WorkMail class

WorkMail is a secure, managed business email and calendaring service with support for existing desktop and mobile email clients. You can access your email, contacts, and calendars using Microsoft Outlook, your browser, or other native iOS and Android email applications. You can integrate WorkMail with your existing corporate directory and control both the keys that encrypt your data and the location in which your data is stored.

The WorkMail API is designed for the following scenarios:

• Listing and describing organizations

• Managing users

• Managing groups

• Managing resources

All WorkMail API operations are Amazon-authenticated and certificate-signed. They not only require the use of the AWS SDK, but also allow for the exclusive use of AWS Identity and Access Management users and roles to help facilitate access, trust, and permission policies. By creating a role and allowing an IAM user to access the WorkMail site, the IAM user gains full administrative visibility into the entire WorkMail organization (or as set in the IAM policy). This includes, but is not limited to, the ability to create, update, and delete users, groups, and resources. This allows developers to perform the scenarios listed above, as well as give users the ability to grant access on a selective basis using the IAM model.

Constructors

WorkMail({required String region, AwsClientCredentials? credentials, AwsClientCredentialsProvider? credentialsProvider, Client? client, String? endpointUrl})

Properties

hashCode → int

The hash code for this object.

no setter, inherited

runtimeType → Type

A representation of the runtime type of the object.

no setter, inherited

Methods

associateDelegateToResource({required String entityId, required String organizationId, required String resourceId}) → Future<void>

Adds a member (user or group) to the resource's set of delegates.

associateMemberToGroup({required String groupId, required String memberId, required String organizationId}) → Future<void>

Adds a member (user or group) to the group's set.

assumeImpersonationRole({required String impersonationRoleId, required String organizationId}) → Future<AssumeImpersonationRoleResponse>

Assumes an impersonation role for the given WorkMail organization. This method returns an authentication token you can use to make impersonated calls.

cancelMailboxExportJob({required String jobId, required String organizationId, String? clientToken}) → Future<void>

Cancels a mailbox export job.

close() → void

Closes the internal HTTP client if none was provided at creation. If a client was passed as a constructor argument, this becomes a noop.

createAlias({required String alias, required String entityId, required String organizationId}) → Future<void>

Adds an alias to the set of a given member (user or group) of WorkMail.

createAvailabilityConfiguration({required String domainName, required String organizationId, String? clientToken, EwsAvailabilityProvider? ewsProvider, LambdaAvailabilityProvider? lambdaProvider}) → Future<void>

Creates an AvailabilityConfiguration for the given WorkMail organization and domain.

createGroup({required String name, required String organizationId, bool? hiddenFromGlobalAddressList}) → Future<CreateGroupResponse>

Creates a group that can be used in WorkMail by calling the RegisterToWorkMail operation.

createIdentityCenterApplication({required String instanceArn, required String name, String? clientToken}) → Future<CreateIdentityCenterApplicationResponse>

Creates the WorkMail application in IAM Identity Center that can be used later in the WorkMail - IdC integration. For more information, see PutIdentityProviderConfiguration. This action does not affect the authentication settings for any WorkMail organizations.

createImpersonationRole({required String name, required String organizationId, required List<ImpersonationRule> rules, required ImpersonationRoleType type, String? clientToken, String? description}) → Future<CreateImpersonationRoleResponse>

Creates an impersonation role for the given WorkMail organization.

createMobileDeviceAccessRule({required MobileDeviceAccessRuleEffect effect, required String name, required String organizationId, String? clientToken, String? description, List<String>? deviceModels, List<String>? deviceOperatingSystems, List<String>? deviceTypes, List<String>? deviceUserAgents, List<String>? notDeviceModels, List<String>? notDeviceOperatingSystems, List<String>? notDeviceTypes, List<String>? notDeviceUserAgents}) → Future<CreateMobileDeviceAccessRuleResponse>

Creates a new mobile device access rule for the specified WorkMail organization.

createOrganization({required String alias, String? clientToken, String? directoryId, List<Domain>? domains, bool? enableInteroperability, String? kmsKeyArn}) → Future<CreateOrganizationResponse>

Creates a new WorkMail organization. Optionally, you can choose to associate an existing AWS Directory Service directory with your organization. If an AWS Directory Service directory ID is specified, the organization alias must match the directory alias. If you choose not to associate an existing directory with your organization, then we create a new WorkMail directory for you. For more information, see Adding an organization in the WorkMail Administrator Guide.

