View Source aws_workmail (aws v1.0.4)
WorkMail is a secure, managed business email and calendaring service with support for existing desktop and mobile email clients.
You can access your email, contacts, and calendars using Microsoft Outlook, your browser, or other native iOS and Android email applications. You can integrate WorkMail with your existing corporate directory and control both the keys that encrypt your data and the location in which your data is stored.
The WorkMail API is designed for the following scenarios:
Listing and describing organizations
Managing users
Managing groups
Managing resources
Summary
Functions
Assumes an impersonation role for the given WorkMail organization.
Cancels a mailbox export job.
AvailabilityConfiguration
for the given WorkMail organization and domain.RegisterToWorkMail
operation.Creates an impersonation role for the given WorkMail organization.
Creates a new WorkMail organization.
RegisterToWorkMail
operation.Deletes an access control rule for the specified WorkMail organization.
AvailabilityConfiguration
for the given WorkMail organization and domain.Deletes the mobile device access override for the given WorkMail organization, user, and device.
Deletes a mobile device access rule for the specified WorkMail organization.
Deletes an WorkMail organization and all underlying AWS resources managed by WorkMail as part of the organization.
Deletes a user from WorkMail and all subsequent systems.
Mark a user, group, or resource as no longer used in WorkMail.
Removes a domain from WorkMail, stops email routing to WorkMail, and removes the authorization allowing WorkMail use.
Gets the effects of an organization's access control rules as they apply to a specified IPv4 address, access protocol action, and user ID or impersonation role ID.
Simulates the effect of the mobile device access rules for the given attributes of a sample access event.
AvailabilityConfiguration
's for the given WorkMail organization.Returns an overview of the members of a group.
Lists the delegates associated with a resource.
Adds a new access control rule for the specified organization.
Sets permissions for a user, group, or resource.
Registers a new domain in WorkMail and SES, and configures it for use by WorkMail.
Registers an existing and disabled user, group, or resource for WorkMail use by associating a mailbox and calendaring capabilities.
Starts a mailbox export job to export MIME-format email messages and calendar items from the specified mailbox to the specified Amazon Simple Storage Service (Amazon S3) bucket.
Performs a test on an availability provider to ensure that access is allowed.
AvailabilityConfiguration
for the given WorkMail organization and domain.Updates the default mail domain for an organization.
Updates the primary email for a user, group, or resource.
Updates data for the resource.
Updates data for the user.
Functions
Assumes an impersonation role for the given WorkMail organization.
This method returns an authentication token you can use to make impersonated calls.Cancels a mailbox export job.
If the mailbox export job is near completion, it might not be possible to cancel it.AvailabilityConfiguration
for the given WorkMail organization and domain.
RegisterToWorkMail
operation.
Creates an impersonation role for the given WorkMail organization.
Idempotency ensures that an API request completes no more than one time. With an idempotent request, if the original request completes successfully, any subsequent retries also complete successfully without performing any further actions.Creates a new WorkMail organization.
Optionally, you can choose to associate an existing AWS Directory Service directory with your organization. If an AWS Directory Service directory ID is specified, the organization alias must match the directory alias. If you choose not to associate an existing directory with your organization, then we create a new WorkMail directory for you. For more information, see Adding an organization: https://docs.aws.amazon.com/workmail/latest/adminguide/add_new_organization.html in the WorkMail Administrator Guide.
You can associate multiple email domains with an organization, then choose your default email domain from the WorkMail console. You can also associate a domain that is managed in an Amazon Route 53 public hosted zone. For more information, see Adding a domain: https://docs.aws.amazon.com/workmail/latest/adminguide/add_domain.html and Choosing the default domain: https://docs.aws.amazon.com/workmail/latest/adminguide/default_domain.html in the WorkMail Administrator Guide.
Optionally, you can use a customer managed key from AWS Key Management Service (AWS KMS) to encrypt email for your organization. If you don't associate an AWS KMS key, WorkMail creates a default, AWS managed key for you.RegisterToWorkMail
operation.
Deletes an access control rule for the specified WorkMail organization.
Deleting already deleted and non-existing rules does not produce an error. In those cases, the service sends back an HTTP 200 response with an empty HTTP body.AvailabilityConfiguration
for the given WorkMail organization and domain.
Deletes the mobile device access override for the given WorkMail organization, user, and device.
