:doc:`WorkMail <../../workmail>` / Client / list_access_control_rules

*************************
list_access_control_rules
*************************



.. py:method:: WorkMail.Client.list_access_control_rules(**kwargs)

  

  Lists the access control rules for the specified organization.

  

  See also: `AWS API Documentation <https://docs.aws.amazon.com/goto/WebAPI/workmail-2017-10-01/ListAccessControlRules>`_  


  **Request Syntax**
  ::

    response = client.list_access_control_rules(
        OrganizationId='string'
    )
    
  :type OrganizationId: string
  :param OrganizationId: **[REQUIRED]** 

    The identifier for the organization.

    

  
  
  :rtype: dict
  :returns: 
    
    **Response Syntax**

    
    ::

      {
          'Rules': [
              {
                  'Name': 'string',
                  'Effect': 'ALLOW'|'DENY',
                  'Description': 'string',
                  'IpRanges': [
                      'string',
                  ],
                  'NotIpRanges': [
                      'string',
                  ],
                  'Actions': [
                      'string',
                  ],
                  'NotActions': [
                      'string',
                  ],
                  'UserIds': [
                      'string',
                  ],
                  'NotUserIds': [
                      'string',
                  ],
                  'DateCreated': datetime(2015, 1, 1),
                  'DateModified': datetime(2015, 1, 1),
                  'ImpersonationRoleIds': [
                      'string',
                  ],
                  'NotImpersonationRoleIds': [
                      'string',
                  ]
              },
          ]
      }
      
    **Response Structure**

    

    - *(dict) --* 
      

      - **Rules** *(list) --* 

        The access control rules.

        
        

        - *(dict) --* 

          A rule that controls access to an WorkMail organization.

          
          

          - **Name** *(string) --* 

            The rule name.

            
          

          - **Effect** *(string) --* 

            The rule effect.

            
          

          - **Description** *(string) --* 

            The rule description.

            
          

          - **IpRanges** *(list) --* 

            IPv4 CIDR ranges to include in the rule.

            
            

            - *(string) --* 
        
          

          - **NotIpRanges** *(list) --* 

            IPv4 CIDR ranges to exclude from the rule.

            
            

            - *(string) --* 
        
          

          - **Actions** *(list) --* 

            Access protocol actions to include in the rule. Valid values include ``ActiveSync``, ``AutoDiscover``, ``EWS``, ``IMAP``, ``SMTP``, ``WindowsOutlook``, and ``WebMail``.

            
            

            - *(string) --* 
        
          

          - **NotActions** *(list) --* 

            Access protocol actions to exclude from the rule. Valid values include ``ActiveSync``, ``AutoDiscover``, ``EWS``, ``IMAP``, ``SMTP``, ``WindowsOutlook``, and ``WebMail``.

            
            

            - *(string) --* 
        
          

          - **UserIds** *(list) --* 

            User IDs to include in the rule.

            
            

            - *(string) --* 
        
          

          - **NotUserIds** *(list) --* 

            User IDs to exclude from the rule.

            
            

            - *(string) --* 
        
          

          - **DateCreated** *(datetime) --* 

            The date that the rule was created.

            
          

          - **DateModified** *(datetime) --* 

            The date that the rule was modified.

            
          

          - **ImpersonationRoleIds** *(list) --* 

            Impersonation role IDs to include in the rule.

            
            

            - *(string) --* 
        
          

          - **NotImpersonationRoleIds** *(list) --* 

            Impersonation role IDs to exclude from the rule.

            
            

            - *(string) --* 
        
      
    
  
  **Exceptions**
  
  *   :py:class:`WorkMail.Client.exceptions.OrganizationNotFoundException`

  
  *   :py:class:`WorkMail.Client.exceptions.OrganizationStateException`

  