aws-sdk-workmail 1.20.0 → 1.21.0

checksums.yaml

@@ -1,7 +1,7 @@
 ---
 SHA1:
-  metadata.gz: abcf0d3fe9c74b6e9acab706ad70ba749b67af87
-  data.tar.gz: dd567f3a0d0e9cc72129ccbf4545ac903fbf4716
+  metadata.gz: a5c1a31caca5a34b43b3793f9a5205aa5df5acf6
+  data.tar.gz: 90bfa47e61f9cf814476d1c9e1a0ad9a0c9d43a0
 SHA512:
-  metadata.gz: 7a4245226613f72de0c24f02b03c8c261b7c37913bf938e65d5906aa17e7017c8b53e95f1f912dcd699e6edbb9205d5ea3489516fd693d7e1b0eba5cc9793cff
-  data.tar.gz: 909bbae39a1a3aa689739b66830fede36d3a23279306db11016e3807cf0dfdab3a24a82cd66c658bc4330b30e21dd7a9ee5264ecdf2ed623da41336692cf41b7
+  metadata.gz: c6dd425a6372cb24aa40b50059d977443be97a94625fc3cd7c0222727860e2c3bb72db6185cdfb769999ef1aab1fdb3af342bd682bb786b82e809ecf6366e8db
+  data.tar.gz: bef43b086a68227097bd674e097035472dac6dfd94b21db4acfb03e7d8fa0ff482e39ab655a3591bfc4fb448575c34514d67294180bdb9d9602d7d8fc409054e

data/lib/aws-sdk-workmail.rb

@@ -42,6 +42,6 @@ require_relative 'aws-sdk-workmail/customizations'
 # @service
 module Aws::WorkMail
 
-  GEM_VERSION = '1.20.0'
+  GEM_VERSION = '1.21.0'
 
 end

data/lib/aws-sdk-workmail/client.rb

@@ -468,6 +468,33 @@ module Aws::WorkMail
       req.send_request(options)
     end
 
+    # Deletes an access control rule for the specified WorkMail
+    # organization.
+    #
+    # @option params [String] :organization_id
+    #   The identifier for the organization.
+    #
+    # @option params [required, String] :name
+    #   The name of the access control rule.
+    #
+    # @return [Struct] Returns an empty {Seahorse::Client::Response response}.
+    #
+    # @example Request syntax with placeholder values
+    #
+    #   resp = client.delete_access_control_rule({
+    #     organization_id: "OrganizationId",
+    #     name: "AccessControlRuleName", # required
+    #   })
+    #
+    # @see http://docs.aws.amazon.com/goto/WebAPI/workmail-2017-10-01/DeleteAccessControlRule AWS API Documentation
+    #
+    # @overload delete_access_control_rule(params = {})
+    # @param [Hash] params ({})
+    def delete_access_control_rule(params = {}, options = {})
+      req = build_request(:delete_access_control_rule, params)
+      req.send_request(options)
+    end
+
     # Remove one or more specified aliases from a set of aliases for a given
     # user.
     #
@@ -892,6 +919,52 @@ module Aws::WorkMail
       req.send_request(options)
     end
 
+    # Gets the effects of an organization's access control rules as they
+    # apply to a specified IPv4 address, access protocol action, or user ID.
+    #
+    # @option params [required, String] :organization_id
+    #   The identifier for the organization.
+    #
+    # @option params [required, String] :ip_address
+    #   The IPv4 address.
+    #
+    # @option params [required, String] :action
+    #   The access protocol action. Valid values include `ActiveSync`,
+    #   `AutoDiscover`, `EWS`, `IMAP`, `SMTP`, `WindowsOutlook`, and
+    #   `WebMail`.
+    #
+    # @option params [required, String] :user_id
+    #   The user ID.
+    #
+    # @return [Types::GetAccessControlEffectResponse] Returns a {Seahorse::Client::Response response} object which responds to the following methods:
+    #
+    #   * {Types::GetAccessControlEffectResponse#effect #effect} => String
+    #   * {Types::GetAccessControlEffectResponse#matched_rules #matched_rules} => Array<String>
+    #
+    # @example Request syntax with placeholder values
+    #
+    #   resp = client.get_access_control_effect({
+    #     organization_id: "OrganizationId", # required
+    #     ip_address: "IpAddress", # required
+    #     action: "AccessControlRuleAction", # required
+    #     user_id: "WorkMailIdentifier", # required
+    #   })
+    #
+    # @example Response structure
+    #
+    #   resp.effect #=> String, one of "ALLOW", "DENY"
+    #   resp.matched_rules #=> Array
+    #   resp.matched_rules[0] #=> String
+    #
+    # @see http://docs.aws.amazon.com/goto/WebAPI/workmail-2017-10-01/GetAccessControlEffect AWS API Documentation
+    #
+    # @overload get_access_control_effect(params = {})
+    # @param [Hash] params ({})
+    def get_access_control_effect(params = {}, options = {})
+      req = build_request(:get_access_control_effect, params)
+      req.send_request(options)
+    end
+
     # Requests a user's mailbox details for a specified organization and
     # user.
     #
@@ -928,6 +1001,51 @@ module Aws::WorkMail
       req.send_request(options)
     end
 
+    # Lists the access control rules for the specified organization.
+    #
+    # @option params [required, String] :organization_id
+    #   The identifier for the organization.
+    #
+    # @return [Types::ListAccessControlRulesResponse] Returns a {Seahorse::Client::Response response} object which responds to the following methods:
+    #
+    #   * {Types::ListAccessControlRulesResponse#rules #rules} => Array<Types::AccessControlRule>
+    #
+    # @example Request syntax with placeholder values
+    #
+    #   resp = client.list_access_control_rules({
+    #     organization_id: "OrganizationId", # required
+    #   })
+    #
+    # @example Response structure
+    #
+    #   resp.rules #=> Array
+    #   resp.rules[0].name #=> String
+    #   resp.rules[0].effect #=> String, one of "ALLOW", "DENY"
+    #   resp.rules[0].description #=> String
+    #   resp.rules[0].ip_ranges #=> Array
+    #   resp.rules[0].ip_ranges[0] #=> String
+    #   resp.rules[0].not_ip_ranges #=> Array
+    #   resp.rules[0].not_ip_ranges[0] #=> String
+    #   resp.rules[0].actions #=> Array
+    #   resp.rules[0].actions[0] #=> String
+    #   resp.rules[0].not_actions #=> Array
+    #   resp.rules[0].not_actions[0] #=> String
+    #   resp.rules[0].user_ids #=> Array
+    #   resp.rules[0].user_ids[0] #=> String
+    #   resp.rules[0].not_user_ids #=> Array
+    #   resp.rules[0].not_user_ids[0] #=> String
+    #   resp.rules[0].date_created #=> Time
+    #   resp.rules[0].date_modified #=> Time
+    #
+    # @see http://docs.aws.amazon.com/goto/WebAPI/workmail-2017-10-01/ListAccessControlRules AWS API Documentation
+    #
+    # @overload list_access_control_rules(params = {})
+    # @param [Hash] params ({})
+    def list_access_control_rules(params = {}, options = {})
+      req = build_request(:list_access_control_rules, params)
+      req.send_request(options)
+    end
+
     # Creates a paginated call to list the aliases associated with a given
     # entity.
     #
@@ -1328,6 +1446,71 @@ module Aws::WorkMail
       req.send_request(options)
     end
 
+    # Adds a new access control rule for the specified organization. The
+    # rule allows or denies access to the organization for the specified
+    # IPv4 addresses, access protocol actions, and user IDs. Adding a new
+    # rule with the same name as an existing rule replaces the older rule.
+    #
+    # @option params [required, String] :name
+    #   The rule name.
+    #
+    # @option params [required, String] :effect
+    #   The rule effect.
+    #
+    # @option params [required, String] :description
+    #   The rule description.
+    #
+    # @option params [Array<String>] :ip_ranges
+    #   IPv4 CIDR ranges to include in the rule.
+    #
+    # @option params [Array<String>] :not_ip_ranges
+    #   IPv4 CIDR ranges to exclude from the rule.
+    #
+    # @option params [Array<String>] :actions
+    #   Access protocol actions to include in the rule. Valid values include
+    #   `ActiveSync`, `AutoDiscover`, `EWS`, `IMAP`, `SMTP`, `WindowsOutlook`,
+    #   and `WebMail`.
+    #
+    # @option params [Array<String>] :not_actions
+    #   Access protocol actions to exclude from the rule. Valid values include
+    #   `ActiveSync`, `AutoDiscover`, `EWS`, `IMAP`, `SMTP`, `WindowsOutlook`,
+    #   and `WebMail`.
+    #
+    # @option params [Array<String>] :user_ids
+    #   User IDs to include in the rule.
+    #
+    # @option params [Array<String>] :not_user_ids
+    #   User IDs to exclude from the rule.
+    #
+    # @option params [required, String] :organization_id
+    #   The identifier of the organization.
+    #
+    # @return [Struct] Returns an empty {Seahorse::Client::Response response}.
+    #
+    # @example Request syntax with placeholder values
+    #
+    #   resp = client.put_access_control_rule({
+    #     name: "AccessControlRuleName", # required
+    #     effect: "ALLOW", # required, accepts ALLOW, DENY
+    #     description: "AccessControlRuleDescription", # required
+    #     ip_ranges: ["IpRange"],
+    #     not_ip_ranges: ["IpRange"],
+    #     actions: ["AccessControlRuleAction"],
+    #     not_actions: ["AccessControlRuleAction"],
+    #     user_ids: ["WorkMailIdentifier"],
+    #     not_user_ids: ["WorkMailIdentifier"],
+    #     organization_id: "OrganizationId", # required
+    #   })
+    #
+    # @see http://docs.aws.amazon.com/goto/WebAPI/workmail-2017-10-01/PutAccessControlRule AWS API Documentation
+    #
+    # @overload put_access_control_rule(params = {})
+    # @param [Hash] params ({})
+    def put_access_control_rule(params = {}, options = {})
+      req = build_request(:put_access_control_rule, params)
+      req.send_request(options)
+    end
+
     # Sets permissions for a user, group, or resource. This replaces any
     # pre-existing permissions.
     #
@@ -1386,7 +1569,7 @@ module Aws::WorkMail
     #
     #
     #
-    # [1]: https://aws.amazon.com//workmail/pricing
+    # [1]: https://aws.amazon.com/workmail/pricing
     #
     # @option params [required, String] :organization_id
     #   The identifier for the organization under which the user, group, or
@@ -1627,7 +1810,7 @@ module Aws::WorkMail
         params: params,
         config: config)
       context[:gem_name] = 'aws-sdk-workmail'
-      context[:gem_version] = '1.20.0'
+      context[:gem_version] = '1.21.0'
       Seahorse::Client::Request.new(handlers, context)
     end
 