createResource({required String name, required String organizationId, required ResourceType type, String? description, bool? hiddenFromGlobalAddressList}) → Future<CreateResourceResponse>

Creates a new WorkMail resource.

createUser({required String displayName, required String name, required String organizationId, String? firstName, bool? hiddenFromGlobalAddressList, String? identityProviderUserId, String? lastName, String? password, UserRole? role}) → Future<CreateUserResponse>

Creates a user who can be used in WorkMail by calling the RegisterToWorkMail operation.

deleteAccessControlRule({required String name, required String organizationId}) → Future<void>

Deletes an access control rule for the specified WorkMail organization.

deleteAlias({required String alias, required String entityId, required String organizationId}) → Future<void>

Remove one or more specified aliases from a set of aliases for a given user.

deleteAvailabilityConfiguration({required String domainName, required String organizationId}) → Future<void>

Deletes the AvailabilityConfiguration for the given WorkMail organization and domain.

deleteEmailMonitoringConfiguration({required String organizationId}) → Future<void>

Deletes the email monitoring configuration for a specified organization.

deleteGroup({required String groupId, required String organizationId}) → Future<void>

Deletes a group from WorkMail.

deleteIdentityCenterApplication({required String applicationArn}) → Future<void>

Deletes the IAM Identity Center application from WorkMail. This action does not affect the authentication settings for any WorkMail organizations.

deleteIdentityProviderConfiguration({required String organizationId}) → Future<void>

Disables the integration between IdC and WorkMail. Authentication will continue with the directory as it was before the IdC integration. You might have to reset your directory passwords and reconfigure your desktop and mobile email clients.

deleteImpersonationRole({required String impersonationRoleId, required String organizationId}) → Future<void>

Deletes an impersonation role for the given WorkMail organization.

deleteMailboxPermissions({required String entityId, required String granteeId, required String organizationId}) → Future<void>

Deletes permissions granted to a member (user or group).

deleteMobileDeviceAccessOverride({required String deviceId, required String organizationId, required String userId}) → Future<void>

Deletes the mobile device access override for the given WorkMail organization, user, and device.

deleteMobileDeviceAccessRule({required String mobileDeviceAccessRuleId, required String organizationId}) → Future<void>

Deletes a mobile device access rule for the specified WorkMail organization.

deleteOrganization({required bool deleteDirectory, required String organizationId, String? clientToken, bool? deleteIdentityCenterApplication, bool? forceDelete}) → Future<DeleteOrganizationResponse>

Deletes an WorkMail organization and all underlying AWS resources managed by WorkMail as part of the organization. You can choose whether to delete the associated directory. For more information, see Removing an organization in the WorkMail Administrator Guide.

deletePersonalAccessToken({required String organizationId, required String personalAccessTokenId}) → Future<void>

Deletes the Personal Access Token from the provided WorkMail Organization.

deleteResource({required String organizationId, required String resourceId}) → Future<void>

Deletes the specified resource.

deleteRetentionPolicy({required String id, required String organizationId}) → Future<void>

Deletes the specified retention policy from the specified organization.

deleteUser({required String organizationId, required String userId}) → Future<void>

Deletes a user from WorkMail and all subsequent systems. Before you can delete a user, the user state must be DISABLED. Use the DescribeUser action to confirm the user state.

deregisterFromWorkMail({required String entityId, required String organizationId}) → Future<void>

Mark a user, group, or resource as no longer used in WorkMail. This action disassociates the mailbox and schedules it for clean-up. WorkMail keeps mailboxes for 30 days before they are permanently removed. The functionality in the console is Disable.

deregisterMailDomain({required String domainName, required String organizationId}) → Future<void>

Removes a domain from WorkMail, stops email routing to WorkMail, and removes the authorization allowing WorkMail use. SES keeps the domain because other applications may use it. You must first remove any email address used by WorkMail entities before you remove the domain.

describeEmailMonitoringConfiguration({required String organizationId}) → Future<DescribeEmailMonitoringConfigurationResponse>

Describes the current email monitoring configuration for a specified organization.

describeEntity({required String email, required String organizationId}) → Future<DescribeEntityResponse>

Returns basic details about an entity in WorkMail.

describeGroup({required String groupId, required String organizationId}) → Future<DescribeGroupResponse>

Returns the data available for the group.

describeIdentityProviderConfiguration({required String organizationId}) → Future<DescribeIdentityProviderConfigurationResponse>

Returns detailed information on the current IdC setup for the WorkMail organization.

