IdentityStore / Client / is_member_in_groups

is_member_in_groups

IdentityStore.Client.is_member_in_groups(**kwargs)

Checks the user’s membership in all requested groups and returns if the member exists in all queried groups.

Note

If you have access to a member account, you can use this API operation from the member account. For more information, see Limiting access to the identity store from member accounts in the IAM Identity Center User Guide.

See also: AWS API Documentation

Request Syntax

response = client.is_member_in_groups(
    IdentityStoreId='string',
    MemberId={
        'UserId': 'string'
    },
    GroupIds=[
        'string',
    ]
)
Parameters:

  • IdentityStoreId (string) –

    [REQUIRED]

    The globally unique identifier for the identity store.

  • MemberId (dict) –

    [REQUIRED]

    An object containing the identifier of a group member.

    Note

    This is a Tagged Union structure. Only one of the following top level keys can be set: UserId.

    • UserId (string) –

      An object containing the identifiers of resources that can be members.

  • GroupIds (list) –

    [REQUIRED]

    A list of identifiers for groups in the identity store.

    • (string) –

Return type:

dict

Returns:

Response Syntax

{
    'Results': [
        {
            'GroupId': 'string',
            'MemberId': {
                'UserId': 'string'
            },
            'MembershipExists': True|False
        },
    ]
}

Response Structure

  • (dict) –

    • Results (list) –

      A list containing the results of membership existence checks.

      • (dict) –

        Indicates whether a resource is a member of a group in the identity store.

        • GroupId (string) –

          The identifier for a group in the identity store.

        • MemberId (dict) –

          An object that contains the identifier of a group member. Setting the UserID field to the specific identifier for a user indicates that the user is a member of the group.

          Note

          This is a Tagged Union structure. Only one of the following top level keys will be set: UserId. If a client receives an unknown member it will set SDK_UNKNOWN_MEMBER as the top level key, which maps to the name or tag of the unknown member. The structure of SDK_UNKNOWN_MEMBER is as follows:

          'SDK_UNKNOWN_MEMBER': {'name': 'UnknownMemberName'}

          • UserId (string) –

            An object containing the identifiers of resources that can be members.

        • MembershipExists (boolean) –

          Indicates whether a membership relation exists or not.

Exceptions

  • IdentityStore.Client.exceptions.ResourceNotFoundException

  • IdentityStore.Client.exceptions.ThrottlingException

  • IdentityStore.Client.exceptions.AccessDeniedException

  • IdentityStore.Client.exceptions.InternalServerException

  • IdentityStore.Client.exceptions.ValidationException