data/lib/aws-sdk-workmail/client_api.rb

@@ -11,6 +11,14 @@ module Aws::WorkMail
 
     include Seahorse::Model
 
+    AccessControlRule = Shapes::StructureShape.new(name: 'AccessControlRule')
+    AccessControlRuleAction = Shapes::StringShape.new(name: 'AccessControlRuleAction')
+    AccessControlRuleDescription = Shapes::StringShape.new(name: 'AccessControlRuleDescription')
+    AccessControlRuleEffect = Shapes::StringShape.new(name: 'AccessControlRuleEffect')
+    AccessControlRuleName = Shapes::StringShape.new(name: 'AccessControlRuleName')
+    AccessControlRuleNameList = Shapes::ListShape.new(name: 'AccessControlRuleNameList')
+    AccessControlRulesList = Shapes::ListShape.new(name: 'AccessControlRulesList')
+    ActionsList = Shapes::ListShape.new(name: 'ActionsList')
     Aliases = Shapes::ListShape.new(name: 'Aliases')
     AmazonResourceName = Shapes::StringShape.new(name: 'AmazonResourceName')
     AssociateDelegateToResourceRequest = Shapes::StructureShape.new(name: 'AssociateDelegateToResourceRequest')
@@ -28,6 +36,8 @@ module Aws::WorkMail
     CreateUserRequest = Shapes::StructureShape.new(name: 'CreateUserRequest')
     CreateUserResponse = Shapes::StructureShape.new(name: 'CreateUserResponse')
     Delegate = Shapes::StructureShape.new(name: 'Delegate')
+    DeleteAccessControlRuleRequest = Shapes::StructureShape.new(name: 'DeleteAccessControlRuleRequest')
+    DeleteAccessControlRuleResponse = Shapes::StructureShape.new(name: 'DeleteAccessControlRuleResponse')
     DeleteAliasRequest = Shapes::StructureShape.new(name: 'DeleteAliasRequest')
     DeleteAliasResponse = Shapes::StructureShape.new(name: 'DeleteAliasResponse')
     DeleteGroupRequest = Shapes::StructureShape.new(name: 'DeleteGroupRequest')
@@ -60,6 +70,8 @@ module Aws::WorkMail
     EntityNotFoundException = Shapes::StructureShape.new(name: 'EntityNotFoundException')
     EntityState = Shapes::StringShape.new(name: 'EntityState')
     EntityStateException = Shapes::StructureShape.new(name: 'EntityStateException')
+    GetAccessControlEffectRequest = Shapes::StructureShape.new(name: 'GetAccessControlEffectRequest')
+    GetAccessControlEffectResponse = Shapes::StructureShape.new(name: 'GetAccessControlEffectResponse')
     GetMailboxDetailsRequest = Shapes::StructureShape.new(name: 'GetMailboxDetailsRequest')
     GetMailboxDetailsResponse = Shapes::StructureShape.new(name: 'GetMailboxDetailsResponse')
     Group = Shapes::StructureShape.new(name: 'Group')
@@ -68,7 +80,12 @@ module Aws::WorkMail
     InvalidConfigurationException = Shapes::StructureShape.new(name: 'InvalidConfigurationException')
     InvalidParameterException = Shapes::StructureShape.new(name: 'InvalidParameterException')
     InvalidPasswordException = Shapes::StructureShape.new(name: 'InvalidPasswordException')
+    IpAddress = Shapes::StringShape.new(name: 'IpAddress')
+    IpRange = Shapes::StringShape.new(name: 'IpRange')
+    IpRangeList = Shapes::ListShape.new(name: 'IpRangeList')
     LimitExceededException = Shapes::StructureShape.new(name: 'LimitExceededException')
+    ListAccessControlRulesRequest = Shapes::StructureShape.new(name: 'ListAccessControlRulesRequest')
+    ListAccessControlRulesResponse = Shapes::StructureShape.new(name: 'ListAccessControlRulesResponse')
     ListAliasesRequest = Shapes::StructureShape.new(name: 'ListAliasesRequest')
     ListAliasesResponse = Shapes::StructureShape.new(name: 'ListAliasesResponse')
     ListGroupMembersRequest = Shapes::StructureShape.new(name: 'ListGroupMembersRequest')
@@ -108,6 +125,8 @@ module Aws::WorkMail
     PermissionType = Shapes::StringShape.new(name: 'PermissionType')
     PermissionValues = Shapes::ListShape.new(name: 'PermissionValues')
     Permissions = Shapes::ListShape.new(name: 'Permissions')
+    PutAccessControlRuleRequest = Shapes::StructureShape.new(name: 'PutAccessControlRuleRequest')
+    PutAccessControlRuleResponse = Shapes::StructureShape.new(name: 'PutAccessControlRuleResponse')
     PutMailboxPermissionsRequest = Shapes::StructureShape.new(name: 'PutMailboxPermissionsRequest')
     PutMailboxPermissionsResponse = Shapes::StructureShape.new(name: 'PutMailboxPermissionsResponse')
     RegisterToWorkMailRequest = Shapes::StructureShape.new(name: 'RegisterToWorkMailRequest')
@@ -142,11 +161,31 @@ module Aws::WorkMail
     UpdateResourceRequest = Shapes::StructureShape.new(name: 'UpdateResourceRequest')
     UpdateResourceResponse = Shapes::StructureShape.new(name: 'UpdateResourceResponse')
     User = Shapes::StructureShape.new(name: 'User')
+    UserIdList = Shapes::ListShape.new(name: 'UserIdList')
     UserName = Shapes::StringShape.new(name: 'UserName')
     UserRole = Shapes::StringShape.new(name: 'UserRole')
     Users = Shapes::ListShape.new(name: 'Users')
     WorkMailIdentifier = Shapes::StringShape.new(name: 'WorkMailIdentifier')
 
