2025/06/17 - AWS Multi-party Approval - 21 new api methods
Changes This release enables customers to create Multi-party approval teams and approval requests to protect supported operations.
Returns details for an identity source. For more information, see Identity Source in the Multi-party approval User Guide.
See also: AWS API Documentation
Request Syntax
client.get_identity_source(
IdentitySourceArn='string'
)
string
[REQUIRED]
Amazon Resource Name (ARN) for the identity source.
dict
Response Syntax
{
'IdentitySourceType': 'IAM_IDENTITY_CENTER',
'IdentitySourceParameters': {
'IamIdentityCenter': {
'InstanceArn': 'string',
'ApprovalPortalUrl': 'string',
'Region': 'string'
}
},
'IdentitySourceArn': 'string',
'CreationTime': datetime(2015, 1, 1),
'Status': 'CREATING'|'ACTIVE'|'DELETING'|'ERROR',
'StatusCode': 'ACCESS_DENIED'|'DELETION_FAILED'|'IDC_INSTANCE_NOT_FOUND'|'IDC_INSTANCE_NOT_VALID',
'StatusMessage': 'string'
}
Response Structure
(dict) --
IdentitySourceType (string) --
The type of resource that provided identities to the identity source. For example, an IAM Identity Center instance.
IdentitySourceParameters (dict) --
A IdentitySourceParameters object. Contains details for the resource that provides identities to the identity source. For example, an IAM Identity Center instance.
IamIdentityCenter (dict) --
IAM Identity Center credentials.
InstanceArn (string) --
Amazon Resource Name (ARN) for the IAM Identity Center instance.
ApprovalPortalUrl (string) --
URL for the approval portal associated with the IAM Identity Center instance.
Region (string) --
Amazon Web Services Region where the IAM Identity Center instance is located.
IdentitySourceArn (string) --
Amazon Resource Name (ARN) for the identity source.
CreationTime (datetime) --
Timestamp when the identity source was created.
Status (string) --
Status for the identity source. For example, if the identity source is ACTIVE.
StatusCode (string) --
Status code of the identity source.
StatusMessage (string) --
Message describing the status for the identity source.
Creates a new identity source. For more information, see Identity Source in the Multi-party approval User Guide.
See also: AWS API Documentation
Request Syntax
client.create_identity_source(
IdentitySourceParameters={
'IamIdentityCenter': {
'InstanceArn': 'string',
'Region': 'string'
}
},
ClientToken='string',
Tags={
'string': 'string'
}
)
dict
[REQUIRED]
A IdentitySourceParameters object. Contains details for the resource that provides identities to the identity source. For example, an IAM Identity Center instance.
IamIdentityCenter (dict) --
IAM Identity Center credentials.
InstanceArn (string) -- [REQUIRED]
Amazon Resource Name (ARN) for the IAM Identity Center instance.
Region (string) -- [REQUIRED]
Amazon Web Services Region where the IAM Identity Center instance is located.
string
Unique, case-sensitive identifier that you provide to ensure the idempotency of the request. If not provided, the Amazon Web Services populates this field.
This field is autopopulated if not provided.
dict
Tag you want to attach to the identity source.
(string) --
(string) --
dict
Response Syntax
{
'IdentitySourceType': 'IAM_IDENTITY_CENTER',
'IdentitySourceArn': 'string',
'CreationTime': datetime(2015, 1, 1)
}
Response Structure
(dict) --
IdentitySourceType (string) --
The type of resource that provided identities to the identity source. For example, an IAM Identity Center instance.
IdentitySourceArn (string) --
Amazon Resource Name (ARN) for the identity source that was created.
CreationTime (datetime) --
Timestamp when the identity source was created.
Returns details about a policy for a resource.
See also: AWS API Documentation
Request Syntax
client.get_resource_policy(
ResourceArn='string',
PolicyName='string',
PolicyType='AWS_MANAGED'|'AWS_RAM'
)
string
[REQUIRED]
Amazon Resource Name (ARN) for the resource.
string
[REQUIRED]
Name of the policy.
string
[REQUIRED]
The type of policy.
dict
Response Syntax
{
'ResourceArn': 'string',
'PolicyType': 'AWS_MANAGED'|'AWS_RAM',
'PolicyVersionArn': 'string',
'PolicyName': 'string',
'PolicyDocument': 'string'
}
Response Structure
(dict) --
ResourceArn (string) --
Amazon Resource Name (ARN) for the resource.
PolicyType (string) --
The type of policy
PolicyVersionArn (string) --
Amazon Resource Name (ARN) for the policy version.
PolicyName (string) --
Name of the policy.
PolicyDocument (string) --
Document that contains the contents for the policy.
Returns a list of approval teams.
