aws-sdk-workmail 1.36.0 → 1.37.0

checksums.yaml

@@ -1,7 +1,7 @@
 ---
 SHA256:
-  metadata.gz: dda04d1b3b97636df23d342c6ed0c681b53eafb0dd51bf1975066ebc419db222
-  data.tar.gz: ac2d561621e53271ed9596838695ef97081e79dbf590e20efd3129bd6fae6245
+  metadata.gz: a4ddb887155bcd7c78602804d0198310856130aa78c67354b9118254adb5a8c0
+  data.tar.gz: 2edf1f8e6d86de0d4620ea472000e1b8208403b2f93461cbf132a66334f050a9
 SHA512:
-  metadata.gz: 4a0a59795a4db4e4e1c74d8a6920fdaeea2d2c5e9926af67824dbacd995d468af5d1cf8b3c761fdec91f41d613225ca7da34cc791a1a7cd40d20ff6ce49a5b51
-  data.tar.gz: e1a22aee04470996fea101297697222af988f69284080700abcc8bc31cf42f6b469e2d83e04a831cb21b949e722ef07b2b10347e0b8d0c4331472887ad0e0d8b
+  metadata.gz: 0efcfdba8e07bdcdf191cde59b682d049e8fa801adfb9f85935b76c07211187b7b07a594340d8d7997870c6d67f872c3e2b2bca0860d27754e46a37738b348de
+  data.tar.gz: fba4d8535a32a40834491305d166a6802aebf611ebd6061c8c3f78c499d7c5f71147a531c32913617cc1311afd5fdbc7632dc830112476273e909bba837cc1d7

data/CHANGELOG.md

@@ -1,6 +1,11 @@
 Unreleased Changes
 ------------------
 
+1.37.0 (2021-03-31)
+------------------
+
+* Feature - This release adds support for mobile device access rules management in Amazon WorkMail.
+
 1.36.0 (2021-03-10)
 ------------------
 

data/VERSION

@@ -1 +1 @@
-1.36.0
+1.37.0

data/lib/aws-sdk-workmail.rb

@@ -48,6 +48,6 @@ require_relative 'aws-sdk-workmail/customizations'
 # @!group service
 module Aws::WorkMail
 
-  GEM_VERSION = '1.36.0'
+  GEM_VERSION = '1.37.0'
 
 end

data/lib/aws-sdk-workmail/client.rb

@@ -499,6 +499,91 @@ module Aws::WorkMail
       req.send_request(options)
     end
 
+    # Creates a new mobile device access rule for the specified Amazon
+    # WorkMail organization.
+    #
+    # @option params [required, String] :organization_id
+    #   The Amazon WorkMail organization under which the rule will be created.
+    #
+    # @option params [String] :client_token
+    #   The idempotency token for the client request.
+    #
+    #   **A suitable default value is auto-generated.** You should normally
+    #   not need to pass this option.**
+    #
+    # @option params [required, String] :name
+    #   The rule name.
+    #
+    # @option params [String] :description
+    #   The rule description.
+    #
+    # @option params [required, String] :effect
+    #   The effect of the rule when it matches. Allowed values are `ALLOW` or
+    #   `DENY`.
+    #
+    # @option params [Array<String>] :device_types
+    #   Device types that the rule will match.
+    #
+    # @option params [Array<String>] :not_device_types
+    #   Device types that the rule **will not** match. All other device types
+    #   will match.
+    #
+    # @option params [Array<String>] :device_models
+    #   Device models that the rule will match.
+    #
+    # @option params [Array<String>] :not_device_models
+    #   Device models that the rule **will not** match. All other device
+    #   models will match.
+    #
+    # @option params [Array<String>] :device_operating_systems
+    #   Device operating systems that the rule will match.
+    #
+    # @option params [Array<String>] :not_device_operating_systems
+    #   Device operating systems that the rule **will not** match. All other
+    #   device operating systems will match.
+    #
+    # @option params [Array<String>] :device_user_agents
+    #   Device user agents that the rule will match.
+    #
+    # @option params [Array<String>] :not_device_user_agents
+    #   Device user agents that the rule **will not** match. All other device
+    #   user agents will match.
+    #
+    # @return [Types::CreateMobileDeviceAccessRuleResponse] Returns a {Seahorse::Client::Response response} object which responds to the following methods:
+    #
+    #   * {Types::CreateMobileDeviceAccessRuleResponse#mobile_device_access_rule_id #mobile_device_access_rule_id} => String
+    #
+    # @example Request syntax with placeholder values
+    #
+    #   resp = client.create_mobile_device_access_rule({
+    #     organization_id: "OrganizationId", # required
+    #     client_token: "IdempotencyClientToken",
+    #     name: "MobileDeviceAccessRuleName", # required
+    #     description: "MobileDeviceAccessRuleDescription",
+    #     effect: "ALLOW", # required, accepts ALLOW, DENY
+    #     device_types: ["DeviceType"],
+    #     not_device_types: ["DeviceType"],
+    #     device_models: ["DeviceModel"],
+    #     not_device_models: ["DeviceModel"],
+    #     device_operating_systems: ["DeviceOperatingSystem"],
+    #     not_device_operating_systems: ["DeviceOperatingSystem"],
+    #     device_user_agents: ["DeviceUserAgent"],
+    #     not_device_user_agents: ["DeviceUserAgent"],
+    #   })
+    #
+    # @example Response structure
+    #
+    #   resp.mobile_device_access_rule_id #=> String
+    #
+    # @see http://docs.aws.amazon.com/goto/WebAPI/workmail-2017-10-01/CreateMobileDeviceAccessRule AWS API Documentation
+    #
+    # @overload create_mobile_device_access_rule(params = {})
+    # @param [Hash] params ({})
+    def create_mobile_device_access_rule(params = {}, options = {})
+      req = build_request(:create_mobile_device_access_rule, params)
+      req.send_request(options)
+    end
+
     # Creates a new Amazon WorkMail organization. Optionally, you can choose
     # to associate an existing AWS Directory Service directory with your
     # organization. If an AWS Directory Service directory ID is specified,
@@ -782,6 +867,33 @@ module Aws::WorkMail
       req.send_request(options)
     end
 
+    # Deletes a mobile device access rule for the specified Amazon WorkMail
+    # organization.
+    #
+    # @option params [required, String] :organization_id
+    #   The Amazon WorkMail organization under which the rule will be deleted.
+    #
+    # @option params [required, String] :mobile_device_access_rule_id
+    #   The identifier of the rule to be deleted.
+    #
+    # @return [Struct] Returns an empty {Seahorse::Client::Response response}.
+    #
+    # @example Request syntax with placeholder values
+    #
+    #   resp = client.delete_mobile_device_access_rule({
+    #     organization_id: "OrganizationId", # required
+    #     mobile_device_access_rule_id: "MobileDeviceAccessRuleId", # required
+    #   })
+    #
+    # @see http://docs.aws.amazon.com/goto/WebAPI/workmail-2017-10-01/DeleteMobileDeviceAccessRule AWS API Documentation
+    #
+    # @overload delete_mobile_device_access_rule(params = {})
+    # @param [Hash] params ({})
+    def delete_mobile_device_access_rule(params = {}, options = {})
+      req = build_request(:delete_mobile_device_access_rule, params)
+      req.send_request(options)
+    end
+
     # Deletes an Amazon WorkMail organization and all underlying AWS
     # resources managed by Amazon WorkMail as part of the organization. You
     # can choose whether to delete the associated directory. For more
@@ -1365,6 +1477,57 @@ module Aws::WorkMail
       req.send_request(options)
     end
 
