list-access-control-rules¶

Description¶

Lists the access control rules for the specified organization.

Synopsis¶

  list-access-control-rules
--organization-id <value>
[--cli-input-json | --cli-input-yaml]
[--generate-cli-skeleton <value>]
[--cli-auto-prompt <value>]

Options¶

--organization-id (string)

The identifier for the organization.

--cli-input-json | --cli-input-yaml (string) Reads arguments from the JSON string provided. The JSON string follows the format provided by --generate-cli-skeleton. If other arguments are provided on the command line, those values will override the JSON-provided values. It is not possible to pass arbitrary binary values using a JSON-provided value as the string will be taken literally. This may not be specified along with --cli-input-yaml.

--generate-cli-skeleton (string) Prints a JSON skeleton to standard output without sending an API request. If provided with no value or the value input, prints a sample input JSON that can be used as an argument for --cli-input-json. Similarly, if provided yaml-input it will print a sample input YAML that can be used with --cli-input-yaml. If provided with the value output, it validates the command inputs and returns a sample output JSON for that command.

--cli-auto-prompt (boolean) Automatically prompt for CLI input parameters.

See ‘aws help’ for descriptions of global parameters.

Examples¶

To list access control rules

The following list-access-control-rules example lists the access control rules for the specified Amazon WorkMail organization.

aws workmail list-access-control-rules \
    --organization-id m-n1pq2345678r901st2u3vx45x6789yza

Output:

{
    "Rules": [
        {
            "Name": "default",
            "Effect": "ALLOW",
            "Description": "Default WorkMail Rule",
            "DateCreated": 0.0,
            "DateModified": 0.0
        },
        {
            "Name": "myRule",
            "Effect": "DENY",
            "Description": "my rule",
            "UserIds": [
            "S-1-1-11-1111111111-2222222222-3333333333-3333"
            ],
            "DateCreated": 1581635628.0,
            "DateModified": 1581635628.0
        }
    ]
}

For more information, see Working with Access Control Rules in the Amazon WorkMail Administrator Guide.

Output¶

Rules -> (list)

The access control rules.

(structure)

A rule that controls access to an Amazon WorkMail organization.

Name -> (string)

The rule name.

Effect -> (string)

The rule effect.

Description -> (string)

The rule description.

IpRanges -> (list)

IPv4 CIDR ranges to include in the rule.

(string)

NotIpRanges -> (list)

IPv4 CIDR ranges to exclude from the rule.

(string)

Actions -> (list)

Access protocol actions to include in the rule. Valid values include ActiveSync , AutoDiscover , EWS , IMAP , SMTP , WindowsOutlook , and WebMail .

(string)

NotActions -> (list)

Access protocol actions to exclude from the rule. Valid values include ActiveSync , AutoDiscover , EWS , IMAP , SMTP , WindowsOutlook , and WebMail .

(string)

UserIds -> (list)

User IDs to include in the rule.

(string)

NotUserIds -> (list)

User IDs to exclude from the rule.

(string)

DateCreated -> (timestamp)

The date that the rule was created.

DateModified -> (timestamp)

The date that the rule was modified.

Table of Contents

Feedback

User Guide