Members - Amazon Macie

Members

The Members resource provides information about all the accounts that are currently associated with your Amazon Macie account, typically a Macie administrator account. For each account, this resource provides details such as the AWS account ID for the account and the current status of the relationship between your accounts. If you sent a Macie membership invitation to an account, this resource also indicates when you sent that invitation and the email address that you sent it to. For information about the relationship between administrator and member accounts, see Managing multiple accounts in the Amazon Macie User Guide.

If you want to associate additional accounts with your Macie account, you can use this resource to do so. You can then invite those accounts to enable Macie and allow you to administer and manage Macie on their behalf. For more information, see Managing multiple accounts by invitation in the Amazon Macie User Guide.

You can use the Members resource to associate one or more accounts with your Macie account. You can also use this resource to retrieve information about the accounts that are currently associated with your Macie account.

URI

/members

HTTP methods

GET

Operation ID: ListMembers

Retrieves information about the accounts that are associated with an Amazon Macie administrator account.

Query parameters
NameTypeRequiredDescription
onlyAssociatedStringFalse

Specifies which accounts to include in the response, based on the status of an account's relationship with the administrator account. By default, the response includes only current member accounts. To include all accounts, set this value to false.

nextTokenStringFalse

The nextToken string that specifies which page of results to return in a paginated response.

maxResultsStringFalse

The maximum number of items to include in each page of a paginated response.

Responses
Status codeResponse modelDescription
200ListMembersResponse

The request succeeded.

400ValidationException

The request failed because the input doesn't satisfy the constraints specified by the service.

402ServiceQuotaExceededException

The request failed because fulfilling the request would exceed one or more service quotas for your account.

403AccessDeniedException

The request was denied because you don't have sufficient access to the specified resource.

404ResourceNotFoundException

The request failed because the specified resource wasn't found.

409ConflictException

The request failed because it conflicts with the current state of the specified resource.

429ThrottlingException

The request failed because you sent too many requests during a certain amount of time.

500InternalServerException

The request failed due to an unknown internal server error, exception, or failure.

POST

Operation ID: CreateMember

Associates an account with an Amazon Macie administrator account.

Responses
Status codeResponse modelDescription
200CreateMemberResponse

The request succeeded.

400ValidationException

The request failed because the input doesn't satisfy the constraints specified by the service.

402ServiceQuotaExceededException

The request failed because fulfilling the request would exceed one or more service quotas for your account.

403AccessDeniedException

The request was denied because you don't have sufficient access to the specified resource.

404ResourceNotFoundException

The request failed because the specified resource wasn't found.

409ConflictException

The request failed because it conflicts with the current state of the specified resource.

429ThrottlingException

The request failed because you sent too many requests during a certain amount of time.

500InternalServerException

The request failed due to an unknown internal server error, exception, or failure.

Schemas

Request bodies

{ "account": { "accountId": "string", "email": "string" }, "tags": { } }

Response bodies

{ "members": [ { "accountId": "string", "administratorAccountId": "string", "arn": "string", "email": "string", "invitedAt": "string", "masterAccountId": "string", "relationshipStatus": enum, "tags": { }, "updatedAt": "string" } ], "nextToken": "string" }
{ "arn": "string" }
{ "message": "string" }
{ "message": "string" }
{ "message": "string" }
{ "message": "string" }
{ "message": "string" }
{ "message": "string" }
{ "message": "string" }

Properties

AccessDeniedException

Provides information about an error that occurred due to insufficient access to a specified resource.

PropertyTypeRequiredDescription
message

string

False

The explanation of the error that occurred.

AccountDetail

Specifies the details of an account to associate with an Amazon Macie administrator account.

PropertyTypeRequiredDescription
accountId

string

True

The AWS account ID for the account.

email

string

True

The email address for the account.

ConflictException

Provides information about an error that occurred due to a versioning conflict for a specified resource.

PropertyTypeRequiredDescription
message

string

False

The explanation of the error that occurred.

CreateMemberRequest

Specifies an AWS account to associate with an Amazon Macie administrator account.

PropertyTypeRequiredDescription
account

AccountDetail

True

The details of the account to associate with the administrator account.

tags

TagMap

False

A map of key-value pairs that specifies the tags to associate with the account in Amazon Macie.

An account can have a maximum of 50 tags. Each tag consists of a tag key and an associated tag value. The maximum length of a tag key is 128 characters. The maximum length of a tag value is 256 characters.

CreateMemberResponse

Provides information about a request to associate an account with an Amazon Macie administrator account.

PropertyTypeRequiredDescription
arn

string

False

The Amazon Resource Name (ARN) of the account that was associated with the administrator account.

InternalServerException

Provides information about an error that occurred due to an unknown internal server error, exception, or failure.

PropertyTypeRequiredDescription
message

string

False

The explanation of the error that occurred.

ListMembersResponse

Provides information about the accounts that are associated with an Amazon Macie administrator account.

PropertyTypeRequiredDescription
members

Array of type Member

False

An array of objects, one for each account that's associated with the administrator account and matches the criteria specified in the request.

nextToken

string

False

The string to use in a subsequent request to get the next page of results in a paginated response. This value is null if there are no additional pages.

Member

Provides information about an account that's associated with an Amazon Macie administrator account.

PropertyTypeRequiredDescription
accountId

string

False

The AWS account ID for the account.

administratorAccountId

string

False

The AWS account ID for the administrator account.

arn

string

False

The Amazon Resource Name (ARN) of the account.

email

string

False

The email address for the account. This value is null if the account is associated with the administrator account through AWS Organizations.

invitedAt

string

Format: date-time

False

The date and time, in UTC and extended ISO 8601 format, when an Amazon Macie membership invitation was last sent to the account. This value is null if a Macie membership invitation hasn't been sent to the account.

masterAccountId

string

False

(Deprecated) The AWS account ID for the administrator account. This property has been replaced by the administratorAccountId property and is retained only for backward compatibility.

relationshipStatus

RelationshipStatus

False

The current status of the relationship between the account and the administrator account.

tags

TagMap

False

A map of key-value pairs that specifies which tags (keys and values) are associated with the account in Amazon Macie.

updatedAt

string

Format: date-time

False

The date and time, in UTC and extended ISO 8601 format, of the most recent change to the status of the relationship between the account and the administrator account.

RelationshipStatus

The current status of the relationship between an account and an associated Amazon Macie administrator account. Possible values are:

  • Enabled

  • Paused

  • Invited

  • Created

  • Removed

  • Resigned

  • EmailVerificationInProgress

  • EmailVerificationFailed

  • RegionDisabled

  • AccountSuspended

ResourceNotFoundException

Provides information about an error that occurred because a specified resource wasn't found.

PropertyTypeRequiredDescription
message

string

False

The explanation of the error that occurred.

ServiceQuotaExceededException

Provides information about an error that occurred due to one or more service quotas for an account.

PropertyTypeRequiredDescription
message

string

False

The explanation of the error that occurred.

TagMap

A string-to-string map of key-value pairs that specifies the tags (keys and values) for an Amazon Macie resource.

PropertyTypeRequiredDescription

*

string

False

ThrottlingException

Provides information about an error that occurred because too many requests were sent during a certain amount of time.

PropertyTypeRequiredDescription
message

string

False

The explanation of the error that occurred.

ValidationException

Provides information about an error that occurred due to a syntax error in a request.

PropertyTypeRequiredDescription
message

string

False

The explanation of the error that occurred.

See also

For more information about using this API in one of the language-specific AWS SDKs and references, see the following:

ListMembers

CreateMember