The AWS RAM API contains several data types that various actions use. This section describes each data type in detail.
Note
The order of each element in a data type structure is not guaranteed. Applications should not assume a particular order.
The following data types are supported:
• AssociatedPermission (p. 91)
• Principal (p. 93)
• Resource (p. 94)
• ResourceShare (p. 96)
• ResourceShareAssociation (p. 98)
• ResourceShareInvitation (p. 100)
• ResourceSharePermissionDetail (p. 102)
• ResourceSharePermissionSummary (p. 104)
• ServiceNameAndResourceType (p. 106)
• Tag (p. 107)
• TagFilter (p. 108)
AssociatedPermission
AssociatedPermission
An object that describes the permission associated with a resource share.
Contents
NoteIn the following list, the required parameters are described first.
arn
The Amazon Resoure Name (ARN) of the permission.
Type: String Required: No lastUpdatedTime
The date and time when this permission was last updated.
Type: Timestamp Required: No resourceType
The resource type to which this permission applies.
Type: String Required: No status
The current status of this permission association with a resource share.
Valid values: ASSOCIATING, ASSOCIATED, FAILED, DISASSOCIATING, DISASSOCIATED Type: String
Required: No version
The version of the permission associated with the resource share.
Type: String Required: No
See Also
For more information about using this API in one of the language-specific AWS SDKs, see the following:
• AWS SDK for C++
• AWS SDK for Go
• AWS SDK for Java V2
• AWS SDK for Ruby V3
See Also
Principal
Principal
Describes a principal for use with AWS Resource Access Manager.
Contents
NoteIn the following list, the required parameters are described first.
creationTime
The date and time when the principal was associated with the resource share.
Type: Timestamp Required: No external
Indicates whether the principal belongs to the same organization in AWS Organizations as the AWS account that owns the resource share.
Type: Boolean Required: No id
The ID of the principal.
Type: String Required: No lastUpdatedTime
The date and time when the association was last updated.
Type: Timestamp Required: No resourceShareArn
The Amazon Resoure Name (ARN) of a resource share the principal is associated with.
Type: String Required: No
See Also
For more information about using this API in one of the language-specific AWS SDKs, see the following:
• AWS SDK for C++
• AWS SDK for Go
• AWS SDK for Java V2
• AWS SDK for Ruby V3
Resource
Resource
Describes a resource associated with a resource share in AWS RAM.
Contents
NoteIn the following list, the required parameters are described first.
arn
The Amazon Resoure Name (ARN) of the resource.
Type: String Required: No creationTime
The date and time when the resource was associated with the resource share.
Type: Timestamp Required: No lastUpdatedTime
The date an time when the association was last updated.
Type: Timestamp Required: No resourceGroupArn
The Amazon Resoure Name (ARN) of the resource group. This value is available only if the resource is part of a resource group.
Type: String Required: No resourceRegionScope
Specifies the scope of visibility of this resource:
• REGIONAL – The resource can be accessed only by using requests that target the AWS Region in which the resource exists.
• GLOBAL – The resource can be accessed from any AWS Region.
Type: String
Valid Values: REGIONAL | GLOBAL Required: No
resourceShareArn
The Amazon Resoure Name (ARN) of the resource share this resource is associated with.
Type: String Required: No
See Also
status
The current status of the resource.
Type: String
Valid Values: AVAILABLE | ZONAL_RESOURCE_INACCESSIBLE | LIMIT_EXCEEDED | UNAVAILABLE | PENDING
Required: No statusMessage
A message about the status of the resource.
Type: String Required: No type
The resource type. This takes the form of: service-code:resource-code Type: String
Required: No
See Also
For more information about using this API in one of the language-specific AWS SDKs, see the following:
• AWS SDK for C++
• AWS SDK for Go
• AWS SDK for Java V2
• AWS SDK for Ruby V3
ResourceShare
ResourceShare
Describes a resource share in AWS RAM.
Contents
Note
In the following list, the required parameters are described first.
allowExternalPrincipals
Indicates whether principals outside your organization in AWS Organizations can be associated with a resource share.
Type: Boolean Required: No creationTime
The date and time when the resource share was created.
Type: Timestamp Required: No featureSet
Indicates how the resource share was created. Possible values include:
• CREATED_FROM_POLICY - Indicates that the resource share was created from an AWS Identity and Access Management (IAM) resource-based permission policy attached to the resource. This type of resource share is visible only to the AWS account that created it. You can't modify it in AWS RAM unless you promote it. For more information, see PromoteResourceShareCreatedFromPolicy (p. 76).
• PROMOTING_TO_STANDARD - The resource share is in the process of being promoted. For more information, see PromoteResourceShareCreatedFromPolicy (p. 76).
• STANDARD - Indicates that the resource share was created in AWS RAM using the console or APIs.
These resource shares are visible to all principals you share the resource share with. You can modify these resource shares in AWS RAM using the console or APIs.
Type: String
Valid Values: CREATED_FROM_POLICY | PROMOTING_TO_STANDARD | STANDARD Required: No
lastUpdatedTime
The date and time when the resource share was last updated.
Type: Timestamp Required: No name
The name of the resource share.
Type: String Required: No
See Also
owningAccountId
The ID of the AWS account that owns the resource share.
Type: String Required: No resourceShareArn
The Amazon Resoure Name (ARN) of the resource share Type: String
Required: No status
The current status of the resource share.
Type: String
Valid Values: PENDING | ACTIVE | FAILED | DELETING | DELETED Required: No
statusMessage
A message about the status of the resource share.
Type: String Required: No tags
The tag key and value pairs attached to the resource share.
Type: Array of Tag (p. 107) objects Required: No
See Also
For more information about using this API in one of the language-specific AWS SDKs, see the following:
• AWS SDK for C++
• AWS SDK for Go
• AWS SDK for Java V2
• AWS SDK for Ruby V3
ResourceShareAssociation
ResourceShareAssociation
Describes an association with a resource share and either a principal or a resource.
Contents
NoteIn the following list, the required parameters are described first.
associatedEntity
The associated entity. This can be either of the following:
• For a resource association, this is the Amazon Resoure Name (ARN) of the resource.
• For principal associations, this is one of the following:
• The ID of an AWS account
• The Amazon Resoure Name (ARN) of an organization in AWS Organizations
• The ARN of an organizational unit (OU) in AWS Organizations
• The ARN of an IAM role
• The ARN of an IAM user Type: String
Required: No associationType
The type of entity included in this association.
Type: String
Valid Values: PRINCIPAL | RESOURCE Required: No
creationTime
The date and time when the association was created.
Type: Timestamp Required: No external
Indicates whether the principal belongs to the same organization in AWS Organizations as the AWS account that owns the resource share.
Type: Boolean Required: No lastUpdatedTime
The date and time when the association was last updated.
Type: Timestamp Required: No resourceShareArn
The Amazon Resoure Name (ARN) of the resource share.
See Also
Type: String Required: No resourceShareName
The name of the resource share.
Type: String Required: No status
The current status of the association.
Type: String
Valid Values: ASSOCIATING | ASSOCIATED | FAILED | DISASSOCIATING | DISASSOCIATED
Required: No statusMessage
A message about the status of the association.
Type: String Required: No
See Also
For more information about using this API in one of the language-specific AWS SDKs, see the following:
• AWS SDK for C++
• AWS SDK for Go
• AWS SDK for Java V2
• AWS SDK for Ruby V3
ResourceShareInvitation
ResourceShareInvitation
Describes an invitation for an AWS account to join a resource share.
Contents
NoteIn the following list, the required parameters are described first.
invitationTimestamp
The date and time when the invitation was sent.
Type: Timestamp Required: No receiverAccountId
The ID of the AWS account that received the invitation.
Type: String Required: No receiverArn
The Amazon Resoure Name (ARN) of the IAM user or role that received the invitation.
Type: String Required: No resourceShareArn
The Amazon Resoure Name (ARN) of the resource share Type: String
Required: No
resourceShareAssociations
This member has been deprecated.
To view the resources associated with a pending resource share invitation, use ListPendingInvitationResources (p. 52).
Type: Array of ResourceShareAssociation (p. 98) objects Required: No
resourceShareInvitationArn
The Amazon Resoure Name (ARN) of the invitation.
Type: String Required: No resourceShareName
The name of the resource share.
See Also
Type: String Required: No senderAccountId
The ID of the AWS account that sent the invitation.
Type: String Required: No status
The current status of the invitation.
Type: String
Valid Values: PENDING | ACCEPTED | REJECTED | EXPIRED Required: No
See Also
For more information about using this API in one of the language-specific AWS SDKs, see the following:
• AWS SDK for C++
• AWS SDK for Go
• AWS SDK for Java V2
• AWS SDK for Ruby V3
ResourceSharePermissionDetail
ResourceSharePermissionDetail
Information about an AWS RAM permission.
Contents
NoteIn the following list, the required parameters are described first.
arn
The Amazon Resoure Name (ARN) of this AWS RAM permission.
Type: String Required: No creationTime
The date and time when the permission was created.
Type: Timestamp Required: No defaultVersion
Specifies whether the version of the permission represented in this structure is the default version for this permission.
Type: Boolean Required: No isResourceTypeDefault
Specifies whether the version of the permission represented in this structure is the default version for all resources of this resource type.
Type: Boolean Required: No lastUpdatedTime
The date and time when the permission was last updated.
Type: Timestamp Required: No name
The name of this permission.
Type: String Required: No permission
The permission's effect and actions in JSON format. The effect indicates whether the specified actions are allowed or denied. The actions list the operations to which the principal is granted or denied access.
See Also
Type: String Required: No resourceType
The resource type to which this permission applies.
Type: String Required: No version
The version of the permission represented in this structure.
Type: String Required: No
See Also
For more information about using this API in one of the language-specific AWS SDKs, see the following:
• AWS SDK for C++
• AWS SDK for Go
• AWS SDK for Java V2
• AWS SDK for Ruby V3
ResourceSharePermissionSummary
ResourceSharePermissionSummary
Information about an AWS RAM permission that is associated with a resource share and any of its resources of a specified type.
Contents
NoteIn the following list, the required parameters are described first.
arn
The Amazon Resoure Name (ARN) of the permission you want information about.
Type: String Required: No creationTime
The date and time when the permission was created.
Type: Timestamp Required: No defaultVersion
Specifies whether the version of the permission represented in this structure is the default version for this permission.
Type: Boolean Required: No isResourceTypeDefault
Specifies whether the version of the permission represented in this structure is the default version for all resources of this resource type.
Type: Boolean Required: No lastUpdatedTime
The date and time when the permission was last updated.
Type: Timestamp Required: No name
The name of this permission.
Type: String Required: No resourceType
The type of resource to which this permission applies.
See Also
Type: String Required: No status
The current status of the permission.
Type: String Required: No version
The version of the permission represented in this structure.
Type: String Required: No
See Also
For more information about using this API in one of the language-specific AWS SDKs, see the following:
• AWS SDK for C++
• AWS SDK for Go
• AWS SDK for Java V2
• AWS SDK for Ruby V3
ServiceNameAndResourceType
ServiceNameAndResourceType
Information about a shareable resource type and the AWS service to which resources of that type belong.
Contents
NoteIn the following list, the required parameters are described first.
resourceRegionScope
Specifies the scope of visibility of resources of this type:
• REGIONAL – The resource can be accessed only by using requests that target the AWS Region in which the resource exists.
• GLOBAL – The resource can be accessed from any AWS Region.
Type: String
Valid Values: REGIONAL | GLOBAL Required: No
resourceType
The type of the resource.
Type: String Required: No serviceName
The name of the AWS service to which resources of this type belong.
Type: String Required: No
See Also
For more information about using this API in one of the language-specific AWS SDKs, see the following:
• AWS SDK for C++
• AWS SDK for Go
• AWS SDK for Java V2
• AWS SDK for Ruby V3
Tag
Tag
A structure containing a tag. A tag is metadata that you can attach to your resources to help organize and categorize them. You can also use them to help you secure your resources. For more information, see Controlling access to AWS resources using tags.
For more information about tags, see Tagging AWS resources in the AWS General Reference Guide.
Contents
NoteIn the following list, the required parameters are described first.
key
The key, or name, attached to the tag. Every tag must have a key. Key names are case sensitive.
Type: String Required: No value
The string value attached to the tag. The value can be an empty string. Key values are case sensitive.
Type: String Required: No
See Also
For more information about using this API in one of the language-specific AWS SDKs, see the following:
• AWS SDK for C++
• AWS SDK for Go
• AWS SDK for Java V2
• AWS SDK for Ruby V3
TagFilter
TagFilter
A tag key and optional list of possible values that you can use to filter results for tagged resources.
Contents
NoteIn the following list, the required parameters are described first.
tagKey
The tag key. This must have a valid string value and can't be empty.
Type: String Required: No tagValues
A list of zero or more tag values. If no values are provided, then the filter matches any tag with the specified key, regardless of its value.
Type: Array of strings Required: No
See Also
For more information about using this API in one of the language-specific AWS SDKs, see the following:
• AWS SDK for C++
• AWS SDK for Go
• AWS SDK for Java V2
• AWS SDK for Ruby V3