+    AccessControlRule.add_member(:name, Shapes::ShapeRef.new(shape: AccessControlRuleName, location_name: "Name"))
+    AccessControlRule.add_member(:effect, Shapes::ShapeRef.new(shape: AccessControlRuleEffect, location_name: "Effect"))
+    AccessControlRule.add_member(:description, Shapes::ShapeRef.new(shape: AccessControlRuleDescription, location_name: "Description"))
+    AccessControlRule.add_member(:ip_ranges, Shapes::ShapeRef.new(shape: IpRangeList, location_name: "IpRanges"))
+    AccessControlRule.add_member(:not_ip_ranges, Shapes::ShapeRef.new(shape: IpRangeList, location_name: "NotIpRanges"))
+    AccessControlRule.add_member(:actions, Shapes::ShapeRef.new(shape: ActionsList, location_name: "Actions"))
+    AccessControlRule.add_member(:not_actions, Shapes::ShapeRef.new(shape: ActionsList, location_name: "NotActions"))
+    AccessControlRule.add_member(:user_ids, Shapes::ShapeRef.new(shape: UserIdList, location_name: "UserIds"))
+    AccessControlRule.add_member(:not_user_ids, Shapes::ShapeRef.new(shape: UserIdList, location_name: "NotUserIds"))
+    AccessControlRule.add_member(:date_created, Shapes::ShapeRef.new(shape: Timestamp, location_name: "DateCreated"))
+    AccessControlRule.add_member(:date_modified, Shapes::ShapeRef.new(shape: Timestamp, location_name: "DateModified"))
+    AccessControlRule.struct_class = Types::AccessControlRule
+
+    AccessControlRuleNameList.member = Shapes::ShapeRef.new(shape: AccessControlRuleName)
+
+    AccessControlRulesList.member = Shapes::ShapeRef.new(shape: AccessControlRule)
+
+    ActionsList.member = Shapes::ShapeRef.new(shape: AccessControlRuleAction)
+
     Aliases.member = Shapes::ShapeRef.new(shape: EmailAddress)
 
     AssociateDelegateToResourceRequest.add_member(:organization_id, Shapes::ShapeRef.new(shape: OrganizationId, required: true, location_name: "OrganizationId"))
@@ -203,6 +242,12 @@ module Aws::WorkMail
     Delegate.add_member(:type, Shapes::ShapeRef.new(shape: MemberType, required: true, location_name: "Type"))
     Delegate.struct_class = Types::Delegate
 
+    DeleteAccessControlRuleRequest.add_member(:organization_id, Shapes::ShapeRef.new(shape: OrganizationId, location_name: "OrganizationId"))
+    DeleteAccessControlRuleRequest.add_member(:name, Shapes::ShapeRef.new(shape: AccessControlRuleName, required: true, location_name: "Name"))
+    DeleteAccessControlRuleRequest.struct_class = Types::DeleteAccessControlRuleRequest
+
+    DeleteAccessControlRuleResponse.struct_class = Types::DeleteAccessControlRuleResponse
+
     DeleteAliasRequest.add_member(:organization_id, Shapes::ShapeRef.new(shape: OrganizationId, required: true, location_name: "OrganizationId"))
     DeleteAliasRequest.add_member(:entity_id, Shapes::ShapeRef.new(shape: WorkMailIdentifier, required: true, location_name: "EntityId"))
     DeleteAliasRequest.add_member(:alias, Shapes::ShapeRef.new(shape: EmailAddress, required: true, location_name: "Alias"))
@@ -327,6 +372,16 @@ module Aws::WorkMail
     EntityStateException.add_member(:message, Shapes::ShapeRef.new(shape: String, location_name: "Message"))
     EntityStateException.struct_class = Types::EntityStateException
 
