Lists the access control rules for the specified organization.
See also: AWS API Documentation
See ‘aws help’ for descriptions of global parameters.
list-access-control-rules
--organization-id <value>
[--cli-input-json | --cli-input-yaml]
[--generate-cli-skeleton <value>]
--organization-id
(string)
The identifier for the organization.
--cli-input-json
| --cli-input-yaml
(string)
Reads arguments from the JSON string provided. The JSON string follows the format provided by --generate-cli-skeleton
. If other arguments are provided on the command line, those values will override the JSON-provided values. It is not possible to pass arbitrary binary values using a JSON-provided value as the string will be taken literally. This may not be specified along with --cli-input-yaml
.
--generate-cli-skeleton
(string)
Prints a JSON skeleton to standard output without sending an API request. If provided with no value or the value input
, prints a sample input JSON that can be used as an argument for --cli-input-json
. Similarly, if provided yaml-input
it will print a sample input YAML that can be used with --cli-input-yaml
. If provided with the value output
, it validates the command inputs and returns a sample output JSON for that command.
See ‘aws help’ for descriptions of global parameters.
To list access control rules
The following list-access-control-rules
example lists the access control rules for the specified Amazon WorkMail organization.
aws workmail list-access-control-rules \
--organization-id m-n1pq2345678r901st2u3vx45x6789yza
Output:
{
"Rules": [
{
"Name": "default",
"Effect": "ALLOW",
"Description": "Default WorkMail Rule",
"DateCreated": 0.0,
"DateModified": 0.0
},
{
"Name": "myRule",
"Effect": "DENY",
"Description": "my rule",
"UserIds": [
"S-1-1-11-1111111111-2222222222-3333333333-3333"
],
"DateCreated": 1581635628.0,
"DateModified": 1581635628.0
}
]
}
For more information, see Working with Access Control Rules in the Amazon WorkMail Administrator Guide.
Rules -> (list)
The access control rules.
(structure)
A rule that controls access to an Amazon WorkMail organization.
Name -> (string)
The rule name.
Effect -> (string)
The rule effect.
Description -> (string)
The rule description.
IpRanges -> (list)
IPv4 CIDR ranges to include in the rule.
(string)
NotIpRanges -> (list)
IPv4 CIDR ranges to exclude from the rule.
(string)
Actions -> (list)
Access protocol actions to include in the rule. Valid values include
ActiveSync
,AutoDiscover
,EWS
,IMAP
,SMTP
,WindowsOutlook
, andWebMail
.(string)
NotActions -> (list)
Access protocol actions to exclude from the rule. Valid values include
ActiveSync
,AutoDiscover
,EWS
,IMAP
,SMTP
,WindowsOutlook
, andWebMail
.(string)
UserIds -> (list)
User IDs to include in the rule.
(string)
NotUserIds -> (list)
User IDs to exclude from the rule.
(string)
DateCreated -> (timestamp)
The date that the rule was created.
DateModified -> (timestamp)
The date that the rule was modified.