See also: AWS API Documentation
Request Syntax
client.list_approval_teams(
MaxResults=123,
NextToken='string'
)
integer
The maximum number of items to return in the response. If more results exist than the specified MaxResults value, a token is included in the response so that you can retrieve the remaining results.
string
If present, indicates that more output is available than is included in the current response. Use this value in the NextToken request parameter in a next call to the operation to get more output. You can repeat this until the NextToken response element returns null.
dict
Response Syntax
{
'NextToken': 'string',
'ApprovalTeams': [
{
'CreationTime': datetime(2015, 1, 1),
'ApprovalStrategy': {
'MofN': {
'MinApprovalsRequired': 123
}
},
'NumberOfApprovers': 123,
'Arn': 'string',
'Name': 'string',
'Description': 'string',
'Status': 'ACTIVE'|'INACTIVE'|'DELETING'|'PENDING',
'StatusCode': 'VALIDATING'|'PENDING_ACTIVATION'|'FAILED_VALIDATION'|'FAILED_ACTIVATION'|'UPDATE_PENDING_APPROVAL'|'UPDATE_PENDING_ACTIVATION'|'UPDATE_FAILED_APPROVAL'|'UPDATE_FAILED_ACTIVATION'|'UPDATE_FAILED_VALIDATION'|'DELETE_PENDING_APPROVAL'|'DELETE_FAILED_APPROVAL'|'DELETE_FAILED_VALIDATION',
'StatusMessage': 'string'
},
]
}
Response Structure
(dict) --
NextToken (string) --
If present, indicates that more output is available than is included in the current response. Use this value in the NextToken request parameter in a next call to the operation to get more output. You can repeat this until the NextToken response element returns null.
ApprovalTeams (list) --
An array of ListApprovalTeamsResponseApprovalTeam objects. Contains details for approval teams.
(dict) --
Contains details for an approval team
CreationTime (datetime) --
Timestamp when the team was created.
ApprovalStrategy (dict) --
An ApprovalStrategyResponse object. Contains details for how an approval team grants approval.
MofN (dict) --
Minimum number of approvals (M) required for a total number of approvers (N).
MinApprovalsRequired (integer) --
Minimum number of approvals (M) required for a total number of approvers (N).
NumberOfApprovers (integer) --
Total number of approvers in the team.
Arn (string) --
Amazon Resource Name (ARN) for the team.
Name (string) --
Name of the team.
Description (string) --
Description for the team.
Status (string) --
Status for the team. For more information, see Team health in the Multi-party approval User Guide.
StatusCode (string) --
Status code for the team. For more information, see Team health in the Multi-party approval User Guide.
StatusMessage (string) --
Message describing the status for the team.
Returns a list of approval sessions. For more information, see Session in the Multi-party approval User Guide.
See also: AWS API Documentation
Request Syntax
client.list_sessions(
ApprovalTeamArn='string',
MaxResults=123,
NextToken='string',
Filters=[
{
'FieldName': 'ActionName'|'ApprovalTeamName'|'VotingTime'|'Vote'|'SessionStatus'|'InitiationTime',
'Operator': 'EQ'|'NE'|'GT'|'LT'|'GTE'|'LTE'|'CONTAINS'|'NOT_CONTAINS'|'BETWEEN',
'Value': 'string'
},
]
)
string
[REQUIRED]
Amazon Resource Name (ARN) for the approval team.
integer
The maximum number of items to return in the response. If more results exist than the specified MaxResults value, a token is included in the response so that you can retrieve the remaining results.
string
If present, indicates that more output is available than is included in the current response. Use this value in the NextToken request parameter in a next call to the operation to get more output. You can repeat this until the NextToken response element returns null.
list
An array of Filter objects. Contains the filter to apply when listing sessions.
(dict) --
Contains the filter to apply to requests. You can specify up to 10 filters for a request.
FieldName (string) --
Name of the filter to use.
Operator (string) --
Operator to use for filtering.
EQ: Equal to the specified value
NE: Not equal to the specified value
GT: Greater than the specified value
LT: Less than the specified value
GTE: Greater than or equal to the specified value
LTE: Less than or equal to the specified value
CONTAINS: Contains the specified value
NOT_CONTAINS: Does not contain the specified value
BETWEEN: Between two values, inclusive of the specified values.
Value (string) --
Value to use for filtering. For the BETWEEN operator, specify values in the format a AND b ( AND is case-insensitive).
dict
Response Syntax
{
'NextToken': 'string',
'Sessions': [
{
'SessionArn': 'string',
'ApprovalTeamName': 'string',
'ApprovalTeamArn': 'string',
'InitiationTime': datetime(2015, 1, 1),
'ExpirationTime': datetime(2015, 1, 1),
'CompletionTime': datetime(2015, 1, 1),
'Description': 'string',
'ActionName': 'string',
'ProtectedResourceArn': 'string',
'RequesterServicePrincipal': 'string',
'RequesterPrincipalArn': 'string',
'RequesterRegion': 'string',
'RequesterAccountId': 'string',
'Status': 'PENDING'|'CANCELLED'|'APPROVED'|'FAILED'|'CREATING',
'StatusCode': 'REJECTED'|'EXPIRED'|'CONFIGURATION_CHANGED',
'StatusMessage': 'string',
'ActionCompletionStrategy': 'AUTO_COMPLETION_UPON_APPROVAL'
},
]
}
Response Structure
(dict) --
NextToken (string) --
If present, indicates that more output is available than is included in the current response. Use this value in the NextToken request parameter in a next call to the operation to get more output. You can repeat this until the NextToken response element returns null.
Sessions (list) --
An array of ListSessionsResponseSession objects. Contains details for the sessions.
(dict) --
Contains details for an approval session. For more information, see Session in the Multi-party approval User Guide
SessionArn (string) --
Amazon Resource Name (ARN) for the session.
ApprovalTeamName (string) --
Name of the approval team.
ApprovalTeamArn (string) --
Amazon Resource Name (ARN) for the approval team.
InitiationTime (datetime) --
Timestamp when the session was initiated.
ExpirationTime (datetime) --
Timestamp when the session was expire.
CompletionTime (datetime) --
Timestamp when the session was completed.
Description (string) --
Description for the team.
ActionName (string) --
Name of the protected operation.
ProtectedResourceArn (string) --
Amazon Resource Name (ARN) for the protected operation.
RequesterServicePrincipal (string) --
Service principal for the service associated with the protected operation.
RequesterPrincipalArn (string) --
IAM principal that made the operation request.
RequesterRegion (string) --
Amazon Web Services Region where the operation request originated.
RequesterAccountId (string) --
ID for the account that made the operation request.
Status (string) --
Status for the protected operation. For example, if the operation is PENDING.
StatusCode (string) --
Status code of the session.
StatusMessage (string) --
Message describing the status for session.
ActionCompletionStrategy (string) --
Strategy for executing the protected operation. AUTO_COMPLETION_UPON_APPROVAL means the operation is executed automatically using the requester's permissions, if approved.
Deletes an identity source. For more information, see Identity Source in the Multi-party approval User Guide.
See also: AWS API Documentation
Request Syntax
client.delete_identity_source(
IdentitySourceArn='string'
)
string
[REQUIRED]
Amazon Resource Name (ARN) for identity source.
None
Creates a new approval team. For more information, see Approval team in the Multi-party approval User Guide.
See also: AWS API Documentation
Request Syntax
client.create_approval_team(
ClientToken='string',
ApprovalStrategy={
'MofN': {
'MinApprovalsRequired': 123
}
},
Approvers=[
{
'PrimaryIdentityId': 'string',
'PrimaryIdentitySourceArn': 'string'
},
],
Description='string',
Policies=[
{
'PolicyArn': 'string'
},
],
Name='string',
Tags={
'string': 'string'
}
)
string
Unique, case-sensitive identifier that you provide to ensure the idempotency of the request. If not provided, the Amazon Web Services populates this field.
This field is autopopulated if not provided.
dict
[REQUIRED]
An ApprovalStrategy object. Contains details for how the team grants approval.
MofN (dict) --
Minimum number of approvals (M) required for a total number of approvers (N).
MinApprovalsRequired (integer) -- [REQUIRED]
Minimum number of approvals (M) required for a total number of approvers (N).
list
[REQUIRED]
An array of ApprovalTeamRequesterApprovers objects. Contains details for the approvers in the team.
(dict) --
Contains details for an approver.
PrimaryIdentityId (string) -- [REQUIRED]
ID for the user.
PrimaryIdentitySourceArn (string) -- [REQUIRED]
Amazon Resource Name (ARN) for the identity source. The identity source manages the user authentication for approvers.
string
[REQUIRED]
Description for the team.
list
[REQUIRED]
An array of PolicyReference objects. Contains a list of policies that define the permissions for team resources.
The protected operation for a service integration might require specific permissions. For more information, see How other services work with Multi-party approval in the Multi-party approval User Guide.
(dict) --
Contains the Amazon Resource Name (ARN) for a policy. Policies define what operations a team that define the permissions for team resources.
The protected operation for a service integration might require specific permissions. For more information, see How other services work with Multi-party approval in the Multi-party approval User Guide.
PolicyArn (string) -- [REQUIRED]
Amazon Resource Name (ARN) for the policy.
string
[REQUIRED]
Name of the team.
dict
Tags you want to attach to the team.
(string) --
(string) --
dict
Response Syntax
{
'CreationTime': datetime(2015, 1, 1),
'Arn': 'string',
'Name': 'string',
'VersionId': 'string'
}
Response Structure
(dict) --
CreationTime (datetime) --
Timestamp when the team was created.
Arn (string) --
Amazon Resource Name (ARN) for the team that was created.
Name (string) --
Name of the team that was created.
VersionId (string) --
Version ID for the team that was created. When a team is updated, the version ID changes.
Returns details for an approval session. For more information, see Session in the Multi-party approval User Guide.
See also: AWS API Documentation
Request Syntax
client.get_session(
SessionArn='string'
)
string
[REQUIRED]
Amazon Resource Name (ARN) for the session.
dict
Response Syntax
{
'SessionArn': 'string',
'ApprovalTeamArn': 'string',
'ApprovalTeamName': 'string',
'ProtectedResourceArn': 'string',
'ApprovalStrategy': {
'MofN': {
'MinApprovalsRequired': 123
}
},
'NumberOfApprovers': 123,
'InitiationTime': datetime(2015, 1, 1),
'ExpirationTime': datetime(2015, 1, 1),
'CompletionTime': datetime(2015, 1, 1),
'Description': 'string',
'Metadata': {
'string': 'string'
},
'Status': 'PENDING'|'CANCELLED'|'APPROVED'|'FAILED'|'CREATING',
'StatusCode': 'REJECTED'|'EXPIRED'|'CONFIGURATION_CHANGED',
'StatusMessage': 'string',
'ExecutionStatus': 'EXECUTED'|'FAILED'|'PENDING',
'ActionName': 'string',
'RequesterServicePrincipal': 'string',
'RequesterPrincipalArn': 'string',
'RequesterAccountId': 'string',
'RequesterRegion': 'string',
'RequesterComment': 'string',
'ActionCompletionStrategy': 'AUTO_COMPLETION_UPON_APPROVAL',
'ApproverResponses': [
{
'ApproverId': 'string',
'IdentitySourceArn': 'string',
'IdentityId': 'string',
'Response': 'APPROVED'|'REJECTED'|'NO_RESPONSE',
'ResponseTime': datetime(2015, 1, 1)
},
]
}
Response Structure
(dict) --
SessionArn (string) --
Amazon Resource Name (ARN) for the session.
ApprovalTeamArn (string) --
Amazon Resource Name (ARN) for the approval team.
ApprovalTeamName (string) --
Name of the approval team.
ProtectedResourceArn (string) --
Amazon Resource Name (ARN) for the protected operation.
ApprovalStrategy (dict) --
An ApprovalStrategyResponse object. Contains details for how the team grants approval
MofN (dict) --
Minimum number of approvals (M) required for a total number of approvers (N).
MinApprovalsRequired (integer) --
Minimum number of approvals (M) required for a total number of approvers (N).
NumberOfApprovers (integer) --
Total number of approvers in the session.
InitiationTime (datetime) --
Timestamp when the session was initiated.
ExpirationTime (datetime) --
Timestamp when the session will expire.
CompletionTime (datetime) --
Timestamp when the session completed.
Description (string) --
Description for the session.
Metadata (dict) --
Metadata for the session.
(string) --
(string) --
Status (string) --
Status for the session. For example, if the team has approved the requested operation.
StatusCode (string) --
Status code of the session.
StatusMessage (string) --
Message describing the status for session.
ExecutionStatus (string) --
Status for the protected operation. For example, if the operation is PENDING.
ActionName (string) --
Name of the protected operation.
RequesterServicePrincipal (string) --
Service principal for the service associated with the protected operation.
RequesterPrincipalArn (string) --
IAM principal that made the operation request.
RequesterAccountId (string) --
ID for the account that made the operation request.
RequesterRegion (string) --
Amazon Web Services Region where the operation request originated.
RequesterComment (string) --
Message from the account that made the operation request
ActionCompletionStrategy (string) --
Strategy for executing the protected operation. AUTO_COMPLETION_UPON_APPROVAL means the operation is automatically executed using the requester's permissions, if approved.
ApproverResponses (list) --
An array of GetSessionResponseApproverResponse objects. Contains details for approver responses in the session.
(dict) --
Contains details for an approver response in an approval session.
ApproverId (string) --
ID for the approver.
IdentitySourceArn (string) --
Amazon Resource Name (ARN) for the identity source. The identity source manages the user authentication for approvers.
IdentityId (string) --
ID for the identity source. The identity source manages the user authentication for approvers.
Response (string) --
Response to the operation request.
ResponseTime (datetime) --
Timestamp when a approver responded to the operation request.
Cancels an approval session. For more information, see Session in the Multi-party approval User Guide.
See also: AWS API Documentation
Request Syntax
client.cancel_session(
SessionArn='string'
)
string
[REQUIRED]
Amazon Resource Name (ARN) for the session.
dict
Response Syntax
{}
Response Structure
(dict) --
Returns details for an approval team.
See also: AWS API Documentation
Request Syntax
client.get_approval_team(
Arn='string'
)
string
[REQUIRED]
Amazon Resource Name (ARN) for the team.
dict
Response Syntax
{
'CreationTime': datetime(2015, 1, 1),
'ApprovalStrategy': {
'MofN': {
'MinApprovalsRequired': 123
}
},
'NumberOfApprovers': 123,
'Approvers': [
{
'ApproverId': 'string',
'ResponseTime': datetime(2015, 1, 1),
'PrimaryIdentityId': 'string',
'PrimaryIdentitySourceArn': 'string',
'PrimaryIdentityStatus': 'PENDING'|'ACCEPTED'|'REJECTED'|'INVALID'
},
],
'Arn': 'string',
'Description': 'string',
'Name': 'string',
'Status': 'ACTIVE'|'INACTIVE'|'DELETING'|'PENDING',
'StatusCode': 'VALIDATING'|'PENDING_ACTIVATION'|'FAILED_VALIDATION'|'FAILED_ACTIVATION'|'UPDATE_PENDING_APPROVAL'|'UPDATE_PENDING_ACTIVATION'|'UPDATE_FAILED_APPROVAL'|'UPDATE_FAILED_ACTIVATION'|'UPDATE_FAILED_VALIDATION'|'DELETE_PENDING_APPROVAL'|'DELETE_FAILED_APPROVAL'|'DELETE_FAILED_VALIDATION',
'StatusMessage': 'string',
'UpdateSessionArn': 'string',
'VersionId': 'string',
'Policies': [
{
'PolicyArn': 'string'
},
],
'LastUpdateTime': datetime(2015, 1, 1),
'PendingUpdate': {
'VersionId': 'string',
'Description': 'string',
'ApprovalStrategy': {
'MofN': {
'MinApprovalsRequired': 123
}
},
'NumberOfApprovers': 123,
'Status': 'ACTIVE'|'INACTIVE'|'DELETING'|'PENDING',
'StatusCode': 'VALIDATING'|'PENDING_ACTIVATION'|'FAILED_VALIDATION'|'FAILED_ACTIVATION'|'UPDATE_PENDING_APPROVAL'|'UPDATE_PENDING_ACTIVATION'|'UPDATE_FAILED_APPROVAL'|'UPDATE_FAILED_ACTIVATION'|'UPDATE_FAILED_VALIDATION'|'DELETE_PENDING_APPROVAL'|'DELETE_FAILED_APPROVAL'|'DELETE_FAILED_VALIDATION',
'StatusMessage': 'string',
'Approvers': [
{
'ApproverId': 'string',
'ResponseTime': datetime(2015, 1, 1),
'PrimaryIdentityId': 'string',
'PrimaryIdentitySourceArn': 'string',
'PrimaryIdentityStatus': 'PENDING'|'ACCEPTED'|'REJECTED'|'INVALID'
},
],
'UpdateInitiationTime': datetime(2015, 1, 1)
}
}
Response Structure
(dict) --
CreationTime (datetime) --
Timestamp when the team was created.
ApprovalStrategy (dict) --
An ApprovalStrategyResponse object. Contains details for how the team grants approval.
MofN (dict) --
Minimum number of approvals (M) required for a total number of approvers (N).
MinApprovalsRequired (integer) --
Minimum number of approvals (M) required for a total number of approvers (N).
NumberOfApprovers (integer) --
Total number of approvers in the team.
Approvers (list) --
An array of GetApprovalTeamResponseApprover objects. Contains details for the approvers in the team.
(dict) --
Contains details for an approver.
ApproverId (string) --
ID for the approver.
ResponseTime (datetime) --
Timestamp when the approver responded to an approval team invitation.
PrimaryIdentityId (string) --
ID for the user.
PrimaryIdentitySourceArn (string) --
Amazon Resource Name (ARN) for the identity source. The identity source manages the user authentication for approvers.
PrimaryIdentityStatus (string) --
Status for the identity source. For example, if an approver has accepted a team invitation with a user authentication method managed by the identity source.
Arn (string) --
Amazon Resource Name (ARN) for the team.
Description (string) --
Description for the team.
Name (string) --
Name of the approval team.
Status (string) --
Status for the team. For more information, see Team health in the Multi-party approval User Guide.
StatusCode (string) --
Status code for the approval team. For more information, see Team health in the Multi-party approval User Guide.
StatusMessage (string) --
Message describing the status for the team.
UpdateSessionArn (string) --
Amazon Resource Name (ARN) for the session.
VersionId (string) --
Version ID for the team.
Policies (list) --
An array of PolicyReference objects. Contains a list of policies that define the permissions for team resources.
The protected operation for a service integration might require specific permissions. For more information, see How other services work with Multi-party approval in the Multi-party approval User Guide.
(dict) --
Contains the Amazon Resource Name (ARN) for a policy. Policies define what operations a team that define the permissions for team resources.
The protected operation for a service integration might require specific permissions. For more information, see How other services work with Multi-party approval in the Multi-party approval User Guide.
PolicyArn (string) --
Amazon Resource Name (ARN) for the policy.
LastUpdateTime (datetime) --
Timestamp when the team was last updated.
PendingUpdate (dict) --
A PendingUpdate object. Contains details for the pending updates for the team, if applicable.
VersionId (string) --
Version ID for the team.
Description (string) --
Description for the team.
ApprovalStrategy (dict) --
An ApprovalStrategyResponse object. Contains details for how the team grants approval.
MofN (dict) --
Minimum number of approvals (M) required for a total number of approvers (N).
MinApprovalsRequired (integer) --
Minimum number of approvals (M) required for a total number of approvers (N).
NumberOfApprovers (integer) --
Total number of approvers in the team.
Status (string) --
Status for the team. For more information, see Team health in the Multi-party approval User Guide.
StatusCode (string) --
Status code for the update. For more information, see Team health in the Multi-party approval User Guide.
StatusMessage (string) --
Message describing the status for the team.
Approvers (list) --
An array of GetApprovalTeamResponseApprover objects. Contains details for the approvers in the team.
(dict) --
Contains details for an approver.
ApproverId (string) --
ID for the approver.
ResponseTime (datetime) --
Timestamp when the approver responded to an approval team invitation.
PrimaryIdentityId (string) --
ID for the user.
PrimaryIdentitySourceArn (string) --
Amazon Resource Name (ARN) for the identity source. The identity source manages the user authentication for approvers.
PrimaryIdentityStatus (string) --
Status for the identity source. For example, if an approver has accepted a team invitation with a user authentication method managed by the identity source.
UpdateInitiationTime (datetime) --
Timestamp when the update request was initiated.
Starts the deletion process for an active approval team.
See also: AWS API Documentation
Request Syntax
client.start_active_approval_team_deletion(
PendingWindowDays=123,
Arn='string'
)
integer
Number of days between when the team approves the delete request and when the team is deleted.
string
[REQUIRED]
Amazon Resource Name (ARN) for the team.
dict
Response Syntax
{
'DeletionCompletionTime': datetime(2015, 1, 1),
'DeletionStartTime': datetime(2015, 1, 1)
}
Response Structure
(dict) --
DeletionCompletionTime (datetime) --
Timestamp when the deletion process is scheduled to complete.
DeletionStartTime (datetime) --
Timestamp when the deletion process was initiated.
Deletes an inactive approval team. For more information, see Team health in the Multi-party approval User Guide.
You can also use this operation to delete a team draft. For more information, see Interacting with drafts in the Multi-party approval User Guide.
See also: AWS API Documentation
Request Syntax
client.delete_inactive_approval_team_version(
Arn='string',
VersionId='string'
)
string
[REQUIRED]
Amaazon Resource Name (ARN) for the team.
string
[REQUIRED]
Version ID for the team.
dict
Response Syntax
{}
Response Structure
(dict) --
Returns a list of the tags for a resource.
See also: AWS API Documentation
Request Syntax
client.list_tags_for_resource(
ResourceArn='string'
)
string
[REQUIRED]
Amazon Resource Name (ARN) for the resource.
dict
Response Syntax
{
'Tags': {
'string': 'string'
}
}
Response Structure
(dict) --
Tags (dict) --
Tags attached to the resource.
(string) --
(string) --
Creates or updates a resource tag. Each tag is a label consisting of a user-defined key and value. Tags can help you manage, identify, organize, search for, and filter resources.
See also: AWS API Documentation
Request Syntax
client.tag_resource(
ResourceArn='string',
Tags={
'string': 'string'
}
)
string
[REQUIRED]
Amazon Resource Name (ARN) for the resource you want to tag.
dict
[REQUIRED]
Tags that you have added to the specified resource.
(string) --
(string) --
dict
Response Syntax
{}
Response Structure
(dict) --
Returns a list of policies for a resource.
See also: AWS API Documentation
Request Syntax
client.list_resource_policies(
ResourceArn='string',
MaxResults=123,
NextToken='string'
)
string
[REQUIRED]
Amazon Resource Name (ARN) for the resource.
integer
The maximum number of items to return in the response. If more results exist than the specified MaxResults value, a token is included in the response so that you can retrieve the remaining results.
string
If present, indicates that more output is available than is included in the current response. Use this value in the NextToken request parameter in a next call to the operation to get more output. You can repeat this until the NextToken response element returns null.
dict
Response Syntax
{
'NextToken': 'string',
'ResourcePolicies': [
{
'PolicyArn': 'string',
'PolicyType': 'AWS_MANAGED'|'AWS_RAM',
'PolicyName': 'string'
},
]
}
Response Structure
(dict) --
NextToken (string) --
If present, indicates that more output is available than is included in the current response. Use this value in the NextToken request parameter in a next call to the operation to get more output. You can repeat this until the NextToken response element returns null.
ResourcePolicies (list) --
An array of ListResourcePoliciesResponseResourcePolicy objects. Contains details about the policy for the resource.
(dict) --
Contains details about a policy for a resource.
PolicyArn (string) --
Amazon Resource Name (ARN) for policy.
PolicyType (string) --
The type of policy.
PolicyName (string) --
Name of the policy.
Returns a list of identity sources. For more information, see Identity Source in the Multi-party approval User Guide.
See also: AWS API Documentation
Request Syntax
client.list_identity_sources(
MaxResults=123,
NextToken='string'
)
integer
The maximum number of items to return in the response. If more results exist than the specified MaxResults value, a token is included in the response so that you can retrieve the remaining results.
string
If present, indicates that more output is available than is included in the current response. Use this value in the NextToken request parameter in a next call to the operation to get more output. You can repeat this until the NextToken response element returns null.
dict
Response Syntax
{
'NextToken': 'string',
'IdentitySources': [
{
'IdentitySourceType': 'IAM_IDENTITY_CENTER',
'IdentitySourceParameters': {
'IamIdentityCenter': {
'InstanceArn': 'string',
'ApprovalPortalUrl': 'string',
'Region': 'string'
}
},
'IdentitySourceArn': 'string',
'CreationTime': datetime(2015, 1, 1),
'Status': 'CREATING'|'ACTIVE'|'DELETING'|'ERROR',
'StatusCode': 'ACCESS_DENIED'|'DELETION_FAILED'|'IDC_INSTANCE_NOT_FOUND'|'IDC_INSTANCE_NOT_VALID',
'StatusMessage': 'string'
},
]
}
Response Structure
(dict) --
NextToken (string) --
If present, indicates that more output is available than is included in the current response. Use this value in the NextToken request parameter in a next call to the operation to get more output. You can repeat this until the NextToken response element returns null.
IdentitySources (list) --
A IdentitySources. Contains details for identity sources.
(dict) --
Contains details for an identity source. For more information, see Identity source in the Multi-party approval User Guide.
IdentitySourceType (string) --
The type of resource that provided identities to the identity source. For example, an IAM Identity Center instance.
IdentitySourceParameters (dict) --
A IdentitySourceParametersForList object. Contains details for the resource that provides identities to the identity source. For example, an IAM Identity Center instance.
IamIdentityCenter (dict) --
IAM Identity Center credentials.
InstanceArn (string) --
Amazon Resource Name (ARN) for the IAM Identity Center instance.
ApprovalPortalUrl (string) --
URL for the approval portal associated with the IAM Identity Center instance.
Region (string) --
Amazon Web Services Region where the IAM Identity Center instance is located.
IdentitySourceArn (string) --
Amazon Resource Name (ARN) for the identity source.
CreationTime (datetime) --
Timestamp when the identity source was created.
Status (string) --
Status for the identity source. For example, if the identity source is ACTIVE.
StatusCode (string) --
Status code of the identity source.
StatusMessage (string) --
Message describing the status for the identity source.
Removes a resource tag. Each tag is a label consisting of a user-defined key and value. Tags can help you manage, identify, organize, search for, and filter resources.
See also: AWS API Documentation
Request Syntax
client.untag_resource(
ResourceArn='string',
TagKeys=[
'string',
]
)
string
[REQUIRED]
Amazon Resource Name (ARN) for the resource you want to untag.
list
[REQUIRED]
Array of tag key-value pairs that you want to untag.
(string) --
dict
Response Syntax
{}
Response Structure
(dict) --
Returns a list of the versions for policies. Policies define the permissions for team resources.
The protected operation for a service integration might require specific permissions. For more information, see How other services work with Multi-party approval in the Multi-party approval User Guide.
See also: AWS API Documentation
Request Syntax
client.list_policy_versions(
MaxResults=123,
NextToken='string',
PolicyArn='string'
)
integer
The maximum number of items to return in the response. If more results exist than the specified MaxResults value, a token is included in the response so that you can retrieve the remaining results.
string
If present, indicates that more output is available than is included in the current response. Use this value in the NextToken request parameter in a next call to the operation to get more output. You can repeat this until the NextToken response element returns null.
string
[REQUIRED]
Amazon Resource Name (ARN) for the policy.
dict
Response Syntax
{
'NextToken': 'string',
'PolicyVersions': [
{
'Arn': 'string',
'PolicyArn': 'string',
'VersionId': 123,
'PolicyType': 'AWS_MANAGED'|'AWS_RAM',
'IsDefault': True|False,
'Name': 'string',
'Status': 'ATTACHABLE'|'DEPRECATED',
'CreationTime': datetime(2015, 1, 1),
'LastUpdatedTime': datetime(2015, 1, 1)
},
]
}
Response Structure
(dict) --
NextToken (string) --
If present, indicates that more output is available than is included in the current response. Use this value in the NextToken request parameter in a next call to the operation to get more output. You can repeat this until the NextToken response element returns null.
PolicyVersions (list) --
An array of PolicyVersionSummary objects. Contains details for the version of the policies that define the permissions for team resources.
The protected operation for a service integration might require specific permissions. For more information, see How other services work with Multi-party approval in the Multi-party approval User Guide.
(dict) --
Contains details for the version of a policy. Policies define what operations a team that define the permissions for team resources.
The protected operation for a service integration might require specific permissions. For more information, see How other services work with Multi-party approval in the Multi-party approval User Guide.
Arn (string) --
Amazon Resource Name (ARN) for the team.
PolicyArn (string) --
Amazon Resource Name (ARN) for the policy.
VersionId (integer) --
Version ID for the policy.
PolicyType (string) --
The type of policy.
IsDefault (boolean) --
Determines if the specified policy is the default for the team.
Name (string) --
Name of the policy
Status (string) --
Status for the policy. For example, if the policy is attachable or deprecated.
CreationTime (datetime) --
Timestamp when the policy was created.
LastUpdatedTime (datetime) --
Timestamp when the policy was last updated.
Returns a list of policies. Policies define the permissions for team resources.
The protected operation for a service integration might require specific permissions. For more information, see How other services work with Multi-party approval in the Multi-party approval User Guide.
See also: AWS API Documentation
Request Syntax
client.list_policies(
MaxResults=123,
NextToken='string'
)
integer
The maximum number of items to return in the response. If more results exist than the specified MaxResults value, a token is included in the response so that you can retrieve the remaining results.
string
If present, indicates that more output is available than is included in the current response. Use this value in the NextToken request parameter in a next call to the operation to get more output. You can repeat this until the NextToken response element returns null.
dict
Response Syntax
{
'NextToken': 'string',
'Policies': [
{
'Arn': 'string',
'DefaultVersion': 123,
'PolicyType': 'AWS_MANAGED'|'AWS_RAM',
'Name': 'string'
},
]
}
Response Structure
(dict) --
NextToken (string) --
If present, indicates that more output is available than is included in the current response. Use this value in the NextToken request parameter in a next call to the operation to get more output. You can repeat this until the NextToken response element returns null.
Policies (list) --
An array of Policy objects. Contains a list of policies that define the permissions for team resources.
The protected operation for a service integration might require specific permissions. For more information, see How other services work with Multi-party approval in the Multi-party approval User Guide.
(dict) --
Contains details for a policy. Policies define what operations a team that define the permissions for team resources.
The protected operation for a service integration might require specific permissions. For more information, see How other services work with Multi-party approval in the Multi-party approval User Guide.
Arn (string) --
Amazon Resource Name (ARN) for the policy.
DefaultVersion (integer) --
Determines if the specified policy is the default for the team.
PolicyType (string) --
The type of policy.
Name (string) --
Name of the policy.
Returns details for the version of a policy. Policies define the permissions for team resources.
The protected operation for a service integration might require specific permissions. For more information, see How other services work with Multi-party approval in the Multi-party approval User Guide.
See also: AWS API Documentation
Request Syntax
client.get_policy_version(
PolicyVersionArn='string'
)
string
[REQUIRED]
Amazon Resource Name (ARN) for the policy.
dict
Response Syntax
{
'PolicyVersion': {
'Arn': 'string',
'PolicyArn': 'string',
'VersionId': 123,
'PolicyType': 'AWS_MANAGED'|'AWS_RAM',
'IsDefault': True|False,
'Name': 'string',
'Status': 'ATTACHABLE'|'DEPRECATED',
'CreationTime': datetime(2015, 1, 1),
'LastUpdatedTime': datetime(2015, 1, 1),
'Document': 'string'
}
}
Response Structure
(dict) --
PolicyVersion (dict) --
A PolicyVersion object. Contains details for the version of the policy. Policies define the permissions for team resources.
The protected operation for a service integration might require specific permissions. For more information, see How other services work with Multi-party approval in the Multi-party approval User Guide.
Arn (string) --
Amazon Resource Name (ARN) for the team.
PolicyArn (string) --
Amazon Resource Name (ARN) for the policy.
VersionId (integer) --
Verison ID
PolicyType (string) --
The type of policy.
IsDefault (boolean) --
Determines if the specified policy is the default for the team.
Name (string) --
Name of the policy.
Status (string) --
Status for the policy. For example, if the policy is attachable or deprecated.
CreationTime (datetime) --
Timestamp when the policy was created.
LastUpdatedTime (datetime) --
Timestamp when the policy was last updated.
Document (string) --
Document that contains the policy contents.
Updates an approval team. You can request to update the team description, approval threshold, and approvers in the team.
See also: AWS API Documentation
Request Syntax
client.update_approval_team(
ApprovalStrategy={
'MofN': {
'MinApprovalsRequired': 123
}
},
Approvers=[
{
'PrimaryIdentityId': 'string',
'PrimaryIdentitySourceArn': 'string'
},
],
Description='string',
Arn='string'
)
dict
An ApprovalStrategy object. Contains details for how the team grants approval.
MofN (dict) --
Minimum number of approvals (M) required for a total number of approvers (N).
MinApprovalsRequired (integer) -- [REQUIRED]
Minimum number of approvals (M) required for a total number of approvers (N).
list
An array of ApprovalTeamRequestApprover objects. Contains details for the approvers in the team.
(dict) --
Contains details for an approver.
PrimaryIdentityId (string) -- [REQUIRED]
ID for the user.
PrimaryIdentitySourceArn (string) -- [REQUIRED]
Amazon Resource Name (ARN) for the identity source. The identity source manages the user authentication for approvers.
string
Description for the team.
string
[REQUIRED]
Amazon Resource Name (ARN) for the team.
dict
Response Syntax
{
'VersionId': 'string'
}
Response Structure
(dict) --
VersionId (string) --
Version ID for the team that was created. When an approval team is updated, the version ID changes.