+    GetAccessControlEffectRequest.add_member(:organization_id, Shapes::ShapeRef.new(shape: OrganizationId, required: true, location_name: "OrganizationId"))
+    GetAccessControlEffectRequest.add_member(:ip_address, Shapes::ShapeRef.new(shape: IpAddress, required: true, location_name: "IpAddress"))
+    GetAccessControlEffectRequest.add_member(:action, Shapes::ShapeRef.new(shape: AccessControlRuleAction, required: true, location_name: "Action"))
+    GetAccessControlEffectRequest.add_member(:user_id, Shapes::ShapeRef.new(shape: WorkMailIdentifier, required: true, location_name: "UserId"))
+    GetAccessControlEffectRequest.struct_class = Types::GetAccessControlEffectRequest
+
+    GetAccessControlEffectResponse.add_member(:effect, Shapes::ShapeRef.new(shape: AccessControlRuleEffect, location_name: "Effect"))
+    GetAccessControlEffectResponse.add_member(:matched_rules, Shapes::ShapeRef.new(shape: AccessControlRuleNameList, location_name: "MatchedRules"))
+    GetAccessControlEffectResponse.struct_class = Types::GetAccessControlEffectResponse
+
     GetMailboxDetailsRequest.add_member(:organization_id, Shapes::ShapeRef.new(shape: OrganizationId, required: true, location_name: "OrganizationId"))
     GetMailboxDetailsRequest.add_member(:user_id, Shapes::ShapeRef.new(shape: WorkMailIdentifier, required: true, location_name: "UserId"))
     GetMailboxDetailsRequest.struct_class = Types::GetMailboxDetailsRequest
@@ -354,9 +409,17 @@ module Aws::WorkMail
     InvalidPasswordException.add_member(:message, Shapes::ShapeRef.new(shape: String, location_name: "Message"))
     InvalidPasswordException.struct_class = Types::InvalidPasswordException
 
+    IpRangeList.member = Shapes::ShapeRef.new(shape: IpRange)
+
     LimitExceededException.add_member(:message, Shapes::ShapeRef.new(shape: String, location_name: "Message"))
     LimitExceededException.struct_class = Types::LimitExceededException
 
+    ListAccessControlRulesRequest.add_member(:organization_id, Shapes::ShapeRef.new(shape: OrganizationId, required: true, location_name: "OrganizationId"))
+    ListAccessControlRulesRequest.struct_class = Types::ListAccessControlRulesRequest
+
+    ListAccessControlRulesResponse.add_member(:rules, Shapes::ShapeRef.new(shape: AccessControlRulesList, location_name: "Rules"))
+    ListAccessControlRulesResponse.struct_class = Types::ListAccessControlRulesResponse
+
     ListAliasesRequest.add_member(:organization_id, Shapes::ShapeRef.new(shape: OrganizationId, required: true, location_name: "OrganizationId"))
     ListAliasesRequest.add_member(:entity_id, Shapes::ShapeRef.new(shape: WorkMailIdentifier, required: true, location_name: "EntityId"))
     ListAliasesRequest.add_member(:next_token, Shapes::ShapeRef.new(shape: NextToken, location_name: "NextToken"))
@@ -480,6 +543,20 @@ module Aws::WorkMail
 
     Permissions.member = Shapes::ShapeRef.new(shape: Permission)
 
+    PutAccessControlRuleRequest.add_member(:name, Shapes::ShapeRef.new(shape: AccessControlRuleName, required: true, location_name: "Name"))
+    PutAccessControlRuleRequest.add_member(:effect, Shapes::ShapeRef.new(shape: AccessControlRuleEffect, required: true, location_name: "Effect"))
+    PutAccessControlRuleRequest.add_member(:description, Shapes::ShapeRef.new(shape: AccessControlRuleDescription, required: true, location_name: "Description"))
+    PutAccessControlRuleRequest.add_member(:ip_ranges, Shapes::ShapeRef.new(shape: IpRangeList, location_name: "IpRanges"))
+    PutAccessControlRuleRequest.add_member(:not_ip_ranges, Shapes::ShapeRef.new(shape: IpRangeList, location_name: "NotIpRanges"))
+    PutAccessControlRuleRequest.add_member(:actions, Shapes::ShapeRef.new(shape: ActionsList, location_name: "Actions"))
+    PutAccessControlRuleRequest.add_member(:not_actions, Shapes::ShapeRef.new(shape: ActionsList, location_name: "NotActions"))
+    PutAccessControlRuleRequest.add_member(:user_ids, Shapes::ShapeRef.new(shape: UserIdList, location_name: "UserIds"))
+    PutAccessControlRuleRequest.add_member(:not_user_ids, Shapes::ShapeRef.new(shape: UserIdList, location_name: "NotUserIds"))
+    PutAccessControlRuleRequest.add_member(:organization_id, Shapes::ShapeRef.new(shape: OrganizationId, required: true, location_name: "OrganizationId"))
+    PutAccessControlRuleRequest.struct_class = Types::PutAccessControlRuleRequest
+
+    PutAccessControlRuleResponse.struct_class = Types::PutAccessControlRuleResponse
+
     PutMailboxPermissionsRequest.add_member(:organization_id, Shapes::ShapeRef.new(shape: OrganizationId, required: true, location_name: "OrganizationId"))
     PutMailboxPermissionsRequest.add_member(:entity_id, Shapes::ShapeRef.new(shape: WorkMailIdentifier, required: true, location_name: "EntityId"))
     PutMailboxPermissionsRequest.add_member(:grantee_id, Shapes::ShapeRef.new(shape: WorkMailIdentifier, required: true, location_name: "GranteeId"))
@@ -579,6 +656,8 @@ module Aws::WorkMail
     User.add_member(:disabled_date, Shapes::ShapeRef.new(shape: Timestamp, location_name: "DisabledDate"))
     User.struct_class = Types::User
 
