:doc:`WorkMail <../../workmail>` / Client / put_access_control_rule

***********************
put_access_control_rule
***********************



.. py:method:: WorkMail.Client.put_access_control_rule(**kwargs)

  

  Adds a new access control rule for the specified organization. The rule allows or denies access to the organization for the specified IPv4 addresses, access protocol actions, user IDs and impersonation IDs. Adding a new rule with the same name as an existing rule replaces the older rule.

  

  See also: `AWS API Documentation <https://docs.aws.amazon.com/goto/WebAPI/workmail-2017-10-01/PutAccessControlRule>`_  


  **Request Syntax**
  ::

    response = client.put_access_control_rule(
        Name='string',
        Effect='ALLOW'|'DENY',
        Description='string',
        IpRanges=[
            'string',
        ],
        NotIpRanges=[
            'string',
        ],
        Actions=[
            'string',
        ],
        NotActions=[
            'string',
        ],
        UserIds=[
            'string',
        ],
        NotUserIds=[
            'string',
        ],
        OrganizationId='string',
        ImpersonationRoleIds=[
            'string',
        ],
        NotImpersonationRoleIds=[
            'string',
        ]
    )
    
  :type Name: string
  :param Name: **[REQUIRED]** 

    The rule name.

    

  
  :type Effect: string
  :param Effect: **[REQUIRED]** 

    The rule effect.

    

  
  :type Description: string
  :param Description: **[REQUIRED]** 

    The rule description.

    

  
  :type IpRanges: list
  :param IpRanges: 

    IPv4 CIDR ranges to include in the rule.

    

  
    - *(string) --* 

    

  :type NotIpRanges: list
  :param NotIpRanges: 

    IPv4 CIDR ranges to exclude from the rule.

    

  
    - *(string) --* 

    

  :type Actions: list
  :param Actions: 

    Access protocol actions to include in the rule. Valid values include ``ActiveSync``, ``AutoDiscover``, ``EWS``, ``IMAP``, ``SMTP``, ``WindowsOutlook``, and ``WebMail``.

    

  
    - *(string) --* 

    

  :type NotActions: list
  :param NotActions: 

    Access protocol actions to exclude from the rule. Valid values include ``ActiveSync``, ``AutoDiscover``, ``EWS``, ``IMAP``, ``SMTP``, ``WindowsOutlook``, and ``WebMail``.

    

  
    - *(string) --* 

    

  :type UserIds: list
  :param UserIds: 

    User IDs to include in the rule.

    

  
    - *(string) --* 

    

  :type NotUserIds: list
  :param NotUserIds: 

    User IDs to exclude from the rule.

    

  
    - *(string) --* 

    

  :type OrganizationId: string
  :param OrganizationId: **[REQUIRED]** 

    The identifier of the organization.

    

  
  :type ImpersonationRoleIds: list
  :param ImpersonationRoleIds: 

    Impersonation role IDs to include in the rule.

    

  
    - *(string) --* 

    

  :type NotImpersonationRoleIds: list
  :param NotImpersonationRoleIds: 

    Impersonation role IDs to exclude from the rule.

    

  
    - *(string) --* 

    

  
  :rtype: dict
  :returns: 
    
    **Response Syntax**

    
    ::

      {}
      
    **Response Structure**

    

    - *(dict) --* 
  
  **Exceptions**
  
  *   :py:class:`WorkMail.Client.exceptions.LimitExceededException`

  
  *   :py:class:`WorkMail.Client.exceptions.InvalidParameterException`

  
  *   :py:class:`WorkMail.Client.exceptions.EntityNotFoundException`

  
  *   :py:class:`WorkMail.Client.exceptions.ResourceNotFoundException`

  
  *   :py:class:`WorkMail.Client.exceptions.OrganizationNotFoundException`

  
  *   :py:class:`WorkMail.Client.exceptions.OrganizationStateException`

  