+    # Simulates the effect of the mobile device access rules for the given
+    # attributes of a sample access event. Use this method to test the
+    # effects of the current set of mobile device access rules for the
+    # Amazon WorkMail organization for a particular user's attributes.
+    #
+    # @option params [required, String] :organization_id
+    #   The Amazon WorkMail organization to simulate the access effect for.
+    #
+    # @option params [String] :device_type
+    #   Device type the simulated user will report.
+    #
+    # @option params [String] :device_model
+    #   Device model the simulated user will report.
+    #
+    # @option params [String] :device_operating_system
+    #   Device operating system the simulated user will report.
+    #
+    # @option params [String] :device_user_agent
+    #   Device user agent the simulated user will report.
+    #
+    # @return [Types::GetMobileDeviceAccessEffectResponse] Returns a {Seahorse::Client::Response response} object which responds to the following methods:
+    #
+    #   * {Types::GetMobileDeviceAccessEffectResponse#effect #effect} => String
+    #   * {Types::GetMobileDeviceAccessEffectResponse#matched_rules #matched_rules} => Array&lt;Types::MobileDeviceAccessMatchedRule&gt;
+    #
+    # @example Request syntax with placeholder values
+    #
+    #   resp = client.get_mobile_device_access_effect({
+    #     organization_id: "OrganizationId", # required
+    #     device_type: "DeviceType",
+    #     device_model: "DeviceModel",
+    #     device_operating_system: "DeviceOperatingSystem",
+    #     device_user_agent: "DeviceUserAgent",
+    #   })
+    #
+    # @example Response structure
+    #
+    #   resp.effect #=> String, one of "ALLOW", "DENY"
+    #   resp.matched_rules #=> Array
+    #   resp.matched_rules[0].mobile_device_access_rule_id #=> String
+    #   resp.matched_rules[0].name #=> String
+    #
+    # @see http://docs.aws.amazon.com/goto/WebAPI/workmail-2017-10-01/GetMobileDeviceAccessEffect AWS API Documentation
+    #
+    # @overload get_mobile_device_access_effect(params = {})
+    # @param [Hash] params ({})
+    def get_mobile_device_access_effect(params = {}, options = {})
+      req = build_request(:get_mobile_device_access_effect, params)
+      req.send_request(options)
+    end
+
     # Lists the access control rules for the specified organization.
     #
     # @option params [required, String] :organization_id
@@ -1659,6 +1822,57 @@ module Aws::WorkMail
       req.send_request(options)
     end
 
+    # Lists the mobile device access rules for the specified Amazon WorkMail
+    # organization.
+    #
+    # @option params [required, String] :organization_id
+    #   The Amazon WorkMail organization for which to list the rules.
+    #
+    # @return [Types::ListMobileDeviceAccessRulesResponse] Returns a {Seahorse::Client::Response response} object which responds to the following methods:
+    #
+    #   * {Types::ListMobileDeviceAccessRulesResponse#rules #rules} => Array&lt;Types::MobileDeviceAccessRule&gt;
+    #
+    # @example Request syntax with placeholder values
+    #
+    #   resp = client.list_mobile_device_access_rules({
+    #     organization_id: "OrganizationId", # required
+    #   })
+    #
+    # @example Response structure
+    #
+    #   resp.rules #=> Array
+    #   resp.rules[0].mobile_device_access_rule_id #=> String
+    #   resp.rules[0].name #=> String
+    #   resp.rules[0].description #=> String
+    #   resp.rules[0].effect #=> String, one of "ALLOW", "DENY"
+    #   resp.rules[0].device_types #=> Array
+    #   resp.rules[0].device_types[0] #=> String
+    #   resp.rules[0].not_device_types #=> Array
+    #   resp.rules[0].not_device_types[0] #=> String
+    #   resp.rules[0].device_models #=> Array
+    #   resp.rules[0].device_models[0] #=> String
+    #   resp.rules[0].not_device_models #=> Array
+    #   resp.rules[0].not_device_models[0] #=> String
+    #   resp.rules[0].device_operating_systems #=> Array
+    #   resp.rules[0].device_operating_systems[0] #=> String
+    #   resp.rules[0].not_device_operating_systems #=> Array
+    #   resp.rules[0].not_device_operating_systems[0] #=> String
+    #   resp.rules[0].device_user_agents #=> Array
+    #   resp.rules[0].device_user_agents[0] #=> String
+    #   resp.rules[0].not_device_user_agents #=> Array
+    #   resp.rules[0].not_device_user_agents[0] #=> String
+    #   resp.rules[0].date_created #=> Time
+    #   resp.rules[0].date_modified #=> Time
+    #
+    # @see http://docs.aws.amazon.com/goto/WebAPI/workmail-2017-10-01/ListMobileDeviceAccessRules AWS API Documentation
+    #
+    # @overload list_mobile_device_access_rules(params = {})
+    # @param [Hash] params ({})
+    def list_mobile_device_access_rules(params = {}, options = {})
+      req = build_request(:list_mobile_device_access_rules, params)
+      req.send_request(options)
+    end
+
     # Returns summaries of the customer's organizations.
     #
     # @option params [String] :next_token
@@ -2266,6 +2480,82 @@ module Aws::WorkMail
       req.send_request(options)
     end
 
+    # Updates a mobile device access rule for the specified Amazon WorkMail
+    # organization.
+    #
+    # @option params [required, String] :organization_id
+    #   The Amazon WorkMail organization under which the rule will be updated.
+    #
+    # @option params [required, String] :mobile_device_access_rule_id
+    #   The identifier of the rule to be updated.
+    #
+    # @option params [required, String] :name
+    #   The updated rule name.
+    #
+    # @option params [String] :description
+    #   The updated rule description.
+    #
+    # @option params [required, String] :effect
+    #   The effect of the rule when it matches. Allowed values are `ALLOW` or
+    #   `DENY`.
+    #
+    # @option params [Array<String>] :device_types
+    #   Device types that the updated rule will match.
+    #
+    # @option params [Array<String>] :not_device_types
+    #   Device types that the updated rule **will not** match. All other
+    #   device types will match.
+    #
+    # @option params [Array<String>] :device_models
+    #   Device models that the updated rule will match.
+    #
+    # @option params [Array<String>] :not_device_models
+    #   Device models that the updated rule **will not** match. All other
+    #   device models will match.
+    #
+    # @option params [Array<String>] :device_operating_systems
+    #   Device operating systems that the updated rule will match.
+    #
+    # @option params [Array<String>] :not_device_operating_systems
+    #   Device operating systems that the updated rule **will not** match. All
+    #   other device operating systems will match.
+    #
+    # @option params [Array<String>] :device_user_agents
+    #   User agents that the updated rule will match.
+    #
+    # @option params [Array<String>] :not_device_user_agents
+    #   User agents that the updated rule **will not** match. All other user
+    #   agents will match.
+    #
+    # @return [Struct] Returns an empty {Seahorse::Client::Response response}.
+    #
+    # @example Request syntax with placeholder values
+    #
+    #   resp = client.update_mobile_device_access_rule({
+    #     organization_id: "OrganizationId", # required
+    #     mobile_device_access_rule_id: "MobileDeviceAccessRuleId", # required
+    #     name: "MobileDeviceAccessRuleName", # required
+    #     description: "MobileDeviceAccessRuleDescription",
+    #     effect: "ALLOW", # required, accepts ALLOW, DENY
+    #     device_types: ["DeviceType"],
+    #     not_device_types: ["DeviceType"],
+    #     device_models: ["DeviceModel"],
+    #     not_device_models: ["DeviceModel"],
+    #     device_operating_systems: ["DeviceOperatingSystem"],
+    #     not_device_operating_systems: ["DeviceOperatingSystem"],
+    #     device_user_agents: ["DeviceUserAgent"],
+    #     not_device_user_agents: ["DeviceUserAgent"],
+    #   })
+    #
+    # @see http://docs.aws.amazon.com/goto/WebAPI/workmail-2017-10-01/UpdateMobileDeviceAccessRule AWS API Documentation
+    #
+    # @overload update_mobile_device_access_rule(params = {})
+    # @param [Hash] params ({})
+    def update_mobile_device_access_rule(params = {}, options = {})
+      req = build_request(:update_mobile_device_access_rule, params)
+      req.send_request(options)
+    end
+
     # Updates the primary email for a user, group, or resource. The current
     # email is moved into the list of aliases (or swapped between an
     # existing alias and the current primary email), and the email provided
@@ -2354,7 +2644,7 @@ module Aws::WorkMail
         params: params,
         config: config)
       context[:gem_name] = 'aws-sdk-workmail'
-      context[:gem_version] = '1.36.0'
+      context[:gem_version] = '1.37.0'
       Seahorse::Client::Request.new(handlers, context)
     end
 