describeInboundDmarcSettings({required String organizationId}) → Future<DescribeInboundDmarcSettingsResponse>

Lists the settings in a DMARC policy for a specified organization.

describeMailboxExportJob({required String jobId, required String organizationId}) → Future<DescribeMailboxExportJobResponse>

Describes the current status of a mailbox export job.

describeOrganization({required String organizationId}) → Future<DescribeOrganizationResponse>

Provides more information regarding a given organization based on its identifier.

describeResource({required String organizationId, required String resourceId}) → Future<DescribeResourceResponse>

Returns the data available for the resource.

describeUser({required String organizationId, required String userId}) → Future<DescribeUserResponse>

Provides information regarding the user.

disassociateDelegateFromResource({required String entityId, required String organizationId, required String resourceId}) → Future<void>

Removes a member from the resource's set of delegates.

disassociateMemberFromGroup({required String groupId, required String memberId, required String organizationId}) → Future<void>

Removes a member from a group.

getAccessControlEffect({required String action, required String ipAddress, required String organizationId, String? impersonationRoleId, String? userId}) → Future<GetAccessControlEffectResponse>

Gets the effects of an organization's access control rules as they apply to a specified IPv4 address, access protocol action, and user ID or impersonation role ID. You must provide either the user ID or impersonation role ID. Impersonation role ID can only be used with Action EWS.

getDefaultRetentionPolicy({required String organizationId}) → Future<GetDefaultRetentionPolicyResponse>

Gets the default retention policy details for the specified organization.

getImpersonationRole({required String impersonationRoleId, required String organizationId}) → Future<GetImpersonationRoleResponse>

Gets the impersonation role details for the given WorkMail organization.

getImpersonationRoleEffect({required String impersonationRoleId, required String organizationId, required String targetUser}) → Future<GetImpersonationRoleEffectResponse>

Tests whether the given impersonation role can impersonate a target user.

getMailboxDetails({required String organizationId, required String userId}) → Future<GetMailboxDetailsResponse>

Requests a user's mailbox details for a specified organization and user.

getMailDomain({required String domainName, required String organizationId}) → Future<GetMailDomainResponse>

Gets details for a mail domain, including domain records required to configure your domain with recommended security.

getMobileDeviceAccessEffect({required String organizationId, String? deviceModel, String? deviceOperatingSystem, String? deviceType, String? deviceUserAgent}) → Future<GetMobileDeviceAccessEffectResponse>

Simulates the effect of the mobile device access rules for the given attributes of a sample access event. Use this method to test the effects of the current set of mobile device access rules for the WorkMail organization for a particular user's attributes.

getMobileDeviceAccessOverride({required String deviceId, required String organizationId, required String userId}) → Future<GetMobileDeviceAccessOverrideResponse>

Gets the mobile device access override for the given WorkMail organization, user, and device.

getPersonalAccessTokenMetadata({required String organizationId, required String personalAccessTokenId}) → Future<GetPersonalAccessTokenMetadataResponse>

Requests details of a specific Personal Access Token within the WorkMail organization.

listAccessControlRules({required String organizationId}) → Future<ListAccessControlRulesResponse>

Lists the access control rules for the specified organization.

listAliases({required String entityId, required String organizationId, int? maxResults, String? nextToken}) → Future<ListAliasesResponse>

Creates a paginated call to list the aliases associated with a given entity.

listAvailabilityConfigurations({required String organizationId, int? maxResults, String? nextToken}) → Future<ListAvailabilityConfigurationsResponse>

List all the AvailabilityConfiguration's for the given WorkMail organization.

listGroupMembers({required String groupId, required String organizationId, int? maxResults, String? nextToken}) → Future<ListGroupMembersResponse>

Returns an overview of the members of a group. Users and groups can be members of a group.

listGroups({required String organizationId, ListGroupsFilters? filters, int? maxResults, String? nextToken}) → Future<ListGroupsResponse>

Returns summaries of the organization's groups.

listGroupsForEntity({required String entityId, required String organizationId, ListGroupsForEntityFilters? filters, int? maxResults, String? nextToken}) → Future<ListGroupsForEntityResponse>

Returns all the groups to which an entity belongs.

listImpersonationRoles({required String organizationId, int? maxResults, String? nextToken}) → Future<ListImpersonationRolesResponse>

Lists all the impersonation roles for the given WorkMail organization.

listMailboxExportJobs({required String organizationId, int? maxResults, String? nextToken}) → Future<ListMailboxExportJobsResponse>

Lists the mailbox export jobs started for the specified organization within the last seven days.

