RAM / Client / list_principals
list_principals#
- RAM.Client.list_principals(**kwargs)#
Lists the principals that you are sharing resources with or that are sharing resources with you.
See also: AWS API Documentation
Request Syntax
response = client.list_principals( resourceOwner='SELF'|'OTHER-ACCOUNTS', resourceArn='string', principals=[ 'string', ], resourceType='string', resourceShareArns=[ 'string', ], nextToken='string', maxResults=123 )
- Parameters:
resourceOwner (string) –
[REQUIRED]
Specifies that you want to list information for only resource shares that match the following:
SELF
– principals that your account is sharing resources withOTHER-ACCOUNTS
– principals that are sharing resources with your account
resourceArn (string) – Specifies that you want to list principal information for the resource share with the specified Amazon Resource Name (ARN).
principals (list) –
Specifies that you want to list information for only the listed principals.
You can include the following values:
An Amazon Web Services account ID, for example:
123456789012
An Amazon Resource Name (ARN) of an organization in Organizations, for example:
organizations::123456789012:organization/o-exampleorgid
An ARN of an organizational unit (OU) in Organizations, for example:
organizations::123456789012:ou/o-exampleorgid/ou-examplerootid-exampleouid123
An ARN of an IAM role, for example:
iam::123456789012:role/rolename
An ARN of an IAM user, for example:
iam::123456789012user/username
Note
Not all resource types can be shared with IAM roles and users. For more information, see Sharing with IAM roles and users in the Resource Access Manager User Guide.
(string) –
resourceType (string) –
Specifies that you want to list information for only principals associated with resource shares that include the specified resource type.
For a list of valid values, query the ListResourceTypes operation.
resourceShareArns (list) –
Specifies that you want to list information for only principals associated with the resource shares specified by a list the Amazon Resource Names (ARNs).
(string) –
nextToken (string) – Specifies that you want to receive the next page of results. Valid only if you received a
NextToken
response in the previous request. If you did, it indicates that more output is available. Set this parameter to the value provided by the previous call’sNextToken
response to request the next page of results.maxResults (integer) – Specifies the total number of results that you want included on each page of the response. If you do not include this parameter, it defaults to a value that is specific to the operation. If additional items exist beyond the number you specify, the
NextToken
response element is returned with a value (not null). Include the specified value as theNextToken
request parameter in the next call to the operation to get the next part of the results. Note that the service might return fewer results than the maximum even when there are more results available. You should checkNextToken
after every operation to ensure that you receive all of the results.
- Return type:
dict
- Returns:
Response Syntax
{ 'principals': [ { 'id': 'string', 'resourceShareArn': 'string', 'creationTime': datetime(2015, 1, 1), 'lastUpdatedTime': datetime(2015, 1, 1), 'external': True|False }, ], 'nextToken': 'string' }
Response Structure
(dict) –
principals (list) –
An array of objects that contain the details about the principals.
(dict) –
Describes a principal for use with Resource Access Manager.
id (string) –
The ID of the principal that can be associated with a resource share.
resourceShareArn (string) –
The Amazon Resource Name (ARN) of a resource share the principal is associated with.
creationTime (datetime) –
The date and time when the principal was associated with the resource share.
lastUpdatedTime (datetime) –
The date and time when the association between the resource share and the principal was last updated.
external (boolean) –
Indicates the relationship between the Amazon Web Services account the principal belongs to and the account that owns the resource share:
True
– The two accounts belong to same organization.False
– The two accounts do not belong to the same organization.
nextToken (string) –
If present, this value indicates that more output is available than is included in the current response. Use this value in the
NextToken
request parameter in a subsequent call to the operation to get the next part of the output. You should repeat this until theNextToken
response element comes back asnull
. This indicates that this is the last page of results.
Exceptions