Deleting already deleted and non-existing overrides does not produce an error. In those cases, the service sends back an HTTP 200 response with an empty HTTP body.Deletes a mobile device access rule for the specified WorkMail organization.
Deleting already deleted and non-existing rules does not produce an error. In those cases, the service sends back an HTTP 200 response with an empty HTTP body.Deletes an WorkMail organization and all underlying AWS resources managed by WorkMail as part of the organization.
You can choose whether to delete the associated directory. For more information, see Removing an organization: https://docs.aws.amazon.com/workmail/latest/adminguide/remove_organization.html in the WorkMail Administrator Guide.Deletes a user from WorkMail and all subsequent systems.
Before you can delete a user, the user state must be DISABLED
. Use the DescribeUser
action to confirm the user state.
Mark a user, group, or resource as no longer used in WorkMail.
This action disassociates the mailbox and schedules it for clean-up. WorkMail keeps mailboxes for 30 days before they are permanently removed. The functionality in the console is Disable.Removes a domain from WorkMail, stops email routing to WorkMail, and removes the authorization allowing WorkMail use.
SES keeps the domain because other applications may use it. You must first remove any email address used by WorkMail entities before you remove the domain.Gets the effects of an organization's access control rules as they apply to a specified IPv4 address, access protocol action, and user ID or impersonation role ID.
You must provide either the user ID or impersonation role ID. Impersonation role ID can only be used with Action EWS.Simulates the effect of the mobile device access rules for the given attributes of a sample access event.
Use this method to test the effects of the current set of mobile device access rules for the WorkMail organization for a particular user's attributes.AvailabilityConfiguration
's for the given WorkMail organization.
Returns an overview of the members of a group.
Users and groups can be members of a group.Lists the delegates associated with a resource.
Users and groups can be resource delegates and answer requests on behalf of the resource.Adds a new access control rule for the specified organization.
The rule allows or denies access to the organization for the specified IPv4 addresses, access protocol actions, user IDs and impersonation IDs. Adding a new rule with the same name as an existing rule replaces the older rule.Sets permissions for a user, group, or resource.
This replaces any pre-existing permissions.Registers a new domain in WorkMail and SES, and configures it for use by WorkMail.
Emails received by SES for this domain are routed to the specified WorkMail organization, and WorkMail has permanent permission to use the specified domain for sending your users' emails.Registers an existing and disabled user, group, or resource for WorkMail use by associating a mailbox and calendaring capabilities.
It performs no change if the user, group, or resource is enabled and fails if the user, group, or resource is deleted. This operation results in the accumulation of costs. For more information, see Pricing: https://aws.amazon.com/workmail/pricing. The equivalent console functionality for this operation is Enable.
Users can either be created by calling theCreateUser
API operation or they can be synchronized from your directory. For more information, see DeregisterFromWorkMail
.
Starts a mailbox export job to export MIME-format email messages and calendar items from the specified mailbox to the specified Amazon Simple Storage Service (Amazon S3) bucket.
For more information, see Exporting mailbox content: https://docs.aws.amazon.com/workmail/latest/adminguide/mail-export.html in the WorkMail Administrator Guide.Performs a test on an availability provider to ensure that access is allowed.
For EWS, it verifies the provided credentials can be used to successfully log in. For Lambda, it verifies that the Lambda function can be invoked and that the resource access policy was configured to deny anonymous access. An anonymous invocation is one done without providing either a SourceArn
or SourceAccount
header.
EwsProvider
or LambdaProvider
) or the DomainName
parameter. If the DomainName
parameter is provided, the configuration stored under the DomainName
will be tested.
AvailabilityConfiguration
for the given WorkMail organization and domain.
Updates the default mail domain for an organization.
The default mail domain is used by the WorkMail AWS Console to suggest an email address when enabling a mail user. You can only have one default domain.Updates the primary email for a user, group, or resource.
The current email is moved into the list of aliases (or swapped between an existing alias and the current primary email), and the email provided in the input is promoted as the primary.Updates data for the resource.
To have the latest information, it must be preceded by aDescribeResource
call. The dataset in the request should be the one expected when performing another DescribeResource
call.
Updates data for the user.
To have the latest information, it must be preceded by aDescribeUser
call. The dataset in the request should be the one expected when performing another DescribeUser
call.