describe_effective_policy
(**kwargs)¶Returns the contents of the effective policy for specified policy type and account. The effective policy is the aggregation of any policies of the specified type that the account inherits, plus any policy of that type that is directly attached to the account.
This operation applies only to policy types other than service control policies (SCPs).
For more information about policy inheritance, see How Policy Inheritance Works in the Organizations User Guide .
This operation can be called only from the organization's management account or by a member account that is a delegated administrator for an Amazon Web Services service.
See also: AWS API Documentation
Request Syntax
response = client.describe_effective_policy(
PolicyType='TAG_POLICY'|'BACKUP_POLICY'|'AISERVICES_OPT_OUT_POLICY',
TargetId='string'
)
[REQUIRED]
The type of policy that you want information about. You can specify one of the following values:
dict
Response Syntax
{
'EffectivePolicy': {
'PolicyContent': 'string',
'LastUpdatedTimestamp': datetime(2015, 1, 1),
'TargetId': 'string',
'PolicyType': 'TAG_POLICY'|'BACKUP_POLICY'|'AISERVICES_OPT_OUT_POLICY'
}
}
Response Structure
(dict) --
EffectivePolicy (dict) --
The contents of the effective policy.
PolicyContent (string) --
The text content of the policy.
LastUpdatedTimestamp (datetime) --
The time of the last update to this policy.
TargetId (string) --
The account ID of the policy target.
PolicyType (string) --
The policy type.
Exceptions
Organizations.Client.exceptions.AccessDeniedException
Organizations.Client.exceptions.AWSOrganizationsNotInUseException
Organizations.Client.exceptions.ConstraintViolationException
Organizations.Client.exceptions.ServiceException
Organizations.Client.exceptions.TooManyRequestsException
Organizations.Client.exceptions.TargetNotFoundException
Organizations.Client.exceptions.EffectivePolicyNotFoundException
Organizations.Client.exceptions.InvalidInputException
Organizations.Client.exceptions.UnsupportedAPIEndpointException