+    UserIdList.member = Shapes::ShapeRef.new(shape: WorkMailIdentifier)
+
     Users.member = Shapes::ShapeRef.new(shape: User)
 
 
@@ -693,6 +772,16 @@ module Aws::WorkMail
         o.errors << Shapes::ShapeRef.new(shape: UnsupportedOperationException)
       end)
 
+      api.add_operation(:delete_access_control_rule, Seahorse::Model::Operation.new.tap do |o|
+        o.name = "DeleteAccessControlRule"
+        o.http_method = "POST"
+        o.http_request_uri = "/"
+        o.input = Shapes::ShapeRef.new(shape: DeleteAccessControlRuleRequest)
+        o.output = Shapes::ShapeRef.new(shape: DeleteAccessControlRuleResponse)
+        o.errors << Shapes::ShapeRef.new(shape: OrganizationNotFoundException)
+        o.errors << Shapes::ShapeRef.new(shape: OrganizationStateException)
+      end)
+
       api.add_operation(:delete_alias, Seahorse::Model::Operation.new.tap do |o|
         o.name = "DeleteAlias"
         o.http_method = "POST"
@@ -849,6 +938,18 @@ module Aws::WorkMail
         o.errors << Shapes::ShapeRef.new(shape: UnsupportedOperationException)
       end)
 
+      api.add_operation(:get_access_control_effect, Seahorse::Model::Operation.new.tap do |o|
+        o.name = "GetAccessControlEffect"
+        o.http_method = "POST"
+        o.http_request_uri = "/"
+        o.input = Shapes::ShapeRef.new(shape: GetAccessControlEffectRequest)
+        o.output = Shapes::ShapeRef.new(shape: GetAccessControlEffectResponse)
+        o.errors << Shapes::ShapeRef.new(shape: EntityNotFoundException)
+        o.errors << Shapes::ShapeRef.new(shape: InvalidParameterException)
+        o.errors << Shapes::ShapeRef.new(shape: OrganizationNotFoundException)
+        o.errors << Shapes::ShapeRef.new(shape: OrganizationStateException)
+      end)
+
       api.add_operation(:get_mailbox_details, Seahorse::Model::Operation.new.tap do |o|
         o.name = "GetMailboxDetails"
         o.http_method = "POST"
@@ -860,6 +961,16 @@ module Aws::WorkMail
         o.errors << Shapes::ShapeRef.new(shape: EntityNotFoundException)
       end)
 
+      api.add_operation(:list_access_control_rules, Seahorse::Model::Operation.new.tap do |o|
+        o.name = "ListAccessControlRules"
+        o.http_method = "POST"
+        o.http_request_uri = "/"
+        o.input = Shapes::ShapeRef.new(shape: ListAccessControlRulesRequest)
+        o.output = Shapes::ShapeRef.new(shape: ListAccessControlRulesResponse)
+        o.errors << Shapes::ShapeRef.new(shape: OrganizationNotFoundException)
+        o.errors << Shapes::ShapeRef.new(shape: OrganizationStateException)
+      end)
+
       api.add_operation(:list_aliases, Seahorse::Model::Operation.new.tap do |o|
         o.name = "ListAliases"
         o.http_method = "POST"
@@ -1011,6 +1122,19 @@ module Aws::WorkMail
         )
       end)
 
+      api.add_operation(:put_access_control_rule, Seahorse::Model::Operation.new.tap do |o|
+        o.name = "PutAccessControlRule"
+        o.http_method = "POST"
+        o.http_request_uri = "/"
+        o.input = Shapes::ShapeRef.new(shape: PutAccessControlRuleRequest)
+        o.output = Shapes::ShapeRef.new(shape: PutAccessControlRuleResponse)
+        o.errors << Shapes::ShapeRef.new(shape: LimitExceededException)
+        o.errors << Shapes::ShapeRef.new(shape: InvalidParameterException)
+        o.errors << Shapes::ShapeRef.new(shape: EntityNotFoundException)
+        o.errors << Shapes::ShapeRef.new(shape: OrganizationNotFoundException)
+        o.errors << Shapes::ShapeRef.new(shape: OrganizationStateException)
+      end)
+
       api.add_operation(:put_mailbox_permissions, Seahorse::Model::Operation.new.tap do |o|
         o.name = "PutMailboxPermissions"
         o.http_method = "POST"

data/lib/aws-sdk-workmail/types.rb

@@ -8,6 +8,73 @@
 module Aws::WorkMail
   module Types
 
+    # A rule that controls access to an Amazon WorkMail organization.
+    #
+    # @!attribute [rw] name
+    #   The rule name.
+    #   @return [String]
+    #
+    # @!attribute [rw] effect
+    #   The rule effect.
+    #   @return [String]
+    #
+    # @!attribute [rw] description
+    #   The rule description.
+    #   @return [String]
+    #
+    # @!attribute [rw] ip_ranges
+    #   IPv4 CIDR ranges to include in the rule.
+    #   @return [Array<String>]
+    #
+    # @!attribute [rw] not_ip_ranges
+    #   IPv4 CIDR ranges to exclude from the rule.
+    #   @return [Array<String>]
+    #
+    # @!attribute [rw] actions
+    #   Access protocol actions to include in the rule. Valid values include
+    #   `ActiveSync`, `AutoDiscover`, `EWS`, `IMAP`, `SMTP`,
+    #   `WindowsOutlook`, and `WebMail`.
+    #   @return [Array<String>]
+    #
+    # @!attribute [rw] not_actions
+    #   Access protocol actions to exclude from the rule. Valid values
+    #   include `ActiveSync`, `AutoDiscover`, `EWS`, `IMAP`, `SMTP`,
+    #   `WindowsOutlook`, and `WebMail`.
+    #   @return [Array<String>]
+    #
+    # @!attribute [rw] user_ids
+    #   User IDs to include in the rule.
+    #   @return [Array<String>]
+    #
+    # @!attribute [rw] not_user_ids
+    #   User IDs to exclude from the rule.
+    #   @return [Array<String>]
+    #
+    # @!attribute [rw] date_created
+    #   The date that the rule was created.
+    #   @return [Time]
+    #
+    # @!attribute [rw] date_modified
+    #   The date that the rule was modified.
+    #   @return [Time]
+    #
+    # @see http://docs.aws.amazon.com/goto/WebAPI/workmail-2017-10-01/AccessControlRule AWS API Documentation
+    #
+    class AccessControlRule < Struct.new(
+      :name,
+      :effect,
+      :description,
+      :ip_ranges,
+      :not_ip_ranges,
+      :actions,
+      :not_actions,
+      :user_ids,
+      :not_user_ids,
+      :date_created,
+      :date_modified)
+      include Aws::Structure
+    end
+
     # @note When making an API call, you may pass AssociateDelegateToResourceRequest
     #   data as a hash:
     #
@@ -292,6 +359,34 @@ module Aws::WorkMail
       include Aws::Structure
     end
 
+    # @note When making an API call, you may pass DeleteAccessControlRuleRequest
+    #   data as a hash:
+    #
+    #       {
+    #         organization_id: "OrganizationId",
+    #         name: "AccessControlRuleName", # required
+    #       }
+    #
+    # @!attribute [rw] organization_id
+    #   The identifier for the organization.
+    #   @return [String]
+    #
+    # @!attribute [rw] name
+    #   The name of the access control rule.
+    #   @return [String]
+    #
+    # @see http://docs.aws.amazon.com/goto/WebAPI/workmail-2017-10-01/DeleteAccessControlRuleRequest AWS API Documentation
+    #
+    class DeleteAccessControlRuleRequest < Struct.new(
+      :organization_id,
+      :name)
+      include Aws::Structure
+    end
+
+    # @see http://docs.aws.amazon.com/goto/WebAPI/workmail-2017-10-01/DeleteAccessControlRuleResponse AWS API Documentation
+    #
+    class DeleteAccessControlRuleResponse < Aws::EmptyStructure; end
+
     # @note When making an API call, you may pass DeleteAliasRequest
     #   data as a hash:
     #
@@ -915,6 +1010,60 @@ module Aws::WorkMail
       include Aws::Structure
     end
 
+    # @note When making an API call, you may pass GetAccessControlEffectRequest
+    #   data as a hash:
+    #
+    #       {
+    #         organization_id: "OrganizationId", # required
+    #         ip_address: "IpAddress", # required
+    #         action: "AccessControlRuleAction", # required
+    #         user_id: "WorkMailIdentifier", # required
+    #       }
+    #
+    # @!attribute [rw] organization_id
+    #   The identifier for the organization.
+    #   @return [String]
+    #
+    # @!attribute [rw] ip_address
+    #   The IPv4 address.
+    #   @return [String]
+    #
+    # @!attribute [rw] action
+    #   The access protocol action. Valid values include `ActiveSync`,
+    #   `AutoDiscover`, `EWS`, `IMAP`, `SMTP`, `WindowsOutlook`, and
+    #   `WebMail`.
+    #   @return [String]
+    #
+    # @!attribute [rw] user_id
+    #   The user ID.
+    #   @return [String]
+    #
+    # @see http://docs.aws.amazon.com/goto/WebAPI/workmail-2017-10-01/GetAccessControlEffectRequest AWS API Documentation
+    #
+    class GetAccessControlEffectRequest < Struct.new(
+      :organization_id,
+      :ip_address,
+      :action,
+      :user_id)
+      include Aws::Structure
+    end
+
+    # @!attribute [rw] effect
+    #   The rule effect.
+    #   @return [String]
+    #
+    # @!attribute [rw] matched_rules
+    #   The rules that match the given parameters, resulting in an effect.
+    #   @return [Array<String>]
+    #
+    # @see http://docs.aws.amazon.com/goto/WebAPI/workmail-2017-10-01/GetAccessControlEffectResponse AWS API Documentation
+    #
+    class GetAccessControlEffectResponse < Struct.new(
+      :effect,
+      :matched_rules)
+      include Aws::Structure
+    end
+
     # @note When making an API call, you may pass GetMailboxDetailsRequest
     #   data as a hash:
     #
@@ -1049,6 +1198,35 @@ module Aws::WorkMail
       include Aws::Structure
     end
 
