ECS / Client / delete_account_setting
delete_account_setting#
- ECS.Client.delete_account_setting(**kwargs)#
Disables an account setting for a specified user, role, or the root user for an account.
See also: AWS API Documentation
Request Syntax
response = client.delete_account_setting( name='serviceLongArnFormat'|'taskLongArnFormat'|'containerInstanceLongArnFormat'|'awsvpcTrunking'|'containerInsights'|'fargateFIPSMode'|'tagResourceAuthorization'|'fargateTaskRetirementWaitPeriod'|'guardDutyActivate', principalArn='string' )
- Parameters:
name (string) –
[REQUIRED]
The resource name to disable the account setting for. If
serviceLongArnFormat
is specified, the ARN for your Amazon ECS services is affected. IftaskLongArnFormat
is specified, the ARN and resource ID for your Amazon ECS tasks is affected. IfcontainerInstanceLongArnFormat
is specified, the ARN and resource ID for your Amazon ECS container instances is affected. IfawsvpcTrunking
is specified, the ENI limit for your Amazon ECS container instances is affected.principalArn (string) – The Amazon Resource Name (ARN) of the principal. It can be an user, role, or the root user. If you specify the root user, it disables the account setting for all users, roles, and the root user of the account unless a user or role explicitly overrides these settings. If this field is omitted, the setting is changed only for the authenticated user.
- Return type:
dict
- Returns:
Response Syntax
{ 'setting': { 'name': 'serviceLongArnFormat'|'taskLongArnFormat'|'containerInstanceLongArnFormat'|'awsvpcTrunking'|'containerInsights'|'fargateFIPSMode'|'tagResourceAuthorization'|'fargateTaskRetirementWaitPeriod'|'guardDutyActivate', 'value': 'string', 'principalArn': 'string', 'type': 'user'|'aws_managed' } }
Response Structure
(dict) –
setting (dict) –
The account setting for the specified principal ARN.
name (string) –
The Amazon ECS resource name.
value (string) –
Determines whether the account setting is on or off for the specified resource.
principalArn (string) –
The ARN of the principal. It can be a user, role, or the root user. If this field is omitted, the authenticated user is assumed.
type (string) –
Indicates whether Amazon Web Services manages the account setting, or if the user manages it.
aws_managed
account settings are read-only, as Amazon Web Services manages such on the customer’s behalf. Currently, theguardDutyActivate
account setting is the only one Amazon Web Services manages.
Exceptions
Examples
This example deletes the account setting for your user for the specified resource type.
response = client.delete_account_setting( name='serviceLongArnFormat', ) print(response)
Expected Output:
{ 'setting': { 'name': 'serviceLongArnFormat', 'value': 'enabled', 'principalArn': 'arn:aws:iam::<aws_account_id>:user/principalName', }, 'ResponseMetadata': { '...': '...', }, }
This example deletes the account setting for a specific IAM user or IAM role for the specified resource type. Only the root user can view or modify the account settings for another user.
response = client.delete_account_setting( name='containerInstanceLongArnFormat', principalArn='arn:aws:iam::<aws_account_id>:user/principalName', ) print(response)
Expected Output:
{ 'setting': { 'name': 'containerInstanceLongArnFormat', 'value': 'enabled', 'principalArn': 'arn:aws:iam::<aws_account_id>:user/principalName', }, 'ResponseMetadata': { '...': '...', }, }