data/lib/aws-sdk-workmail/client_api.rb

@@ -35,6 +35,8 @@ module Aws::WorkMail
     CreateAliasResponse = Shapes::StructureShape.new(name: 'CreateAliasResponse')
     CreateGroupRequest = Shapes::StructureShape.new(name: 'CreateGroupRequest')
     CreateGroupResponse = Shapes::StructureShape.new(name: 'CreateGroupResponse')
+    CreateMobileDeviceAccessRuleRequest = Shapes::StructureShape.new(name: 'CreateMobileDeviceAccessRuleRequest')
+    CreateMobileDeviceAccessRuleResponse = Shapes::StructureShape.new(name: 'CreateMobileDeviceAccessRuleResponse')
     CreateOrganizationRequest = Shapes::StructureShape.new(name: 'CreateOrganizationRequest')
     CreateOrganizationResponse = Shapes::StructureShape.new(name: 'CreateOrganizationResponse')
     CreateResourceRequest = Shapes::StructureShape.new(name: 'CreateResourceRequest')
@@ -50,6 +52,8 @@ module Aws::WorkMail
     DeleteGroupResponse = Shapes::StructureShape.new(name: 'DeleteGroupResponse')
     DeleteMailboxPermissionsRequest = Shapes::StructureShape.new(name: 'DeleteMailboxPermissionsRequest')
     DeleteMailboxPermissionsResponse = Shapes::StructureShape.new(name: 'DeleteMailboxPermissionsResponse')
+    DeleteMobileDeviceAccessRuleRequest = Shapes::StructureShape.new(name: 'DeleteMobileDeviceAccessRuleRequest')
+    DeleteMobileDeviceAccessRuleResponse = Shapes::StructureShape.new(name: 'DeleteMobileDeviceAccessRuleResponse')
     DeleteOrganizationRequest = Shapes::StructureShape.new(name: 'DeleteOrganizationRequest')
     DeleteOrganizationResponse = Shapes::StructureShape.new(name: 'DeleteOrganizationResponse')
     DeleteResourceRequest = Shapes::StructureShape.new(name: 'DeleteResourceRequest')
@@ -71,6 +75,14 @@ module Aws::WorkMail
     DescribeUserRequest = Shapes::StructureShape.new(name: 'DescribeUserRequest')
     DescribeUserResponse = Shapes::StructureShape.new(name: 'DescribeUserResponse')
     Description = Shapes::StringShape.new(name: 'Description')
+    DeviceModel = Shapes::StringShape.new(name: 'DeviceModel')
+    DeviceModelList = Shapes::ListShape.new(name: 'DeviceModelList')
+    DeviceOperatingSystem = Shapes::StringShape.new(name: 'DeviceOperatingSystem')
+    DeviceOperatingSystemList = Shapes::ListShape.new(name: 'DeviceOperatingSystemList')
+    DeviceType = Shapes::StringShape.new(name: 'DeviceType')
+    DeviceTypeList = Shapes::ListShape.new(name: 'DeviceTypeList')
+    DeviceUserAgent = Shapes::StringShape.new(name: 'DeviceUserAgent')
+    DeviceUserAgentList = Shapes::ListShape.new(name: 'DeviceUserAgentList')
     DirectoryId = Shapes::StringShape.new(name: 'DirectoryId')
     DirectoryInUseException = Shapes::StructureShape.new(name: 'DirectoryInUseException')
     DirectoryServiceAuthenticationFailedException = Shapes::StructureShape.new(name: 'DirectoryServiceAuthenticationFailedException')
@@ -97,6 +109,8 @@ module Aws::WorkMail
     GetDefaultRetentionPolicyResponse = Shapes::StructureShape.new(name: 'GetDefaultRetentionPolicyResponse')
     GetMailboxDetailsRequest = Shapes::StructureShape.new(name: 'GetMailboxDetailsRequest')
     GetMailboxDetailsResponse = Shapes::StructureShape.new(name: 'GetMailboxDetailsResponse')
+    GetMobileDeviceAccessEffectRequest = Shapes::StructureShape.new(name: 'GetMobileDeviceAccessEffectRequest')
+    GetMobileDeviceAccessEffectResponse = Shapes::StructureShape.new(name: 'GetMobileDeviceAccessEffectResponse')
     Group = Shapes::StructureShape.new(name: 'Group')
     GroupName = Shapes::StringShape.new(name: 'GroupName')
     Groups = Shapes::ListShape.new(name: 'Groups')
@@ -123,6 +137,8 @@ module Aws::WorkMail
     ListMailboxExportJobsResponse = Shapes::StructureShape.new(name: 'ListMailboxExportJobsResponse')
     ListMailboxPermissionsRequest = Shapes::StructureShape.new(name: 'ListMailboxPermissionsRequest')
     ListMailboxPermissionsResponse = Shapes::StructureShape.new(name: 'ListMailboxPermissionsResponse')
+    ListMobileDeviceAccessRulesRequest = Shapes::StructureShape.new(name: 'ListMobileDeviceAccessRulesRequest')
+    ListMobileDeviceAccessRulesResponse = Shapes::StructureShape.new(name: 'ListMobileDeviceAccessRulesResponse')
     ListOrganizationsRequest = Shapes::StructureShape.new(name: 'ListOrganizationsRequest')
     ListOrganizationsResponse = Shapes::StructureShape.new(name: 'ListOrganizationsResponse')
     ListResourceDelegatesRequest = Shapes::StructureShape.new(name: 'ListResourceDelegatesRequest')
@@ -145,6 +161,14 @@ module Aws::WorkMail
     Member = Shapes::StructureShape.new(name: 'Member')
     MemberType = Shapes::StringShape.new(name: 'MemberType')
     Members = Shapes::ListShape.new(name: 'Members')
+    MobileDeviceAccessMatchedRule = Shapes::StructureShape.new(name: 'MobileDeviceAccessMatchedRule')
+    MobileDeviceAccessMatchedRuleList = Shapes::ListShape.new(name: 'MobileDeviceAccessMatchedRuleList')
+    MobileDeviceAccessRule = Shapes::StructureShape.new(name: 'MobileDeviceAccessRule')
+    MobileDeviceAccessRuleDescription = Shapes::StringShape.new(name: 'MobileDeviceAccessRuleDescription')
+    MobileDeviceAccessRuleEffect = Shapes::StringShape.new(name: 'MobileDeviceAccessRuleEffect')
+    MobileDeviceAccessRuleId = Shapes::StringShape.new(name: 'MobileDeviceAccessRuleId')
+    MobileDeviceAccessRuleName = Shapes::StringShape.new(name: 'MobileDeviceAccessRuleName')
+    MobileDeviceAccessRulesList = Shapes::ListShape.new(name: 'MobileDeviceAccessRulesList')
     NameAvailabilityException = Shapes::StructureShape.new(name: 'NameAvailabilityException')
     NextToken = Shapes::StringShape.new(name: 'NextToken')
     OrganizationId = Shapes::StringShape.new(name: 'OrganizationId')
@@ -201,6 +225,8 @@ module Aws::WorkMail
     UntagResourceResponse = Shapes::StructureShape.new(name: 'UntagResourceResponse')
     UpdateMailboxQuotaRequest = Shapes::StructureShape.new(name: 'UpdateMailboxQuotaRequest')
     UpdateMailboxQuotaResponse = Shapes::StructureShape.new(name: 'UpdateMailboxQuotaResponse')
+    UpdateMobileDeviceAccessRuleRequest = Shapes::StructureShape.new(name: 'UpdateMobileDeviceAccessRuleRequest')
+    UpdateMobileDeviceAccessRuleResponse = Shapes::StructureShape.new(name: 'UpdateMobileDeviceAccessRuleResponse')
     UpdatePrimaryEmailAddressRequest = Shapes::StructureShape.new(name: 'UpdatePrimaryEmailAddressRequest')
     UpdatePrimaryEmailAddressResponse = Shapes::StructureShape.new(name: 'UpdatePrimaryEmailAddressResponse')
     UpdateResourceRequest = Shapes::StructureShape.new(name: 'UpdateResourceRequest')
@@ -273,6 +299,24 @@ module Aws::WorkMail
     CreateGroupResponse.add_member(:group_id, Shapes::ShapeRef.new(shape: WorkMailIdentifier, location_name: "GroupId"))
     CreateGroupResponse.struct_class = Types::CreateGroupResponse
 
