GetAccessControlEffect
Gets the effects of an organization's access control rules as they apply to a specified IPv4 address, access protocol action, and user ID or impersonation role ID. You must provide either the user ID or impersonation role ID. Impersonation role ID can only be used with Action EWS.
Request Syntax
{
"Action": "string",
"ImpersonationRoleId": "string",
"IpAddress": "string",
"OrganizationId": "string",
"UserId": "string"
}Request Parameters
For information about the parameters that are common to all actions, see Common Parameters.
The request accepts the following data in JSON format.
- Action
-
The access protocol action. Valid values include
ActiveSync,AutoDiscover,EWS,IMAP,SMTP,WindowsOutlook, andWebMail.Type: String
Length Constraints: Minimum length of 1. Maximum length of 64.
Pattern:
[a-zA-Z]+Required: Yes
- ImpersonationRoleId
-
The impersonation role ID.
Type: String
Length Constraints: Minimum length of 1. Maximum length of 64.
Pattern:
[a-zA-Z0-9_-]+Required: No
- IpAddress
-
The IPv4 address.
Type: String
Length Constraints: Minimum length of 1. Maximum length of 15.
Pattern:
^(([0-9]|[1-9][0-9]|1[0-9]{2}|2[0-4][0-9]|25[0-5])\.){3}([0-9]|[1-9][0-9]|1[0-9]{2}|2[0-4][0-9]|25[0-5])$Required: Yes
- OrganizationId
-
The identifier for the organization.
Type: String
Length Constraints: Fixed length of 34.
Pattern:
^m-[0-9a-f]{32}$Required: Yes
- UserId
-
The user ID.
Type: String
Length Constraints: Minimum length of 12. Maximum length of 256.
Required: No
Response Syntax
{
"Effect": "string",
"MatchedRules": [ "string" ]
}Response Elements
If the action is successful, the service sends back an HTTP 200 response.
The following data is returned in JSON format by the service.
- Effect
-
The rule effect.
Type: String
Valid Values:
ALLOW | DENY - MatchedRules
-
The rules that match the given parameters, resulting in an effect.
Type: Array of strings
Array Members: Minimum number of 0 items. Maximum number of 10 items.
Length Constraints: Minimum length of 1. Maximum length of 64.
Pattern:
[a-zA-Z0-9_-]+
Errors
For information about the errors that are common to all actions, see Common Errors.
- EntityNotFoundException
-
The identifier supplied for the user, group, or resource does not exist in your organization.
HTTP Status Code: 400
- InvalidParameterException
-
One or more of the input parameters don't match the service's restrictions.
HTTP Status Code: 400
- OrganizationNotFoundException
-
An operation received a valid organization identifier that either doesn't belong or exist in the system.
HTTP Status Code: 400
- OrganizationStateException
-
The organization must have a valid state to perform certain operations on the organization or its members.
HTTP Status Code: 400
- ResourceNotFoundException
-
The resource cannot be found.
HTTP Status Code: 400
See Also
For more information about using this API in one of the language-specific AWS SDKs, see the following:
