UpdateCrossAccountAttachment - AWS Global Accelerator
Request SyntaxRequest ParametersResponse SyntaxResponse ElementsErrorsSee Also

UpdateCrossAccountAttachment

Update a cross-account attachment to add or remove principals or resources. When you update an attachment to remove a principal (account ID or accelerator) or a resource, AWS Global Accelerator revokes the permission for specific resources.

For more information, see Working with cross-account attachments and resources in AWS Global Accelerator in the AWS Global Accelerator Developer Guide.

Request Syntax

{
   "AddPrincipals": [ "string" ],
   "AddResources": [ 
      { 
         "Cidr": "string",
         "EndpointId": "string",
         "Region": "string"
      }
   ],
   "AttachmentArn": "string",
   "Name": "string",
   "RemovePrincipals": [ "string" ],
   "RemoveResources": [ 
      { 
         "Cidr": "string",
         "EndpointId": "string",
         "Region": "string"
      }
   ]
}

Request Parameters

For information about the parameters that are common to all actions, see Common Parameters.

The request accepts the following data in JSON format.

AddPrincipals

The principals to add to the cross-account attachment. A principal is an account or the Amazon Resource Name (ARN) of an accelerator that the attachment gives permission to work with resources from another account. The resources are also listed in the attachment.

To add more than one principal, separate the account numbers or accelerator ARNs, or both, with commas.

Type: Array of strings

Length Constraints: Maximum length of 256.

Pattern: (^\d{12}$|arn:.*)

Required: No

AddResources

The resources to add to the cross-account attachment. A resource listed in a cross-account attachment can be used with an accelerator by the principals that are listed in the attachment.

To add more than one resource, separate the resource ARNs with commas.

Type: Array of Resource objects

Required: No

AttachmentArn

The Amazon Resource Name (ARN) of the cross-account attachment to update.

Type: String

Length Constraints: Maximum length of 255.

Required: Yes

Name

The name of the cross-account attachment.

Type: String

Length Constraints: Maximum length of 64.

Pattern: [\S\s]+

Required: No

RemovePrincipals

The principals to remove from the cross-account attachment. A principal is an account or the Amazon Resource Name (ARN) of an accelerator that the attachment gives permission to work with resources from another account. The resources are also listed in the attachment.

To remove more than one principal, separate the account numbers or accelerator ARNs, or both, with commas.

Type: Array of strings

Length Constraints: Maximum length of 256.

Pattern: (^\d{12}$|arn:.*)

Required: No

RemoveResources

The resources to remove from the cross-account attachment. A resource listed in a cross-account attachment can be used with an accelerator by the principals that are listed in the attachment.

To remove more than one resource, separate the resource ARNs with commas.

Type: Array of Resource objects

Required: No

Response Syntax

{
   "CrossAccountAttachment": { 
      "AttachmentArn": "string",
      "CreatedTime": number,
      "LastModifiedTime": number,
      "Name": "string",
      "Principals": [ "string" ],
      "Resources": [ 
         { 
            "Cidr": "string",
            "EndpointId": "string",
            "Region": "string"
         }
      ]
   }
}

Response Elements

If the action is successful, the service sends back an HTTP 200 response.

The following data is returned in JSON format by the service.

CrossAccountAttachment

Information about the updated cross-account attachment.

Type: Attachment object

Errors

For information about the errors that are common to all actions, see Common Errors.

AccessDeniedException

You don't have access permission.

HTTP Status Code: 400

AttachmentNotFoundException

No cross-account attachment was found.

HTTP Status Code: 400

InternalServiceErrorException

There was an internal error for AWS Global Accelerator.

HTTP Status Code: 400

InvalidArgumentException

An argument that you specified is invalid.

HTTP Status Code: 400

LimitExceededException

Processing your request would cause you to exceed an AWS Global Accelerator limit.

HTTP Status Code: 400

TransactionInProgressException

There's already a transaction in progress. Another transaction can't be processed.

HTTP Status Code: 400

See Also

For more information about using this API in one of the language-specific AWS SDKs, see the following: