View Source AWS.MPA (aws-elixir v1.0.7)
Multi-party approval is a capability of Organizations that allows you to protect a predefined list of operations through a distributed approval process.
Use Multi-party approval to establish approval workflows and transform security processes into team-based decisions.
When to use Multi-party approval:
You need to align with the Zero Trust principle of "never trust, always verify"
You need to make sure that the right humans have access to the right things in the right way
You need distributed decision-making for sensitive or critical operations
You need to protect against unintended operations on sensitive or critical resources
You need formal reviews and approvals for auditing or compliance reasons
For more information, see What is Multi-party approval in the Multi-party approval User Guide.
Link to this section Summary
Functions
Cancels an approval session.
Creates a new approval team.
Creates a new identity source.
Deletes an identity source.
Deletes an inactive approval team.
Returns details for an approval team.
Returns details for an identity source.
Returns details for the version of a policy.
Returns details about a policy for a resource.
Returns details for an approval session.
Returns a list of approval teams.
Returns a list of identity sources.
Returns a list of policies.
Returns a list of the versions for policies.
Returns a list of policies for a resource.
Returns a list of approval sessions.
Returns a list of the tags for a resource.
Starts the deletion process for an active approval team.
Creates or updates a resource tag.
Removes a resource tag.
Updates an approval team.
Link to this section Functions
Cancels an approval session.
For more information, see Session in the Multi-party approval User Guide.
Creates a new approval team.
For more information, see Approval team in the Multi-party approval User Guide.
Creates a new identity source.
For more information, see Identity Source in the Multi-party approval User Guide.
delete_identity_source(client, identity_source_arn, input, options \\ [])
View SourceDeletes an identity source.
For more information, see Identity Source in the Multi-party approval User Guide.
delete_inactive_approval_team_version(client, arn, version_id, input, options \\ [])
View SourceDeletes an inactive approval team.
For more information, see Team health in the Multi-party approval User Guide.
You can also use this operation to delete a team draft. For more information, see Interacting with drafts in the Multi-party approval User Guide.
Returns details for an approval team.
Returns details for an identity source.
For more information, see Identity Source in the Multi-party approval User Guide.
Returns details for the version of a policy.
Policies define the permissions for team resources.
The protected operation for a service integration might require specific permissions. For more information, see How other services work with Multi-party approval in the Multi-party approval User Guide.
Returns details about a policy for a resource.
Returns details for an approval session.
For more information, see Session in the Multi-party approval User Guide.
Returns a list of approval teams.
Returns a list of identity sources.
For more information, see Identity Source in the Multi-party approval User Guide.
Returns a list of policies.
Policies define the permissions for team resources.
The protected operation for a service integration might require specific permissions. For more information, see How other services work with Multi-party approval in the Multi-party approval User Guide.
Returns a list of the versions for policies.
Policies define the permissions for team resources.
The protected operation for a service integration might require specific permissions. For more information, see How other services work with Multi-party approval in the Multi-party approval User Guide.
list_resource_policies(client, resource_arn, input, options \\ [])
View SourceReturns a list of policies for a resource.
Returns a list of approval sessions.
For more information, see Session in the Multi-party approval User Guide.
Returns a list of the tags for a resource.
start_active_approval_team_deletion(client, arn, input, options \\ [])
View SourceStarts the deletion process for an active approval team.
deletions-require-team-approval
Deletions require team approval
Requests to delete an active team must be approved by the team.
Creates or updates a resource tag.
Each tag is a label consisting of a user-defined key and value. Tags can help you manage, identify, organize, search for, and filter resources.
Removes a resource tag.
Each tag is a label consisting of a user-defined key and value. Tags can help you manage, identify, organize, search for, and filter resources.
Updates an approval team.
You can request to update the team description, approval threshold, and approvers in the team.
updates-require-team-approval
Updates require team approval
Updates to an active team must be approved by the team.