+    CreateMobileDeviceAccessRuleRequest.add_member(:organization_id, Shapes::ShapeRef.new(shape: OrganizationId, required: true, location_name: "OrganizationId"))
+    CreateMobileDeviceAccessRuleRequest.add_member(:client_token, Shapes::ShapeRef.new(shape: IdempotencyClientToken, location_name: "ClientToken", metadata: {"idempotencyToken"=>true}))
+    CreateMobileDeviceAccessRuleRequest.add_member(:name, Shapes::ShapeRef.new(shape: MobileDeviceAccessRuleName, required: true, location_name: "Name"))
+    CreateMobileDeviceAccessRuleRequest.add_member(:description, Shapes::ShapeRef.new(shape: MobileDeviceAccessRuleDescription, location_name: "Description"))
+    CreateMobileDeviceAccessRuleRequest.add_member(:effect, Shapes::ShapeRef.new(shape: MobileDeviceAccessRuleEffect, required: true, location_name: "Effect"))
+    CreateMobileDeviceAccessRuleRequest.add_member(:device_types, Shapes::ShapeRef.new(shape: DeviceTypeList, location_name: "DeviceTypes"))
+    CreateMobileDeviceAccessRuleRequest.add_member(:not_device_types, Shapes::ShapeRef.new(shape: DeviceTypeList, location_name: "NotDeviceTypes"))
+    CreateMobileDeviceAccessRuleRequest.add_member(:device_models, Shapes::ShapeRef.new(shape: DeviceModelList, location_name: "DeviceModels"))
+    CreateMobileDeviceAccessRuleRequest.add_member(:not_device_models, Shapes::ShapeRef.new(shape: DeviceModelList, location_name: "NotDeviceModels"))
+    CreateMobileDeviceAccessRuleRequest.add_member(:device_operating_systems, Shapes::ShapeRef.new(shape: DeviceOperatingSystemList, location_name: "DeviceOperatingSystems"))
+    CreateMobileDeviceAccessRuleRequest.add_member(:not_device_operating_systems, Shapes::ShapeRef.new(shape: DeviceOperatingSystemList, location_name: "NotDeviceOperatingSystems"))
+    CreateMobileDeviceAccessRuleRequest.add_member(:device_user_agents, Shapes::ShapeRef.new(shape: DeviceUserAgentList, location_name: "DeviceUserAgents"))
+    CreateMobileDeviceAccessRuleRequest.add_member(:not_device_user_agents, Shapes::ShapeRef.new(shape: DeviceUserAgentList, location_name: "NotDeviceUserAgents"))
+    CreateMobileDeviceAccessRuleRequest.struct_class = Types::CreateMobileDeviceAccessRuleRequest
+
+    CreateMobileDeviceAccessRuleResponse.add_member(:mobile_device_access_rule_id, Shapes::ShapeRef.new(shape: MobileDeviceAccessRuleId, location_name: "MobileDeviceAccessRuleId"))
+    CreateMobileDeviceAccessRuleResponse.struct_class = Types::CreateMobileDeviceAccessRuleResponse
+
     CreateOrganizationRequest.add_member(:directory_id, Shapes::ShapeRef.new(shape: DirectoryId, location_name: "DirectoryId"))
     CreateOrganizationRequest.add_member(:alias, Shapes::ShapeRef.new(shape: OrganizationName, required: true, location_name: "Alias"))
     CreateOrganizationRequest.add_member(:client_token, Shapes::ShapeRef.new(shape: IdempotencyClientToken, location_name: "ClientToken", metadata: {"idempotencyToken"=>true}))
@@ -331,6 +375,12 @@ module Aws::WorkMail
 
     DeleteMailboxPermissionsResponse.struct_class = Types::DeleteMailboxPermissionsResponse
 
+    DeleteMobileDeviceAccessRuleRequest.add_member(:organization_id, Shapes::ShapeRef.new(shape: OrganizationId, required: true, location_name: "OrganizationId"))
+    DeleteMobileDeviceAccessRuleRequest.add_member(:mobile_device_access_rule_id, Shapes::ShapeRef.new(shape: MobileDeviceAccessRuleId, required: true, location_name: "MobileDeviceAccessRuleId"))
+    DeleteMobileDeviceAccessRuleRequest.struct_class = Types::DeleteMobileDeviceAccessRuleRequest
+
+    DeleteMobileDeviceAccessRuleResponse.struct_class = Types::DeleteMobileDeviceAccessRuleResponse
+
     DeleteOrganizationRequest.add_member(:client_token, Shapes::ShapeRef.new(shape: IdempotencyClientToken, location_name: "ClientToken", metadata: {"idempotencyToken"=>true}))
     DeleteOrganizationRequest.add_member(:organization_id, Shapes::ShapeRef.new(shape: OrganizationId, required: true, location_name: "OrganizationId"))
     DeleteOrganizationRequest.add_member(:delete_directory, Shapes::ShapeRef.new(shape: Boolean, required: true, location_name: "DeleteDirectory"))
@@ -436,6 +486,14 @@ module Aws::WorkMail
     DescribeUserResponse.add_member(:disabled_date, Shapes::ShapeRef.new(shape: Timestamp, location_name: "DisabledDate"))
     DescribeUserResponse.struct_class = Types::DescribeUserResponse
 
+    DeviceModelList.member = Shapes::ShapeRef.new(shape: DeviceModel)
+
+    DeviceOperatingSystemList.member = Shapes::ShapeRef.new(shape: DeviceOperatingSystem)
+
+    DeviceTypeList.member = Shapes::ShapeRef.new(shape: DeviceType)
+
+    DeviceUserAgentList.member = Shapes::ShapeRef.new(shape: DeviceUserAgent)
+
     DirectoryInUseException.add_member(:message, Shapes::ShapeRef.new(shape: String, location_name: "Message"))
     DirectoryInUseException.struct_class = Types::DirectoryInUseException
 
@@ -511,6 +569,17 @@ module Aws::WorkMail
     GetMailboxDetailsResponse.add_member(:mailbox_size, Shapes::ShapeRef.new(shape: MailboxSize, location_name: "MailboxSize"))
     GetMailboxDetailsResponse.struct_class = Types::GetMailboxDetailsResponse
 
+    GetMobileDeviceAccessEffectRequest.add_member(:organization_id, Shapes::ShapeRef.new(shape: OrganizationId, required: true, location_name: "OrganizationId"))
+    GetMobileDeviceAccessEffectRequest.add_member(:device_type, Shapes::ShapeRef.new(shape: DeviceType, location_name: "DeviceType"))
+    GetMobileDeviceAccessEffectRequest.add_member(:device_model, Shapes::ShapeRef.new(shape: DeviceModel, location_name: "DeviceModel"))
+    GetMobileDeviceAccessEffectRequest.add_member(:device_operating_system, Shapes::ShapeRef.new(shape: DeviceOperatingSystem, location_name: "DeviceOperatingSystem"))
+    GetMobileDeviceAccessEffectRequest.add_member(:device_user_agent, Shapes::ShapeRef.new(shape: DeviceUserAgent, location_name: "DeviceUserAgent"))
+    GetMobileDeviceAccessEffectRequest.struct_class = Types::GetMobileDeviceAccessEffectRequest
+
+    GetMobileDeviceAccessEffectResponse.add_member(:effect, Shapes::ShapeRef.new(shape: MobileDeviceAccessRuleEffect, location_name: "Effect"))
+    GetMobileDeviceAccessEffectResponse.add_member(:matched_rules, Shapes::ShapeRef.new(shape: MobileDeviceAccessMatchedRuleList, location_name: "MatchedRules"))
+    GetMobileDeviceAccessEffectResponse.struct_class = Types::GetMobileDeviceAccessEffectResponse
+
     Group.add_member(:id, Shapes::ShapeRef.new(shape: WorkMailIdentifier, location_name: "Id"))
     Group.add_member(:email, Shapes::ShapeRef.new(shape: EmailAddress, location_name: "Email"))
     Group.add_member(:name, Shapes::ShapeRef.new(shape: GroupName, location_name: "Name"))
@@ -591,6 +660,12 @@ module Aws::WorkMail
     ListMailboxPermissionsResponse.add_member(:next_token, Shapes::ShapeRef.new(shape: NextToken, location_name: "NextToken"))
     ListMailboxPermissionsResponse.struct_class = Types::ListMailboxPermissionsResponse
 
+    ListMobileDeviceAccessRulesRequest.add_member(:organization_id, Shapes::ShapeRef.new(shape: OrganizationId, required: true, location_name: "OrganizationId"))
+    ListMobileDeviceAccessRulesRequest.struct_class = Types::ListMobileDeviceAccessRulesRequest
+
+    ListMobileDeviceAccessRulesResponse.add_member(:rules, Shapes::ShapeRef.new(shape: MobileDeviceAccessRulesList, location_name: "Rules"))
+    ListMobileDeviceAccessRulesResponse.struct_class = Types::ListMobileDeviceAccessRulesResponse
+
     ListOrganizationsRequest.add_member(:next_token, Shapes::ShapeRef.new(shape: NextToken, location_name: "NextToken"))
     ListOrganizationsRequest.add_member(:max_results, Shapes::ShapeRef.new(shape: MaxResults, location_name: "MaxResults"))
     ListOrganizationsRequest.struct_class = Types::ListOrganizationsRequest
@@ -660,6 +735,30 @@ module Aws::WorkMail
 
     Members.member = Shapes::ShapeRef.new(shape: Member)
 
+    MobileDeviceAccessMatchedRule.add_member(:mobile_device_access_rule_id, Shapes::ShapeRef.new(shape: MobileDeviceAccessRuleId, location_name: "MobileDeviceAccessRuleId"))
+    MobileDeviceAccessMatchedRule.add_member(:name, Shapes::ShapeRef.new(shape: MobileDeviceAccessRuleName, location_name: "Name"))
+    MobileDeviceAccessMatchedRule.struct_class = Types::MobileDeviceAccessMatchedRule
+
+    MobileDeviceAccessMatchedRuleList.member = Shapes::ShapeRef.new(shape: MobileDeviceAccessMatchedRule)
+
+    MobileDeviceAccessRule.add_member(:mobile_device_access_rule_id, Shapes::ShapeRef.new(shape: MobileDeviceAccessRuleId, location_name: "MobileDeviceAccessRuleId"))
+    MobileDeviceAccessRule.add_member(:name, Shapes::ShapeRef.new(shape: MobileDeviceAccessRuleName, location_name: "Name"))
+    MobileDeviceAccessRule.add_member(:description, Shapes::ShapeRef.new(shape: MobileDeviceAccessRuleDescription, location_name: "Description"))
+    MobileDeviceAccessRule.add_member(:effect, Shapes::ShapeRef.new(shape: MobileDeviceAccessRuleEffect, location_name: "Effect"))
+    MobileDeviceAccessRule.add_member(:device_types, Shapes::ShapeRef.new(shape: DeviceTypeList, location_name: "DeviceTypes"))
+    MobileDeviceAccessRule.add_member(:not_device_types, Shapes::ShapeRef.new(shape: DeviceTypeList, location_name: "NotDeviceTypes"))
+    MobileDeviceAccessRule.add_member(:device_models, Shapes::ShapeRef.new(shape: DeviceModelList, location_name: "DeviceModels"))
+    MobileDeviceAccessRule.add_member(:not_device_models, Shapes::ShapeRef.new(shape: DeviceModelList, location_name: "NotDeviceModels"))
+    MobileDeviceAccessRule.add_member(:device_operating_systems, Shapes::ShapeRef.new(shape: DeviceOperatingSystemList, location_name: "DeviceOperatingSystems"))
+    MobileDeviceAccessRule.add_member(:not_device_operating_systems, Shapes::ShapeRef.new(shape: DeviceOperatingSystemList, location_name: "NotDeviceOperatingSystems"))
+    MobileDeviceAccessRule.add_member(:device_user_agents, Shapes::ShapeRef.new(shape: DeviceUserAgentList, location_name: "DeviceUserAgents"))
+    MobileDeviceAccessRule.add_member(:not_device_user_agents, Shapes::ShapeRef.new(shape: DeviceUserAgentList, location_name: "NotDeviceUserAgents"))
+    MobileDeviceAccessRule.add_member(:date_created, Shapes::ShapeRef.new(shape: Timestamp, location_name: "DateCreated"))
+    MobileDeviceAccessRule.add_member(:date_modified, Shapes::ShapeRef.new(shape: Timestamp, location_name: "DateModified"))
+    MobileDeviceAccessRule.struct_class = Types::MobileDeviceAccessRule
+
+    MobileDeviceAccessRulesList.member = Shapes::ShapeRef.new(shape: MobileDeviceAccessRule)
+
     NameAvailabilityException.add_member(:message, Shapes::ShapeRef.new(shape: String, location_name: "Message"))
     NameAvailabilityException.struct_class = Types::NameAvailabilityException
 
@@ -797,6 +896,23 @@ module Aws::WorkMail
 
     UpdateMailboxQuotaResponse.struct_class = Types::UpdateMailboxQuotaResponse
 
+    UpdateMobileDeviceAccessRuleRequest.add_member(:organization_id, Shapes::ShapeRef.new(shape: OrganizationId, required: true, location_name: "OrganizationId"))
+    UpdateMobileDeviceAccessRuleRequest.add_member(:mobile_device_access_rule_id, Shapes::ShapeRef.new(shape: MobileDeviceAccessRuleId, required: true, location_name: "MobileDeviceAccessRuleId"))
+    UpdateMobileDeviceAccessRuleRequest.add_member(:name, Shapes::ShapeRef.new(shape: MobileDeviceAccessRuleName, required: true, location_name: "Name"))
+    UpdateMobileDeviceAccessRuleRequest.add_member(:description, Shapes::ShapeRef.new(shape: MobileDeviceAccessRuleDescription, location_name: "Description"))
+    UpdateMobileDeviceAccessRuleRequest.add_member(:effect, Shapes::ShapeRef.new(shape: MobileDeviceAccessRuleEffect, required: true, location_name: "Effect"))
+    UpdateMobileDeviceAccessRuleRequest.add_member(:device_types, Shapes::ShapeRef.new(shape: DeviceTypeList, location_name: "DeviceTypes"))
+    UpdateMobileDeviceAccessRuleRequest.add_member(:not_device_types, Shapes::ShapeRef.new(shape: DeviceTypeList, location_name: "NotDeviceTypes"))
+    UpdateMobileDeviceAccessRuleRequest.add_member(:device_models, Shapes::ShapeRef.new(shape: DeviceModelList, location_name: "DeviceModels"))
+    UpdateMobileDeviceAccessRuleRequest.add_member(:not_device_models, Shapes::ShapeRef.new(shape: DeviceModelList, location_name: "NotDeviceModels"))
+    UpdateMobileDeviceAccessRuleRequest.add_member(:device_operating_systems, Shapes::ShapeRef.new(shape: DeviceOperatingSystemList, location_name: "DeviceOperatingSystems"))
+    UpdateMobileDeviceAccessRuleRequest.add_member(:not_device_operating_systems, Shapes::ShapeRef.new(shape: DeviceOperatingSystemList, location_name: "NotDeviceOperatingSystems"))
+    UpdateMobileDeviceAccessRuleRequest.add_member(:device_user_agents, Shapes::ShapeRef.new(shape: DeviceUserAgentList, location_name: "DeviceUserAgents"))
+    UpdateMobileDeviceAccessRuleRequest.add_member(:not_device_user_agents, Shapes::ShapeRef.new(shape: DeviceUserAgentList, location_name: "NotDeviceUserAgents"))
+    UpdateMobileDeviceAccessRuleRequest.struct_class = Types::UpdateMobileDeviceAccessRuleRequest
+
+    UpdateMobileDeviceAccessRuleResponse.struct_class = Types::UpdateMobileDeviceAccessRuleResponse
+
     UpdatePrimaryEmailAddressRequest.add_member(:organization_id, Shapes::ShapeRef.new(shape: OrganizationId, required: true, location_name: "OrganizationId"))
     UpdatePrimaryEmailAddressRequest.add_member(:entity_id, Shapes::ShapeRef.new(shape: WorkMailIdentifier, required: true, location_name: "EntityId"))
     UpdatePrimaryEmailAddressRequest.add_member(:email, Shapes::ShapeRef.new(shape: EmailAddress, required: true, location_name: "Email"))
@@ -918,6 +1034,18 @@ module Aws::WorkMail
         o.errors << Shapes::ShapeRef.new(shape: UnsupportedOperationException)
       end)
 