listMailboxPermissions({required String entityId, required String organizationId, int? maxResults, String? nextToken}) → Future<ListMailboxPermissionsResponse>

Lists the mailbox permissions associated with a user, group, or resource mailbox.

listMailDomains({required String organizationId, int? maxResults, String? nextToken}) → Future<ListMailDomainsResponse>

Lists the mail domains in a given WorkMail organization.

listMobileDeviceAccessOverrides({required String organizationId, String? deviceId, int? maxResults, String? nextToken, String? userId}) → Future<ListMobileDeviceAccessOverridesResponse>

Lists all the mobile device access overrides for any given combination of WorkMail organization, user, or device.

listMobileDeviceAccessRules({required String organizationId}) → Future<ListMobileDeviceAccessRulesResponse>

Lists the mobile device access rules for the specified WorkMail organization.

listOrganizations({int? maxResults, String? nextToken}) → Future<ListOrganizationsResponse>

Returns summaries of the customer's organizations.

listPersonalAccessTokens({required String organizationId, int? maxResults, String? nextToken, String? userId}) → Future<ListPersonalAccessTokensResponse>

Returns a summary of your Personal Access Tokens.

listResourceDelegates({required String organizationId, required String resourceId, int? maxResults, String? nextToken}) → Future<ListResourceDelegatesResponse>

Lists the delegates associated with a resource. Users and groups can be resource delegates and answer requests on behalf of the resource.

listResources({required String organizationId, ListResourcesFilters? filters, int? maxResults, String? nextToken}) → Future<ListResourcesResponse>

Returns summaries of the organization's resources.

listTagsForResource({required String resourceARN}) → Future<ListTagsForResourceResponse>

Lists the tags applied to an WorkMail organization resource.

listUsers({required String organizationId, ListUsersFilters? filters, int? maxResults, String? nextToken}) → Future<ListUsersResponse>

Returns summaries of the organization's users.

noSuchMethod(Invocation invocation) → dynamic

Invoked when a nonexistent method or property is accessed.

inherited

putAccessControlRule({required String description, required AccessControlRuleEffect effect, required String name, required String organizationId, List<String>? actions, List<String>? impersonationRoleIds, List<String>? ipRanges, List<String>? notActions, List<String>? notImpersonationRoleIds, List<String>? notIpRanges, List<String>? notUserIds, List<String>? userIds}) → Future<void>

Adds a new access control rule for the specified organization. The rule allows or denies access to the organization for the specified IPv4 addresses, access protocol actions, user IDs and impersonation IDs. Adding a new rule with the same name as an existing rule replaces the older rule.

putEmailMonitoringConfiguration({required String logGroupArn, required String organizationId, String? roleArn}) → Future<void>

Creates or updates the email monitoring configuration for a specified organization.

putIdentityProviderConfiguration({required IdentityProviderAuthenticationMode authenticationMode, required IdentityCenterConfiguration identityCenterConfiguration, required String organizationId, required PersonalAccessTokenConfiguration personalAccessTokenConfiguration}) → Future<void>

Enables integration between IAM Identity Center (IdC) and WorkMail to proxy authentication requests for mailbox users. You can connect your IdC directory or your external directory to WorkMail through IdC and manage access to WorkMail mailboxes in a single place. For enhanced protection, you could enable Multifactor Authentication (MFA) and Personal Access Tokens.

putInboundDmarcSettings({required bool enforced, required String organizationId}) → Future<void>

Enables or disables a DMARC policy for a given organization.

putMailboxPermissions({required String entityId, required String granteeId, required String organizationId, required List<PermissionType> permissionValues}) → Future<void>

Sets permissions for a user, group, or resource. This replaces any pre-existing permissions.

putMobileDeviceAccessOverride({required String deviceId, required MobileDeviceAccessRuleEffect effect, required String organizationId, required String userId, String? description}) → Future<void>

Creates or updates a mobile device access override for the given WorkMail organization, user, and device.

putRetentionPolicy({required List<FolderConfiguration> folderConfigurations, required String name, required String organizationId, String? description, String? id}) → Future<void>

Puts a retention policy to the specified organization.

registerMailDomain({required String domainName, required String organizationId, String? clientToken}) → Future<void>

Registers a new domain in WorkMail and SES, and configures it for use by WorkMail. Emails received by SES for this domain are routed to the specified WorkMail organization, and WorkMail has permanent permission to use the specified domain for sending your users' emails.

registerToWorkMail({required String email, required String entityId, required String organizationId}) → Future<void>

