IdentityStore / Client / list_groups

list_groups#

IdentityStore.Client.list_groups(**kwargs)#

Lists all groups in the identity store. Returns a paginated list of complete Group objects. Filtering for a Group by the DisplayName attribute is deprecated. Instead, use the GetGroupId API action.

Note

If you have administrator access to a member account, you can use this API from the member account. Read about member accounts in the Organizations User Guide.

See also: AWS API Documentation

Request Syntax

response = client.list_groups(
    IdentityStoreId='string',
    MaxResults=123,
    NextToken='string',
    Filters=[
        {
            'AttributePath': 'string',
            'AttributeValue': 'string'
        },
    ]
)
Parameters:

  • IdentityStoreId (string) –

    [REQUIRED]

    The globally unique identifier for the identity store, such as d-1234567890. In this example, d- is a fixed prefix, and 1234567890 is a randomly generated string that contains numbers and lower case letters. This value is generated at the time that a new identity store is created.

  • MaxResults (integer) – The maximum number of results to be returned per request. This parameter is used in the ListUsers and ListGroups requests to specify how many results to return in one page. The length limit is 50 characters.

  • NextToken (string) – The pagination token used for the ListUsers and ListGroups API operations. This value is generated by the identity store service. It is returned in the API response if the total results are more than the size of one page. This token is also returned when it is used in the API request to search for the next page.

  • Filters (list) –

    A list of Filter objects, which is used in the ListUsers and ListGroups requests.

    • (dict) –

      A query filter used by ListUsers and ListGroups. This filter object provides the attribute name and attribute value to search users or groups.

      • AttributePath (string) – [REQUIRED]

        The attribute path that is used to specify which attribute name to search. Length limit is 255 characters. For example, UserName is a valid attribute path for the ListUsers API, and DisplayName is a valid attribute path for the ListGroups API.

      • AttributeValue (string) – [REQUIRED]

        Represents the data for an attribute. Each attribute value is described as a name-value pair.

Return type:

dict

Returns:

Response Syntax

{
    'Groups': [
        {
            'GroupId': 'string',
            'DisplayName': 'string',
            'ExternalIds': [
                {
                    'Issuer': 'string',
                    'Id': 'string'
                },
            ],
            'Description': 'string',
            'IdentityStoreId': 'string'
        },
    ],
    'NextToken': 'string'
}

Response Structure

  • (dict) –

    • Groups (list) –

      A list of Group objects in the identity store.

      • (dict) –

        A group object that contains the metadata and attributes for a specified group.

        • GroupId (string) –

          The identifier for a group in the identity store.

        • DisplayName (string) –

          The display name value for the group. The length limit is 1,024 characters. This value can consist of letters, accented characters, symbols, numbers, punctuation, tab, new line, carriage return, space, and nonbreaking space in this attribute. This value is specified at the time the group is created and stored as an attribute of the group object in the identity store.

        • ExternalIds (list) –

          A list of ExternalId objects that contains the identifiers issued to this resource by an external identity provider.

          • (dict) –

            The identifier issued to this resource by an external identity provider.

            • Issuer (string) –

              The issuer for an external identifier.

            • Id (string) –

              The identifier issued to this resource by an external identity provider.

        • Description (string) –

          A string containing a description of the specified group.

        • IdentityStoreId (string) –

          The globally unique identifier for the identity store.

    • NextToken (string) –

      The pagination token used for the ListUsers and ListGroups API operations. This value is generated by the identity store service. It is returned in the API response if the total results are more than the size of one page. This token is also returned when it1 is used in the API request to search for the next page.

Exceptions

  • IdentityStore.Client.exceptions.ResourceNotFoundException

  • IdentityStore.Client.exceptions.ThrottlingException

  • IdentityStore.Client.exceptions.AccessDeniedException

  • IdentityStore.Client.exceptions.InternalServerException

  • IdentityStore.Client.exceptions.ValidationException