectoryUnavailableException

The directory is unavailable. It might be located in another Region or deleted.

HTTP Status Code: 400

InvalidParameterException

One or more of the input parameters don't match the service's restrictions.

HTTP Status Code: 400

LimitExceededException

The request exceeds the limit of the resource.

HTTP Status Code: 400

NameAvailabilityException

The user, group, or resource name isn't unique in Amazon WorkMail.

HTTP Status Code: 400

See Also

For more information about using this API in one of the language-specific AWS SDKs, see the following: