ECS / Client / delete_account_setting

delete_account_setting#

ECS.Client.delete_account_setting(**kwargs)#

Disables an account setting for a specified user, role, or the root user for an account.

See also: AWS API Documentation

Request Syntax

response = client.delete_account_setting(
    name='serviceLongArnFormat'|'taskLongArnFormat'|'containerInstanceLongArnFormat'|'awsvpcTrunking'|'containerInsights'|'fargateFIPSMode'|'tagResourceAuthorization'|'fargateTaskRetirementWaitPeriod'|'guardDutyActivate',
    principalArn='string'
)
Parameters:
  • name (string) –

    [REQUIRED]

    The resource name to disable the account setting for. If serviceLongArnFormat is specified, the ARN for your Amazon ECS services is affected. If taskLongArnFormat is specified, the ARN and resource ID for your Amazon ECS tasks is affected. If containerInstanceLongArnFormat is specified, the ARN and resource ID for your Amazon ECS container instances is affected. If awsvpcTrunking is specified, the ENI limit for your Amazon ECS container instances is affected.

  • principalArn (string) – The Amazon Resource Name (ARN) of the principal. It can be an user, role, or the root user. If you specify the root user, it disables the account setting for all users, roles, and the root user of the account unless a user or role explicitly overrides these settings. If this field is omitted, the setting is changed only for the authenticated user.

Return type:

dict

Returns:

Response Syntax

{
    'setting': {
        'name': 'serviceLongArnFormat'|'taskLongArnFormat'|'containerInstanceLongArnFormat'|'awsvpcTrunking'|'containerInsights'|'fargateFIPSMode'|'tagResourceAuthorization'|'fargateTaskRetirementWaitPeriod'|'guardDutyActivate',
        'value': 'string',
        'principalArn': 'string',
        'type': 'user'|'aws_managed'
    }
}

Response Structure

  • (dict) –

    • setting (dict) –

      The account setting for the specified principal ARN.

      • name (string) –

        The Amazon ECS resource name.

      • value (string) –

        Determines whether the account setting is on or off for the specified resource.

      • principalArn (string) –

        The ARN of the principal. It can be a user, role, or the root user. If this field is omitted, the authenticated user is assumed.

      • type (string) –

        Indicates whether Amazon Web Services manages the account setting, or if the user manages it.

        aws_managed account settings are read-only, as Amazon Web Services manages such on the customer’s behalf. Currently, the guardDutyActivate account setting is the only one Amazon Web Services manages.

Exceptions

Examples

This example deletes the account setting for your user for the specified resource type.

response = client.delete_account_setting(
    name='serviceLongArnFormat',
)

print(response)

Expected Output:

{
    'setting': {
        'name': 'serviceLongArnFormat',
        'value': 'enabled',
        'principalArn': 'arn:aws:iam::<aws_account_id>:user/principalName',
    },
    'ResponseMetadata': {
        '...': '...',
    },
}

This example deletes the account setting for a specific IAM user or IAM role for the specified resource type. Only the root user can view or modify the account settings for another user.

response = client.delete_account_setting(
    name='containerInstanceLongArnFormat',
    principalArn='arn:aws:iam::<aws_account_id>:user/principalName',
)

print(response)

Expected Output:

{
    'setting': {
        'name': 'containerInstanceLongArnFormat',
        'value': 'enabled',
        'principalArn': 'arn:aws:iam::<aws_account_id>:user/principalName',
    },
    'ResponseMetadata': {
        '...': '...',
    },
}