+      api.add_operation(:create_mobile_device_access_rule, Seahorse::Model::Operation.new.tap do |o|
+        o.name = "CreateMobileDeviceAccessRule"
+        o.http_method = "POST"
+        o.http_request_uri = "/"
+        o.input = Shapes::ShapeRef.new(shape: CreateMobileDeviceAccessRuleRequest)
+        o.output = Shapes::ShapeRef.new(shape: CreateMobileDeviceAccessRuleResponse)
+        o.errors << Shapes::ShapeRef.new(shape: InvalidParameterException)
+        o.errors << Shapes::ShapeRef.new(shape: LimitExceededException)
+        o.errors << Shapes::ShapeRef.new(shape: OrganizationNotFoundException)
+        o.errors << Shapes::ShapeRef.new(shape: OrganizationStateException)
+      end)
+
       api.add_operation(:create_organization, Seahorse::Model::Operation.new.tap do |o|
         o.name = "CreateOrganization"
         o.http_method = "POST"
@@ -1014,6 +1142,17 @@ module Aws::WorkMail
         o.errors << Shapes::ShapeRef.new(shape: OrganizationStateException)
       end)
 
+      api.add_operation(:delete_mobile_device_access_rule, Seahorse::Model::Operation.new.tap do |o|
+        o.name = "DeleteMobileDeviceAccessRule"
+        o.http_method = "POST"
+        o.http_request_uri = "/"
+        o.input = Shapes::ShapeRef.new(shape: DeleteMobileDeviceAccessRuleRequest)
+        o.output = Shapes::ShapeRef.new(shape: DeleteMobileDeviceAccessRuleResponse)
+        o.errors << Shapes::ShapeRef.new(shape: InvalidParameterException)
+        o.errors << Shapes::ShapeRef.new(shape: OrganizationNotFoundException)
+        o.errors << Shapes::ShapeRef.new(shape: OrganizationStateException)
+      end)
+
       api.add_operation(:delete_organization, Seahorse::Model::Operation.new.tap do |o|
         o.name = "DeleteOrganization"
         o.http_method = "POST"
@@ -1198,6 +1337,17 @@ module Aws::WorkMail
         o.errors << Shapes::ShapeRef.new(shape: EntityNotFoundException)
       end)
 
+      api.add_operation(:get_mobile_device_access_effect, Seahorse::Model::Operation.new.tap do |o|
+        o.name = "GetMobileDeviceAccessEffect"
+        o.http_method = "POST"
+        o.http_request_uri = "/"
+        o.input = Shapes::ShapeRef.new(shape: GetMobileDeviceAccessEffectRequest)
+        o.output = Shapes::ShapeRef.new(shape: GetMobileDeviceAccessEffectResponse)
+        o.errors << Shapes::ShapeRef.new(shape: InvalidParameterException)
+        o.errors << Shapes::ShapeRef.new(shape: OrganizationNotFoundException)
+        o.errors << Shapes::ShapeRef.new(shape: OrganizationStateException)
+      end)
+
       api.add_operation(:list_access_control_rules, Seahorse::Model::Operation.new.tap do |o|
         o.name = "ListAccessControlRules"
         o.http_method = "POST"
@@ -1299,6 +1449,17 @@ module Aws::WorkMail
         )
       end)
 
+      api.add_operation(:list_mobile_device_access_rules, Seahorse::Model::Operation.new.tap do |o|
+        o.name = "ListMobileDeviceAccessRules"
+        o.http_method = "POST"
+        o.http_request_uri = "/"
+        o.input = Shapes::ShapeRef.new(shape: ListMobileDeviceAccessRulesRequest)
+        o.output = Shapes::ShapeRef.new(shape: ListMobileDeviceAccessRulesResponse)
+        o.errors << Shapes::ShapeRef.new(shape: InvalidParameterException)
+        o.errors << Shapes::ShapeRef.new(shape: OrganizationNotFoundException)
+        o.errors << Shapes::ShapeRef.new(shape: OrganizationStateException)
+      end)
+
       api.add_operation(:list_organizations, Seahorse::Model::Operation.new.tap do |o|
         o.name = "ListOrganizations"
         o.http_method = "POST"
@@ -1496,6 +1657,18 @@ module Aws::WorkMail
         o.errors << Shapes::ShapeRef.new(shape: EntityStateException)
       end)
 
+      api.add_operation(:update_mobile_device_access_rule, Seahorse::Model::Operation.new.tap do |o|
+        o.name = "UpdateMobileDeviceAccessRule"
+        o.http_method = "POST"
+        o.http_request_uri = "/"
+        o.input = Shapes::ShapeRef.new(shape: UpdateMobileDeviceAccessRuleRequest)
+        o.output = Shapes::ShapeRef.new(shape: UpdateMobileDeviceAccessRuleResponse)
+        o.errors << Shapes::ShapeRef.new(shape: InvalidParameterException)
+        o.errors << Shapes::ShapeRef.new(shape: EntityNotFoundException)
+        o.errors << Shapes::ShapeRef.new(shape: OrganizationNotFoundException)
+        o.errors << Shapes::ShapeRef.new(shape: OrganizationStateException)
+      end)
+
       api.add_operation(:update_primary_email_address, Seahorse::Model::Operation.new.tap do |o|
         o.name = "UpdatePrimaryEmailAddress"
         o.http_method = "POST"

data/lib/aws-sdk-workmail/types.rb

@@ -295,6 +295,118 @@ module Aws::WorkMail
       include Aws::Structure
     end
 
+    # @note When making an API call, you may pass CreateMobileDeviceAccessRuleRequest
+    #   data as a hash:
+    #
+    #       {
+    #         organization_id: "OrganizationId", # required
+    #         client_token: "IdempotencyClientToken",
+    #         name: "MobileDeviceAccessRuleName", # required
+    #         description: "MobileDeviceAccessRuleDescription",
+    #         effect: "ALLOW", # required, accepts ALLOW, DENY
+    #         device_types: ["DeviceType"],
+    #         not_device_types: ["DeviceType"],
+    #         device_models: ["DeviceModel"],
+    #         not_device_models: ["DeviceModel"],
+    #         device_operating_systems: ["DeviceOperatingSystem"],
+    #         not_device_operating_systems: ["DeviceOperatingSystem"],
+    #         device_user_agents: ["DeviceUserAgent"],
+    #         not_device_user_agents: ["DeviceUserAgent"],
+    #       }
+    #
+    # @!attribute [rw] organization_id
+    #   The Amazon WorkMail organization under which the rule will be
+    #   created.
+    #   @return [String]
+    #
+    # @!attribute [rw] client_token
+    #   The idempotency token for the client request.
+    #
+    #   **A suitable default value is auto-generated.** You should normally
+    #   not need to pass this option.
+    #   @return [String]
+    #
+    # @!attribute [rw] name
+    #   The rule name.
+    #   @return [String]
+    #
+    # @!attribute [rw] description
+    #   The rule description.
+    #   @return [String]
+    #
+    # @!attribute [rw] effect
+    #   The effect of the rule when it matches. Allowed values are `ALLOW`
+    #   or `DENY`.
+    #   @return [String]
+    #
+    # @!attribute [rw] device_types
+    #   Device types that the rule will match.
+    #   @return [Array<String>]
+    #
+    # @!attribute [rw] not_device_types
+    #   Device types that the rule **will not** match. All other device
+    #   types will match.
+    #   @return [Array<String>]
+    #
+    # @!attribute [rw] device_models
+    #   Device models that the rule will match.
+    #   @return [Array<String>]
+    #
+    # @!attribute [rw] not_device_models
+    #   Device models that the rule **will not** match. All other device
+    #   models will match.
+    #   @return [Array<String>]
+    #
+    # @!attribute [rw] device_operating_systems
+    #   Device operating systems that the rule will match.
+    #   @return [Array<String>]
+    #
+    # @!attribute [rw] not_device_operating_systems
+    #   Device operating systems that the rule **will not** match. All other
+    #   device operating systems will match.
+    #   @return [Array<String>]
+    #
+    # @!attribute [rw] device_user_agents
+    #   Device user agents that the rule will match.
+    #   @return [Array<String>]
+    #
+    # @!attribute [rw] not_device_user_agents
+    #   Device user agents that the rule **will not** match. All other
+    #   device user agents will match.
+    #   @return [Array<String>]
+    #
+    # @see http://docs.aws.amazon.com/goto/WebAPI/workmail-2017-10-01/CreateMobileDeviceAccessRuleRequest AWS API Documentation
+    #
+    class CreateMobileDeviceAccessRuleRequest < Struct.new(
+      :organization_id,
+      :client_token,
+      :name,
+      :description,
+      :effect,
+      :device_types,
+      :not_device_types,
+      :device_models,
+      :not_device_models,
+      :device_operating_systems,
+      :not_device_operating_systems,
+      :device_user_agents,
+      :not_device_user_agents)
+      SENSITIVE = []
+      include Aws::Structure
+    end
+
+    # @!attribute [rw] mobile_device_access_rule_id
+    #   The identifier for the newly created mobile device access rule.
+    #   @return [String]
+    #
+    # @see http://docs.aws.amazon.com/goto/WebAPI/workmail-2017-10-01/CreateMobileDeviceAccessRuleResponse AWS API Documentation
+    #
+    class CreateMobileDeviceAccessRuleResponse < Struct.new(
+      :mobile_device_access_rule_id)
+      SENSITIVE = []
+      include Aws::Structure
+    end
+
     # @note When making an API call, you may pass CreateOrganizationRequest
     #   data as a hash:
     #
@@ -616,6 +728,36 @@ module Aws::WorkMail
     #
     class DeleteMailboxPermissionsResponse < Aws::EmptyStructure; end
 