Registers an existing and disabled user, group, or resource for WorkMail use by associating a mailbox and calendaring capabilities. It performs no change if the user, group, or resource is enabled and fails if the user, group, or resource is deleted. This operation results in the accumulation of costs. For more information, see Pricing. The equivalent console functionality for this operation is Enable.

resetPassword({required String organizationId, required String password, required String userId}) → Future<void>

Allows the administrator to reset the password for a user.

startMailboxExportJob({required String entityId, required String kmsKeyArn, required String organizationId, required String roleArn, required String s3BucketName, required String s3Prefix, String? clientToken, String? description}) → Future<StartMailboxExportJobResponse>

Starts a mailbox export job to export MIME-format email messages and calendar items from the specified mailbox to the specified Amazon Simple Storage Service (Amazon S3) bucket. For more information, see Exporting mailbox content in the WorkMail Administrator Guide.

tagResource({required String resourceARN, required List<Tag> tags}) → Future<void>

Applies the specified tags to the specified WorkMailorganization resource.

testAvailabilityConfiguration({required String organizationId, String? domainName, EwsAvailabilityProvider? ewsProvider, LambdaAvailabilityProvider? lambdaProvider}) → Future<TestAvailabilityConfigurationResponse>

Performs a test on an availability provider to ensure that access is allowed. For EWS, it verifies the provided credentials can be used to successfully log in. For Lambda, it verifies that the Lambda function can be invoked and that the resource access policy was configured to deny anonymous access. An anonymous invocation is one done without providing either a SourceArn or SourceAccount header.

toString() → String

A string representation of this object.

inherited

untagResource({required String resourceARN, required List<String> tagKeys}) → Future<void>

Untags the specified tags from the specified WorkMail organization resource.

updateAvailabilityConfiguration({required String domainName, required String organizationId, EwsAvailabilityProvider? ewsProvider, LambdaAvailabilityProvider? lambdaProvider}) → Future<void>

Updates an existing AvailabilityConfiguration for the given WorkMail organization and domain.

updateDefaultMailDomain({required String domainName, required String organizationId}) → Future<void>

Updates the default mail domain for an organization. The default mail domain is used by the WorkMail AWS Console to suggest an email address when enabling a mail user. You can only have one default domain.

updateGroup({required String groupId, required String organizationId, bool? hiddenFromGlobalAddressList}) → Future<void>

Updates attributes in a group.

updateImpersonationRole({required String impersonationRoleId, required String name, required String organizationId, required List<ImpersonationRule> rules, required ImpersonationRoleType type, String? description}) → Future<void>

Updates an impersonation role for the given WorkMail organization.

updateMailboxQuota({required int mailboxQuota, required String organizationId, required String userId}) → Future<void>

Updates a user's current mailbox quota for a specified organization and user.

updateMobileDeviceAccessRule({required MobileDeviceAccessRuleEffect effect, required String mobileDeviceAccessRuleId, required String name, required String organizationId, String? description, List<String>? deviceModels, List<String>? deviceOperatingSystems, List<String>? deviceTypes, List<String>? deviceUserAgents, List<String>? notDeviceModels, List<String>? notDeviceOperatingSystems, List<String>? notDeviceTypes, List<String>? notDeviceUserAgents}) → Future<void>

Updates a mobile device access rule for the specified WorkMail organization.

updatePrimaryEmailAddress({required String email, required String entityId, required String organizationId}) → Future<void>

Updates the primary email for a user, group, or resource. The current email is moved into the list of aliases (or swapped between an existing alias and the current primary email), and the email provided in the input is promoted as the primary.

updateResource({required String organizationId, required String resourceId, BookingOptions? bookingOptions, String? description, bool? hiddenFromGlobalAddressList, String? name, ResourceType? type}) → Future<void>

Updates data for the resource. To have the latest information, it must be preceded by a DescribeResource call. The dataset in the request should be the one expected when performing another DescribeResource call.

updateUser({required String organizationId, required String userId, String? city, String? company, String? country, String? department, String? displayName, String? firstName, bool? hiddenFromGlobalAddressList, String? identityProviderUserId, String? initials, String? jobTitle, String? lastName, String? office, UserRole? role, String? street, String? telephone, String? zipCode}) → Future<void>

Updates data for the user. To have the latest information, it must be preceded by a DescribeUser call. The dataset in the request should be the one expected when performing another DescribeUser call.

Operators

operator ==(Object other) → bool

The equality operator.

inherited