+    # @note When making an API call, you may pass ListAccessControlRulesRequest
+    #   data as a hash:
+    #
+    #       {
+    #         organization_id: "OrganizationId", # required
+    #       }
+    #
+    # @!attribute [rw] organization_id
+    #   The identifier for the organization.
+    #   @return [String]
+    #
+    # @see http://docs.aws.amazon.com/goto/WebAPI/workmail-2017-10-01/ListAccessControlRulesRequest AWS API Documentation
+    #
+    class ListAccessControlRulesRequest < Struct.new(
+      :organization_id)
+      include Aws::Structure
+    end
+
+    # @!attribute [rw] rules
+    #   The access control rules.
+    #   @return [Array<Types::AccessControlRule>]
+    #
+    # @see http://docs.aws.amazon.com/goto/WebAPI/workmail-2017-10-01/ListAccessControlRulesResponse AWS API Documentation
+    #
+    class ListAccessControlRulesResponse < Struct.new(
+      :rules)
+      include Aws::Structure
+    end
+
     # @note When making an API call, you may pass ListAliasesRequest
     #   data as a hash:
     #
@@ -1653,6 +1831,86 @@ module Aws::WorkMail
       include Aws::Structure
     end
 
+    # @note When making an API call, you may pass PutAccessControlRuleRequest
+    #   data as a hash:
+    #
+    #       {
+    #         name: "AccessControlRuleName", # required
+    #         effect: "ALLOW", # required, accepts ALLOW, DENY
+    #         description: "AccessControlRuleDescription", # required
+    #         ip_ranges: ["IpRange"],
+    #         not_ip_ranges: ["IpRange"],
+    #         actions: ["AccessControlRuleAction"],
+    #         not_actions: ["AccessControlRuleAction"],
+    #         user_ids: ["WorkMailIdentifier"],
+    #         not_user_ids: ["WorkMailIdentifier"],
+    #         organization_id: "OrganizationId", # required
+    #       }
+    #
+    # @!attribute [rw] name
+    #   The rule name.
+    #   @return [String]
+    #
+    # @!attribute [rw] effect
+    #   The rule effect.
+    #   @return [String]
+    #
+    # @!attribute [rw] description
+    #   The rule description.
+    #   @return [String]
+    #
+    # @!attribute [rw] ip_ranges
+    #   IPv4 CIDR ranges to include in the rule.
+    #   @return [Array<String>]
+    #
+    # @!attribute [rw] not_ip_ranges
+    #   IPv4 CIDR ranges to exclude from the rule.
+    #   @return [Array<String>]
+    #
+    # @!attribute [rw] actions
+    #   Access protocol actions to include in the rule. Valid values include
+    #   `ActiveSync`, `AutoDiscover`, `EWS`, `IMAP`, `SMTP`,
+    #   `WindowsOutlook`, and `WebMail`.
+    #   @return [Array<String>]
+    #
+    # @!attribute [rw] not_actions
+    #   Access protocol actions to exclude from the rule. Valid values
+    #   include `ActiveSync`, `AutoDiscover`, `EWS`, `IMAP`, `SMTP`,
+    #   `WindowsOutlook`, and `WebMail`.
+    #   @return [Array<String>]
+    #
+    # @!attribute [rw] user_ids
+    #   User IDs to include in the rule.
+    #   @return [Array<String>]
+    #
+    # @!attribute [rw] not_user_ids
+    #   User IDs to exclude from the rule.
+    #   @return [Array<String>]
+    #
+    # @!attribute [rw] organization_id
+    #   The identifier of the organization.
+    #   @return [String]
+    #
+    # @see http://docs.aws.amazon.com/goto/WebAPI/workmail-2017-10-01/PutAccessControlRuleRequest AWS API Documentation
+    #
+    class PutAccessControlRuleRequest < Struct.new(
+      :name,
+      :effect,
+      :description,
+      :ip_ranges,
+      :not_ip_ranges,
+      :actions,
+      :not_actions,
+      :user_ids,
+      :not_user_ids,
+      :organization_id)
+      include Aws::Structure
+    end
+
+    # @see http://docs.aws.amazon.com/goto/WebAPI/workmail-2017-10-01/PutAccessControlRuleResponse AWS API Documentation
+    #
+    class PutAccessControlRuleResponse < Aws::EmptyStructure; end
+
     # @note When making an API call, you may pass PutMailboxPermissionsRequest
     #   data as a hash:
     #

metadata

@@ -1,14 +1,14 @@
 --- !ruby/object:Gem::Specification
 name: aws-sdk-workmail
 version: !ruby/object:Gem::Version
-  version: 1.20.0
+  version: 1.21.0
 platform: ruby
 authors:
 - Amazon Web Services
 autorequire: 
 bindir: bin
 cert_chain: []
-date: 2020-02-04 00:00:00.000000000 Z
+date: 2020-02-12 00:00:00.000000000 Z
 dependencies:
 - !ruby/object:Gem::Dependency
   name: aws-sdk-core