+    # @note When making an API call, you may pass DeleteMobileDeviceAccessRuleRequest
+    #   data as a hash:
+    #
+    #       {
+    #         organization_id: "OrganizationId", # required
+    #         mobile_device_access_rule_id: "MobileDeviceAccessRuleId", # required
+    #       }
+    #
+    # @!attribute [rw] organization_id
+    #   The Amazon WorkMail organization under which the rule will be
+    #   deleted.
+    #   @return [String]
+    #
+    # @!attribute [rw] mobile_device_access_rule_id
+    #   The identifier of the rule to be deleted.
+    #   @return [String]
+    #
+    # @see http://docs.aws.amazon.com/goto/WebAPI/workmail-2017-10-01/DeleteMobileDeviceAccessRuleRequest AWS API Documentation
+    #
+    class DeleteMobileDeviceAccessRuleRequest < Struct.new(
+      :organization_id,
+      :mobile_device_access_rule_id)
+      SENSITIVE = []
+      include Aws::Structure
+    end
+
+    # @see http://docs.aws.amazon.com/goto/WebAPI/workmail-2017-10-01/DeleteMobileDeviceAccessRuleResponse AWS API Documentation
+    #
+    class DeleteMobileDeviceAccessRuleResponse < Aws::EmptyStructure; end
+
     # @note When making an API call, you may pass DeleteOrganizationRequest
     #   data as a hash:
     #
@@ -1568,6 +1710,69 @@ module Aws::WorkMail
       include Aws::Structure
     end
 
+    # @note When making an API call, you may pass GetMobileDeviceAccessEffectRequest
+    #   data as a hash:
+    #
+    #       {
+    #         organization_id: "OrganizationId", # required
+    #         device_type: "DeviceType",
+    #         device_model: "DeviceModel",
+    #         device_operating_system: "DeviceOperatingSystem",
+    #         device_user_agent: "DeviceUserAgent",
+    #       }
+    #
+    # @!attribute [rw] organization_id
+    #   The Amazon WorkMail organization to simulate the access effect for.
+    #   @return [String]
+    #
+    # @!attribute [rw] device_type
+    #   Device type the simulated user will report.
+    #   @return [String]
+    #
+    # @!attribute [rw] device_model
+    #   Device model the simulated user will report.
+    #   @return [String]
+    #
+    # @!attribute [rw] device_operating_system
+    #   Device operating system the simulated user will report.
+    #   @return [String]
+    #
+    # @!attribute [rw] device_user_agent
+    #   Device user agent the simulated user will report.
+    #   @return [String]
+    #
+    # @see http://docs.aws.amazon.com/goto/WebAPI/workmail-2017-10-01/GetMobileDeviceAccessEffectRequest AWS API Documentation
+    #
+    class GetMobileDeviceAccessEffectRequest < Struct.new(
+      :organization_id,
+      :device_type,
+      :device_model,
+      :device_operating_system,
+      :device_user_agent)
+      SENSITIVE = []
+      include Aws::Structure
+    end
+
+    # @!attribute [rw] effect
+    #   The effect of the simulated access, `ALLOW` or `DENY`, after
+    #   evaluating mobile device access rules in the Amazon WorkMail
+    #   organization for the simulated user parameters.
+    #   @return [String]
+    #
+    # @!attribute [rw] matched_rules
+    #   A list of the rules which matched the simulated user input and
+    #   produced the effect.
+    #   @return [Array<Types::MobileDeviceAccessMatchedRule>]
+    #
+    # @see http://docs.aws.amazon.com/goto/WebAPI/workmail-2017-10-01/GetMobileDeviceAccessEffectResponse AWS API Documentation
+    #
+    class GetMobileDeviceAccessEffectResponse < Struct.new(
+      :effect,
+      :matched_rules)
+      SENSITIVE = []
+      include Aws::Structure
+    end
+
     # The representation of an Amazon WorkMail group.
     #
     # @!attribute [rw] id
@@ -1965,6 +2170,38 @@ module Aws::WorkMail
       include Aws::Structure
     end
 
+    # @note When making an API call, you may pass ListMobileDeviceAccessRulesRequest
+    #   data as a hash:
+    #
+    #       {
+    #         organization_id: "OrganizationId", # required
+    #       }
+    #
+    # @!attribute [rw] organization_id
+    #   The Amazon WorkMail organization for which to list the rules.
+    #   @return [String]
+    #
+    # @see http://docs.aws.amazon.com/goto/WebAPI/workmail-2017-10-01/ListMobileDeviceAccessRulesRequest AWS API Documentation
+    #
+    class ListMobileDeviceAccessRulesRequest < Struct.new(
+      :organization_id)
+      SENSITIVE = []
+      include Aws::Structure
+    end
+
+    # @!attribute [rw] rules
+    #   The list of mobile device access rules that exist under the
+    #   specified Amazon WorkMail organization.
+    #   @return [Array<Types::MobileDeviceAccessRule>]
+    #
+    # @see http://docs.aws.amazon.com/goto/WebAPI/workmail-2017-10-01/ListMobileDeviceAccessRulesResponse AWS API Documentation
+    #
+    class ListMobileDeviceAccessRulesResponse < Struct.new(
+      :rules)
+      SENSITIVE = []
+      include Aws::Structure
+    end
+
     # @note When making an API call, you may pass ListOrganizationsRequest
     #   data as a hash:
     #
@@ -2327,6 +2564,110 @@ module Aws::WorkMail
       include Aws::Structure
     end
 
+    # The rule that a simulated user matches.
+    #
+    # @!attribute [rw] mobile_device_access_rule_id
+    #   Identifier of the rule that a simulated user matches.
+    #   @return [String]
+    #
+    # @!attribute [rw] name
+    #   Name of a rule that a simulated user matches.
+    #   @return [String]
+    #
+    # @see http://docs.aws.amazon.com/goto/WebAPI/workmail-2017-10-01/MobileDeviceAccessMatchedRule AWS API Documentation
+    #
+    class MobileDeviceAccessMatchedRule < Struct.new(
+      :mobile_device_access_rule_id,
+      :name)
+      SENSITIVE = []
+      include Aws::Structure
+    end
+
+    # A rule that controls access to mobile devices for an Amazon WorkMail
+    # group.
+    #
+    # @!attribute [rw] mobile_device_access_rule_id
+    #   The ID assigned to a mobile access rule.
+    #   @return [String]
+    #
+    # @!attribute [rw] name
+    #   The name of a mobile access rule.
+    #   @return [String]
+    #
+    # @!attribute [rw] description
+    #   The description of a mobile access rule.
+    #   @return [String]
+    #
+    # @!attribute [rw] effect
+    #   The effect of the rule when it matches. Allowed values are `ALLOW`
+    #   or `DENY`.
+    #   @return [String]
+    #
+    # @!attribute [rw] device_types
+    #   Device types that a rule will match.
+    #   @return [Array<String>]
+    #
+    # @!attribute [rw] not_device_types
+    #   Device types that a rule **will not** match. All other device types
+    #   will match.
+    #   @return [Array<String>]
+    #
+    # @!attribute [rw] device_models
+    #   Device models that a rule will match.
+    #   @return [Array<String>]
+    #
+    # @!attribute [rw] not_device_models
+    #   Device models that a rule **will not** match. All other device
+    #   models will match.
+    #   @return [Array<String>]
+    #
+    # @!attribute [rw] device_operating_systems
+    #   Device operating systems that a rule will match.
+    #   @return [Array<String>]
+    #
+    # @!attribute [rw] not_device_operating_systems
+    #   Device operating systems that a rule **will not** match. All other
+    #   device types will match.
+    #   @return [Array<String>]
+    #
+    # @!attribute [rw] device_user_agents
+    #   Device user agents that a rule will match.
+    #   @return [Array<String>]
+    #
+    # @!attribute [rw] not_device_user_agents
+    #   Device user agents that a rule **will not** match. All other device
+    #   user agents will match.
+    #   @return [Array<String>]
+    #
+    # @!attribute [rw] date_created
+    #   The date and time at which an access rule was created.
+    #   @return [Time]
+    #
+    # @!attribute [rw] date_modified
+    #   The date and time at which an access rule was modified.
+    #   @return [Time]
+    #
+    # @see http://docs.aws.amazon.com/goto/WebAPI/workmail-2017-10-01/MobileDeviceAccessRule AWS API Documentation
+    #
+    class MobileDeviceAccessRule < Struct.new(
+      :mobile_device_access_rule_id,
+      :name,
+      :description,
+      :effect,
+      :device_types,
+      :not_device_types,
+      :device_models,
+      :not_device_models,
+      :device_operating_systems,
+      :not_device_operating_systems,
+      :device_user_agents,
+      :not_device_user_agents,
+      :date_created,
+      :date_modified)
+      SENSITIVE = []
+      include Aws::Structure
+    end
+
     # The user, group, or resource name isn't unique in Amazon WorkMail.
     #
     # @!attribute [rw] message
@@ -2996,6 +3337,107 @@ module Aws::WorkMail
     #
     class UpdateMailboxQuotaResponse < Aws::EmptyStructure; end
 
+    # @note When making an API call, you may pass UpdateMobileDeviceAccessRuleRequest
+    #   data as a hash:
+    #
+    #       {
+    #         organization_id: "OrganizationId", # required
+    #         mobile_device_access_rule_id: "MobileDeviceAccessRuleId", # required
+    #         name: "MobileDeviceAccessRuleName", # required
+    #         description: "MobileDeviceAccessRuleDescription",
+    #         effect: "ALLOW", # required, accepts ALLOW, DENY
+    #         device_types: ["DeviceType"],
+    #         not_device_types: ["DeviceType"],
+    #         device_models: ["DeviceModel"],
+    #         not_device_models: ["DeviceModel"],
+    #         device_operating_systems: ["DeviceOperatingSystem"],
+    #         not_device_operating_systems: ["DeviceOperatingSystem"],
+    #         device_user_agents: ["DeviceUserAgent"],
+    #         not_device_user_agents: ["DeviceUserAgent"],
+    #       }
+    #
+    # @!attribute [rw] organization_id
+    #   The Amazon WorkMail organization under which the rule will be
+    #   updated.
+    #   @return [String]
+    #
+    # @!attribute [rw] mobile_device_access_rule_id
+    #   The identifier of the rule to be updated.
+    #   @return [String]
+    #
+    # @!attribute [rw] name
+    #   The updated rule name.
+    #   @return [String]
+    #
+    # @!attribute [rw] description
+    #   The updated rule description.
+    #   @return [String]
+    #
+    # @!attribute [rw] effect
+    #   The effect of the rule when it matches. Allowed values are `ALLOW`
+    #   or `DENY`.
+    #   @return [String]
+    #
+    # @!attribute [rw] device_types
+    #   Device types that the updated rule will match.
+    #   @return [Array<String>]
+    #
+    # @!attribute [rw] not_device_types
+    #   Device types that the updated rule **will not** match. All other
+    #   device types will match.
+    #   @return [Array<String>]
+    #
+    # @!attribute [rw] device_models
+    #   Device models that the updated rule will match.
+    #   @return [Array<String>]
+    #
+    # @!attribute [rw] not_device_models
+    #   Device models that the updated rule **will not** match. All other
+    #   device models will match.
+    #   @return [Array<String>]
+    #
+    # @!attribute [rw] device_operating_systems
+    #   Device operating systems that the updated rule will match.
+    #   @return [Array<String>]
+    #
+    # @!attribute [rw] not_device_operating_systems
+    #   Device operating systems that the updated rule **will not** match.
+    #   All other device operating systems will match.
+    #   @return [Array<String>]
+    #
+    # @!attribute [rw] device_user_agents
+    #   User agents that the updated rule will match.
+    #   @return [Array<String>]
+    #
+    # @!attribute [rw] not_device_user_agents
+    #   User agents that the updated rule **will not** match. All other user
+    #   agents will match.
+    #   @return [Array<String>]
+    #
+    # @see http://docs.aws.amazon.com/goto/WebAPI/workmail-2017-10-01/UpdateMobileDeviceAccessRuleRequest AWS API Documentation
+    #
+    class UpdateMobileDeviceAccessRuleRequest < Struct.new(
+      :organization_id,
+      :mobile_device_access_rule_id,
+      :name,
+      :description,
+      :effect,
+      :device_types,
+      :not_device_types,
+      :device_models,
+      :not_device_models,
+      :device_operating_systems,
+      :not_device_operating_systems,
+      :device_user_agents,
+      :not_device_user_agents)
+      SENSITIVE = []
+      include Aws::Structure
+    end
+
+    # @see http://docs.aws.amazon.com/goto/WebAPI/workmail-2017-10-01/UpdateMobileDeviceAccessRuleResponse AWS API Documentation
+    #
+    class UpdateMobileDeviceAccessRuleResponse < Aws::EmptyStructure; end
+
     # @note When making an API call, you may pass UpdatePrimaryEmailAddressRequest
     #   data as a hash:
     #

metadata

@@ -1,14 +1,14 @@
 --- !ruby/object:Gem::Specification
 name: aws-sdk-workmail
 version: !ruby/object:Gem::Version
-  version: 1.36.0
+  version: 1.37.0
 platform: ruby
 authors:
 - Amazon Web Services
 autorequire: 
 bindir: bin
 cert_chain: []
-date: 2021-03-10 00:00:00.000000000 Z
+date: 2021-03-31 00:00:00.000000000 Z
 dependencies:
 - !ruby/object:Gem::Dependency
   name: aws-sdk-core
@@ -66,8 +66,8 @@ homepage: https://github.com/aws/aws-sdk-ruby
 licenses:
 - Apache-2.0
 metadata:
-  source_code_uri: https://github.com/aws/aws-sdk-ruby/tree/master/gems/aws-sdk-workmail
-  changelog_uri: https://github.com/aws/aws-sdk-ruby/tree/master/gems/aws-sdk-workmail/CHANGELOG.md
+  source_code_uri: https://github.com/aws/aws-sdk-ruby/tree/version-3/gems/aws-sdk-workmail
+  changelog_uri: https://github.com/aws/aws-sdk-ruby/tree/version-3/gems/aws-sdk-workmail/CHANGELOG.md
 post_install_message: 
 rdoc_options: []
 require_paths: