rclone/vendor/github.com/aws/aws-sdk-go/service/organizations/api.go
Nick Craig-Wood 6427029c4e vendor: update all dependencies
* Update all dependencies
  * Remove all `[[constraint]]` from Gopkg.toml
  * Add in the minimum number of `[[override]]` to build
  * Remove go get of github.com/inconshreveable/mousetrap as it is vendored
  * Update docs with new policy on constraints
2018-05-05 15:52:24 +01:00

14217 lines
579 KiB
Go

// Code generated by private/model/cli/gen-api/main.go. DO NOT EDIT.
package organizations
import (
"time"
"github.com/aws/aws-sdk-go/aws"
"github.com/aws/aws-sdk-go/aws/awsutil"
"github.com/aws/aws-sdk-go/aws/request"
"github.com/aws/aws-sdk-go/private/protocol"
"github.com/aws/aws-sdk-go/private/protocol/jsonrpc"
)
const opAcceptHandshake = "AcceptHandshake"
// AcceptHandshakeRequest generates a "aws/request.Request" representing the
// client's request for the AcceptHandshake operation. The "output" return
// value will be populated with the request's response once the request completes
// successfuly.
//
// Use "Send" method on the returned Request to send the API call to the service.
// the "output" return value is not valid until after Send returns without error.
//
// See AcceptHandshake for more information on using the AcceptHandshake
// API call, and error handling.
//
// This method is useful when you want to inject custom logic or configuration
// into the SDK's request lifecycle. Such as custom headers, or retry logic.
//
//
// // Example sending a request using the AcceptHandshakeRequest method.
// req, resp := client.AcceptHandshakeRequest(params)
//
// err := req.Send()
// if err == nil { // resp is now filled
// fmt.Println(resp)
// }
//
// See also, https://docs.aws.amazon.com/goto/WebAPI/organizations-2016-11-28/AcceptHandshake
func (c *Organizations) AcceptHandshakeRequest(input *AcceptHandshakeInput) (req *request.Request, output *AcceptHandshakeOutput) {
op := &request.Operation{
Name: opAcceptHandshake,
HTTPMethod: "POST",
HTTPPath: "/",
}
if input == nil {
input = &AcceptHandshakeInput{}
}
output = &AcceptHandshakeOutput{}
req = c.newRequest(op, input, output)
return
}
// AcceptHandshake API operation for AWS Organizations.
//
// Sends a response to the originator of a handshake agreeing to the action
// proposed by the handshake request.
//
// This operation can be called only by the following principals when they also
// have the relevant IAM permissions:
//
// * Invitation to join or Approve all features request handshakes: only
// a principal from the member account.
//
// The user who calls the API for an invitation to join must have the organizations:AcceptHandshake
// permission. If you enabled all features in the organization, then the
// user must also have the iam:CreateServiceLinkedRole permission so that
// Organizations can create the required service-linked role named OrgsServiceLinkedRoleName.
// For more information, see AWS Organizations and Service-Linked Roles (http://docs.aws.amazon.com/organizations/latest/userguide/orgs_integration_services.html#orgs_integration_service-linked-roles)
// in the AWS Organizations User Guide.
//
// * Enable all features final confirmation handshake: only a principal from
// the master account.
//
// For more information about invitations, see Inviting an AWS Account to Join
// Your Organization (http://docs.aws.amazon.com/organizations/latest/userguide/orgs_manage_accounts_invites.html)
// in the AWS Organizations User Guide. For more information about requests
// to enable all features in the organization, see Enabling All Features
// in Your Organization (http://docs.aws.amazon.com/organizations/latest/userguide/orgs_manage_org_support-all-features.html)
// in the AWS Organizations User Guide.
//
// After you accept a handshake, it continues to appear in the results of relevant
// APIs for only 30 days. After that it is deleted.
//
// Returns awserr.Error for service API and SDK errors. Use runtime type assertions
// with awserr.Error's Code and Message methods to get detailed information about
// the error.
//
// See the AWS API reference guide for AWS Organizations's
// API operation AcceptHandshake for usage and error information.
//
// Returned Error Codes:
// * ErrCodeAccessDeniedException "AccessDeniedException"
// You don't have permissions to perform the requested operation. The user or
// role that is making the request must have at least one IAM permissions policy
// attached that grants the required permissions. For more information, see
// Access Management (http://docs.aws.amazon.com/IAM/latest/UserGuide/access.html)
// in the IAM User Guide.
//
// * ErrCodeAWSOrganizationsNotInUseException "AWSOrganizationsNotInUseException"
// Your account is not a member of an organization. To make this request, you
// must use the credentials of an account that belongs to an organization.
//
// * ErrCodeHandshakeConstraintViolationException "HandshakeConstraintViolationException"
// The requested operation would violate the constraint identified in the reason
// code.
//
// Some of the reasons in the following list might not be applicable to this
// specific API or operation:
//
// * ACCOUNT_NUMBER_LIMIT_EXCEEDED: You attempted to exceed the limit on
// the number of accounts in an organization. Note: deleted and closed accounts
// still count toward your limit.
//
// If you get an exception that indicates that you exceeded your account limits
// for the organization or that you can"t add an account because your organization
// is still initializing, please contact AWS Customer Support (https://console.aws.amazon.com/support/home#/).
//
// * HANDSHAKE_RATE_LIMIT_EXCEEDED: You attempted to exceed the number of
// handshakes you can send in one day.
//
// * ALREADY_IN_AN_ORGANIZATION: The handshake request is invalid because
// the invited account is already a member of an organization.
//
// * ORGANIZATION_ALREADY_HAS_ALL_FEATURES: The handshake request is invalid
// because the organization has already enabled all features.
//
// * INVITE_DISABLED_DURING_ENABLE_ALL_FEATURES: You cannot issue new invitations
// to join an organization while it is in the process of enabling all features.
// You can resume inviting accounts after you finalize the process when all
// accounts have agreed to the change.
//
// * PAYMENT_INSTRUMENT_REQUIRED: You cannot complete the operation with
// an account that does not have a payment instrument, such as a credit card,
// associated with it.
//
// * ORGANIZATION_FROM_DIFFERENT_SELLER_OF_RECORD: The request failed because
// the account is from a different marketplace than the accounts in the organization.
// For example, accounts with India addresses must be associated with the
// AISPL marketplace. All accounts in an organization must be from the same
// marketplace.
//
// * ORGANIZATION_MEMBERSHIP_CHANGE_RATE_LIMIT_EXCEEDED: You attempted to
// change the membership of an account too quickly after its previous change.
//
// * ErrCodeHandshakeNotFoundException "HandshakeNotFoundException"
// We can't find a handshake with the HandshakeId that you specified.
//
// * ErrCodeInvalidHandshakeTransitionException "InvalidHandshakeTransitionException"
// You can't perform the operation on the handshake in its current state. For
// example, you can't cancel a handshake that was already accepted, or accept
// a handshake that was already declined.
//
// * ErrCodeHandshakeAlreadyInStateException "HandshakeAlreadyInStateException"
// The specified handshake is already in the requested state. For example, you
// can't accept a handshake that was already accepted.
//
// * ErrCodeInvalidInputException "InvalidInputException"
// The requested operation failed because you provided invalid values for one
// or more of the request parameters. This exception includes a reason that
// contains additional information about the violated limit:
//
// Some of the reasons in the following list might not be applicable to this
// specific API or operation:
//
// * IMMUTABLE_POLICY: You specified a policy that is managed by AWS and
// cannot be modified.
//
// * INPUT_REQUIRED: You must include a value for all required parameters.
//
// * INVALID_ENUM: You specified a value that is not valid for that parameter.
//
// * INVALID_FULL_NAME_TARGET: You specified a full name that contains invalid
// characters.
//
// * INVALID_LIST_MEMBER: You provided a list to a parameter that contains
// at least one invalid value.
//
// * INVALID_PARTY_TYPE_TARGET: You specified the wrong type of entity (account,
// organization, or email) as a party.
//
// * INVALID_PAGINATION_TOKEN: Get the value for the NextToken parameter
// from the response to a previous call of the operation.
//
// * INVALID_PATTERN: You provided a value that doesn't match the required
// pattern.
//
// * INVALID_PATTERN_TARGET_ID: You specified a policy target ID that doesn't
// match the required pattern.
//
// * INVALID_ROLE_NAME: You provided a role name that is not valid. A role
// name can’t begin with the reserved prefix 'AWSServiceRoleFor'.
//
// * INVALID_SYNTAX_ORGANIZATION_ARN: You specified an invalid ARN for the
// organization.
//
// * INVALID_SYNTAX_POLICY_ID: You specified an invalid policy ID.
//
// * MAX_FILTER_LIMIT_EXCEEDED: You can specify only one filter parameter
// for the operation.
//
// * MAX_LENGTH_EXCEEDED: You provided a string parameter that is longer
// than allowed.
//
// * MAX_VALUE_EXCEEDED: You provided a numeric parameter that has a larger
// value than allowed.
//
// * MIN_LENGTH_EXCEEDED: You provided a string parameter that is shorter
// than allowed.
//
// * MIN_VALUE_EXCEEDED: You provided a numeric parameter that has a smaller
// value than allowed.
//
// * MOVING_ACCOUNT_BETWEEN_DIFFERENT_ROOTS: You can move an account only
// between entities in the same root.
//
// * ErrCodeConcurrentModificationException "ConcurrentModificationException"
// The target of the operation is currently being modified by a different request.
// Try again later.
//
// * ErrCodeServiceException "ServiceException"
// AWS Organizations can't complete your request because of an internal service
// error. Try again later.
//
// * ErrCodeTooManyRequestsException "TooManyRequestsException"
// You've sent too many requests in too short a period of time. The limit helps
// protect against denial-of-service attacks. Try again later.
//
// * ErrCodeAccessDeniedForDependencyException "AccessDeniedForDependencyException"
// The operation you attempted requires you to have the iam:CreateServiceLinkedRole
// so that Organizations can create the required service-linked role. You do
// not have that permission.
//
// See also, https://docs.aws.amazon.com/goto/WebAPI/organizations-2016-11-28/AcceptHandshake
func (c *Organizations) AcceptHandshake(input *AcceptHandshakeInput) (*AcceptHandshakeOutput, error) {
req, out := c.AcceptHandshakeRequest(input)
return out, req.Send()
}
// AcceptHandshakeWithContext is the same as AcceptHandshake with the addition of
// the ability to pass a context and additional request options.
//
// See AcceptHandshake for details on how to use this API operation.
//
// The context must be non-nil and will be used for request cancellation. If
// the context is nil a panic will occur. In the future the SDK may create
// sub-contexts for http.Requests. See https://golang.org/pkg/context/
// for more information on using Contexts.
func (c *Organizations) AcceptHandshakeWithContext(ctx aws.Context, input *AcceptHandshakeInput, opts ...request.Option) (*AcceptHandshakeOutput, error) {
req, out := c.AcceptHandshakeRequest(input)
req.SetContext(ctx)
req.ApplyOptions(opts...)
return out, req.Send()
}
const opAttachPolicy = "AttachPolicy"
// AttachPolicyRequest generates a "aws/request.Request" representing the
// client's request for the AttachPolicy operation. The "output" return
// value will be populated with the request's response once the request completes
// successfuly.
//
// Use "Send" method on the returned Request to send the API call to the service.
// the "output" return value is not valid until after Send returns without error.
//
// See AttachPolicy for more information on using the AttachPolicy
// API call, and error handling.
//
// This method is useful when you want to inject custom logic or configuration
// into the SDK's request lifecycle. Such as custom headers, or retry logic.
//
//
// // Example sending a request using the AttachPolicyRequest method.
// req, resp := client.AttachPolicyRequest(params)
//
// err := req.Send()
// if err == nil { // resp is now filled
// fmt.Println(resp)
// }
//
// See also, https://docs.aws.amazon.com/goto/WebAPI/organizations-2016-11-28/AttachPolicy
func (c *Organizations) AttachPolicyRequest(input *AttachPolicyInput) (req *request.Request, output *AttachPolicyOutput) {
op := &request.Operation{
Name: opAttachPolicy,
HTTPMethod: "POST",
HTTPPath: "/",
}
if input == nil {
input = &AttachPolicyInput{}
}
output = &AttachPolicyOutput{}
req = c.newRequest(op, input, output)
req.Handlers.Unmarshal.Remove(jsonrpc.UnmarshalHandler)
req.Handlers.Unmarshal.PushBackNamed(protocol.UnmarshalDiscardBodyHandler)
return
}
// AttachPolicy API operation for AWS Organizations.
//
// Attaches a policy to a root, an organizational unit, or an individual account.
// How the policy affects accounts depends on the type of policy:
//
// * Service control policy (SCP) - An SCP specifies what permissions can
// be delegated to users in affected member accounts. The scope of influence
// for a policy depends on what you attach the policy to:
//
// If you attach an SCP to a root, it affects all accounts in the organization.
//
// If you attach an SCP to an OU, it affects all accounts in that OU and in
// any child OUs.
//
// If you attach the policy directly to an account, then it affects only that
// account.
//
// SCPs essentially are permission "filters". When you attach one SCP to a higher
// level root or OU, and you also attach a different SCP to a child OU or
// to an account, the child policy can further restrict only the permissions
// that pass through the parent filter and are available to the child. An
// SCP that is attached to a child cannot grant a permission that is not
// already granted by the parent. For example, imagine that the parent SCP
// allows permissions A, B, C, D, and E. The child SCP allows C, D, E, F,
// and G. The result is that the accounts affected by the child SCP are allowed
// to use only C, D, and E. They cannot use A or B because they were filtered
// out by the child OU. They also cannot use F and G because they were filtered
// out by the parent OU. They cannot be granted back by the child SCP; child
// SCPs can only filter the permissions they receive from the parent SCP.
//
// AWS Organizations attaches a default SCP named "FullAWSAccess to every root,
// OU, and account. This default SCP allows all services and actions, enabling
// any new child OU or account to inherit the permissions of the parent root
// or OU. If you detach the default policy, you must replace it with a policy
// that specifies the permissions that you want to allow in that OU or account.
//
// For more information about how Organizations policies permissions work, see
// Using Service Control Policies (http://docs.aws.amazon.com/organizations/latest/userguide/orgs_manage_policies_scp.html)
// in the AWS Organizations User Guide.
//
// This operation can be called only from the organization's master account.
//
// Returns awserr.Error for service API and SDK errors. Use runtime type assertions
// with awserr.Error's Code and Message methods to get detailed information about
// the error.
//
// See the AWS API reference guide for AWS Organizations's
// API operation AttachPolicy for usage and error information.
//
// Returned Error Codes:
// * ErrCodeAccessDeniedException "AccessDeniedException"
// You don't have permissions to perform the requested operation. The user or
// role that is making the request must have at least one IAM permissions policy
// attached that grants the required permissions. For more information, see
// Access Management (http://docs.aws.amazon.com/IAM/latest/UserGuide/access.html)
// in the IAM User Guide.
//
// * ErrCodeAWSOrganizationsNotInUseException "AWSOrganizationsNotInUseException"
// Your account is not a member of an organization. To make this request, you
// must use the credentials of an account that belongs to an organization.
//
// * ErrCodeConcurrentModificationException "ConcurrentModificationException"
// The target of the operation is currently being modified by a different request.
// Try again later.
//
// * ErrCodeConstraintViolationException "ConstraintViolationException"
// Performing this operation violates a minimum or maximum value limit. For
// example, attempting to removing the last SCP from an OU or root, inviting
// or creating too many accounts to the organization, or attaching too many
// policies to an account, OU, or root. This exception includes a reason that
// contains additional information about the violated limit:
//
// Some of the reasons in the following list might not be applicable to this
// specific API or operation:
//
// ACCOUNT_NUMBER_LIMIT_EXCEEDED: You attempted to exceed the limit on the number
// of accounts in an organization. If you need more accounts, contact AWS Support
// to request an increase in your limit.
//
// Or, The number of invitations that you tried to send would cause you to exceed
// the limit of accounts in your organization. Send fewer invitations, or contact
// AWS Support to request an increase in the number of accounts.
//
// Note: deleted and closed accounts still count toward your limit.
//
// If you get an exception that indicates that you exceeded your account limits
// for the organization or that you can"t add an account because your organization
// is still initializing, please contact AWS Customer Support (https://console.aws.amazon.com/support/home#/).
//
// * HANDSHAKE_RATE_LIMIT_EXCEEDED: You attempted to exceed the number of
// handshakes you can send in one day.
//
// * OU_NUMBER_LIMIT_EXCEEDED: You attempted to exceed the number of organizational
// units you can have in an organization.
//
// * OU_DEPTH_LIMIT_EXCEEDED: You attempted to create an organizational unit
// tree that is too many levels deep.
//
// * POLICY_NUMBER_LIMIT_EXCEEDED. You attempted to exceed the number of
// policies that you can have in an organization.
//
// * MAX_POLICY_TYPE_ATTACHMENT_LIMIT_EXCEEDED: You attempted to exceed the
// number of policies of a certain type that can be attached to an entity
// at one time.
//
// * MIN_POLICY_TYPE_ATTACHMENT_LIMIT_EXCEEDED: You attempted to detach a
// policy from an entity that would cause the entity to have fewer than the
// minimum number of policies of a certain type required.
//
// * ACCOUNT_CANNOT_LEAVE_WITHOUT_EULA: You attempted to remove an account
// from the organization that does not yet have enough information to exist
// as a stand-alone account. This account requires you to first agree to
// the AWS Customer Agreement. Follow the steps at To leave an organization
// when all required account information has not yet been provided (http://docs.aws.amazon.com/organizations/latest/userguide/orgs_manage_accounts_remove.html#leave-without-all-info)
// in the AWS Organizations User Guide.
//
// * ACCOUNT_CANNOT_LEAVE_WITHOUT_PHONE_VERIFICATION: You attempted to remove
// an account from the organization that does not yet have enough information
// to exist as a stand-alone account. This account requires you to first
// complete phone verification. Follow the steps at To leave an organization
// when all required account information has not yet been provided (http://docs.aws.amazon.com/organizations/latest/userguide/orgs_manage_accounts_remove.html#leave-without-all-info)
// in the AWS Organizations User Guide.
//
// * MASTER_ACCOUNT_PAYMENT_INSTRUMENT_REQUIRED: To create an organization
// with this account, you first must associate a payment instrument, such
// as a credit card, with the account. Follow the steps at To leave an organization
// when all required account information has not yet been provided (http://docs.aws.amazon.com/organizations/latest/userguide/orgs_manage_accounts_remove.html#leave-without-all-info)
// in the AWS Organizations User Guide.
//
// * MEMBER_ACCOUNT_PAYMENT_INSTRUMENT_REQUIRED: To complete this operation
// with this member account, you first must associate a payment instrument,
// such as a credit card, with the account. Follow the steps at To leave
// an organization when all required account information has not yet been
// provided (http://docs.aws.amazon.com/organizations/latest/userguide/orgs_manage_accounts_remove.html#leave-without-all-info)
// in the AWS Organizations User Guide.
//
// * ACCOUNT_CREATION_RATE_LIMIT_EXCEEDED: You attempted to exceed the number
// of accounts that you can create in one day.
//
// * MASTER_ACCOUNT_ADDRESS_DOES_NOT_MATCH_MARKETPLACE: To create an account
// in this organization, you first must migrate the organization's master
// account to the marketplace that corresponds to the master account's address.
// For example, accounts with India addresses must be associated with the
// AISPL marketplace. All accounts in an organization must be associated
// with the same marketplace.
//
// * MASTER_ACCOUNT_MISSING_CONTACT_INFO: To complete this operation, you
// must first provide contact a valid address and phone number for the master
// account. Then try the operation again.
//
// * ErrCodeDuplicatePolicyAttachmentException "DuplicatePolicyAttachmentException"
// The selected policy is already attached to the specified target.
//
// * ErrCodeInvalidInputException "InvalidInputException"
// The requested operation failed because you provided invalid values for one
// or more of the request parameters. This exception includes a reason that
// contains additional information about the violated limit:
//
// Some of the reasons in the following list might not be applicable to this
// specific API or operation:
//
// * IMMUTABLE_POLICY: You specified a policy that is managed by AWS and
// cannot be modified.
//
// * INPUT_REQUIRED: You must include a value for all required parameters.
//
// * INVALID_ENUM: You specified a value that is not valid for that parameter.
//
// * INVALID_FULL_NAME_TARGET: You specified a full name that contains invalid
// characters.
//
// * INVALID_LIST_MEMBER: You provided a list to a parameter that contains
// at least one invalid value.
//
// * INVALID_PARTY_TYPE_TARGET: You specified the wrong type of entity (account,
// organization, or email) as a party.
//
// * INVALID_PAGINATION_TOKEN: Get the value for the NextToken parameter
// from the response to a previous call of the operation.
//
// * INVALID_PATTERN: You provided a value that doesn't match the required
// pattern.
//
// * INVALID_PATTERN_TARGET_ID: You specified a policy target ID that doesn't
// match the required pattern.
//
// * INVALID_ROLE_NAME: You provided a role name that is not valid. A role
// name can’t begin with the reserved prefix 'AWSServiceRoleFor'.
//
// * INVALID_SYNTAX_ORGANIZATION_ARN: You specified an invalid ARN for the
// organization.
//
// * INVALID_SYNTAX_POLICY_ID: You specified an invalid policy ID.
//
// * MAX_FILTER_LIMIT_EXCEEDED: You can specify only one filter parameter
// for the operation.
//
// * MAX_LENGTH_EXCEEDED: You provided a string parameter that is longer
// than allowed.
//
// * MAX_VALUE_EXCEEDED: You provided a numeric parameter that has a larger
// value than allowed.
//
// * MIN_LENGTH_EXCEEDED: You provided a string parameter that is shorter
// than allowed.
//
// * MIN_VALUE_EXCEEDED: You provided a numeric parameter that has a smaller
// value than allowed.
//
// * MOVING_ACCOUNT_BETWEEN_DIFFERENT_ROOTS: You can move an account only
// between entities in the same root.
//
// * ErrCodePolicyNotFoundException "PolicyNotFoundException"
// We can't find a policy with the PolicyId that you specified.
//
// * ErrCodePolicyTypeNotEnabledException "PolicyTypeNotEnabledException"
// The specified policy type is not currently enabled in this root. You cannot
// attach policies of the specified type to entities in a root until you enable
// that type in the root. For more information, see Enabling All Features in
// Your Organization (http://docs.aws.amazon.com/organizations/latest/userguide/orgs_manage_org_support-all-features.html)
// in the AWS Organizations User Guide.
//
// * ErrCodeServiceException "ServiceException"
// AWS Organizations can't complete your request because of an internal service
// error. Try again later.
//
// * ErrCodeTargetNotFoundException "TargetNotFoundException"
// We can't find a root, OU, or account with the TargetId that you specified.
//
// * ErrCodeTooManyRequestsException "TooManyRequestsException"
// You've sent too many requests in too short a period of time. The limit helps
// protect against denial-of-service attacks. Try again later.
//
// See also, https://docs.aws.amazon.com/goto/WebAPI/organizations-2016-11-28/AttachPolicy
func (c *Organizations) AttachPolicy(input *AttachPolicyInput) (*AttachPolicyOutput, error) {
req, out := c.AttachPolicyRequest(input)
return out, req.Send()
}
// AttachPolicyWithContext is the same as AttachPolicy with the addition of
// the ability to pass a context and additional request options.
//
// See AttachPolicy for details on how to use this API operation.
//
// The context must be non-nil and will be used for request cancellation. If
// the context is nil a panic will occur. In the future the SDK may create
// sub-contexts for http.Requests. See https://golang.org/pkg/context/
// for more information on using Contexts.
func (c *Organizations) AttachPolicyWithContext(ctx aws.Context, input *AttachPolicyInput, opts ...request.Option) (*AttachPolicyOutput, error) {
req, out := c.AttachPolicyRequest(input)
req.SetContext(ctx)
req.ApplyOptions(opts...)
return out, req.Send()
}
const opCancelHandshake = "CancelHandshake"
// CancelHandshakeRequest generates a "aws/request.Request" representing the
// client's request for the CancelHandshake operation. The "output" return
// value will be populated with the request's response once the request completes
// successfuly.
//
// Use "Send" method on the returned Request to send the API call to the service.
// the "output" return value is not valid until after Send returns without error.
//
// See CancelHandshake for more information on using the CancelHandshake
// API call, and error handling.
//
// This method is useful when you want to inject custom logic or configuration
// into the SDK's request lifecycle. Such as custom headers, or retry logic.
//
//
// // Example sending a request using the CancelHandshakeRequest method.
// req, resp := client.CancelHandshakeRequest(params)
//
// err := req.Send()
// if err == nil { // resp is now filled
// fmt.Println(resp)
// }
//
// See also, https://docs.aws.amazon.com/goto/WebAPI/organizations-2016-11-28/CancelHandshake
func (c *Organizations) CancelHandshakeRequest(input *CancelHandshakeInput) (req *request.Request, output *CancelHandshakeOutput) {
op := &request.Operation{
Name: opCancelHandshake,
HTTPMethod: "POST",
HTTPPath: "/",
}
if input == nil {
input = &CancelHandshakeInput{}
}
output = &CancelHandshakeOutput{}
req = c.newRequest(op, input, output)
return
}
// CancelHandshake API operation for AWS Organizations.
//
// Cancels a handshake. Canceling a handshake sets the handshake state to CANCELED.
//
// This operation can be called only from the account that originated the handshake.
// The recipient of the handshake can't cancel it, but can use DeclineHandshake
// instead. After a handshake is canceled, the recipient can no longer respond
// to that handshake.
//
// After you cancel a handshake, it continues to appear in the results of relevant
// APIs for only 30 days. After that it is deleted.
//
// Returns awserr.Error for service API and SDK errors. Use runtime type assertions
// with awserr.Error's Code and Message methods to get detailed information about
// the error.
//
// See the AWS API reference guide for AWS Organizations's
// API operation CancelHandshake for usage and error information.
//
// Returned Error Codes:
// * ErrCodeAccessDeniedException "AccessDeniedException"
// You don't have permissions to perform the requested operation. The user or
// role that is making the request must have at least one IAM permissions policy
// attached that grants the required permissions. For more information, see
// Access Management (http://docs.aws.amazon.com/IAM/latest/UserGuide/access.html)
// in the IAM User Guide.
//
// * ErrCodeConcurrentModificationException "ConcurrentModificationException"
// The target of the operation is currently being modified by a different request.
// Try again later.
//
// * ErrCodeHandshakeNotFoundException "HandshakeNotFoundException"
// We can't find a handshake with the HandshakeId that you specified.
//
// * ErrCodeInvalidHandshakeTransitionException "InvalidHandshakeTransitionException"
// You can't perform the operation on the handshake in its current state. For
// example, you can't cancel a handshake that was already accepted, or accept
// a handshake that was already declined.
//
// * ErrCodeHandshakeAlreadyInStateException "HandshakeAlreadyInStateException"
// The specified handshake is already in the requested state. For example, you
// can't accept a handshake that was already accepted.
//
// * ErrCodeInvalidInputException "InvalidInputException"
// The requested operation failed because you provided invalid values for one
// or more of the request parameters. This exception includes a reason that
// contains additional information about the violated limit:
//
// Some of the reasons in the following list might not be applicable to this
// specific API or operation:
//
// * IMMUTABLE_POLICY: You specified a policy that is managed by AWS and
// cannot be modified.
//
// * INPUT_REQUIRED: You must include a value for all required parameters.
//
// * INVALID_ENUM: You specified a value that is not valid for that parameter.
//
// * INVALID_FULL_NAME_TARGET: You specified a full name that contains invalid
// characters.
//
// * INVALID_LIST_MEMBER: You provided a list to a parameter that contains
// at least one invalid value.
//
// * INVALID_PARTY_TYPE_TARGET: You specified the wrong type of entity (account,
// organization, or email) as a party.
//
// * INVALID_PAGINATION_TOKEN: Get the value for the NextToken parameter
// from the response to a previous call of the operation.
//
// * INVALID_PATTERN: You provided a value that doesn't match the required
// pattern.
//
// * INVALID_PATTERN_TARGET_ID: You specified a policy target ID that doesn't
// match the required pattern.
//
// * INVALID_ROLE_NAME: You provided a role name that is not valid. A role
// name can’t begin with the reserved prefix 'AWSServiceRoleFor'.
//
// * INVALID_SYNTAX_ORGANIZATION_ARN: You specified an invalid ARN for the
// organization.
//
// * INVALID_SYNTAX_POLICY_ID: You specified an invalid policy ID.
//
// * MAX_FILTER_LIMIT_EXCEEDED: You can specify only one filter parameter
// for the operation.
//
// * MAX_LENGTH_EXCEEDED: You provided a string parameter that is longer
// than allowed.
//
// * MAX_VALUE_EXCEEDED: You provided a numeric parameter that has a larger
// value than allowed.
//
// * MIN_LENGTH_EXCEEDED: You provided a string parameter that is shorter
// than allowed.
//
// * MIN_VALUE_EXCEEDED: You provided a numeric parameter that has a smaller
// value than allowed.
//
// * MOVING_ACCOUNT_BETWEEN_DIFFERENT_ROOTS: You can move an account only
// between entities in the same root.
//
// * ErrCodeServiceException "ServiceException"
// AWS Organizations can't complete your request because of an internal service
// error. Try again later.
//
// * ErrCodeTooManyRequestsException "TooManyRequestsException"
// You've sent too many requests in too short a period of time. The limit helps
// protect against denial-of-service attacks. Try again later.
//
// See also, https://docs.aws.amazon.com/goto/WebAPI/organizations-2016-11-28/CancelHandshake
func (c *Organizations) CancelHandshake(input *CancelHandshakeInput) (*CancelHandshakeOutput, error) {
req, out := c.CancelHandshakeRequest(input)
return out, req.Send()
}
// CancelHandshakeWithContext is the same as CancelHandshake with the addition of
// the ability to pass a context and additional request options.
//
// See CancelHandshake for details on how to use this API operation.
//
// The context must be non-nil and will be used for request cancellation. If
// the context is nil a panic will occur. In the future the SDK may create
// sub-contexts for http.Requests. See https://golang.org/pkg/context/
// for more information on using Contexts.
func (c *Organizations) CancelHandshakeWithContext(ctx aws.Context, input *CancelHandshakeInput, opts ...request.Option) (*CancelHandshakeOutput, error) {
req, out := c.CancelHandshakeRequest(input)
req.SetContext(ctx)
req.ApplyOptions(opts...)
return out, req.Send()
}
const opCreateAccount = "CreateAccount"
// CreateAccountRequest generates a "aws/request.Request" representing the
// client's request for the CreateAccount operation. The "output" return
// value will be populated with the request's response once the request completes
// successfuly.
//
// Use "Send" method on the returned Request to send the API call to the service.
// the "output" return value is not valid until after Send returns without error.
//
// See CreateAccount for more information on using the CreateAccount
// API call, and error handling.
//
// This method is useful when you want to inject custom logic or configuration
// into the SDK's request lifecycle. Such as custom headers, or retry logic.
//
//
// // Example sending a request using the CreateAccountRequest method.
// req, resp := client.CreateAccountRequest(params)
//
// err := req.Send()
// if err == nil { // resp is now filled
// fmt.Println(resp)
// }
//
// See also, https://docs.aws.amazon.com/goto/WebAPI/organizations-2016-11-28/CreateAccount
func (c *Organizations) CreateAccountRequest(input *CreateAccountInput) (req *request.Request, output *CreateAccountOutput) {
op := &request.Operation{
Name: opCreateAccount,
HTTPMethod: "POST",
HTTPPath: "/",
}
if input == nil {
input = &CreateAccountInput{}
}
output = &CreateAccountOutput{}
req = c.newRequest(op, input, output)
return
}
// CreateAccount API operation for AWS Organizations.
//
// Creates an AWS account that is automatically a member of the organization
// whose credentials made the request. This is an asynchronous request that
// AWS performs in the background. If you want to check the status of the request
// later, you need the OperationId response element from this operation to provide
// as a parameter to the DescribeCreateAccountStatus operation.
//
// The user who calls the API for an invitation to join must have the organizations:CreateAccount
// permission. If you enabled all features in the organization, then the user
// must also have the iam:CreateServiceLinkedRole permission so that Organizations
// can create the required service-linked role named OrgsServiceLinkedRoleName.
// For more information, see AWS Organizations and Service-Linked Roles (http://docs.aws.amazon.com/organizations/latest/userguide/orgs_integration_services.html#orgs_integration_service-linked-roles)
// in the AWS Organizations User Guide.
//
// The user in the master account who calls this API must also have the iam:CreateRole
// permission because AWS Organizations preconfigures the new member account
// with a role (named OrganizationAccountAccessRole by default) that grants
// users in the master account administrator permissions in the new member account.
// Principals in the master account can assume the role. AWS Organizations clones
// the company name and address information for the new account from the organization's
// master account.
//
// This operation can be called only from the organization's master account.
//
// For more information about creating accounts, see Creating an AWS Account
// in Your Organization (http://docs.aws.amazon.com/organizations/latest/userguide/orgs_manage_accounts_create.html)
// in the AWS Organizations User Guide.
//
// When you create an account in an organization using the AWS Organizations
// console, API, or CLI commands, the information required for the account to
// operate as a standalone account, such as a payment method and signing the
// End User Licence Agreement (EULA) is not automatically collected. If you
// must remove an account from your organization later, you can do so only after
// you provide the missing information. Follow the steps at To leave an organization
// when all required account information has not yet been provided (http://docs.aws.amazon.com/organizations/latest/userguide/orgs_manage_accounts_remove.html#leave-without-all-info)
// in the AWS Organizations User Guide.
//
// When you create a member account with this operation, you can choose whether
// to create the account with the IAM User and Role Access to Billing Information
// switch enabled. If you enable it, IAM users and roles that have appropriate
// permissions can view billing information for the account. If you disable
// this, then only the account root user can access billing information. For
// information about how to disable this for an account, see Granting Access
// to Your Billing Information and Tools (http://docs.aws.amazon.com/awsaccountbilling/latest/aboutv2/grantaccess.html).
//
// This operation can be called only from the organization's master account.
//
// If you get an exception that indicates that you exceeded your account limits
// for the organization or that you can"t add an account because your organization
// is still initializing, please contact AWS Customer Support (https://console.aws.amazon.com/support/home#/).
//
// Returns awserr.Error for service API and SDK errors. Use runtime type assertions
// with awserr.Error's Code and Message methods to get detailed information about
// the error.
//
// See the AWS API reference guide for AWS Organizations's
// API operation CreateAccount for usage and error information.
//
// Returned Error Codes:
// * ErrCodeAccessDeniedException "AccessDeniedException"
// You don't have permissions to perform the requested operation. The user or
// role that is making the request must have at least one IAM permissions policy
// attached that grants the required permissions. For more information, see
// Access Management (http://docs.aws.amazon.com/IAM/latest/UserGuide/access.html)
// in the IAM User Guide.
//
// * ErrCodeAWSOrganizationsNotInUseException "AWSOrganizationsNotInUseException"
// Your account is not a member of an organization. To make this request, you
// must use the credentials of an account that belongs to an organization.
//
// * ErrCodeConcurrentModificationException "ConcurrentModificationException"
// The target of the operation is currently being modified by a different request.
// Try again later.
//
// * ErrCodeConstraintViolationException "ConstraintViolationException"
// Performing this operation violates a minimum or maximum value limit. For
// example, attempting to removing the last SCP from an OU or root, inviting
// or creating too many accounts to the organization, or attaching too many
// policies to an account, OU, or root. This exception includes a reason that
// contains additional information about the violated limit:
//
// Some of the reasons in the following list might not be applicable to this
// specific API or operation:
//
// ACCOUNT_NUMBER_LIMIT_EXCEEDED: You attempted to exceed the limit on the number
// of accounts in an organization. If you need more accounts, contact AWS Support
// to request an increase in your limit.
//
// Or, The number of invitations that you tried to send would cause you to exceed
// the limit of accounts in your organization. Send fewer invitations, or contact
// AWS Support to request an increase in the number of accounts.
//
// Note: deleted and closed accounts still count toward your limit.
//
// If you get an exception that indicates that you exceeded your account limits
// for the organization or that you can"t add an account because your organization
// is still initializing, please contact AWS Customer Support (https://console.aws.amazon.com/support/home#/).
//
// * HANDSHAKE_RATE_LIMIT_EXCEEDED: You attempted to exceed the number of
// handshakes you can send in one day.
//
// * OU_NUMBER_LIMIT_EXCEEDED: You attempted to exceed the number of organizational
// units you can have in an organization.
//
// * OU_DEPTH_LIMIT_EXCEEDED: You attempted to create an organizational unit
// tree that is too many levels deep.
//
// * POLICY_NUMBER_LIMIT_EXCEEDED. You attempted to exceed the number of
// policies that you can have in an organization.
//
// * MAX_POLICY_TYPE_ATTACHMENT_LIMIT_EXCEEDED: You attempted to exceed the
// number of policies of a certain type that can be attached to an entity
// at one time.
//
// * MIN_POLICY_TYPE_ATTACHMENT_LIMIT_EXCEEDED: You attempted to detach a
// policy from an entity that would cause the entity to have fewer than the
// minimum number of policies of a certain type required.
//
// * ACCOUNT_CANNOT_LEAVE_WITHOUT_EULA: You attempted to remove an account
// from the organization that does not yet have enough information to exist
// as a stand-alone account. This account requires you to first agree to
// the AWS Customer Agreement. Follow the steps at To leave an organization
// when all required account information has not yet been provided (http://docs.aws.amazon.com/organizations/latest/userguide/orgs_manage_accounts_remove.html#leave-without-all-info)
// in the AWS Organizations User Guide.
//
// * ACCOUNT_CANNOT_LEAVE_WITHOUT_PHONE_VERIFICATION: You attempted to remove
// an account from the organization that does not yet have enough information
// to exist as a stand-alone account. This account requires you to first
// complete phone verification. Follow the steps at To leave an organization
// when all required account information has not yet been provided (http://docs.aws.amazon.com/organizations/latest/userguide/orgs_manage_accounts_remove.html#leave-without-all-info)
// in the AWS Organizations User Guide.
//
// * MASTER_ACCOUNT_PAYMENT_INSTRUMENT_REQUIRED: To create an organization
// with this account, you first must associate a payment instrument, such
// as a credit card, with the account. Follow the steps at To leave an organization
// when all required account information has not yet been provided (http://docs.aws.amazon.com/organizations/latest/userguide/orgs_manage_accounts_remove.html#leave-without-all-info)
// in the AWS Organizations User Guide.
//
// * MEMBER_ACCOUNT_PAYMENT_INSTRUMENT_REQUIRED: To complete this operation
// with this member account, you first must associate a payment instrument,
// such as a credit card, with the account. Follow the steps at To leave
// an organization when all required account information has not yet been
// provided (http://docs.aws.amazon.com/organizations/latest/userguide/orgs_manage_accounts_remove.html#leave-without-all-info)
// in the AWS Organizations User Guide.
//
// * ACCOUNT_CREATION_RATE_LIMIT_EXCEEDED: You attempted to exceed the number
// of accounts that you can create in one day.
//
// * MASTER_ACCOUNT_ADDRESS_DOES_NOT_MATCH_MARKETPLACE: To create an account
// in this organization, you first must migrate the organization's master
// account to the marketplace that corresponds to the master account's address.
// For example, accounts with India addresses must be associated with the
// AISPL marketplace. All accounts in an organization must be associated
// with the same marketplace.
//
// * MASTER_ACCOUNT_MISSING_CONTACT_INFO: To complete this operation, you
// must first provide contact a valid address and phone number for the master
// account. Then try the operation again.
//
// * ErrCodeInvalidInputException "InvalidInputException"
// The requested operation failed because you provided invalid values for one
// or more of the request parameters. This exception includes a reason that
// contains additional information about the violated limit:
//
// Some of the reasons in the following list might not be applicable to this
// specific API or operation:
//
// * IMMUTABLE_POLICY: You specified a policy that is managed by AWS and
// cannot be modified.
//
// * INPUT_REQUIRED: You must include a value for all required parameters.
//
// * INVALID_ENUM: You specified a value that is not valid for that parameter.
//
// * INVALID_FULL_NAME_TARGET: You specified a full name that contains invalid
// characters.
//
// * INVALID_LIST_MEMBER: You provided a list to a parameter that contains
// at least one invalid value.
//
// * INVALID_PARTY_TYPE_TARGET: You specified the wrong type of entity (account,
// organization, or email) as a party.
//
// * INVALID_PAGINATION_TOKEN: Get the value for the NextToken parameter
// from the response to a previous call of the operation.
//
// * INVALID_PATTERN: You provided a value that doesn't match the required
// pattern.
//
// * INVALID_PATTERN_TARGET_ID: You specified a policy target ID that doesn't
// match the required pattern.
//
// * INVALID_ROLE_NAME: You provided a role name that is not valid. A role
// name can’t begin with the reserved prefix 'AWSServiceRoleFor'.
//
// * INVALID_SYNTAX_ORGANIZATION_ARN: You specified an invalid ARN for the
// organization.
//
// * INVALID_SYNTAX_POLICY_ID: You specified an invalid policy ID.
//
// * MAX_FILTER_LIMIT_EXCEEDED: You can specify only one filter parameter
// for the operation.
//
// * MAX_LENGTH_EXCEEDED: You provided a string parameter that is longer
// than allowed.
//
// * MAX_VALUE_EXCEEDED: You provided a numeric parameter that has a larger
// value than allowed.
//
// * MIN_LENGTH_EXCEEDED: You provided a string parameter that is shorter
// than allowed.
//
// * MIN_VALUE_EXCEEDED: You provided a numeric parameter that has a smaller
// value than allowed.
//
// * MOVING_ACCOUNT_BETWEEN_DIFFERENT_ROOTS: You can move an account only
// between entities in the same root.
//
// * ErrCodeFinalizingOrganizationException "FinalizingOrganizationException"
// AWS Organizations could not finalize the creation of your organization. Try
// again later. If this persists, contact AWS customer support.
//
// * ErrCodeServiceException "ServiceException"
// AWS Organizations can't complete your request because of an internal service
// error. Try again later.
//
// * ErrCodeTooManyRequestsException "TooManyRequestsException"
// You've sent too many requests in too short a period of time. The limit helps
// protect against denial-of-service attacks. Try again later.
//
// See also, https://docs.aws.amazon.com/goto/WebAPI/organizations-2016-11-28/CreateAccount
func (c *Organizations) CreateAccount(input *CreateAccountInput) (*CreateAccountOutput, error) {
req, out := c.CreateAccountRequest(input)
return out, req.Send()
}
// CreateAccountWithContext is the same as CreateAccount with the addition of
// the ability to pass a context and additional request options.
//
// See CreateAccount for details on how to use this API operation.
//
// The context must be non-nil and will be used for request cancellation. If
// the context is nil a panic will occur. In the future the SDK may create
// sub-contexts for http.Requests. See https://golang.org/pkg/context/
// for more information on using Contexts.
func (c *Organizations) CreateAccountWithContext(ctx aws.Context, input *CreateAccountInput, opts ...request.Option) (*CreateAccountOutput, error) {
req, out := c.CreateAccountRequest(input)
req.SetContext(ctx)
req.ApplyOptions(opts...)
return out, req.Send()
}
const opCreateOrganization = "CreateOrganization"
// CreateOrganizationRequest generates a "aws/request.Request" representing the
// client's request for the CreateOrganization operation. The "output" return
// value will be populated with the request's response once the request completes
// successfuly.
//
// Use "Send" method on the returned Request to send the API call to the service.
// the "output" return value is not valid until after Send returns without error.
//
// See CreateOrganization for more information on using the CreateOrganization
// API call, and error handling.
//
// This method is useful when you want to inject custom logic or configuration
// into the SDK's request lifecycle. Such as custom headers, or retry logic.
//
//
// // Example sending a request using the CreateOrganizationRequest method.
// req, resp := client.CreateOrganizationRequest(params)
//
// err := req.Send()
// if err == nil { // resp is now filled
// fmt.Println(resp)
// }
//
// See also, https://docs.aws.amazon.com/goto/WebAPI/organizations-2016-11-28/CreateOrganization
func (c *Organizations) CreateOrganizationRequest(input *CreateOrganizationInput) (req *request.Request, output *CreateOrganizationOutput) {
op := &request.Operation{
Name: opCreateOrganization,
HTTPMethod: "POST",
HTTPPath: "/",
}
if input == nil {
input = &CreateOrganizationInput{}
}
output = &CreateOrganizationOutput{}
req = c.newRequest(op, input, output)
return
}
// CreateOrganization API operation for AWS Organizations.
//
// Creates an AWS organization. The account whose user is calling the CreateOrganization
// operation automatically becomes the master account (http://docs.aws.amazon.com/IAM/latest/UserGuide/orgs_getting-started_concepts.html#account)
// of the new organization.
//
// This operation must be called using credentials from the account that is
// to become the new organization's master account. The principal must also
// have the relevant IAM permissions.
//
// By default (or if you set the FeatureSet parameter to ALL), the new organization
// is created with all features enabled and service control policies automatically
// enabled in the root. If you instead choose to create the organization supporting
// only the consolidated billing features by setting the FeatureSet parameter
// to CONSOLIDATED_BILLING", then no policy types are enabled by default and
// you cannot use organization policies.
//
// Returns awserr.Error for service API and SDK errors. Use runtime type assertions
// with awserr.Error's Code and Message methods to get detailed information about
// the error.
//
// See the AWS API reference guide for AWS Organizations's
// API operation CreateOrganization for usage and error information.
//
// Returned Error Codes:
// * ErrCodeAccessDeniedException "AccessDeniedException"
// You don't have permissions to perform the requested operation. The user or
// role that is making the request must have at least one IAM permissions policy
// attached that grants the required permissions. For more information, see
// Access Management (http://docs.aws.amazon.com/IAM/latest/UserGuide/access.html)
// in the IAM User Guide.
//
// * ErrCodeAlreadyInOrganizationException "AlreadyInOrganizationException"
// This account is already a member of an organization. An account can belong
// to only one organization at a time.
//
// * ErrCodeConcurrentModificationException "ConcurrentModificationException"
// The target of the operation is currently being modified by a different request.
// Try again later.
//
// * ErrCodeConstraintViolationException "ConstraintViolationException"
// Performing this operation violates a minimum or maximum value limit. For
// example, attempting to removing the last SCP from an OU or root, inviting
// or creating too many accounts to the organization, or attaching too many
// policies to an account, OU, or root. This exception includes a reason that
// contains additional information about the violated limit:
//
// Some of the reasons in the following list might not be applicable to this
// specific API or operation:
//
// ACCOUNT_NUMBER_LIMIT_EXCEEDED: You attempted to exceed the limit on the number
// of accounts in an organization. If you need more accounts, contact AWS Support
// to request an increase in your limit.
//
// Or, The number of invitations that you tried to send would cause you to exceed
// the limit of accounts in your organization. Send fewer invitations, or contact
// AWS Support to request an increase in the number of accounts.
//
// Note: deleted and closed accounts still count toward your limit.
//
// If you get an exception that indicates that you exceeded your account limits
// for the organization or that you can"t add an account because your organization
// is still initializing, please contact AWS Customer Support (https://console.aws.amazon.com/support/home#/).
//
// * HANDSHAKE_RATE_LIMIT_EXCEEDED: You attempted to exceed the number of
// handshakes you can send in one day.
//
// * OU_NUMBER_LIMIT_EXCEEDED: You attempted to exceed the number of organizational
// units you can have in an organization.
//
// * OU_DEPTH_LIMIT_EXCEEDED: You attempted to create an organizational unit
// tree that is too many levels deep.
//
// * POLICY_NUMBER_LIMIT_EXCEEDED. You attempted to exceed the number of
// policies that you can have in an organization.
//
// * MAX_POLICY_TYPE_ATTACHMENT_LIMIT_EXCEEDED: You attempted to exceed the
// number of policies of a certain type that can be attached to an entity
// at one time.
//
// * MIN_POLICY_TYPE_ATTACHMENT_LIMIT_EXCEEDED: You attempted to detach a
// policy from an entity that would cause the entity to have fewer than the
// minimum number of policies of a certain type required.
//
// * ACCOUNT_CANNOT_LEAVE_WITHOUT_EULA: You attempted to remove an account
// from the organization that does not yet have enough information to exist
// as a stand-alone account. This account requires you to first agree to
// the AWS Customer Agreement. Follow the steps at To leave an organization
// when all required account information has not yet been provided (http://docs.aws.amazon.com/organizations/latest/userguide/orgs_manage_accounts_remove.html#leave-without-all-info)
// in the AWS Organizations User Guide.
//
// * ACCOUNT_CANNOT_LEAVE_WITHOUT_PHONE_VERIFICATION: You attempted to remove
// an account from the organization that does not yet have enough information
// to exist as a stand-alone account. This account requires you to first
// complete phone verification. Follow the steps at To leave an organization
// when all required account information has not yet been provided (http://docs.aws.amazon.com/organizations/latest/userguide/orgs_manage_accounts_remove.html#leave-without-all-info)
// in the AWS Organizations User Guide.
//
// * MASTER_ACCOUNT_PAYMENT_INSTRUMENT_REQUIRED: To create an organization
// with this account, you first must associate a payment instrument, such
// as a credit card, with the account. Follow the steps at To leave an organization
// when all required account information has not yet been provided (http://docs.aws.amazon.com/organizations/latest/userguide/orgs_manage_accounts_remove.html#leave-without-all-info)
// in the AWS Organizations User Guide.
//
// * MEMBER_ACCOUNT_PAYMENT_INSTRUMENT_REQUIRED: To complete this operation
// with this member account, you first must associate a payment instrument,
// such as a credit card, with the account. Follow the steps at To leave
// an organization when all required account information has not yet been
// provided (http://docs.aws.amazon.com/organizations/latest/userguide/orgs_manage_accounts_remove.html#leave-without-all-info)
// in the AWS Organizations User Guide.
//
// * ACCOUNT_CREATION_RATE_LIMIT_EXCEEDED: You attempted to exceed the number
// of accounts that you can create in one day.
//
// * MASTER_ACCOUNT_ADDRESS_DOES_NOT_MATCH_MARKETPLACE: To create an account
// in this organization, you first must migrate the organization's master
// account to the marketplace that corresponds to the master account's address.
// For example, accounts with India addresses must be associated with the
// AISPL marketplace. All accounts in an organization must be associated
// with the same marketplace.
//
// * MASTER_ACCOUNT_MISSING_CONTACT_INFO: To complete this operation, you
// must first provide contact a valid address and phone number for the master
// account. Then try the operation again.
//
// * ErrCodeInvalidInputException "InvalidInputException"
// The requested operation failed because you provided invalid values for one
// or more of the request parameters. This exception includes a reason that
// contains additional information about the violated limit:
//
// Some of the reasons in the following list might not be applicable to this
// specific API or operation:
//
// * IMMUTABLE_POLICY: You specified a policy that is managed by AWS and
// cannot be modified.
//
// * INPUT_REQUIRED: You must include a value for all required parameters.
//
// * INVALID_ENUM: You specified a value that is not valid for that parameter.
//
// * INVALID_FULL_NAME_TARGET: You specified a full name that contains invalid
// characters.
//
// * INVALID_LIST_MEMBER: You provided a list to a parameter that contains
// at least one invalid value.
//
// * INVALID_PARTY_TYPE_TARGET: You specified the wrong type of entity (account,
// organization, or email) as a party.
//
// * INVALID_PAGINATION_TOKEN: Get the value for the NextToken parameter
// from the response to a previous call of the operation.
//
// * INVALID_PATTERN: You provided a value that doesn't match the required
// pattern.
//
// * INVALID_PATTERN_TARGET_ID: You specified a policy target ID that doesn't
// match the required pattern.
//
// * INVALID_ROLE_NAME: You provided a role name that is not valid. A role
// name can’t begin with the reserved prefix 'AWSServiceRoleFor'.
//
// * INVALID_SYNTAX_ORGANIZATION_ARN: You specified an invalid ARN for the
// organization.
//
// * INVALID_SYNTAX_POLICY_ID: You specified an invalid policy ID.
//
// * MAX_FILTER_LIMIT_EXCEEDED: You can specify only one filter parameter
// for the operation.
//
// * MAX_LENGTH_EXCEEDED: You provided a string parameter that is longer
// than allowed.
//
// * MAX_VALUE_EXCEEDED: You provided a numeric parameter that has a larger
// value than allowed.
//
// * MIN_LENGTH_EXCEEDED: You provided a string parameter that is shorter
// than allowed.
//
// * MIN_VALUE_EXCEEDED: You provided a numeric parameter that has a smaller
// value than allowed.
//
// * MOVING_ACCOUNT_BETWEEN_DIFFERENT_ROOTS: You can move an account only
// between entities in the same root.
//
// * ErrCodeServiceException "ServiceException"
// AWS Organizations can't complete your request because of an internal service
// error. Try again later.
//
// * ErrCodeTooManyRequestsException "TooManyRequestsException"
// You've sent too many requests in too short a period of time. The limit helps
// protect against denial-of-service attacks. Try again later.
//
// * ErrCodeAccessDeniedForDependencyException "AccessDeniedForDependencyException"
// The operation you attempted requires you to have the iam:CreateServiceLinkedRole
// so that Organizations can create the required service-linked role. You do
// not have that permission.
//
// See also, https://docs.aws.amazon.com/goto/WebAPI/organizations-2016-11-28/CreateOrganization
func (c *Organizations) CreateOrganization(input *CreateOrganizationInput) (*CreateOrganizationOutput, error) {
req, out := c.CreateOrganizationRequest(input)
return out, req.Send()
}
// CreateOrganizationWithContext is the same as CreateOrganization with the addition of
// the ability to pass a context and additional request options.
//
// See CreateOrganization for details on how to use this API operation.
//
// The context must be non-nil and will be used for request cancellation. If
// the context is nil a panic will occur. In the future the SDK may create
// sub-contexts for http.Requests. See https://golang.org/pkg/context/
// for more information on using Contexts.
func (c *Organizations) CreateOrganizationWithContext(ctx aws.Context, input *CreateOrganizationInput, opts ...request.Option) (*CreateOrganizationOutput, error) {
req, out := c.CreateOrganizationRequest(input)
req.SetContext(ctx)
req.ApplyOptions(opts...)
return out, req.Send()
}
const opCreateOrganizationalUnit = "CreateOrganizationalUnit"
// CreateOrganizationalUnitRequest generates a "aws/request.Request" representing the
// client's request for the CreateOrganizationalUnit operation. The "output" return
// value will be populated with the request's response once the request completes
// successfuly.
//
// Use "Send" method on the returned Request to send the API call to the service.
// the "output" return value is not valid until after Send returns without error.
//
// See CreateOrganizationalUnit for more information on using the CreateOrganizationalUnit
// API call, and error handling.
//
// This method is useful when you want to inject custom logic or configuration
// into the SDK's request lifecycle. Such as custom headers, or retry logic.
//
//
// // Example sending a request using the CreateOrganizationalUnitRequest method.
// req, resp := client.CreateOrganizationalUnitRequest(params)
//
// err := req.Send()
// if err == nil { // resp is now filled
// fmt.Println(resp)
// }
//
// See also, https://docs.aws.amazon.com/goto/WebAPI/organizations-2016-11-28/CreateOrganizationalUnit
func (c *Organizations) CreateOrganizationalUnitRequest(input *CreateOrganizationalUnitInput) (req *request.Request, output *CreateOrganizationalUnitOutput) {
op := &request.Operation{
Name: opCreateOrganizationalUnit,
HTTPMethod: "POST",
HTTPPath: "/",
}
if input == nil {
input = &CreateOrganizationalUnitInput{}
}
output = &CreateOrganizationalUnitOutput{}
req = c.newRequest(op, input, output)
return
}
// CreateOrganizationalUnit API operation for AWS Organizations.
//
// Creates an organizational unit (OU) within a root or parent OU. An OU is
// a container for accounts that enables you to organize your accounts to apply
// policies according to your business requirements. The number of levels deep
// that you can nest OUs is dependent upon the policy types enabled for that
// root. For service control policies, the limit is five.
//
// For more information about OUs, see Managing Organizational Units (http://docs.aws.amazon.com/organizations/latest/userguide/orgs_manage_ous.html)
// in the AWS Organizations User Guide.
//
// This operation can be called only from the organization's master account.
//
// Returns awserr.Error for service API and SDK errors. Use runtime type assertions
// with awserr.Error's Code and Message methods to get detailed information about
// the error.
//
// See the AWS API reference guide for AWS Organizations's
// API operation CreateOrganizationalUnit for usage and error information.
//
// Returned Error Codes:
// * ErrCodeAccessDeniedException "AccessDeniedException"
// You don't have permissions to perform the requested operation. The user or
// role that is making the request must have at least one IAM permissions policy
// attached that grants the required permissions. For more information, see
// Access Management (http://docs.aws.amazon.com/IAM/latest/UserGuide/access.html)
// in the IAM User Guide.
//
// * ErrCodeAWSOrganizationsNotInUseException "AWSOrganizationsNotInUseException"
// Your account is not a member of an organization. To make this request, you
// must use the credentials of an account that belongs to an organization.
//
// * ErrCodeConcurrentModificationException "ConcurrentModificationException"
// The target of the operation is currently being modified by a different request.
// Try again later.
//
// * ErrCodeConstraintViolationException "ConstraintViolationException"
// Performing this operation violates a minimum or maximum value limit. For
// example, attempting to removing the last SCP from an OU or root, inviting
// or creating too many accounts to the organization, or attaching too many
// policies to an account, OU, or root. This exception includes a reason that
// contains additional information about the violated limit:
//
// Some of the reasons in the following list might not be applicable to this
// specific API or operation:
//
// ACCOUNT_NUMBER_LIMIT_EXCEEDED: You attempted to exceed the limit on the number
// of accounts in an organization. If you need more accounts, contact AWS Support
// to request an increase in your limit.
//
// Or, The number of invitations that you tried to send would cause you to exceed
// the limit of accounts in your organization. Send fewer invitations, or contact
// AWS Support to request an increase in the number of accounts.
//
// Note: deleted and closed accounts still count toward your limit.
//
// If you get an exception that indicates that you exceeded your account limits
// for the organization or that you can"t add an account because your organization
// is still initializing, please contact AWS Customer Support (https://console.aws.amazon.com/support/home#/).
//
// * HANDSHAKE_RATE_LIMIT_EXCEEDED: You attempted to exceed the number of
// handshakes you can send in one day.
//
// * OU_NUMBER_LIMIT_EXCEEDED: You attempted to exceed the number of organizational
// units you can have in an organization.
//
// * OU_DEPTH_LIMIT_EXCEEDED: You attempted to create an organizational unit
// tree that is too many levels deep.
//
// * POLICY_NUMBER_LIMIT_EXCEEDED. You attempted to exceed the number of
// policies that you can have in an organization.
//
// * MAX_POLICY_TYPE_ATTACHMENT_LIMIT_EXCEEDED: You attempted to exceed the
// number of policies of a certain type that can be attached to an entity
// at one time.
//
// * MIN_POLICY_TYPE_ATTACHMENT_LIMIT_EXCEEDED: You attempted to detach a
// policy from an entity that would cause the entity to have fewer than the
// minimum number of policies of a certain type required.
//
// * ACCOUNT_CANNOT_LEAVE_WITHOUT_EULA: You attempted to remove an account
// from the organization that does not yet have enough information to exist
// as a stand-alone account. This account requires you to first agree to
// the AWS Customer Agreement. Follow the steps at To leave an organization
// when all required account information has not yet been provided (http://docs.aws.amazon.com/organizations/latest/userguide/orgs_manage_accounts_remove.html#leave-without-all-info)
// in the AWS Organizations User Guide.
//
// * ACCOUNT_CANNOT_LEAVE_WITHOUT_PHONE_VERIFICATION: You attempted to remove
// an account from the organization that does not yet have enough information
// to exist as a stand-alone account. This account requires you to first
// complete phone verification. Follow the steps at To leave an organization
// when all required account information has not yet been provided (http://docs.aws.amazon.com/organizations/latest/userguide/orgs_manage_accounts_remove.html#leave-without-all-info)
// in the AWS Organizations User Guide.
//
// * MASTER_ACCOUNT_PAYMENT_INSTRUMENT_REQUIRED: To create an organization
// with this account, you first must associate a payment instrument, such
// as a credit card, with the account. Follow the steps at To leave an organization
// when all required account information has not yet been provided (http://docs.aws.amazon.com/organizations/latest/userguide/orgs_manage_accounts_remove.html#leave-without-all-info)
// in the AWS Organizations User Guide.
//
// * MEMBER_ACCOUNT_PAYMENT_INSTRUMENT_REQUIRED: To complete this operation
// with this member account, you first must associate a payment instrument,
// such as a credit card, with the account. Follow the steps at To leave
// an organization when all required account information has not yet been
// provided (http://docs.aws.amazon.com/organizations/latest/userguide/orgs_manage_accounts_remove.html#leave-without-all-info)
// in the AWS Organizations User Guide.
//
// * ACCOUNT_CREATION_RATE_LIMIT_EXCEEDED: You attempted to exceed the number
// of accounts that you can create in one day.
//
// * MASTER_ACCOUNT_ADDRESS_DOES_NOT_MATCH_MARKETPLACE: To create an account
// in this organization, you first must migrate the organization's master
// account to the marketplace that corresponds to the master account's address.
// For example, accounts with India addresses must be associated with the
// AISPL marketplace. All accounts in an organization must be associated
// with the same marketplace.
//
// * MASTER_ACCOUNT_MISSING_CONTACT_INFO: To complete this operation, you
// must first provide contact a valid address and phone number for the master
// account. Then try the operation again.
//
// * ErrCodeDuplicateOrganizationalUnitException "DuplicateOrganizationalUnitException"
// An organizational unit (OU) with the same name already exists.
//
// * ErrCodeInvalidInputException "InvalidInputException"
// The requested operation failed because you provided invalid values for one
// or more of the request parameters. This exception includes a reason that
// contains additional information about the violated limit:
//
// Some of the reasons in the following list might not be applicable to this
// specific API or operation:
//
// * IMMUTABLE_POLICY: You specified a policy that is managed by AWS and
// cannot be modified.
//
// * INPUT_REQUIRED: You must include a value for all required parameters.
//
// * INVALID_ENUM: You specified a value that is not valid for that parameter.
//
// * INVALID_FULL_NAME_TARGET: You specified a full name that contains invalid
// characters.
//
// * INVALID_LIST_MEMBER: You provided a list to a parameter that contains
// at least one invalid value.
//
// * INVALID_PARTY_TYPE_TARGET: You specified the wrong type of entity (account,
// organization, or email) as a party.
//
// * INVALID_PAGINATION_TOKEN: Get the value for the NextToken parameter
// from the response to a previous call of the operation.
//
// * INVALID_PATTERN: You provided a value that doesn't match the required
// pattern.
//
// * INVALID_PATTERN_TARGET_ID: You specified a policy target ID that doesn't
// match the required pattern.
//
// * INVALID_ROLE_NAME: You provided a role name that is not valid. A role
// name can’t begin with the reserved prefix 'AWSServiceRoleFor'.
//
// * INVALID_SYNTAX_ORGANIZATION_ARN: You specified an invalid ARN for the
// organization.
//
// * INVALID_SYNTAX_POLICY_ID: You specified an invalid policy ID.
//
// * MAX_FILTER_LIMIT_EXCEEDED: You can specify only one filter parameter
// for the operation.
//
// * MAX_LENGTH_EXCEEDED: You provided a string parameter that is longer
// than allowed.
//
// * MAX_VALUE_EXCEEDED: You provided a numeric parameter that has a larger
// value than allowed.
//
// * MIN_LENGTH_EXCEEDED: You provided a string parameter that is shorter
// than allowed.
//
// * MIN_VALUE_EXCEEDED: You provided a numeric parameter that has a smaller
// value than allowed.
//
// * MOVING_ACCOUNT_BETWEEN_DIFFERENT_ROOTS: You can move an account only
// between entities in the same root.
//
// * ErrCodeParentNotFoundException "ParentNotFoundException"
// We can't find a root or organizational unit (OU) with the ParentId that you
// specified.
//
// * ErrCodeServiceException "ServiceException"
// AWS Organizations can't complete your request because of an internal service
// error. Try again later.
//
// * ErrCodeTooManyRequestsException "TooManyRequestsException"
// You've sent too many requests in too short a period of time. The limit helps
// protect against denial-of-service attacks. Try again later.
//
// See also, https://docs.aws.amazon.com/goto/WebAPI/organizations-2016-11-28/CreateOrganizationalUnit
func (c *Organizations) CreateOrganizationalUnit(input *CreateOrganizationalUnitInput) (*CreateOrganizationalUnitOutput, error) {
req, out := c.CreateOrganizationalUnitRequest(input)
return out, req.Send()
}
// CreateOrganizationalUnitWithContext is the same as CreateOrganizationalUnit with the addition of
// the ability to pass a context and additional request options.
//
// See CreateOrganizationalUnit for details on how to use this API operation.
//
// The context must be non-nil and will be used for request cancellation. If
// the context is nil a panic will occur. In the future the SDK may create
// sub-contexts for http.Requests. See https://golang.org/pkg/context/
// for more information on using Contexts.
func (c *Organizations) CreateOrganizationalUnitWithContext(ctx aws.Context, input *CreateOrganizationalUnitInput, opts ...request.Option) (*CreateOrganizationalUnitOutput, error) {
req, out := c.CreateOrganizationalUnitRequest(input)
req.SetContext(ctx)
req.ApplyOptions(opts...)
return out, req.Send()
}
const opCreatePolicy = "CreatePolicy"
// CreatePolicyRequest generates a "aws/request.Request" representing the
// client's request for the CreatePolicy operation. The "output" return
// value will be populated with the request's response once the request completes
// successfuly.
//
// Use "Send" method on the returned Request to send the API call to the service.
// the "output" return value is not valid until after Send returns without error.
//
// See CreatePolicy for more information on using the CreatePolicy
// API call, and error handling.
//
// This method is useful when you want to inject custom logic or configuration
// into the SDK's request lifecycle. Such as custom headers, or retry logic.
//
//
// // Example sending a request using the CreatePolicyRequest method.
// req, resp := client.CreatePolicyRequest(params)
//
// err := req.Send()
// if err == nil { // resp is now filled
// fmt.Println(resp)
// }
//
// See also, https://docs.aws.amazon.com/goto/WebAPI/organizations-2016-11-28/CreatePolicy
func (c *Organizations) CreatePolicyRequest(input *CreatePolicyInput) (req *request.Request, output *CreatePolicyOutput) {
op := &request.Operation{
Name: opCreatePolicy,
HTTPMethod: "POST",
HTTPPath: "/",
}
if input == nil {
input = &CreatePolicyInput{}
}
output = &CreatePolicyOutput{}
req = c.newRequest(op, input, output)
return
}
// CreatePolicy API operation for AWS Organizations.
//
// Creates a policy of a specified type that you can attach to a root, an organizational
// unit (OU), or an individual AWS account.
//
// For more information about policies and their use, see Managing Organization
// Policies (http://docs.aws.amazon.com/organizations/latest/userguide/orgs_manage_policies.html).
//
// This operation can be called only from the organization's master account.
//
// Returns awserr.Error for service API and SDK errors. Use runtime type assertions
// with awserr.Error's Code and Message methods to get detailed information about
// the error.
//
// See the AWS API reference guide for AWS Organizations's
// API operation CreatePolicy for usage and error information.
//
// Returned Error Codes:
// * ErrCodeAccessDeniedException "AccessDeniedException"
// You don't have permissions to perform the requested operation. The user or
// role that is making the request must have at least one IAM permissions policy
// attached that grants the required permissions. For more information, see
// Access Management (http://docs.aws.amazon.com/IAM/latest/UserGuide/access.html)
// in the IAM User Guide.
//
// * ErrCodeAWSOrganizationsNotInUseException "AWSOrganizationsNotInUseException"
// Your account is not a member of an organization. To make this request, you
// must use the credentials of an account that belongs to an organization.
//
// * ErrCodeConcurrentModificationException "ConcurrentModificationException"
// The target of the operation is currently being modified by a different request.
// Try again later.
//
// * ErrCodeConstraintViolationException "ConstraintViolationException"
// Performing this operation violates a minimum or maximum value limit. For
// example, attempting to removing the last SCP from an OU or root, inviting
// or creating too many accounts to the organization, or attaching too many
// policies to an account, OU, or root. This exception includes a reason that
// contains additional information about the violated limit:
//
// Some of the reasons in the following list might not be applicable to this
// specific API or operation:
//
// ACCOUNT_NUMBER_LIMIT_EXCEEDED: You attempted to exceed the limit on the number
// of accounts in an organization. If you need more accounts, contact AWS Support
// to request an increase in your limit.
//
// Or, The number of invitations that you tried to send would cause you to exceed
// the limit of accounts in your organization. Send fewer invitations, or contact
// AWS Support to request an increase in the number of accounts.
//
// Note: deleted and closed accounts still count toward your limit.
//
// If you get an exception that indicates that you exceeded your account limits
// for the organization or that you can"t add an account because your organization
// is still initializing, please contact AWS Customer Support (https://console.aws.amazon.com/support/home#/).
//
// * HANDSHAKE_RATE_LIMIT_EXCEEDED: You attempted to exceed the number of
// handshakes you can send in one day.
//
// * OU_NUMBER_LIMIT_EXCEEDED: You attempted to exceed the number of organizational
// units you can have in an organization.
//
// * OU_DEPTH_LIMIT_EXCEEDED: You attempted to create an organizational unit
// tree that is too many levels deep.
//
// * POLICY_NUMBER_LIMIT_EXCEEDED. You attempted to exceed the number of
// policies that you can have in an organization.
//
// * MAX_POLICY_TYPE_ATTACHMENT_LIMIT_EXCEEDED: You attempted to exceed the
// number of policies of a certain type that can be attached to an entity
// at one time.
//
// * MIN_POLICY_TYPE_ATTACHMENT_LIMIT_EXCEEDED: You attempted to detach a
// policy from an entity that would cause the entity to have fewer than the
// minimum number of policies of a certain type required.
//
// * ACCOUNT_CANNOT_LEAVE_WITHOUT_EULA: You attempted to remove an account
// from the organization that does not yet have enough information to exist
// as a stand-alone account. This account requires you to first agree to
// the AWS Customer Agreement. Follow the steps at To leave an organization
// when all required account information has not yet been provided (http://docs.aws.amazon.com/organizations/latest/userguide/orgs_manage_accounts_remove.html#leave-without-all-info)
// in the AWS Organizations User Guide.
//
// * ACCOUNT_CANNOT_LEAVE_WITHOUT_PHONE_VERIFICATION: You attempted to remove
// an account from the organization that does not yet have enough information
// to exist as a stand-alone account. This account requires you to first
// complete phone verification. Follow the steps at To leave an organization
// when all required account information has not yet been provided (http://docs.aws.amazon.com/organizations/latest/userguide/orgs_manage_accounts_remove.html#leave-without-all-info)
// in the AWS Organizations User Guide.
//
// * MASTER_ACCOUNT_PAYMENT_INSTRUMENT_REQUIRED: To create an organization
// with this account, you first must associate a payment instrument, such
// as a credit card, with the account. Follow the steps at To leave an organization
// when all required account information has not yet been provided (http://docs.aws.amazon.com/organizations/latest/userguide/orgs_manage_accounts_remove.html#leave-without-all-info)
// in the AWS Organizations User Guide.
//
// * MEMBER_ACCOUNT_PAYMENT_INSTRUMENT_REQUIRED: To complete this operation
// with this member account, you first must associate a payment instrument,
// such as a credit card, with the account. Follow the steps at To leave
// an organization when all required account information has not yet been
// provided (http://docs.aws.amazon.com/organizations/latest/userguide/orgs_manage_accounts_remove.html#leave-without-all-info)
// in the AWS Organizations User Guide.
//
// * ACCOUNT_CREATION_RATE_LIMIT_EXCEEDED: You attempted to exceed the number
// of accounts that you can create in one day.
//
// * MASTER_ACCOUNT_ADDRESS_DOES_NOT_MATCH_MARKETPLACE: To create an account
// in this organization, you first must migrate the organization's master
// account to the marketplace that corresponds to the master account's address.
// For example, accounts with India addresses must be associated with the
// AISPL marketplace. All accounts in an organization must be associated
// with the same marketplace.
//
// * MASTER_ACCOUNT_MISSING_CONTACT_INFO: To complete this operation, you
// must first provide contact a valid address and phone number for the master
// account. Then try the operation again.
//
// * ErrCodeDuplicatePolicyException "DuplicatePolicyException"
// A policy with the same name already exists.
//
// * ErrCodeInvalidInputException "InvalidInputException"
// The requested operation failed because you provided invalid values for one
// or more of the request parameters. This exception includes a reason that
// contains additional information about the violated limit:
//
// Some of the reasons in the following list might not be applicable to this
// specific API or operation:
//
// * IMMUTABLE_POLICY: You specified a policy that is managed by AWS and
// cannot be modified.
//
// * INPUT_REQUIRED: You must include a value for all required parameters.
//
// * INVALID_ENUM: You specified a value that is not valid for that parameter.
//
// * INVALID_FULL_NAME_TARGET: You specified a full name that contains invalid
// characters.
//
// * INVALID_LIST_MEMBER: You provided a list to a parameter that contains
// at least one invalid value.
//
// * INVALID_PARTY_TYPE_TARGET: You specified the wrong type of entity (account,
// organization, or email) as a party.
//
// * INVALID_PAGINATION_TOKEN: Get the value for the NextToken parameter
// from the response to a previous call of the operation.
//
// * INVALID_PATTERN: You provided a value that doesn't match the required
// pattern.
//
// * INVALID_PATTERN_TARGET_ID: You specified a policy target ID that doesn't
// match the required pattern.
//
// * INVALID_ROLE_NAME: You provided a role name that is not valid. A role
// name can’t begin with the reserved prefix 'AWSServiceRoleFor'.
//
// * INVALID_SYNTAX_ORGANIZATION_ARN: You specified an invalid ARN for the
// organization.
//
// * INVALID_SYNTAX_POLICY_ID: You specified an invalid policy ID.
//
// * MAX_FILTER_LIMIT_EXCEEDED: You can specify only one filter parameter
// for the operation.
//
// * MAX_LENGTH_EXCEEDED: You provided a string parameter that is longer
// than allowed.
//
// * MAX_VALUE_EXCEEDED: You provided a numeric parameter that has a larger
// value than allowed.
//
// * MIN_LENGTH_EXCEEDED: You provided a string parameter that is shorter
// than allowed.
//
// * MIN_VALUE_EXCEEDED: You provided a numeric parameter that has a smaller
// value than allowed.
//
// * MOVING_ACCOUNT_BETWEEN_DIFFERENT_ROOTS: You can move an account only
// between entities in the same root.
//
// * ErrCodeMalformedPolicyDocumentException "MalformedPolicyDocumentException"
// The provided policy document does not meet the requirements of the specified
// policy type. For example, the syntax might be incorrect. For details about
// service control policy syntax, see Service Control Policy Syntax (http://docs.aws.amazon.com/organizations/latest/userguide/orgs_reference_scp-syntax.html)
// in the AWS Organizations User Guide.
//
// * ErrCodePolicyTypeNotAvailableForOrganizationException "PolicyTypeNotAvailableForOrganizationException"
// You can't use the specified policy type with the feature set currently enabled
// for this organization. For example, you can enable service control policies
// (SCPs) only after you enable all features in the organization. For more information,
// see Enabling and Disabling a Policy Type on a Root (http://docs.aws.amazon.com/organizations/latest/userguide/orgs_manage_policies.html#enable_policies_on_root)
// in the AWS Organizations User Guide.
//
// * ErrCodeServiceException "ServiceException"
// AWS Organizations can't complete your request because of an internal service
// error. Try again later.
//
// * ErrCodeTooManyRequestsException "TooManyRequestsException"
// You've sent too many requests in too short a period of time. The limit helps
// protect against denial-of-service attacks. Try again later.
//
// See also, https://docs.aws.amazon.com/goto/WebAPI/organizations-2016-11-28/CreatePolicy
func (c *Organizations) CreatePolicy(input *CreatePolicyInput) (*CreatePolicyOutput, error) {
req, out := c.CreatePolicyRequest(input)
return out, req.Send()
}
// CreatePolicyWithContext is the same as CreatePolicy with the addition of
// the ability to pass a context and additional request options.
//
// See CreatePolicy for details on how to use this API operation.
//
// The context must be non-nil and will be used for request cancellation. If
// the context is nil a panic will occur. In the future the SDK may create
// sub-contexts for http.Requests. See https://golang.org/pkg/context/
// for more information on using Contexts.
func (c *Organizations) CreatePolicyWithContext(ctx aws.Context, input *CreatePolicyInput, opts ...request.Option) (*CreatePolicyOutput, error) {
req, out := c.CreatePolicyRequest(input)
req.SetContext(ctx)
req.ApplyOptions(opts...)
return out, req.Send()
}
const opDeclineHandshake = "DeclineHandshake"
// DeclineHandshakeRequest generates a "aws/request.Request" representing the
// client's request for the DeclineHandshake operation. The "output" return
// value will be populated with the request's response once the request completes
// successfuly.
//
// Use "Send" method on the returned Request to send the API call to the service.
// the "output" return value is not valid until after Send returns without error.
//
// See DeclineHandshake for more information on using the DeclineHandshake
// API call, and error handling.
//
// This method is useful when you want to inject custom logic or configuration
// into the SDK's request lifecycle. Such as custom headers, or retry logic.
//
//
// // Example sending a request using the DeclineHandshakeRequest method.
// req, resp := client.DeclineHandshakeRequest(params)
//
// err := req.Send()
// if err == nil { // resp is now filled
// fmt.Println(resp)
// }
//
// See also, https://docs.aws.amazon.com/goto/WebAPI/organizations-2016-11-28/DeclineHandshake
func (c *Organizations) DeclineHandshakeRequest(input *DeclineHandshakeInput) (req *request.Request, output *DeclineHandshakeOutput) {
op := &request.Operation{
Name: opDeclineHandshake,
HTTPMethod: "POST",
HTTPPath: "/",
}
if input == nil {
input = &DeclineHandshakeInput{}
}
output = &DeclineHandshakeOutput{}
req = c.newRequest(op, input, output)
return
}
// DeclineHandshake API operation for AWS Organizations.
//
// Declines a handshake request. This sets the handshake state to DECLINED and
// effectively deactivates the request.
//
// This operation can be called only from the account that received the handshake.
// The originator of the handshake can use CancelHandshake instead. The originator
// can't reactivate a declined request, but can re-initiate the process with
// a new handshake request.
//
// After you decline a handshake, it continues to appear in the results of relevant
// APIs for only 30 days. After that it is deleted.
//
// Returns awserr.Error for service API and SDK errors. Use runtime type assertions
// with awserr.Error's Code and Message methods to get detailed information about
// the error.
//
// See the AWS API reference guide for AWS Organizations's
// API operation DeclineHandshake for usage and error information.
//
// Returned Error Codes:
// * ErrCodeAccessDeniedException "AccessDeniedException"
// You don't have permissions to perform the requested operation. The user or
// role that is making the request must have at least one IAM permissions policy
// attached that grants the required permissions. For more information, see
// Access Management (http://docs.aws.amazon.com/IAM/latest/UserGuide/access.html)
// in the IAM User Guide.
//
// * ErrCodeConcurrentModificationException "ConcurrentModificationException"
// The target of the operation is currently being modified by a different request.
// Try again later.
//
// * ErrCodeHandshakeNotFoundException "HandshakeNotFoundException"
// We can't find a handshake with the HandshakeId that you specified.
//
// * ErrCodeInvalidHandshakeTransitionException "InvalidHandshakeTransitionException"
// You can't perform the operation on the handshake in its current state. For
// example, you can't cancel a handshake that was already accepted, or accept
// a handshake that was already declined.
//
// * ErrCodeHandshakeAlreadyInStateException "HandshakeAlreadyInStateException"
// The specified handshake is already in the requested state. For example, you
// can't accept a handshake that was already accepted.
//
// * ErrCodeInvalidInputException "InvalidInputException"
// The requested operation failed because you provided invalid values for one
// or more of the request parameters. This exception includes a reason that
// contains additional information about the violated limit:
//
// Some of the reasons in the following list might not be applicable to this
// specific API or operation:
//
// * IMMUTABLE_POLICY: You specified a policy that is managed by AWS and
// cannot be modified.
//
// * INPUT_REQUIRED: You must include a value for all required parameters.
//
// * INVALID_ENUM: You specified a value that is not valid for that parameter.
//
// * INVALID_FULL_NAME_TARGET: You specified a full name that contains invalid
// characters.
//
// * INVALID_LIST_MEMBER: You provided a list to a parameter that contains
// at least one invalid value.
//
// * INVALID_PARTY_TYPE_TARGET: You specified the wrong type of entity (account,
// organization, or email) as a party.
//
// * INVALID_PAGINATION_TOKEN: Get the value for the NextToken parameter
// from the response to a previous call of the operation.
//
// * INVALID_PATTERN: You provided a value that doesn't match the required
// pattern.
//
// * INVALID_PATTERN_TARGET_ID: You specified a policy target ID that doesn't
// match the required pattern.
//
// * INVALID_ROLE_NAME: You provided a role name that is not valid. A role
// name can’t begin with the reserved prefix 'AWSServiceRoleFor'.
//
// * INVALID_SYNTAX_ORGANIZATION_ARN: You specified an invalid ARN for the
// organization.
//
// * INVALID_SYNTAX_POLICY_ID: You specified an invalid policy ID.
//
// * MAX_FILTER_LIMIT_EXCEEDED: You can specify only one filter parameter
// for the operation.
//
// * MAX_LENGTH_EXCEEDED: You provided a string parameter that is longer
// than allowed.
//
// * MAX_VALUE_EXCEEDED: You provided a numeric parameter that has a larger
// value than allowed.
//
// * MIN_LENGTH_EXCEEDED: You provided a string parameter that is shorter
// than allowed.
//
// * MIN_VALUE_EXCEEDED: You provided a numeric parameter that has a smaller
// value than allowed.
//
// * MOVING_ACCOUNT_BETWEEN_DIFFERENT_ROOTS: You can move an account only
// between entities in the same root.
//
// * ErrCodeServiceException "ServiceException"
// AWS Organizations can't complete your request because of an internal service
// error. Try again later.
//
// * ErrCodeTooManyRequestsException "TooManyRequestsException"
// You've sent too many requests in too short a period of time. The limit helps
// protect against denial-of-service attacks. Try again later.
//
// See also, https://docs.aws.amazon.com/goto/WebAPI/organizations-2016-11-28/DeclineHandshake
func (c *Organizations) DeclineHandshake(input *DeclineHandshakeInput) (*DeclineHandshakeOutput, error) {
req, out := c.DeclineHandshakeRequest(input)
return out, req.Send()
}
// DeclineHandshakeWithContext is the same as DeclineHandshake with the addition of
// the ability to pass a context and additional request options.
//
// See DeclineHandshake for details on how to use this API operation.
//
// The context must be non-nil and will be used for request cancellation. If
// the context is nil a panic will occur. In the future the SDK may create
// sub-contexts for http.Requests. See https://golang.org/pkg/context/
// for more information on using Contexts.
func (c *Organizations) DeclineHandshakeWithContext(ctx aws.Context, input *DeclineHandshakeInput, opts ...request.Option) (*DeclineHandshakeOutput, error) {
req, out := c.DeclineHandshakeRequest(input)
req.SetContext(ctx)
req.ApplyOptions(opts...)
return out, req.Send()
}
const opDeleteOrganization = "DeleteOrganization"
// DeleteOrganizationRequest generates a "aws/request.Request" representing the
// client's request for the DeleteOrganization operation. The "output" return
// value will be populated with the request's response once the request completes
// successfuly.
//
// Use "Send" method on the returned Request to send the API call to the service.
// the "output" return value is not valid until after Send returns without error.
//
// See DeleteOrganization for more information on using the DeleteOrganization
// API call, and error handling.
//
// This method is useful when you want to inject custom logic or configuration
// into the SDK's request lifecycle. Such as custom headers, or retry logic.
//
//
// // Example sending a request using the DeleteOrganizationRequest method.
// req, resp := client.DeleteOrganizationRequest(params)
//
// err := req.Send()
// if err == nil { // resp is now filled
// fmt.Println(resp)
// }
//
// See also, https://docs.aws.amazon.com/goto/WebAPI/organizations-2016-11-28/DeleteOrganization
func (c *Organizations) DeleteOrganizationRequest(input *DeleteOrganizationInput) (req *request.Request, output *DeleteOrganizationOutput) {
op := &request.Operation{
Name: opDeleteOrganization,
HTTPMethod: "POST",
HTTPPath: "/",
}
if input == nil {
input = &DeleteOrganizationInput{}
}
output = &DeleteOrganizationOutput{}
req = c.newRequest(op, input, output)
req.Handlers.Unmarshal.Remove(jsonrpc.UnmarshalHandler)
req.Handlers.Unmarshal.PushBackNamed(protocol.UnmarshalDiscardBodyHandler)
return
}
// DeleteOrganization API operation for AWS Organizations.
//
// Deletes the organization. You can delete an organization only by using credentials
// from the master account. The organization must be empty of member accounts,
// OUs, and policies.
//
// Returns awserr.Error for service API and SDK errors. Use runtime type assertions
// with awserr.Error's Code and Message methods to get detailed information about
// the error.
//
// See the AWS API reference guide for AWS Organizations's
// API operation DeleteOrganization for usage and error information.
//
// Returned Error Codes:
// * ErrCodeAccessDeniedException "AccessDeniedException"
// You don't have permissions to perform the requested operation. The user or
// role that is making the request must have at least one IAM permissions policy
// attached that grants the required permissions. For more information, see
// Access Management (http://docs.aws.amazon.com/IAM/latest/UserGuide/access.html)
// in the IAM User Guide.
//
// * ErrCodeAWSOrganizationsNotInUseException "AWSOrganizationsNotInUseException"
// Your account is not a member of an organization. To make this request, you
// must use the credentials of an account that belongs to an organization.
//
// * ErrCodeConcurrentModificationException "ConcurrentModificationException"
// The target of the operation is currently being modified by a different request.
// Try again later.
//
// * ErrCodeInvalidInputException "InvalidInputException"
// The requested operation failed because you provided invalid values for one
// or more of the request parameters. This exception includes a reason that
// contains additional information about the violated limit:
//
// Some of the reasons in the following list might not be applicable to this
// specific API or operation:
//
// * IMMUTABLE_POLICY: You specified a policy that is managed by AWS and
// cannot be modified.
//
// * INPUT_REQUIRED: You must include a value for all required parameters.
//
// * INVALID_ENUM: You specified a value that is not valid for that parameter.
//
// * INVALID_FULL_NAME_TARGET: You specified a full name that contains invalid
// characters.
//
// * INVALID_LIST_MEMBER: You provided a list to a parameter that contains
// at least one invalid value.
//
// * INVALID_PARTY_TYPE_TARGET: You specified the wrong type of entity (account,
// organization, or email) as a party.
//
// * INVALID_PAGINATION_TOKEN: Get the value for the NextToken parameter
// from the response to a previous call of the operation.
//
// * INVALID_PATTERN: You provided a value that doesn't match the required
// pattern.
//
// * INVALID_PATTERN_TARGET_ID: You specified a policy target ID that doesn't
// match the required pattern.
//
// * INVALID_ROLE_NAME: You provided a role name that is not valid. A role
// name can’t begin with the reserved prefix 'AWSServiceRoleFor'.
//
// * INVALID_SYNTAX_ORGANIZATION_ARN: You specified an invalid ARN for the
// organization.
//
// * INVALID_SYNTAX_POLICY_ID: You specified an invalid policy ID.
//
// * MAX_FILTER_LIMIT_EXCEEDED: You can specify only one filter parameter
// for the operation.
//
// * MAX_LENGTH_EXCEEDED: You provided a string parameter that is longer
// than allowed.
//
// * MAX_VALUE_EXCEEDED: You provided a numeric parameter that has a larger
// value than allowed.
//
// * MIN_LENGTH_EXCEEDED: You provided a string parameter that is shorter
// than allowed.
//
// * MIN_VALUE_EXCEEDED: You provided a numeric parameter that has a smaller
// value than allowed.
//
// * MOVING_ACCOUNT_BETWEEN_DIFFERENT_ROOTS: You can move an account only
// between entities in the same root.
//
// * ErrCodeOrganizationNotEmptyException "OrganizationNotEmptyException"
// The organization isn't empty. To delete an organization, you must first remove
// all accounts except the master account, delete all organizational units (OUs),
// and delete all policies.
//
// * ErrCodeServiceException "ServiceException"
// AWS Organizations can't complete your request because of an internal service
// error. Try again later.
//
// * ErrCodeTooManyRequestsException "TooManyRequestsException"
// You've sent too many requests in too short a period of time. The limit helps
// protect against denial-of-service attacks. Try again later.
//
// See also, https://docs.aws.amazon.com/goto/WebAPI/organizations-2016-11-28/DeleteOrganization
func (c *Organizations) DeleteOrganization(input *DeleteOrganizationInput) (*DeleteOrganizationOutput, error) {
req, out := c.DeleteOrganizationRequest(input)
return out, req.Send()
}
// DeleteOrganizationWithContext is the same as DeleteOrganization with the addition of
// the ability to pass a context and additional request options.
//
// See DeleteOrganization for details on how to use this API operation.
//
// The context must be non-nil and will be used for request cancellation. If
// the context is nil a panic will occur. In the future the SDK may create
// sub-contexts for http.Requests. See https://golang.org/pkg/context/
// for more information on using Contexts.
func (c *Organizations) DeleteOrganizationWithContext(ctx aws.Context, input *DeleteOrganizationInput, opts ...request.Option) (*DeleteOrganizationOutput, error) {
req, out := c.DeleteOrganizationRequest(input)
req.SetContext(ctx)
req.ApplyOptions(opts...)
return out, req.Send()
}
const opDeleteOrganizationalUnit = "DeleteOrganizationalUnit"
// DeleteOrganizationalUnitRequest generates a "aws/request.Request" representing the
// client's request for the DeleteOrganizationalUnit operation. The "output" return
// value will be populated with the request's response once the request completes
// successfuly.
//
// Use "Send" method on the returned Request to send the API call to the service.
// the "output" return value is not valid until after Send returns without error.
//
// See DeleteOrganizationalUnit for more information on using the DeleteOrganizationalUnit
// API call, and error handling.
//
// This method is useful when you want to inject custom logic or configuration
// into the SDK's request lifecycle. Such as custom headers, or retry logic.
//
//
// // Example sending a request using the DeleteOrganizationalUnitRequest method.
// req, resp := client.DeleteOrganizationalUnitRequest(params)
//
// err := req.Send()
// if err == nil { // resp is now filled
// fmt.Println(resp)
// }
//
// See also, https://docs.aws.amazon.com/goto/WebAPI/organizations-2016-11-28/DeleteOrganizationalUnit
func (c *Organizations) DeleteOrganizationalUnitRequest(input *DeleteOrganizationalUnitInput) (req *request.Request, output *DeleteOrganizationalUnitOutput) {
op := &request.Operation{
Name: opDeleteOrganizationalUnit,
HTTPMethod: "POST",
HTTPPath: "/",
}
if input == nil {
input = &DeleteOrganizationalUnitInput{}
}
output = &DeleteOrganizationalUnitOutput{}
req = c.newRequest(op, input, output)
req.Handlers.Unmarshal.Remove(jsonrpc.UnmarshalHandler)
req.Handlers.Unmarshal.PushBackNamed(protocol.UnmarshalDiscardBodyHandler)
return
}
// DeleteOrganizationalUnit API operation for AWS Organizations.
//
// Deletes an organizational unit from a root or another OU. You must first
// remove all accounts and child OUs from the OU that you want to delete.
//
// This operation can be called only from the organization's master account.
//
// Returns awserr.Error for service API and SDK errors. Use runtime type assertions
// with awserr.Error's Code and Message methods to get detailed information about
// the error.
//
// See the AWS API reference guide for AWS Organizations's
// API operation DeleteOrganizationalUnit for usage and error information.
//
// Returned Error Codes:
// * ErrCodeAccessDeniedException "AccessDeniedException"
// You don't have permissions to perform the requested operation. The user or
// role that is making the request must have at least one IAM permissions policy
// attached that grants the required permissions. For more information, see
// Access Management (http://docs.aws.amazon.com/IAM/latest/UserGuide/access.html)
// in the IAM User Guide.
//
// * ErrCodeAWSOrganizationsNotInUseException "AWSOrganizationsNotInUseException"
// Your account is not a member of an organization. To make this request, you
// must use the credentials of an account that belongs to an organization.
//
// * ErrCodeConcurrentModificationException "ConcurrentModificationException"
// The target of the operation is currently being modified by a different request.
// Try again later.
//
// * ErrCodeInvalidInputException "InvalidInputException"
// The requested operation failed because you provided invalid values for one
// or more of the request parameters. This exception includes a reason that
// contains additional information about the violated limit:
//
// Some of the reasons in the following list might not be applicable to this
// specific API or operation:
//
// * IMMUTABLE_POLICY: You specified a policy that is managed by AWS and
// cannot be modified.
//
// * INPUT_REQUIRED: You must include a value for all required parameters.
//
// * INVALID_ENUM: You specified a value that is not valid for that parameter.
//
// * INVALID_FULL_NAME_TARGET: You specified a full name that contains invalid
// characters.
//
// * INVALID_LIST_MEMBER: You provided a list to a parameter that contains
// at least one invalid value.
//
// * INVALID_PARTY_TYPE_TARGET: You specified the wrong type of entity (account,
// organization, or email) as a party.
//
// * INVALID_PAGINATION_TOKEN: Get the value for the NextToken parameter
// from the response to a previous call of the operation.
//
// * INVALID_PATTERN: You provided a value that doesn't match the required
// pattern.
//
// * INVALID_PATTERN_TARGET_ID: You specified a policy target ID that doesn't
// match the required pattern.
//
// * INVALID_ROLE_NAME: You provided a role name that is not valid. A role
// name can’t begin with the reserved prefix 'AWSServiceRoleFor'.
//
// * INVALID_SYNTAX_ORGANIZATION_ARN: You specified an invalid ARN for the
// organization.
//
// * INVALID_SYNTAX_POLICY_ID: You specified an invalid policy ID.
//
// * MAX_FILTER_LIMIT_EXCEEDED: You can specify only one filter parameter
// for the operation.
//
// * MAX_LENGTH_EXCEEDED: You provided a string parameter that is longer
// than allowed.
//
// * MAX_VALUE_EXCEEDED: You provided a numeric parameter that has a larger
// value than allowed.
//
// * MIN_LENGTH_EXCEEDED: You provided a string parameter that is shorter
// than allowed.
//
// * MIN_VALUE_EXCEEDED: You provided a numeric parameter that has a smaller
// value than allowed.
//
// * MOVING_ACCOUNT_BETWEEN_DIFFERENT_ROOTS: You can move an account only
// between entities in the same root.
//
// * ErrCodeOrganizationalUnitNotEmptyException "OrganizationalUnitNotEmptyException"
// The specified organizational unit (OU) is not empty. Move all accounts to
// another root or to other OUs, remove all child OUs, and then try the operation
// again.
//
// * ErrCodeOrganizationalUnitNotFoundException "OrganizationalUnitNotFoundException"
// We can't find an organizational unit (OU) with the OrganizationalUnitId that
// you specified.
//
// * ErrCodeServiceException "ServiceException"
// AWS Organizations can't complete your request because of an internal service
// error. Try again later.
//
// * ErrCodeTooManyRequestsException "TooManyRequestsException"
// You've sent too many requests in too short a period of time. The limit helps
// protect against denial-of-service attacks. Try again later.
//
// See also, https://docs.aws.amazon.com/goto/WebAPI/organizations-2016-11-28/DeleteOrganizationalUnit
func (c *Organizations) DeleteOrganizationalUnit(input *DeleteOrganizationalUnitInput) (*DeleteOrganizationalUnitOutput, error) {
req, out := c.DeleteOrganizationalUnitRequest(input)
return out, req.Send()
}
// DeleteOrganizationalUnitWithContext is the same as DeleteOrganizationalUnit with the addition of
// the ability to pass a context and additional request options.
//
// See DeleteOrganizationalUnit for details on how to use this API operation.
//
// The context must be non-nil and will be used for request cancellation. If
// the context is nil a panic will occur. In the future the SDK may create
// sub-contexts for http.Requests. See https://golang.org/pkg/context/
// for more information on using Contexts.
func (c *Organizations) DeleteOrganizationalUnitWithContext(ctx aws.Context, input *DeleteOrganizationalUnitInput, opts ...request.Option) (*DeleteOrganizationalUnitOutput, error) {
req, out := c.DeleteOrganizationalUnitRequest(input)
req.SetContext(ctx)
req.ApplyOptions(opts...)
return out, req.Send()
}
const opDeletePolicy = "DeletePolicy"
// DeletePolicyRequest generates a "aws/request.Request" representing the
// client's request for the DeletePolicy operation. The "output" return
// value will be populated with the request's response once the request completes
// successfuly.
//
// Use "Send" method on the returned Request to send the API call to the service.
// the "output" return value is not valid until after Send returns without error.
//
// See DeletePolicy for more information on using the DeletePolicy
// API call, and error handling.
//
// This method is useful when you want to inject custom logic or configuration
// into the SDK's request lifecycle. Such as custom headers, or retry logic.
//
//
// // Example sending a request using the DeletePolicyRequest method.
// req, resp := client.DeletePolicyRequest(params)
//
// err := req.Send()
// if err == nil { // resp is now filled
// fmt.Println(resp)
// }
//
// See also, https://docs.aws.amazon.com/goto/WebAPI/organizations-2016-11-28/DeletePolicy
func (c *Organizations) DeletePolicyRequest(input *DeletePolicyInput) (req *request.Request, output *DeletePolicyOutput) {
op := &request.Operation{
Name: opDeletePolicy,
HTTPMethod: "POST",
HTTPPath: "/",
}
if input == nil {
input = &DeletePolicyInput{}
}
output = &DeletePolicyOutput{}
req = c.newRequest(op, input, output)
req.Handlers.Unmarshal.Remove(jsonrpc.UnmarshalHandler)
req.Handlers.Unmarshal.PushBackNamed(protocol.UnmarshalDiscardBodyHandler)
return
}
// DeletePolicy API operation for AWS Organizations.
//
// Deletes the specified policy from your organization. Before you perform this
// operation, you must first detach the policy from all OUs, roots, and accounts.
//
// This operation can be called only from the organization's master account.
//
// Returns awserr.Error for service API and SDK errors. Use runtime type assertions
// with awserr.Error's Code and Message methods to get detailed information about
// the error.
//
// See the AWS API reference guide for AWS Organizations's
// API operation DeletePolicy for usage and error information.
//
// Returned Error Codes:
// * ErrCodeAccessDeniedException "AccessDeniedException"
// You don't have permissions to perform the requested operation. The user or
// role that is making the request must have at least one IAM permissions policy
// attached that grants the required permissions. For more information, see
// Access Management (http://docs.aws.amazon.com/IAM/latest/UserGuide/access.html)
// in the IAM User Guide.
//
// * ErrCodeAWSOrganizationsNotInUseException "AWSOrganizationsNotInUseException"
// Your account is not a member of an organization. To make this request, you
// must use the credentials of an account that belongs to an organization.
//
// * ErrCodeConcurrentModificationException "ConcurrentModificationException"
// The target of the operation is currently being modified by a different request.
// Try again later.
//
// * ErrCodeInvalidInputException "InvalidInputException"
// The requested operation failed because you provided invalid values for one
// or more of the request parameters. This exception includes a reason that
// contains additional information about the violated limit:
//
// Some of the reasons in the following list might not be applicable to this
// specific API or operation:
//
// * IMMUTABLE_POLICY: You specified a policy that is managed by AWS and
// cannot be modified.
//
// * INPUT_REQUIRED: You must include a value for all required parameters.
//
// * INVALID_ENUM: You specified a value that is not valid for that parameter.
//
// * INVALID_FULL_NAME_TARGET: You specified a full name that contains invalid
// characters.
//
// * INVALID_LIST_MEMBER: You provided a list to a parameter that contains
// at least one invalid value.
//
// * INVALID_PARTY_TYPE_TARGET: You specified the wrong type of entity (account,
// organization, or email) as a party.
//
// * INVALID_PAGINATION_TOKEN: Get the value for the NextToken parameter
// from the response to a previous call of the operation.
//
// * INVALID_PATTERN: You provided a value that doesn't match the required
// pattern.
//
// * INVALID_PATTERN_TARGET_ID: You specified a policy target ID that doesn't
// match the required pattern.
//
// * INVALID_ROLE_NAME: You provided a role name that is not valid. A role
// name can’t begin with the reserved prefix 'AWSServiceRoleFor'.
//
// * INVALID_SYNTAX_ORGANIZATION_ARN: You specified an invalid ARN for the
// organization.
//
// * INVALID_SYNTAX_POLICY_ID: You specified an invalid policy ID.
//
// * MAX_FILTER_LIMIT_EXCEEDED: You can specify only one filter parameter
// for the operation.
//
// * MAX_LENGTH_EXCEEDED: You provided a string parameter that is longer
// than allowed.
//
// * MAX_VALUE_EXCEEDED: You provided a numeric parameter that has a larger
// value than allowed.
//
// * MIN_LENGTH_EXCEEDED: You provided a string parameter that is shorter
// than allowed.
//
// * MIN_VALUE_EXCEEDED: You provided a numeric parameter that has a smaller
// value than allowed.
//
// * MOVING_ACCOUNT_BETWEEN_DIFFERENT_ROOTS: You can move an account only
// between entities in the same root.
//
// * ErrCodePolicyInUseException "PolicyInUseException"
// The policy is attached to one or more entities. You must detach it from all
// roots, organizational units (OUs), and accounts before performing this operation.
//
// * ErrCodePolicyNotFoundException "PolicyNotFoundException"
// We can't find a policy with the PolicyId that you specified.
//
// * ErrCodeServiceException "ServiceException"
// AWS Organizations can't complete your request because of an internal service
// error. Try again later.
//
// * ErrCodeTooManyRequestsException "TooManyRequestsException"
// You've sent too many requests in too short a period of time. The limit helps
// protect against denial-of-service attacks. Try again later.
//
// See also, https://docs.aws.amazon.com/goto/WebAPI/organizations-2016-11-28/DeletePolicy
func (c *Organizations) DeletePolicy(input *DeletePolicyInput) (*DeletePolicyOutput, error) {
req, out := c.DeletePolicyRequest(input)
return out, req.Send()
}
// DeletePolicyWithContext is the same as DeletePolicy with the addition of
// the ability to pass a context and additional request options.
//
// See DeletePolicy for details on how to use this API operation.
//
// The context must be non-nil and will be used for request cancellation. If
// the context is nil a panic will occur. In the future the SDK may create
// sub-contexts for http.Requests. See https://golang.org/pkg/context/
// for more information on using Contexts.
func (c *Organizations) DeletePolicyWithContext(ctx aws.Context, input *DeletePolicyInput, opts ...request.Option) (*DeletePolicyOutput, error) {
req, out := c.DeletePolicyRequest(input)
req.SetContext(ctx)
req.ApplyOptions(opts...)
return out, req.Send()
}
const opDescribeAccount = "DescribeAccount"
// DescribeAccountRequest generates a "aws/request.Request" representing the
// client's request for the DescribeAccount operation. The "output" return
// value will be populated with the request's response once the request completes
// successfuly.
//
// Use "Send" method on the returned Request to send the API call to the service.
// the "output" return value is not valid until after Send returns without error.
//
// See DescribeAccount for more information on using the DescribeAccount
// API call, and error handling.
//
// This method is useful when you want to inject custom logic or configuration
// into the SDK's request lifecycle. Such as custom headers, or retry logic.
//
//
// // Example sending a request using the DescribeAccountRequest method.
// req, resp := client.DescribeAccountRequest(params)
//
// err := req.Send()
// if err == nil { // resp is now filled
// fmt.Println(resp)
// }
//
// See also, https://docs.aws.amazon.com/goto/WebAPI/organizations-2016-11-28/DescribeAccount
func (c *Organizations) DescribeAccountRequest(input *DescribeAccountInput) (req *request.Request, output *DescribeAccountOutput) {
op := &request.Operation{
Name: opDescribeAccount,
HTTPMethod: "POST",
HTTPPath: "/",
}
if input == nil {
input = &DescribeAccountInput{}
}
output = &DescribeAccountOutput{}
req = c.newRequest(op, input, output)
return
}
// DescribeAccount API operation for AWS Organizations.
//
// Retrieves Organizations-related information about the specified account.
//
// This operation can be called only from the organization's master account.
//
// Returns awserr.Error for service API and SDK errors. Use runtime type assertions
// with awserr.Error's Code and Message methods to get detailed information about
// the error.
//
// See the AWS API reference guide for AWS Organizations's
// API operation DescribeAccount for usage and error information.
//
// Returned Error Codes:
// * ErrCodeAccessDeniedException "AccessDeniedException"
// You don't have permissions to perform the requested operation. The user or
// role that is making the request must have at least one IAM permissions policy
// attached that grants the required permissions. For more information, see
// Access Management (http://docs.aws.amazon.com/IAM/latest/UserGuide/access.html)
// in the IAM User Guide.
//
// * ErrCodeAccountNotFoundException "AccountNotFoundException"
// We can't find an AWS account with the AccountId that you specified, or the
// account whose credentials you used to make this request is not a member of
// an organization.
//
// * ErrCodeAWSOrganizationsNotInUseException "AWSOrganizationsNotInUseException"
// Your account is not a member of an organization. To make this request, you
// must use the credentials of an account that belongs to an organization.
//
// * ErrCodeInvalidInputException "InvalidInputException"
// The requested operation failed because you provided invalid values for one
// or more of the request parameters. This exception includes a reason that
// contains additional information about the violated limit:
//
// Some of the reasons in the following list might not be applicable to this
// specific API or operation:
//
// * IMMUTABLE_POLICY: You specified a policy that is managed by AWS and
// cannot be modified.
//
// * INPUT_REQUIRED: You must include a value for all required parameters.
//
// * INVALID_ENUM: You specified a value that is not valid for that parameter.
//
// * INVALID_FULL_NAME_TARGET: You specified a full name that contains invalid
// characters.
//
// * INVALID_LIST_MEMBER: You provided a list to a parameter that contains
// at least one invalid value.
//
// * INVALID_PARTY_TYPE_TARGET: You specified the wrong type of entity (account,
// organization, or email) as a party.
//
// * INVALID_PAGINATION_TOKEN: Get the value for the NextToken parameter
// from the response to a previous call of the operation.
//
// * INVALID_PATTERN: You provided a value that doesn't match the required
// pattern.
//
// * INVALID_PATTERN_TARGET_ID: You specified a policy target ID that doesn't
// match the required pattern.
//
// * INVALID_ROLE_NAME: You provided a role name that is not valid. A role
// name can’t begin with the reserved prefix 'AWSServiceRoleFor'.
//
// * INVALID_SYNTAX_ORGANIZATION_ARN: You specified an invalid ARN for the
// organization.
//
// * INVALID_SYNTAX_POLICY_ID: You specified an invalid policy ID.
//
// * MAX_FILTER_LIMIT_EXCEEDED: You can specify only one filter parameter
// for the operation.
//
// * MAX_LENGTH_EXCEEDED: You provided a string parameter that is longer
// than allowed.
//
// * MAX_VALUE_EXCEEDED: You provided a numeric parameter that has a larger
// value than allowed.
//
// * MIN_LENGTH_EXCEEDED: You provided a string parameter that is shorter
// than allowed.
//
// * MIN_VALUE_EXCEEDED: You provided a numeric parameter that has a smaller
// value than allowed.
//
// * MOVING_ACCOUNT_BETWEEN_DIFFERENT_ROOTS: You can move an account only
// between entities in the same root.
//
// * ErrCodeServiceException "ServiceException"
// AWS Organizations can't complete your request because of an internal service
// error. Try again later.
//
// * ErrCodeTooManyRequestsException "TooManyRequestsException"
// You've sent too many requests in too short a period of time. The limit helps
// protect against denial-of-service attacks. Try again later.
//
// See also, https://docs.aws.amazon.com/goto/WebAPI/organizations-2016-11-28/DescribeAccount
func (c *Organizations) DescribeAccount(input *DescribeAccountInput) (*DescribeAccountOutput, error) {
req, out := c.DescribeAccountRequest(input)
return out, req.Send()
}
// DescribeAccountWithContext is the same as DescribeAccount with the addition of
// the ability to pass a context and additional request options.
//
// See DescribeAccount for details on how to use this API operation.
//
// The context must be non-nil and will be used for request cancellation. If
// the context is nil a panic will occur. In the future the SDK may create
// sub-contexts for http.Requests. See https://golang.org/pkg/context/
// for more information on using Contexts.
func (c *Organizations) DescribeAccountWithContext(ctx aws.Context, input *DescribeAccountInput, opts ...request.Option) (*DescribeAccountOutput, error) {
req, out := c.DescribeAccountRequest(input)
req.SetContext(ctx)
req.ApplyOptions(opts...)
return out, req.Send()
}
const opDescribeCreateAccountStatus = "DescribeCreateAccountStatus"
// DescribeCreateAccountStatusRequest generates a "aws/request.Request" representing the
// client's request for the DescribeCreateAccountStatus operation. The "output" return
// value will be populated with the request's response once the request completes
// successfuly.
//
// Use "Send" method on the returned Request to send the API call to the service.
// the "output" return value is not valid until after Send returns without error.
//
// See DescribeCreateAccountStatus for more information on using the DescribeCreateAccountStatus
// API call, and error handling.
//
// This method is useful when you want to inject custom logic or configuration
// into the SDK's request lifecycle. Such as custom headers, or retry logic.
//
//
// // Example sending a request using the DescribeCreateAccountStatusRequest method.
// req, resp := client.DescribeCreateAccountStatusRequest(params)
//
// err := req.Send()
// if err == nil { // resp is now filled
// fmt.Println(resp)
// }
//
// See also, https://docs.aws.amazon.com/goto/WebAPI/organizations-2016-11-28/DescribeCreateAccountStatus
func (c *Organizations) DescribeCreateAccountStatusRequest(input *DescribeCreateAccountStatusInput) (req *request.Request, output *DescribeCreateAccountStatusOutput) {
op := &request.Operation{
Name: opDescribeCreateAccountStatus,
HTTPMethod: "POST",
HTTPPath: "/",
}
if input == nil {
input = &DescribeCreateAccountStatusInput{}
}
output = &DescribeCreateAccountStatusOutput{}
req = c.newRequest(op, input, output)
return
}
// DescribeCreateAccountStatus API operation for AWS Organizations.
//
// Retrieves the current status of an asynchronous request to create an account.
//
// This operation can be called only from the organization's master account.
//
// Returns awserr.Error for service API and SDK errors. Use runtime type assertions
// with awserr.Error's Code and Message methods to get detailed information about
// the error.
//
// See the AWS API reference guide for AWS Organizations's
// API operation DescribeCreateAccountStatus for usage and error information.
//
// Returned Error Codes:
// * ErrCodeAccessDeniedException "AccessDeniedException"
// You don't have permissions to perform the requested operation. The user or
// role that is making the request must have at least one IAM permissions policy
// attached that grants the required permissions. For more information, see
// Access Management (http://docs.aws.amazon.com/IAM/latest/UserGuide/access.html)
// in the IAM User Guide.
//
// * ErrCodeAWSOrganizationsNotInUseException "AWSOrganizationsNotInUseException"
// Your account is not a member of an organization. To make this request, you
// must use the credentials of an account that belongs to an organization.
//
// * ErrCodeCreateAccountStatusNotFoundException "CreateAccountStatusNotFoundException"
// We can't find an create account request with the CreateAccountRequestId that
// you specified.
//
// * ErrCodeInvalidInputException "InvalidInputException"
// The requested operation failed because you provided invalid values for one
// or more of the request parameters. This exception includes a reason that
// contains additional information about the violated limit:
//
// Some of the reasons in the following list might not be applicable to this
// specific API or operation:
//
// * IMMUTABLE_POLICY: You specified a policy that is managed by AWS and
// cannot be modified.
//
// * INPUT_REQUIRED: You must include a value for all required parameters.
//
// * INVALID_ENUM: You specified a value that is not valid for that parameter.
//
// * INVALID_FULL_NAME_TARGET: You specified a full name that contains invalid
// characters.
//
// * INVALID_LIST_MEMBER: You provided a list to a parameter that contains
// at least one invalid value.
//
// * INVALID_PARTY_TYPE_TARGET: You specified the wrong type of entity (account,
// organization, or email) as a party.
//
// * INVALID_PAGINATION_TOKEN: Get the value for the NextToken parameter
// from the response to a previous call of the operation.
//
// * INVALID_PATTERN: You provided a value that doesn't match the required
// pattern.
//
// * INVALID_PATTERN_TARGET_ID: You specified a policy target ID that doesn't
// match the required pattern.
//
// * INVALID_ROLE_NAME: You provided a role name that is not valid. A role
// name can’t begin with the reserved prefix 'AWSServiceRoleFor'.
//
// * INVALID_SYNTAX_ORGANIZATION_ARN: You specified an invalid ARN for the
// organization.
//
// * INVALID_SYNTAX_POLICY_ID: You specified an invalid policy ID.
//
// * MAX_FILTER_LIMIT_EXCEEDED: You can specify only one filter parameter
// for the operation.
//
// * MAX_LENGTH_EXCEEDED: You provided a string parameter that is longer
// than allowed.
//
// * MAX_VALUE_EXCEEDED: You provided a numeric parameter that has a larger
// value than allowed.
//
// * MIN_LENGTH_EXCEEDED: You provided a string parameter that is shorter
// than allowed.
//
// * MIN_VALUE_EXCEEDED: You provided a numeric parameter that has a smaller
// value than allowed.
//
// * MOVING_ACCOUNT_BETWEEN_DIFFERENT_ROOTS: You can move an account only
// between entities in the same root.
//
// * ErrCodeServiceException "ServiceException"
// AWS Organizations can't complete your request because of an internal service
// error. Try again later.
//
// * ErrCodeTooManyRequestsException "TooManyRequestsException"
// You've sent too many requests in too short a period of time. The limit helps
// protect against denial-of-service attacks. Try again later.
//
// See also, https://docs.aws.amazon.com/goto/WebAPI/organizations-2016-11-28/DescribeCreateAccountStatus
func (c *Organizations) DescribeCreateAccountStatus(input *DescribeCreateAccountStatusInput) (*DescribeCreateAccountStatusOutput, error) {
req, out := c.DescribeCreateAccountStatusRequest(input)
return out, req.Send()
}
// DescribeCreateAccountStatusWithContext is the same as DescribeCreateAccountStatus with the addition of
// the ability to pass a context and additional request options.
//
// See DescribeCreateAccountStatus for details on how to use this API operation.
//
// The context must be non-nil and will be used for request cancellation. If
// the context is nil a panic will occur. In the future the SDK may create
// sub-contexts for http.Requests. See https://golang.org/pkg/context/
// for more information on using Contexts.
func (c *Organizations) DescribeCreateAccountStatusWithContext(ctx aws.Context, input *DescribeCreateAccountStatusInput, opts ...request.Option) (*DescribeCreateAccountStatusOutput, error) {
req, out := c.DescribeCreateAccountStatusRequest(input)
req.SetContext(ctx)
req.ApplyOptions(opts...)
return out, req.Send()
}
const opDescribeHandshake = "DescribeHandshake"
// DescribeHandshakeRequest generates a "aws/request.Request" representing the
// client's request for the DescribeHandshake operation. The "output" return
// value will be populated with the request's response once the request completes
// successfuly.
//
// Use "Send" method on the returned Request to send the API call to the service.
// the "output" return value is not valid until after Send returns without error.
//
// See DescribeHandshake for more information on using the DescribeHandshake
// API call, and error handling.
//
// This method is useful when you want to inject custom logic or configuration
// into the SDK's request lifecycle. Such as custom headers, or retry logic.
//
//
// // Example sending a request using the DescribeHandshakeRequest method.
// req, resp := client.DescribeHandshakeRequest(params)
//
// err := req.Send()
// if err == nil { // resp is now filled
// fmt.Println(resp)
// }
//
// See also, https://docs.aws.amazon.com/goto/WebAPI/organizations-2016-11-28/DescribeHandshake
func (c *Organizations) DescribeHandshakeRequest(input *DescribeHandshakeInput) (req *request.Request, output *DescribeHandshakeOutput) {
op := &request.Operation{
Name: opDescribeHandshake,
HTTPMethod: "POST",
HTTPPath: "/",
}
if input == nil {
input = &DescribeHandshakeInput{}
}
output = &DescribeHandshakeOutput{}
req = c.newRequest(op, input, output)
return
}
// DescribeHandshake API operation for AWS Organizations.
//
// Retrieves information about a previously requested handshake. The handshake
// ID comes from the response to the original InviteAccountToOrganization operation
// that generated the handshake.
//
// You can access handshakes that are ACCEPTED, DECLINED, or CANCELED for only
// 30 days after they change to that state. They are then deleted and no longer
// accessible.
//
// This operation can be called from any account in the organization.
//
// Returns awserr.Error for service API and SDK errors. Use runtime type assertions
// with awserr.Error's Code and Message methods to get detailed information about
// the error.
//
// See the AWS API reference guide for AWS Organizations's
// API operation DescribeHandshake for usage and error information.
//
// Returned Error Codes:
// * ErrCodeAccessDeniedException "AccessDeniedException"
// You don't have permissions to perform the requested operation. The user or
// role that is making the request must have at least one IAM permissions policy
// attached that grants the required permissions. For more information, see
// Access Management (http://docs.aws.amazon.com/IAM/latest/UserGuide/access.html)
// in the IAM User Guide.
//
// * ErrCodeConcurrentModificationException "ConcurrentModificationException"
// The target of the operation is currently being modified by a different request.
// Try again later.
//
// * ErrCodeHandshakeNotFoundException "HandshakeNotFoundException"
// We can't find a handshake with the HandshakeId that you specified.
//
// * ErrCodeInvalidInputException "InvalidInputException"
// The requested operation failed because you provided invalid values for one
// or more of the request parameters. This exception includes a reason that
// contains additional information about the violated limit:
//
// Some of the reasons in the following list might not be applicable to this
// specific API or operation:
//
// * IMMUTABLE_POLICY: You specified a policy that is managed by AWS and
// cannot be modified.
//
// * INPUT_REQUIRED: You must include a value for all required parameters.
//
// * INVALID_ENUM: You specified a value that is not valid for that parameter.
//
// * INVALID_FULL_NAME_TARGET: You specified a full name that contains invalid
// characters.
//
// * INVALID_LIST_MEMBER: You provided a list to a parameter that contains
// at least one invalid value.
//
// * INVALID_PARTY_TYPE_TARGET: You specified the wrong type of entity (account,
// organization, or email) as a party.
//
// * INVALID_PAGINATION_TOKEN: Get the value for the NextToken parameter
// from the response to a previous call of the operation.
//
// * INVALID_PATTERN: You provided a value that doesn't match the required
// pattern.
//
// * INVALID_PATTERN_TARGET_ID: You specified a policy target ID that doesn't
// match the required pattern.
//
// * INVALID_ROLE_NAME: You provided a role name that is not valid. A role
// name can’t begin with the reserved prefix 'AWSServiceRoleFor'.
//
// * INVALID_SYNTAX_ORGANIZATION_ARN: You specified an invalid ARN for the
// organization.
//
// * INVALID_SYNTAX_POLICY_ID: You specified an invalid policy ID.
//
// * MAX_FILTER_LIMIT_EXCEEDED: You can specify only one filter parameter
// for the operation.
//
// * MAX_LENGTH_EXCEEDED: You provided a string parameter that is longer
// than allowed.
//
// * MAX_VALUE_EXCEEDED: You provided a numeric parameter that has a larger
// value than allowed.
//
// * MIN_LENGTH_EXCEEDED: You provided a string parameter that is shorter
// than allowed.
//
// * MIN_VALUE_EXCEEDED: You provided a numeric parameter that has a smaller
// value than allowed.
//
// * MOVING_ACCOUNT_BETWEEN_DIFFERENT_ROOTS: You can move an account only
// between entities in the same root.
//
// * ErrCodeServiceException "ServiceException"
// AWS Organizations can't complete your request because of an internal service
// error. Try again later.
//
// * ErrCodeTooManyRequestsException "TooManyRequestsException"
// You've sent too many requests in too short a period of time. The limit helps
// protect against denial-of-service attacks. Try again later.
//
// See also, https://docs.aws.amazon.com/goto/WebAPI/organizations-2016-11-28/DescribeHandshake
func (c *Organizations) DescribeHandshake(input *DescribeHandshakeInput) (*DescribeHandshakeOutput, error) {
req, out := c.DescribeHandshakeRequest(input)
return out, req.Send()
}
// DescribeHandshakeWithContext is the same as DescribeHandshake with the addition of
// the ability to pass a context and additional request options.
//
// See DescribeHandshake for details on how to use this API operation.
//
// The context must be non-nil and will be used for request cancellation. If
// the context is nil a panic will occur. In the future the SDK may create
// sub-contexts for http.Requests. See https://golang.org/pkg/context/
// for more information on using Contexts.
func (c *Organizations) DescribeHandshakeWithContext(ctx aws.Context, input *DescribeHandshakeInput, opts ...request.Option) (*DescribeHandshakeOutput, error) {
req, out := c.DescribeHandshakeRequest(input)
req.SetContext(ctx)
req.ApplyOptions(opts...)
return out, req.Send()
}
const opDescribeOrganization = "DescribeOrganization"
// DescribeOrganizationRequest generates a "aws/request.Request" representing the
// client's request for the DescribeOrganization operation. The "output" return
// value will be populated with the request's response once the request completes
// successfuly.
//
// Use "Send" method on the returned Request to send the API call to the service.
// the "output" return value is not valid until after Send returns without error.
//
// See DescribeOrganization for more information on using the DescribeOrganization
// API call, and error handling.
//
// This method is useful when you want to inject custom logic or configuration
// into the SDK's request lifecycle. Such as custom headers, or retry logic.
//
//
// // Example sending a request using the DescribeOrganizationRequest method.
// req, resp := client.DescribeOrganizationRequest(params)
//
// err := req.Send()
// if err == nil { // resp is now filled
// fmt.Println(resp)
// }
//
// See also, https://docs.aws.amazon.com/goto/WebAPI/organizations-2016-11-28/DescribeOrganization
func (c *Organizations) DescribeOrganizationRequest(input *DescribeOrganizationInput) (req *request.Request, output *DescribeOrganizationOutput) {
op := &request.Operation{
Name: opDescribeOrganization,
HTTPMethod: "POST",
HTTPPath: "/",
}
if input == nil {
input = &DescribeOrganizationInput{}
}
output = &DescribeOrganizationOutput{}
req = c.newRequest(op, input, output)
return
}
// DescribeOrganization API operation for AWS Organizations.
//
// Retrieves information about the organization that the user's account belongs
// to.
//
// This operation can be called from any account in the organization.
//
// Even if a policy type is shown as available in the organization, it can be
// disabled separately at the root level with DisablePolicyType. Use ListRoots
// to see the status of policy types for a specified root.
//
// Returns awserr.Error for service API and SDK errors. Use runtime type assertions
// with awserr.Error's Code and Message methods to get detailed information about
// the error.
//
// See the AWS API reference guide for AWS Organizations's
// API operation DescribeOrganization for usage and error information.
//
// Returned Error Codes:
// * ErrCodeAccessDeniedException "AccessDeniedException"
// You don't have permissions to perform the requested operation. The user or
// role that is making the request must have at least one IAM permissions policy
// attached that grants the required permissions. For more information, see
// Access Management (http://docs.aws.amazon.com/IAM/latest/UserGuide/access.html)
// in the IAM User Guide.
//
// * ErrCodeAWSOrganizationsNotInUseException "AWSOrganizationsNotInUseException"
// Your account is not a member of an organization. To make this request, you
// must use the credentials of an account that belongs to an organization.
//
// * ErrCodeConcurrentModificationException "ConcurrentModificationException"
// The target of the operation is currently being modified by a different request.
// Try again later.
//
// * ErrCodeServiceException "ServiceException"
// AWS Organizations can't complete your request because of an internal service
// error. Try again later.
//
// * ErrCodeTooManyRequestsException "TooManyRequestsException"
// You've sent too many requests in too short a period of time. The limit helps
// protect against denial-of-service attacks. Try again later.
//
// See also, https://docs.aws.amazon.com/goto/WebAPI/organizations-2016-11-28/DescribeOrganization
func (c *Organizations) DescribeOrganization(input *DescribeOrganizationInput) (*DescribeOrganizationOutput, error) {
req, out := c.DescribeOrganizationRequest(input)
return out, req.Send()
}
// DescribeOrganizationWithContext is the same as DescribeOrganization with the addition of
// the ability to pass a context and additional request options.
//
// See DescribeOrganization for details on how to use this API operation.
//
// The context must be non-nil and will be used for request cancellation. If
// the context is nil a panic will occur. In the future the SDK may create
// sub-contexts for http.Requests. See https://golang.org/pkg/context/
// for more information on using Contexts.
func (c *Organizations) DescribeOrganizationWithContext(ctx aws.Context, input *DescribeOrganizationInput, opts ...request.Option) (*DescribeOrganizationOutput, error) {
req, out := c.DescribeOrganizationRequest(input)
req.SetContext(ctx)
req.ApplyOptions(opts...)
return out, req.Send()
}
const opDescribeOrganizationalUnit = "DescribeOrganizationalUnit"
// DescribeOrganizationalUnitRequest generates a "aws/request.Request" representing the
// client's request for the DescribeOrganizationalUnit operation. The "output" return
// value will be populated with the request's response once the request completes
// successfuly.
//
// Use "Send" method on the returned Request to send the API call to the service.
// the "output" return value is not valid until after Send returns without error.
//
// See DescribeOrganizationalUnit for more information on using the DescribeOrganizationalUnit
// API call, and error handling.
//
// This method is useful when you want to inject custom logic or configuration
// into the SDK's request lifecycle. Such as custom headers, or retry logic.
//
//
// // Example sending a request using the DescribeOrganizationalUnitRequest method.
// req, resp := client.DescribeOrganizationalUnitRequest(params)
//
// err := req.Send()
// if err == nil { // resp is now filled
// fmt.Println(resp)
// }
//
// See also, https://docs.aws.amazon.com/goto/WebAPI/organizations-2016-11-28/DescribeOrganizationalUnit
func (c *Organizations) DescribeOrganizationalUnitRequest(input *DescribeOrganizationalUnitInput) (req *request.Request, output *DescribeOrganizationalUnitOutput) {
op := &request.Operation{
Name: opDescribeOrganizationalUnit,
HTTPMethod: "POST",
HTTPPath: "/",
}
if input == nil {
input = &DescribeOrganizationalUnitInput{}
}
output = &DescribeOrganizationalUnitOutput{}
req = c.newRequest(op, input, output)
return
}
// DescribeOrganizationalUnit API operation for AWS Organizations.
//
// Retrieves information about an organizational unit (OU).
//
// This operation can be called only from the organization's master account.
//
// Returns awserr.Error for service API and SDK errors. Use runtime type assertions
// with awserr.Error's Code and Message methods to get detailed information about
// the error.
//
// See the AWS API reference guide for AWS Organizations's
// API operation DescribeOrganizationalUnit for usage and error information.
//
// Returned Error Codes:
// * ErrCodeAccessDeniedException "AccessDeniedException"
// You don't have permissions to perform the requested operation. The user or
// role that is making the request must have at least one IAM permissions policy
// attached that grants the required permissions. For more information, see
// Access Management (http://docs.aws.amazon.com/IAM/latest/UserGuide/access.html)
// in the IAM User Guide.
//
// * ErrCodeAWSOrganizationsNotInUseException "AWSOrganizationsNotInUseException"
// Your account is not a member of an organization. To make this request, you
// must use the credentials of an account that belongs to an organization.
//
// * ErrCodeInvalidInputException "InvalidInputException"
// The requested operation failed because you provided invalid values for one
// or more of the request parameters. This exception includes a reason that
// contains additional information about the violated limit:
//
// Some of the reasons in the following list might not be applicable to this
// specific API or operation:
//
// * IMMUTABLE_POLICY: You specified a policy that is managed by AWS and
// cannot be modified.
//
// * INPUT_REQUIRED: You must include a value for all required parameters.
//
// * INVALID_ENUM: You specified a value that is not valid for that parameter.
//
// * INVALID_FULL_NAME_TARGET: You specified a full name that contains invalid
// characters.
//
// * INVALID_LIST_MEMBER: You provided a list to a parameter that contains
// at least one invalid value.
//
// * INVALID_PARTY_TYPE_TARGET: You specified the wrong type of entity (account,
// organization, or email) as a party.
//
// * INVALID_PAGINATION_TOKEN: Get the value for the NextToken parameter
// from the response to a previous call of the operation.
//
// * INVALID_PATTERN: You provided a value that doesn't match the required
// pattern.
//
// * INVALID_PATTERN_TARGET_ID: You specified a policy target ID that doesn't
// match the required pattern.
//
// * INVALID_ROLE_NAME: You provided a role name that is not valid. A role
// name can’t begin with the reserved prefix 'AWSServiceRoleFor'.
//
// * INVALID_SYNTAX_ORGANIZATION_ARN: You specified an invalid ARN for the
// organization.
//
// * INVALID_SYNTAX_POLICY_ID: You specified an invalid policy ID.
//
// * MAX_FILTER_LIMIT_EXCEEDED: You can specify only one filter parameter
// for the operation.
//
// * MAX_LENGTH_EXCEEDED: You provided a string parameter that is longer
// than allowed.
//
// * MAX_VALUE_EXCEEDED: You provided a numeric parameter that has a larger
// value than allowed.
//
// * MIN_LENGTH_EXCEEDED: You provided a string parameter that is shorter
// than allowed.
//
// * MIN_VALUE_EXCEEDED: You provided a numeric parameter that has a smaller
// value than allowed.
//
// * MOVING_ACCOUNT_BETWEEN_DIFFERENT_ROOTS: You can move an account only
// between entities in the same root.
//
// * ErrCodeOrganizationalUnitNotFoundException "OrganizationalUnitNotFoundException"
// We can't find an organizational unit (OU) with the OrganizationalUnitId that
// you specified.
//
// * ErrCodeServiceException "ServiceException"
// AWS Organizations can't complete your request because of an internal service
// error. Try again later.
//
// * ErrCodeTooManyRequestsException "TooManyRequestsException"
// You've sent too many requests in too short a period of time. The limit helps
// protect against denial-of-service attacks. Try again later.
//
// See also, https://docs.aws.amazon.com/goto/WebAPI/organizations-2016-11-28/DescribeOrganizationalUnit
func (c *Organizations) DescribeOrganizationalUnit(input *DescribeOrganizationalUnitInput) (*DescribeOrganizationalUnitOutput, error) {
req, out := c.DescribeOrganizationalUnitRequest(input)
return out, req.Send()
}
// DescribeOrganizationalUnitWithContext is the same as DescribeOrganizationalUnit with the addition of
// the ability to pass a context and additional request options.
//
// See DescribeOrganizationalUnit for details on how to use this API operation.
//
// The context must be non-nil and will be used for request cancellation. If
// the context is nil a panic will occur. In the future the SDK may create
// sub-contexts for http.Requests. See https://golang.org/pkg/context/
// for more information on using Contexts.
func (c *Organizations) DescribeOrganizationalUnitWithContext(ctx aws.Context, input *DescribeOrganizationalUnitInput, opts ...request.Option) (*DescribeOrganizationalUnitOutput, error) {
req, out := c.DescribeOrganizationalUnitRequest(input)
req.SetContext(ctx)
req.ApplyOptions(opts...)
return out, req.Send()
}
const opDescribePolicy = "DescribePolicy"
// DescribePolicyRequest generates a "aws/request.Request" representing the
// client's request for the DescribePolicy operation. The "output" return
// value will be populated with the request's response once the request completes
// successfuly.
//
// Use "Send" method on the returned Request to send the API call to the service.
// the "output" return value is not valid until after Send returns without error.
//
// See DescribePolicy for more information on using the DescribePolicy
// API call, and error handling.
//
// This method is useful when you want to inject custom logic or configuration
// into the SDK's request lifecycle. Such as custom headers, or retry logic.
//
//
// // Example sending a request using the DescribePolicyRequest method.
// req, resp := client.DescribePolicyRequest(params)
//
// err := req.Send()
// if err == nil { // resp is now filled
// fmt.Println(resp)
// }
//
// See also, https://docs.aws.amazon.com/goto/WebAPI/organizations-2016-11-28/DescribePolicy
func (c *Organizations) DescribePolicyRequest(input *DescribePolicyInput) (req *request.Request, output *DescribePolicyOutput) {
op := &request.Operation{
Name: opDescribePolicy,
HTTPMethod: "POST",
HTTPPath: "/",
}
if input == nil {
input = &DescribePolicyInput{}
}
output = &DescribePolicyOutput{}
req = c.newRequest(op, input, output)
return
}
// DescribePolicy API operation for AWS Organizations.
//
// Retrieves information about a policy.
//
// This operation can be called only from the organization's master account.
//
// Returns awserr.Error for service API and SDK errors. Use runtime type assertions
// with awserr.Error's Code and Message methods to get detailed information about
// the error.
//
// See the AWS API reference guide for AWS Organizations's
// API operation DescribePolicy for usage and error information.
//
// Returned Error Codes:
// * ErrCodeAccessDeniedException "AccessDeniedException"
// You don't have permissions to perform the requested operation. The user or
// role that is making the request must have at least one IAM permissions policy
// attached that grants the required permissions. For more information, see
// Access Management (http://docs.aws.amazon.com/IAM/latest/UserGuide/access.html)
// in the IAM User Guide.
//
// * ErrCodeAWSOrganizationsNotInUseException "AWSOrganizationsNotInUseException"
// Your account is not a member of an organization. To make this request, you
// must use the credentials of an account that belongs to an organization.
//
// * ErrCodeInvalidInputException "InvalidInputException"
// The requested operation failed because you provided invalid values for one
// or more of the request parameters. This exception includes a reason that
// contains additional information about the violated limit:
//
// Some of the reasons in the following list might not be applicable to this
// specific API or operation:
//
// * IMMUTABLE_POLICY: You specified a policy that is managed by AWS and
// cannot be modified.
//
// * INPUT_REQUIRED: You must include a value for all required parameters.
//
// * INVALID_ENUM: You specified a value that is not valid for that parameter.
//
// * INVALID_FULL_NAME_TARGET: You specified a full name that contains invalid
// characters.
//
// * INVALID_LIST_MEMBER: You provided a list to a parameter that contains
// at least one invalid value.
//
// * INVALID_PARTY_TYPE_TARGET: You specified the wrong type of entity (account,
// organization, or email) as a party.
//
// * INVALID_PAGINATION_TOKEN: Get the value for the NextToken parameter
// from the response to a previous call of the operation.
//
// * INVALID_PATTERN: You provided a value that doesn't match the required
// pattern.
//
// * INVALID_PATTERN_TARGET_ID: You specified a policy target ID that doesn't
// match the required pattern.
//
// * INVALID_ROLE_NAME: You provided a role name that is not valid. A role
// name can’t begin with the reserved prefix 'AWSServiceRoleFor'.
//
// * INVALID_SYNTAX_ORGANIZATION_ARN: You specified an invalid ARN for the
// organization.
//
// * INVALID_SYNTAX_POLICY_ID: You specified an invalid policy ID.
//
// * MAX_FILTER_LIMIT_EXCEEDED: You can specify only one filter parameter
// for the operation.
//
// * MAX_LENGTH_EXCEEDED: You provided a string parameter that is longer
// than allowed.
//
// * MAX_VALUE_EXCEEDED: You provided a numeric parameter that has a larger
// value than allowed.
//
// * MIN_LENGTH_EXCEEDED: You provided a string parameter that is shorter
// than allowed.
//
// * MIN_VALUE_EXCEEDED: You provided a numeric parameter that has a smaller
// value than allowed.
//
// * MOVING_ACCOUNT_BETWEEN_DIFFERENT_ROOTS: You can move an account only
// between entities in the same root.
//
// * ErrCodePolicyNotFoundException "PolicyNotFoundException"
// We can't find a policy with the PolicyId that you specified.
//
// * ErrCodeServiceException "ServiceException"
// AWS Organizations can't complete your request because of an internal service
// error. Try again later.
//
// * ErrCodeTooManyRequestsException "TooManyRequestsException"
// You've sent too many requests in too short a period of time. The limit helps
// protect against denial-of-service attacks. Try again later.
//
// See also, https://docs.aws.amazon.com/goto/WebAPI/organizations-2016-11-28/DescribePolicy
func (c *Organizations) DescribePolicy(input *DescribePolicyInput) (*DescribePolicyOutput, error) {
req, out := c.DescribePolicyRequest(input)
return out, req.Send()
}
// DescribePolicyWithContext is the same as DescribePolicy with the addition of
// the ability to pass a context and additional request options.
//
// See DescribePolicy for details on how to use this API operation.
//
// The context must be non-nil and will be used for request cancellation. If
// the context is nil a panic will occur. In the future the SDK may create
// sub-contexts for http.Requests. See https://golang.org/pkg/context/
// for more information on using Contexts.
func (c *Organizations) DescribePolicyWithContext(ctx aws.Context, input *DescribePolicyInput, opts ...request.Option) (*DescribePolicyOutput, error) {
req, out := c.DescribePolicyRequest(input)
req.SetContext(ctx)
req.ApplyOptions(opts...)
return out, req.Send()
}
const opDetachPolicy = "DetachPolicy"
// DetachPolicyRequest generates a "aws/request.Request" representing the
// client's request for the DetachPolicy operation. The "output" return
// value will be populated with the request's response once the request completes
// successfuly.
//
// Use "Send" method on the returned Request to send the API call to the service.
// the "output" return value is not valid until after Send returns without error.
//
// See DetachPolicy for more information on using the DetachPolicy
// API call, and error handling.
//
// This method is useful when you want to inject custom logic or configuration
// into the SDK's request lifecycle. Such as custom headers, or retry logic.
//
//
// // Example sending a request using the DetachPolicyRequest method.
// req, resp := client.DetachPolicyRequest(params)
//
// err := req.Send()
// if err == nil { // resp is now filled
// fmt.Println(resp)
// }
//
// See also, https://docs.aws.amazon.com/goto/WebAPI/organizations-2016-11-28/DetachPolicy
func (c *Organizations) DetachPolicyRequest(input *DetachPolicyInput) (req *request.Request, output *DetachPolicyOutput) {
op := &request.Operation{
Name: opDetachPolicy,
HTTPMethod: "POST",
HTTPPath: "/",
}
if input == nil {
input = &DetachPolicyInput{}
}
output = &DetachPolicyOutput{}
req = c.newRequest(op, input, output)
req.Handlers.Unmarshal.Remove(jsonrpc.UnmarshalHandler)
req.Handlers.Unmarshal.PushBackNamed(protocol.UnmarshalDiscardBodyHandler)
return
}
// DetachPolicy API operation for AWS Organizations.
//
// Detaches a policy from a target root, organizational unit, or account. If
// the policy being detached is a service control policy (SCP), the changes
// to permissions for IAM users and roles in affected accounts are immediate.
//
// Note: Every root, OU, and account must have at least one SCP attached. If
// you want to replace the default FullAWSAccess policy with one that limits
// the permissions that can be delegated, then you must attach the replacement
// policy before you can remove the default one. This is the authorization strategy
// of whitelisting (http://docs.aws.amazon.com/organizations/latest/userguide/orgs_manage_policies_about-scps.html#orgs_policies_whitelist).
// If you instead attach a second SCP and leave the FullAWSAccess SCP still
// attached, and specify "Effect": "Deny" in the second SCP to override the
// "Effect": "Allow" in the FullAWSAccess policy (or any other attached SCP),
// then you are using the authorization strategy of blacklisting (http://docs.aws.amazon.com/organizations/latest/userguide/orgs_manage_policies_about-scps.html#orgs_policies_blacklist).
//
// This operation can be called only from the organization's master account.
//
// Returns awserr.Error for service API and SDK errors. Use runtime type assertions
// with awserr.Error's Code and Message methods to get detailed information about
// the error.
//
// See the AWS API reference guide for AWS Organizations's
// API operation DetachPolicy for usage and error information.
//
// Returned Error Codes:
// * ErrCodeAccessDeniedException "AccessDeniedException"
// You don't have permissions to perform the requested operation. The user or
// role that is making the request must have at least one IAM permissions policy
// attached that grants the required permissions. For more information, see
// Access Management (http://docs.aws.amazon.com/IAM/latest/UserGuide/access.html)
// in the IAM User Guide.
//
// * ErrCodeAWSOrganizationsNotInUseException "AWSOrganizationsNotInUseException"
// Your account is not a member of an organization. To make this request, you
// must use the credentials of an account that belongs to an organization.
//
// * ErrCodeConcurrentModificationException "ConcurrentModificationException"
// The target of the operation is currently being modified by a different request.
// Try again later.
//
// * ErrCodeConstraintViolationException "ConstraintViolationException"
// Performing this operation violates a minimum or maximum value limit. For
// example, attempting to removing the last SCP from an OU or root, inviting
// or creating too many accounts to the organization, or attaching too many
// policies to an account, OU, or root. This exception includes a reason that
// contains additional information about the violated limit:
//
// Some of the reasons in the following list might not be applicable to this
// specific API or operation:
//
// ACCOUNT_NUMBER_LIMIT_EXCEEDED: You attempted to exceed the limit on the number
// of accounts in an organization. If you need more accounts, contact AWS Support
// to request an increase in your limit.
//
// Or, The number of invitations that you tried to send would cause you to exceed
// the limit of accounts in your organization. Send fewer invitations, or contact
// AWS Support to request an increase in the number of accounts.
//
// Note: deleted and closed accounts still count toward your limit.
//
// If you get an exception that indicates that you exceeded your account limits
// for the organization or that you can"t add an account because your organization
// is still initializing, please contact AWS Customer Support (https://console.aws.amazon.com/support/home#/).
//
// * HANDSHAKE_RATE_LIMIT_EXCEEDED: You attempted to exceed the number of
// handshakes you can send in one day.
//
// * OU_NUMBER_LIMIT_EXCEEDED: You attempted to exceed the number of organizational
// units you can have in an organization.
//
// * OU_DEPTH_LIMIT_EXCEEDED: You attempted to create an organizational unit
// tree that is too many levels deep.
//
// * POLICY_NUMBER_LIMIT_EXCEEDED. You attempted to exceed the number of
// policies that you can have in an organization.
//
// * MAX_POLICY_TYPE_ATTACHMENT_LIMIT_EXCEEDED: You attempted to exceed the
// number of policies of a certain type that can be attached to an entity
// at one time.
//
// * MIN_POLICY_TYPE_ATTACHMENT_LIMIT_EXCEEDED: You attempted to detach a
// policy from an entity that would cause the entity to have fewer than the
// minimum number of policies of a certain type required.
//
// * ACCOUNT_CANNOT_LEAVE_WITHOUT_EULA: You attempted to remove an account
// from the organization that does not yet have enough information to exist
// as a stand-alone account. This account requires you to first agree to
// the AWS Customer Agreement. Follow the steps at To leave an organization
// when all required account information has not yet been provided (http://docs.aws.amazon.com/organizations/latest/userguide/orgs_manage_accounts_remove.html#leave-without-all-info)
// in the AWS Organizations User Guide.
//
// * ACCOUNT_CANNOT_LEAVE_WITHOUT_PHONE_VERIFICATION: You attempted to remove
// an account from the organization that does not yet have enough information
// to exist as a stand-alone account. This account requires you to first
// complete phone verification. Follow the steps at To leave an organization
// when all required account information has not yet been provided (http://docs.aws.amazon.com/organizations/latest/userguide/orgs_manage_accounts_remove.html#leave-without-all-info)
// in the AWS Organizations User Guide.
//
// * MASTER_ACCOUNT_PAYMENT_INSTRUMENT_REQUIRED: To create an organization
// with this account, you first must associate a payment instrument, such
// as a credit card, with the account. Follow the steps at To leave an organization
// when all required account information has not yet been provided (http://docs.aws.amazon.com/organizations/latest/userguide/orgs_manage_accounts_remove.html#leave-without-all-info)
// in the AWS Organizations User Guide.
//
// * MEMBER_ACCOUNT_PAYMENT_INSTRUMENT_REQUIRED: To complete this operation
// with this member account, you first must associate a payment instrument,
// such as a credit card, with the account. Follow the steps at To leave
// an organization when all required account information has not yet been
// provided (http://docs.aws.amazon.com/organizations/latest/userguide/orgs_manage_accounts_remove.html#leave-without-all-info)
// in the AWS Organizations User Guide.
//
// * ACCOUNT_CREATION_RATE_LIMIT_EXCEEDED: You attempted to exceed the number
// of accounts that you can create in one day.
//
// * MASTER_ACCOUNT_ADDRESS_DOES_NOT_MATCH_MARKETPLACE: To create an account
// in this organization, you first must migrate the organization's master
// account to the marketplace that corresponds to the master account's address.
// For example, accounts with India addresses must be associated with the
// AISPL marketplace. All accounts in an organization must be associated
// with the same marketplace.
//
// * MASTER_ACCOUNT_MISSING_CONTACT_INFO: To complete this operation, you
// must first provide contact a valid address and phone number for the master
// account. Then try the operation again.
//
// * ErrCodeInvalidInputException "InvalidInputException"
// The requested operation failed because you provided invalid values for one
// or more of the request parameters. This exception includes a reason that
// contains additional information about the violated limit:
//
// Some of the reasons in the following list might not be applicable to this
// specific API or operation:
//
// * IMMUTABLE_POLICY: You specified a policy that is managed by AWS and
// cannot be modified.
//
// * INPUT_REQUIRED: You must include a value for all required parameters.
//
// * INVALID_ENUM: You specified a value that is not valid for that parameter.
//
// * INVALID_FULL_NAME_TARGET: You specified a full name that contains invalid
// characters.
//
// * INVALID_LIST_MEMBER: You provided a list to a parameter that contains
// at least one invalid value.
//
// * INVALID_PARTY_TYPE_TARGET: You specified the wrong type of entity (account,
// organization, or email) as a party.
//
// * INVALID_PAGINATION_TOKEN: Get the value for the NextToken parameter
// from the response to a previous call of the operation.
//
// * INVALID_PATTERN: You provided a value that doesn't match the required
// pattern.
//
// * INVALID_PATTERN_TARGET_ID: You specified a policy target ID that doesn't
// match the required pattern.
//
// * INVALID_ROLE_NAME: You provided a role name that is not valid. A role
// name can’t begin with the reserved prefix 'AWSServiceRoleFor'.
//
// * INVALID_SYNTAX_ORGANIZATION_ARN: You specified an invalid ARN for the
// organization.
//
// * INVALID_SYNTAX_POLICY_ID: You specified an invalid policy ID.
//
// * MAX_FILTER_LIMIT_EXCEEDED: You can specify only one filter parameter
// for the operation.
//
// * MAX_LENGTH_EXCEEDED: You provided a string parameter that is longer
// than allowed.
//
// * MAX_VALUE_EXCEEDED: You provided a numeric parameter that has a larger
// value than allowed.
//
// * MIN_LENGTH_EXCEEDED: You provided a string parameter that is shorter
// than allowed.
//
// * MIN_VALUE_EXCEEDED: You provided a numeric parameter that has a smaller
// value than allowed.
//
// * MOVING_ACCOUNT_BETWEEN_DIFFERENT_ROOTS: You can move an account only
// between entities in the same root.
//
// * ErrCodePolicyNotAttachedException "PolicyNotAttachedException"
// The policy isn't attached to the specified target in the specified root.
//
// * ErrCodePolicyNotFoundException "PolicyNotFoundException"
// We can't find a policy with the PolicyId that you specified.
//
// * ErrCodeServiceException "ServiceException"
// AWS Organizations can't complete your request because of an internal service
// error. Try again later.
//
// * ErrCodeTargetNotFoundException "TargetNotFoundException"
// We can't find a root, OU, or account with the TargetId that you specified.
//
// * ErrCodeTooManyRequestsException "TooManyRequestsException"
// You've sent too many requests in too short a period of time. The limit helps
// protect against denial-of-service attacks. Try again later.
//
// See also, https://docs.aws.amazon.com/goto/WebAPI/organizations-2016-11-28/DetachPolicy
func (c *Organizations) DetachPolicy(input *DetachPolicyInput) (*DetachPolicyOutput, error) {
req, out := c.DetachPolicyRequest(input)
return out, req.Send()
}
// DetachPolicyWithContext is the same as DetachPolicy with the addition of
// the ability to pass a context and additional request options.
//
// See DetachPolicy for details on how to use this API operation.
//
// The context must be non-nil and will be used for request cancellation. If
// the context is nil a panic will occur. In the future the SDK may create
// sub-contexts for http.Requests. See https://golang.org/pkg/context/
// for more information on using Contexts.
func (c *Organizations) DetachPolicyWithContext(ctx aws.Context, input *DetachPolicyInput, opts ...request.Option) (*DetachPolicyOutput, error) {
req, out := c.DetachPolicyRequest(input)
req.SetContext(ctx)
req.ApplyOptions(opts...)
return out, req.Send()
}
const opDisableAWSServiceAccess = "DisableAWSServiceAccess"
// DisableAWSServiceAccessRequest generates a "aws/request.Request" representing the
// client's request for the DisableAWSServiceAccess operation. The "output" return
// value will be populated with the request's response once the request completes
// successfuly.
//
// Use "Send" method on the returned Request to send the API call to the service.
// the "output" return value is not valid until after Send returns without error.
//
// See DisableAWSServiceAccess for more information on using the DisableAWSServiceAccess
// API call, and error handling.
//
// This method is useful when you want to inject custom logic or configuration
// into the SDK's request lifecycle. Such as custom headers, or retry logic.
//
//
// // Example sending a request using the DisableAWSServiceAccessRequest method.
// req, resp := client.DisableAWSServiceAccessRequest(params)
//
// err := req.Send()
// if err == nil { // resp is now filled
// fmt.Println(resp)
// }
//
// See also, https://docs.aws.amazon.com/goto/WebAPI/organizations-2016-11-28/DisableAWSServiceAccess
func (c *Organizations) DisableAWSServiceAccessRequest(input *DisableAWSServiceAccessInput) (req *request.Request, output *DisableAWSServiceAccessOutput) {
op := &request.Operation{
Name: opDisableAWSServiceAccess,
HTTPMethod: "POST",
HTTPPath: "/",
}
if input == nil {
input = &DisableAWSServiceAccessInput{}
}
output = &DisableAWSServiceAccessOutput{}
req = c.newRequest(op, input, output)
req.Handlers.Unmarshal.Remove(jsonrpc.UnmarshalHandler)
req.Handlers.Unmarshal.PushBackNamed(protocol.UnmarshalDiscardBodyHandler)
return
}
// DisableAWSServiceAccess API operation for AWS Organizations.
//
// Disables the integration of an AWS service (the service that is specified
// by ServicePrincipal) with AWS Organizations. When you disable integration,
// the specified service no longer can create a service-linked role (http://docs.aws.amazon.com/IAM/latest/UserGuide/using-service-linked-roles.html)
// in new accounts in your organization. This means the service can't perform
// operations on your behalf on any new accounts in your organization. The service
// can still perform operations in older accounts until the service completes
// its clean-up from AWS Organizations.
//
// We recommend that you disable integration between AWS Organizations and the
// specified AWS service by using the console or commands that are provided
// by the specified service. Doing so ensures that the other service is aware
// that it can clean up any resources that are required only for the integration.
// How the service cleans up its resources in the organization's accounts depends
// on that service. For more information, see the documentation for the other
// AWS service.
//
// After you perform the DisableAWSServiceAccessoperation, the specified service can no longer perform operations in your
// organization's accounts unless the operations are explicitly permitted by
// the IAM policies that are attached to your roles.
//
// For more information about integrating other services with AWS Organizations,
// including the list of services that work with Organizations, see Integrating
// AWS Organizations with Other AWS Services (http://docs.aws.amazon.com/organizations/latest/userguide/orgs_integrate_services.html)in the AWS Organizations User Guide
//
// Returns awserr.Error for service API and SDK errors. Use runtime type assertions
// with awserr.Error's Code and Message methods to get detailed information about
// the error.
//
// See the AWS API reference guide for AWS Organizations's
// API operation DisableAWSServiceAccess for usage and error information.
//
// Returned Error Codes:
// * ErrCodeAccessDeniedException "AccessDeniedException"
// You don't have permissions to perform the requested operation. The user or
// role that is making the request must have at least one IAM permissions policy
// attached that grants the required permissions. For more information, see
// Access Management (http://docs.aws.amazon.com/IAM/latest/UserGuide/access.html)
// in the IAM User Guide.
//
// * ErrCodeAWSOrganizationsNotInUseException "AWSOrganizationsNotInUseException"
// Your account is not a member of an organization. To make this request, you
// must use the credentials of an account that belongs to an organization.
//
// * ErrCodeConcurrentModificationException "ConcurrentModificationException"
// The target of the operation is currently being modified by a different request.
// Try again later.
//
// * ErrCodeConstraintViolationException "ConstraintViolationException"
// Performing this operation violates a minimum or maximum value limit. For
// example, attempting to removing the last SCP from an OU or root, inviting
// or creating too many accounts to the organization, or attaching too many
// policies to an account, OU, or root. This exception includes a reason that
// contains additional information about the violated limit:
//
// Some of the reasons in the following list might not be applicable to this
// specific API or operation:
//
// ACCOUNT_NUMBER_LIMIT_EXCEEDED: You attempted to exceed the limit on the number
// of accounts in an organization. If you need more accounts, contact AWS Support
// to request an increase in your limit.
//
// Or, The number of invitations that you tried to send would cause you to exceed
// the limit of accounts in your organization. Send fewer invitations, or contact
// AWS Support to request an increase in the number of accounts.
//
// Note: deleted and closed accounts still count toward your limit.
//
// If you get an exception that indicates that you exceeded your account limits
// for the organization or that you can"t add an account because your organization
// is still initializing, please contact AWS Customer Support (https://console.aws.amazon.com/support/home#/).
//
// * HANDSHAKE_RATE_LIMIT_EXCEEDED: You attempted to exceed the number of
// handshakes you can send in one day.
//
// * OU_NUMBER_LIMIT_EXCEEDED: You attempted to exceed the number of organizational
// units you can have in an organization.
//
// * OU_DEPTH_LIMIT_EXCEEDED: You attempted to create an organizational unit
// tree that is too many levels deep.
//
// * POLICY_NUMBER_LIMIT_EXCEEDED. You attempted to exceed the number of
// policies that you can have in an organization.
//
// * MAX_POLICY_TYPE_ATTACHMENT_LIMIT_EXCEEDED: You attempted to exceed the
// number of policies of a certain type that can be attached to an entity
// at one time.
//
// * MIN_POLICY_TYPE_ATTACHMENT_LIMIT_EXCEEDED: You attempted to detach a
// policy from an entity that would cause the entity to have fewer than the
// minimum number of policies of a certain type required.
//
// * ACCOUNT_CANNOT_LEAVE_WITHOUT_EULA: You attempted to remove an account
// from the organization that does not yet have enough information to exist
// as a stand-alone account. This account requires you to first agree to
// the AWS Customer Agreement. Follow the steps at To leave an organization
// when all required account information has not yet been provided (http://docs.aws.amazon.com/organizations/latest/userguide/orgs_manage_accounts_remove.html#leave-without-all-info)
// in the AWS Organizations User Guide.
//
// * ACCOUNT_CANNOT_LEAVE_WITHOUT_PHONE_VERIFICATION: You attempted to remove
// an account from the organization that does not yet have enough information
// to exist as a stand-alone account. This account requires you to first
// complete phone verification. Follow the steps at To leave an organization
// when all required account information has not yet been provided (http://docs.aws.amazon.com/organizations/latest/userguide/orgs_manage_accounts_remove.html#leave-without-all-info)
// in the AWS Organizations User Guide.
//
// * MASTER_ACCOUNT_PAYMENT_INSTRUMENT_REQUIRED: To create an organization
// with this account, you first must associate a payment instrument, such
// as a credit card, with the account. Follow the steps at To leave an organization
// when all required account information has not yet been provided (http://docs.aws.amazon.com/organizations/latest/userguide/orgs_manage_accounts_remove.html#leave-without-all-info)
// in the AWS Organizations User Guide.
//
// * MEMBER_ACCOUNT_PAYMENT_INSTRUMENT_REQUIRED: To complete this operation
// with this member account, you first must associate a payment instrument,
// such as a credit card, with the account. Follow the steps at To leave
// an organization when all required account information has not yet been
// provided (http://docs.aws.amazon.com/organizations/latest/userguide/orgs_manage_accounts_remove.html#leave-without-all-info)
// in the AWS Organizations User Guide.
//
// * ACCOUNT_CREATION_RATE_LIMIT_EXCEEDED: You attempted to exceed the number
// of accounts that you can create in one day.
//
// * MASTER_ACCOUNT_ADDRESS_DOES_NOT_MATCH_MARKETPLACE: To create an account
// in this organization, you first must migrate the organization's master
// account to the marketplace that corresponds to the master account's address.
// For example, accounts with India addresses must be associated with the
// AISPL marketplace. All accounts in an organization must be associated
// with the same marketplace.
//
// * MASTER_ACCOUNT_MISSING_CONTACT_INFO: To complete this operation, you
// must first provide contact a valid address and phone number for the master
// account. Then try the operation again.
//
// * ErrCodeInvalidInputException "InvalidInputException"
// The requested operation failed because you provided invalid values for one
// or more of the request parameters. This exception includes a reason that
// contains additional information about the violated limit:
//
// Some of the reasons in the following list might not be applicable to this
// specific API or operation:
//
// * IMMUTABLE_POLICY: You specified a policy that is managed by AWS and
// cannot be modified.
//
// * INPUT_REQUIRED: You must include a value for all required parameters.
//
// * INVALID_ENUM: You specified a value that is not valid for that parameter.
//
// * INVALID_FULL_NAME_TARGET: You specified a full name that contains invalid
// characters.
//
// * INVALID_LIST_MEMBER: You provided a list to a parameter that contains
// at least one invalid value.
//
// * INVALID_PARTY_TYPE_TARGET: You specified the wrong type of entity (account,
// organization, or email) as a party.
//
// * INVALID_PAGINATION_TOKEN: Get the value for the NextToken parameter
// from the response to a previous call of the operation.
//
// * INVALID_PATTERN: You provided a value that doesn't match the required
// pattern.
//
// * INVALID_PATTERN_TARGET_ID: You specified a policy target ID that doesn't
// match the required pattern.
//
// * INVALID_ROLE_NAME: You provided a role name that is not valid. A role
// name can’t begin with the reserved prefix 'AWSServiceRoleFor'.
//
// * INVALID_SYNTAX_ORGANIZATION_ARN: You specified an invalid ARN for the
// organization.
//
// * INVALID_SYNTAX_POLICY_ID: You specified an invalid policy ID.
//
// * MAX_FILTER_LIMIT_EXCEEDED: You can specify only one filter parameter
// for the operation.
//
// * MAX_LENGTH_EXCEEDED: You provided a string parameter that is longer
// than allowed.
//
// * MAX_VALUE_EXCEEDED: You provided a numeric parameter that has a larger
// value than allowed.
//
// * MIN_LENGTH_EXCEEDED: You provided a string parameter that is shorter
// than allowed.
//
// * MIN_VALUE_EXCEEDED: You provided a numeric parameter that has a smaller
// value than allowed.
//
// * MOVING_ACCOUNT_BETWEEN_DIFFERENT_ROOTS: You can move an account only
// between entities in the same root.
//
// * ErrCodeServiceException "ServiceException"
// AWS Organizations can't complete your request because of an internal service
// error. Try again later.
//
// * ErrCodeTooManyRequestsException "TooManyRequestsException"
// You've sent too many requests in too short a period of time. The limit helps
// protect against denial-of-service attacks. Try again later.
//
// See also, https://docs.aws.amazon.com/goto/WebAPI/organizations-2016-11-28/DisableAWSServiceAccess
func (c *Organizations) DisableAWSServiceAccess(input *DisableAWSServiceAccessInput) (*DisableAWSServiceAccessOutput, error) {
req, out := c.DisableAWSServiceAccessRequest(input)
return out, req.Send()
}
// DisableAWSServiceAccessWithContext is the same as DisableAWSServiceAccess with the addition of
// the ability to pass a context and additional request options.
//
// See DisableAWSServiceAccess for details on how to use this API operation.
//
// The context must be non-nil and will be used for request cancellation. If
// the context is nil a panic will occur. In the future the SDK may create
// sub-contexts for http.Requests. See https://golang.org/pkg/context/
// for more information on using Contexts.
func (c *Organizations) DisableAWSServiceAccessWithContext(ctx aws.Context, input *DisableAWSServiceAccessInput, opts ...request.Option) (*DisableAWSServiceAccessOutput, error) {
req, out := c.DisableAWSServiceAccessRequest(input)
req.SetContext(ctx)
req.ApplyOptions(opts...)
return out, req.Send()
}
const opDisablePolicyType = "DisablePolicyType"
// DisablePolicyTypeRequest generates a "aws/request.Request" representing the
// client's request for the DisablePolicyType operation. The "output" return
// value will be populated with the request's response once the request completes
// successfuly.
//
// Use "Send" method on the returned Request to send the API call to the service.
// the "output" return value is not valid until after Send returns without error.
//
// See DisablePolicyType for more information on using the DisablePolicyType
// API call, and error handling.
//
// This method is useful when you want to inject custom logic or configuration
// into the SDK's request lifecycle. Such as custom headers, or retry logic.
//
//
// // Example sending a request using the DisablePolicyTypeRequest method.
// req, resp := client.DisablePolicyTypeRequest(params)
//
// err := req.Send()
// if err == nil { // resp is now filled
// fmt.Println(resp)
// }
//
// See also, https://docs.aws.amazon.com/goto/WebAPI/organizations-2016-11-28/DisablePolicyType
func (c *Organizations) DisablePolicyTypeRequest(input *DisablePolicyTypeInput) (req *request.Request, output *DisablePolicyTypeOutput) {
op := &request.Operation{
Name: opDisablePolicyType,
HTTPMethod: "POST",
HTTPPath: "/",
}
if input == nil {
input = &DisablePolicyTypeInput{}
}
output = &DisablePolicyTypeOutput{}
req = c.newRequest(op, input, output)
return
}
// DisablePolicyType API operation for AWS Organizations.
//
// Disables an organizational control policy type in a root. A policy of a certain
// type can be attached to entities in a root only if that type is enabled in
// the root. After you perform this operation, you no longer can attach policies
// of the specified type to that root or to any OU or account in that root.
// You can undo this by using the EnablePolicyType operation.
//
// This operation can be called only from the organization's master account.
//
// If you disable a policy type for a root, it still shows as enabled for the
// organization if all features are enabled in that organization. Use ListRoots
// to see the status of policy types for a specified root. Use DescribeOrganization
// to see the status of policy types in the organization.
//
// Returns awserr.Error for service API and SDK errors. Use runtime type assertions
// with awserr.Error's Code and Message methods to get detailed information about
// the error.
//
// See the AWS API reference guide for AWS Organizations's
// API operation DisablePolicyType for usage and error information.
//
// Returned Error Codes:
// * ErrCodeAccessDeniedException "AccessDeniedException"
// You don't have permissions to perform the requested operation. The user or
// role that is making the request must have at least one IAM permissions policy
// attached that grants the required permissions. For more information, see
// Access Management (http://docs.aws.amazon.com/IAM/latest/UserGuide/access.html)
// in the IAM User Guide.
//
// * ErrCodeAWSOrganizationsNotInUseException "AWSOrganizationsNotInUseException"
// Your account is not a member of an organization. To make this request, you
// must use the credentials of an account that belongs to an organization.
//
// * ErrCodeConcurrentModificationException "ConcurrentModificationException"
// The target of the operation is currently being modified by a different request.
// Try again later.
//
// * ErrCodeConstraintViolationException "ConstraintViolationException"
// Performing this operation violates a minimum or maximum value limit. For
// example, attempting to removing the last SCP from an OU or root, inviting
// or creating too many accounts to the organization, or attaching too many
// policies to an account, OU, or root. This exception includes a reason that
// contains additional information about the violated limit:
//
// Some of the reasons in the following list might not be applicable to this
// specific API or operation:
//
// ACCOUNT_NUMBER_LIMIT_EXCEEDED: You attempted to exceed the limit on the number
// of accounts in an organization. If you need more accounts, contact AWS Support
// to request an increase in your limit.
//
// Or, The number of invitations that you tried to send would cause you to exceed
// the limit of accounts in your organization. Send fewer invitations, or contact
// AWS Support to request an increase in the number of accounts.
//
// Note: deleted and closed accounts still count toward your limit.
//
// If you get an exception that indicates that you exceeded your account limits
// for the organization or that you can"t add an account because your organization
// is still initializing, please contact AWS Customer Support (https://console.aws.amazon.com/support/home#/).
//
// * HANDSHAKE_RATE_LIMIT_EXCEEDED: You attempted to exceed the number of
// handshakes you can send in one day.
//
// * OU_NUMBER_LIMIT_EXCEEDED: You attempted to exceed the number of organizational
// units you can have in an organization.
//
// * OU_DEPTH_LIMIT_EXCEEDED: You attempted to create an organizational unit
// tree that is too many levels deep.
//
// * POLICY_NUMBER_LIMIT_EXCEEDED. You attempted to exceed the number of
// policies that you can have in an organization.
//
// * MAX_POLICY_TYPE_ATTACHMENT_LIMIT_EXCEEDED: You attempted to exceed the
// number of policies of a certain type that can be attached to an entity
// at one time.
//
// * MIN_POLICY_TYPE_ATTACHMENT_LIMIT_EXCEEDED: You attempted to detach a
// policy from an entity that would cause the entity to have fewer than the
// minimum number of policies of a certain type required.
//
// * ACCOUNT_CANNOT_LEAVE_WITHOUT_EULA: You attempted to remove an account
// from the organization that does not yet have enough information to exist
// as a stand-alone account. This account requires you to first agree to
// the AWS Customer Agreement. Follow the steps at To leave an organization
// when all required account information has not yet been provided (http://docs.aws.amazon.com/organizations/latest/userguide/orgs_manage_accounts_remove.html#leave-without-all-info)
// in the AWS Organizations User Guide.
//
// * ACCOUNT_CANNOT_LEAVE_WITHOUT_PHONE_VERIFICATION: You attempted to remove
// an account from the organization that does not yet have enough information
// to exist as a stand-alone account. This account requires you to first
// complete phone verification. Follow the steps at To leave an organization
// when all required account information has not yet been provided (http://docs.aws.amazon.com/organizations/latest/userguide/orgs_manage_accounts_remove.html#leave-without-all-info)
// in the AWS Organizations User Guide.
//
// * MASTER_ACCOUNT_PAYMENT_INSTRUMENT_REQUIRED: To create an organization
// with this account, you first must associate a payment instrument, such
// as a credit card, with the account. Follow the steps at To leave an organization
// when all required account information has not yet been provided (http://docs.aws.amazon.com/organizations/latest/userguide/orgs_manage_accounts_remove.html#leave-without-all-info)
// in the AWS Organizations User Guide.
//
// * MEMBER_ACCOUNT_PAYMENT_INSTRUMENT_REQUIRED: To complete this operation
// with this member account, you first must associate a payment instrument,
// such as a credit card, with the account. Follow the steps at To leave
// an organization when all required account information has not yet been
// provided (http://docs.aws.amazon.com/organizations/latest/userguide/orgs_manage_accounts_remove.html#leave-without-all-info)
// in the AWS Organizations User Guide.
//
// * ACCOUNT_CREATION_RATE_LIMIT_EXCEEDED: You attempted to exceed the number
// of accounts that you can create in one day.
//
// * MASTER_ACCOUNT_ADDRESS_DOES_NOT_MATCH_MARKETPLACE: To create an account
// in this organization, you first must migrate the organization's master
// account to the marketplace that corresponds to the master account's address.
// For example, accounts with India addresses must be associated with the
// AISPL marketplace. All accounts in an organization must be associated
// with the same marketplace.
//
// * MASTER_ACCOUNT_MISSING_CONTACT_INFO: To complete this operation, you
// must first provide contact a valid address and phone number for the master
// account. Then try the operation again.
//
// * ErrCodeInvalidInputException "InvalidInputException"
// The requested operation failed because you provided invalid values for one
// or more of the request parameters. This exception includes a reason that
// contains additional information about the violated limit:
//
// Some of the reasons in the following list might not be applicable to this
// specific API or operation:
//
// * IMMUTABLE_POLICY: You specified a policy that is managed by AWS and
// cannot be modified.
//
// * INPUT_REQUIRED: You must include a value for all required parameters.
//
// * INVALID_ENUM: You specified a value that is not valid for that parameter.
//
// * INVALID_FULL_NAME_TARGET: You specified a full name that contains invalid
// characters.
//
// * INVALID_LIST_MEMBER: You provided a list to a parameter that contains
// at least one invalid value.
//
// * INVALID_PARTY_TYPE_TARGET: You specified the wrong type of entity (account,
// organization, or email) as a party.
//
// * INVALID_PAGINATION_TOKEN: Get the value for the NextToken parameter
// from the response to a previous call of the operation.
//
// * INVALID_PATTERN: You provided a value that doesn't match the required
// pattern.
//
// * INVALID_PATTERN_TARGET_ID: You specified a policy target ID that doesn't
// match the required pattern.
//
// * INVALID_ROLE_NAME: You provided a role name that is not valid. A role
// name can’t begin with the reserved prefix 'AWSServiceRoleFor'.
//
// * INVALID_SYNTAX_ORGANIZATION_ARN: You specified an invalid ARN for the
// organization.
//
// * INVALID_SYNTAX_POLICY_ID: You specified an invalid policy ID.
//
// * MAX_FILTER_LIMIT_EXCEEDED: You can specify only one filter parameter
// for the operation.
//
// * MAX_LENGTH_EXCEEDED: You provided a string parameter that is longer
// than allowed.
//
// * MAX_VALUE_EXCEEDED: You provided a numeric parameter that has a larger
// value than allowed.
//
// * MIN_LENGTH_EXCEEDED: You provided a string parameter that is shorter
// than allowed.
//
// * MIN_VALUE_EXCEEDED: You provided a numeric parameter that has a smaller
// value than allowed.
//
// * MOVING_ACCOUNT_BETWEEN_DIFFERENT_ROOTS: You can move an account only
// between entities in the same root.
//
// * ErrCodePolicyTypeNotEnabledException "PolicyTypeNotEnabledException"
// The specified policy type is not currently enabled in this root. You cannot
// attach policies of the specified type to entities in a root until you enable
// that type in the root. For more information, see Enabling All Features in
// Your Organization (http://docs.aws.amazon.com/organizations/latest/userguide/orgs_manage_org_support-all-features.html)
// in the AWS Organizations User Guide.
//
// * ErrCodeRootNotFoundException "RootNotFoundException"
// We can't find a root with the RootId that you specified.
//
// * ErrCodeServiceException "ServiceException"
// AWS Organizations can't complete your request because of an internal service
// error. Try again later.
//
// * ErrCodeTooManyRequestsException "TooManyRequestsException"
// You've sent too many requests in too short a period of time. The limit helps
// protect against denial-of-service attacks. Try again later.
//
// See also, https://docs.aws.amazon.com/goto/WebAPI/organizations-2016-11-28/DisablePolicyType
func (c *Organizations) DisablePolicyType(input *DisablePolicyTypeInput) (*DisablePolicyTypeOutput, error) {
req, out := c.DisablePolicyTypeRequest(input)
return out, req.Send()
}
// DisablePolicyTypeWithContext is the same as DisablePolicyType with the addition of
// the ability to pass a context and additional request options.
//
// See DisablePolicyType for details on how to use this API operation.
//
// The context must be non-nil and will be used for request cancellation. If
// the context is nil a panic will occur. In the future the SDK may create
// sub-contexts for http.Requests. See https://golang.org/pkg/context/
// for more information on using Contexts.
func (c *Organizations) DisablePolicyTypeWithContext(ctx aws.Context, input *DisablePolicyTypeInput, opts ...request.Option) (*DisablePolicyTypeOutput, error) {
req, out := c.DisablePolicyTypeRequest(input)
req.SetContext(ctx)
req.ApplyOptions(opts...)
return out, req.Send()
}
const opEnableAWSServiceAccess = "EnableAWSServiceAccess"
// EnableAWSServiceAccessRequest generates a "aws/request.Request" representing the
// client's request for the EnableAWSServiceAccess operation. The "output" return
// value will be populated with the request's response once the request completes
// successfuly.
//
// Use "Send" method on the returned Request to send the API call to the service.
// the "output" return value is not valid until after Send returns without error.
//
// See EnableAWSServiceAccess for more information on using the EnableAWSServiceAccess
// API call, and error handling.
//
// This method is useful when you want to inject custom logic or configuration
// into the SDK's request lifecycle. Such as custom headers, or retry logic.
//
//
// // Example sending a request using the EnableAWSServiceAccessRequest method.
// req, resp := client.EnableAWSServiceAccessRequest(params)
//
// err := req.Send()
// if err == nil { // resp is now filled
// fmt.Println(resp)
// }
//
// See also, https://docs.aws.amazon.com/goto/WebAPI/organizations-2016-11-28/EnableAWSServiceAccess
func (c *Organizations) EnableAWSServiceAccessRequest(input *EnableAWSServiceAccessInput) (req *request.Request, output *EnableAWSServiceAccessOutput) {
op := &request.Operation{
Name: opEnableAWSServiceAccess,
HTTPMethod: "POST",
HTTPPath: "/",
}
if input == nil {
input = &EnableAWSServiceAccessInput{}
}
output = &EnableAWSServiceAccessOutput{}
req = c.newRequest(op, input, output)
req.Handlers.Unmarshal.Remove(jsonrpc.UnmarshalHandler)
req.Handlers.Unmarshal.PushBackNamed(protocol.UnmarshalDiscardBodyHandler)
return
}
// EnableAWSServiceAccess API operation for AWS Organizations.
//
// Enables the integration of an AWS service (the service that is specified
// by ServicePrincipal) with AWS Organizations. When you enable integration,
// you allow the specified service to create a service-linked role (http://docs.aws.amazon.com/IAM/latest/UserGuide/using-service-linked-roles.html)
// in all the accounts in your organization. This allows the service to perform
// operations on your behalf in your organization and its accounts.
//
// We recommend that you enable integration between AWS Organizations and the
// specified AWS service by using the console or commands that are provided
// by the specified service. Doing so ensures that the service is aware that
// it can create the resources that are required for the integration. How the
// service creates those resources in the organization's accounts depends on
// that service. For more information, see the documentation for the other AWS
// service.
//
// For more information about enabling services to integrate with AWS Organizations,
// see Integrating AWS Organizations with Other AWS Services (http://docs.aws.amazon.com/organizations/latest/userguide/orgs_integrate_services.html)
// in the AWS Organizations User Guide.
//
// This operation can be called only from the organization's master account
// and only if the organization has enabled all features (http://docs.aws.amazon.com/organizations/latest/userguide/orgs_manage_org_support-all-features.html).
//
// Returns awserr.Error for service API and SDK errors. Use runtime type assertions
// with awserr.Error's Code and Message methods to get detailed information about
// the error.
//
// See the AWS API reference guide for AWS Organizations's
// API operation EnableAWSServiceAccess for usage and error information.
//
// Returned Error Codes:
// * ErrCodeAccessDeniedException "AccessDeniedException"
// You don't have permissions to perform the requested operation. The user or
// role that is making the request must have at least one IAM permissions policy
// attached that grants the required permissions. For more information, see
// Access Management (http://docs.aws.amazon.com/IAM/latest/UserGuide/access.html)
// in the IAM User Guide.
//
// * ErrCodeAWSOrganizationsNotInUseException "AWSOrganizationsNotInUseException"
// Your account is not a member of an organization. To make this request, you
// must use the credentials of an account that belongs to an organization.
//
// * ErrCodeConcurrentModificationException "ConcurrentModificationException"
// The target of the operation is currently being modified by a different request.
// Try again later.
//
// * ErrCodeConstraintViolationException "ConstraintViolationException"
// Performing this operation violates a minimum or maximum value limit. For
// example, attempting to removing the last SCP from an OU or root, inviting
// or creating too many accounts to the organization, or attaching too many
// policies to an account, OU, or root. This exception includes a reason that
// contains additional information about the violated limit:
//
// Some of the reasons in the following list might not be applicable to this
// specific API or operation:
//
// ACCOUNT_NUMBER_LIMIT_EXCEEDED: You attempted to exceed the limit on the number
// of accounts in an organization. If you need more accounts, contact AWS Support
// to request an increase in your limit.
//
// Or, The number of invitations that you tried to send would cause you to exceed
// the limit of accounts in your organization. Send fewer invitations, or contact
// AWS Support to request an increase in the number of accounts.
//
// Note: deleted and closed accounts still count toward your limit.
//
// If you get an exception that indicates that you exceeded your account limits
// for the organization or that you can"t add an account because your organization
// is still initializing, please contact AWS Customer Support (https://console.aws.amazon.com/support/home#/).
//
// * HANDSHAKE_RATE_LIMIT_EXCEEDED: You attempted to exceed the number of
// handshakes you can send in one day.
//
// * OU_NUMBER_LIMIT_EXCEEDED: You attempted to exceed the number of organizational
// units you can have in an organization.
//
// * OU_DEPTH_LIMIT_EXCEEDED: You attempted to create an organizational unit
// tree that is too many levels deep.
//
// * POLICY_NUMBER_LIMIT_EXCEEDED. You attempted to exceed the number of
// policies that you can have in an organization.
//
// * MAX_POLICY_TYPE_ATTACHMENT_LIMIT_EXCEEDED: You attempted to exceed the
// number of policies of a certain type that can be attached to an entity
// at one time.
//
// * MIN_POLICY_TYPE_ATTACHMENT_LIMIT_EXCEEDED: You attempted to detach a
// policy from an entity that would cause the entity to have fewer than the
// minimum number of policies of a certain type required.
//
// * ACCOUNT_CANNOT_LEAVE_WITHOUT_EULA: You attempted to remove an account
// from the organization that does not yet have enough information to exist
// as a stand-alone account. This account requires you to first agree to
// the AWS Customer Agreement. Follow the steps at To leave an organization
// when all required account information has not yet been provided (http://docs.aws.amazon.com/organizations/latest/userguide/orgs_manage_accounts_remove.html#leave-without-all-info)
// in the AWS Organizations User Guide.
//
// * ACCOUNT_CANNOT_LEAVE_WITHOUT_PHONE_VERIFICATION: You attempted to remove
// an account from the organization that does not yet have enough information
// to exist as a stand-alone account. This account requires you to first
// complete phone verification. Follow the steps at To leave an organization
// when all required account information has not yet been provided (http://docs.aws.amazon.com/organizations/latest/userguide/orgs_manage_accounts_remove.html#leave-without-all-info)
// in the AWS Organizations User Guide.
//
// * MASTER_ACCOUNT_PAYMENT_INSTRUMENT_REQUIRED: To create an organization
// with this account, you first must associate a payment instrument, such
// as a credit card, with the account. Follow the steps at To leave an organization
// when all required account information has not yet been provided (http://docs.aws.amazon.com/organizations/latest/userguide/orgs_manage_accounts_remove.html#leave-without-all-info)
// in the AWS Organizations User Guide.
//
// * MEMBER_ACCOUNT_PAYMENT_INSTRUMENT_REQUIRED: To complete this operation
// with this member account, you first must associate a payment instrument,
// such as a credit card, with the account. Follow the steps at To leave
// an organization when all required account information has not yet been
// provided (http://docs.aws.amazon.com/organizations/latest/userguide/orgs_manage_accounts_remove.html#leave-without-all-info)
// in the AWS Organizations User Guide.
//
// * ACCOUNT_CREATION_RATE_LIMIT_EXCEEDED: You attempted to exceed the number
// of accounts that you can create in one day.
//
// * MASTER_ACCOUNT_ADDRESS_DOES_NOT_MATCH_MARKETPLACE: To create an account
// in this organization, you first must migrate the organization's master
// account to the marketplace that corresponds to the master account's address.
// For example, accounts with India addresses must be associated with the
// AISPL marketplace. All accounts in an organization must be associated
// with the same marketplace.
//
// * MASTER_ACCOUNT_MISSING_CONTACT_INFO: To complete this operation, you
// must first provide contact a valid address and phone number for the master
// account. Then try the operation again.
//
// * ErrCodeInvalidInputException "InvalidInputException"
// The requested operation failed because you provided invalid values for one
// or more of the request parameters. This exception includes a reason that
// contains additional information about the violated limit:
//
// Some of the reasons in the following list might not be applicable to this
// specific API or operation:
//
// * IMMUTABLE_POLICY: You specified a policy that is managed by AWS and
// cannot be modified.
//
// * INPUT_REQUIRED: You must include a value for all required parameters.
//
// * INVALID_ENUM: You specified a value that is not valid for that parameter.
//
// * INVALID_FULL_NAME_TARGET: You specified a full name that contains invalid
// characters.
//
// * INVALID_LIST_MEMBER: You provided a list to a parameter that contains
// at least one invalid value.
//
// * INVALID_PARTY_TYPE_TARGET: You specified the wrong type of entity (account,
// organization, or email) as a party.
//
// * INVALID_PAGINATION_TOKEN: Get the value for the NextToken parameter
// from the response to a previous call of the operation.
//
// * INVALID_PATTERN: You provided a value that doesn't match the required
// pattern.
//
// * INVALID_PATTERN_TARGET_ID: You specified a policy target ID that doesn't
// match the required pattern.
//
// * INVALID_ROLE_NAME: You provided a role name that is not valid. A role
// name can’t begin with the reserved prefix 'AWSServiceRoleFor'.
//
// * INVALID_SYNTAX_ORGANIZATION_ARN: You specified an invalid ARN for the
// organization.
//
// * INVALID_SYNTAX_POLICY_ID: You specified an invalid policy ID.
//
// * MAX_FILTER_LIMIT_EXCEEDED: You can specify only one filter parameter
// for the operation.
//
// * MAX_LENGTH_EXCEEDED: You provided a string parameter that is longer
// than allowed.
//
// * MAX_VALUE_EXCEEDED: You provided a numeric parameter that has a larger
// value than allowed.
//
// * MIN_LENGTH_EXCEEDED: You provided a string parameter that is shorter
// than allowed.
//
// * MIN_VALUE_EXCEEDED: You provided a numeric parameter that has a smaller
// value than allowed.
//
// * MOVING_ACCOUNT_BETWEEN_DIFFERENT_ROOTS: You can move an account only
// between entities in the same root.
//
// * ErrCodeServiceException "ServiceException"
// AWS Organizations can't complete your request because of an internal service
// error. Try again later.
//
// * ErrCodeTooManyRequestsException "TooManyRequestsException"
// You've sent too many requests in too short a period of time. The limit helps
// protect against denial-of-service attacks. Try again later.
//
// See also, https://docs.aws.amazon.com/goto/WebAPI/organizations-2016-11-28/EnableAWSServiceAccess
func (c *Organizations) EnableAWSServiceAccess(input *EnableAWSServiceAccessInput) (*EnableAWSServiceAccessOutput, error) {
req, out := c.EnableAWSServiceAccessRequest(input)
return out, req.Send()
}
// EnableAWSServiceAccessWithContext is the same as EnableAWSServiceAccess with the addition of
// the ability to pass a context and additional request options.
//
// See EnableAWSServiceAccess for details on how to use this API operation.
//
// The context must be non-nil and will be used for request cancellation. If
// the context is nil a panic will occur. In the future the SDK may create
// sub-contexts for http.Requests. See https://golang.org/pkg/context/
// for more information on using Contexts.
func (c *Organizations) EnableAWSServiceAccessWithContext(ctx aws.Context, input *EnableAWSServiceAccessInput, opts ...request.Option) (*EnableAWSServiceAccessOutput, error) {
req, out := c.EnableAWSServiceAccessRequest(input)
req.SetContext(ctx)
req.ApplyOptions(opts...)
return out, req.Send()
}
const opEnableAllFeatures = "EnableAllFeatures"
// EnableAllFeaturesRequest generates a "aws/request.Request" representing the
// client's request for the EnableAllFeatures operation. The "output" return
// value will be populated with the request's response once the request completes
// successfuly.
//
// Use "Send" method on the returned Request to send the API call to the service.
// the "output" return value is not valid until after Send returns without error.
//
// See EnableAllFeatures for more information on using the EnableAllFeatures
// API call, and error handling.
//
// This method is useful when you want to inject custom logic or configuration
// into the SDK's request lifecycle. Such as custom headers, or retry logic.
//
//
// // Example sending a request using the EnableAllFeaturesRequest method.
// req, resp := client.EnableAllFeaturesRequest(params)
//
// err := req.Send()
// if err == nil { // resp is now filled
// fmt.Println(resp)
// }
//
// See also, https://docs.aws.amazon.com/goto/WebAPI/organizations-2016-11-28/EnableAllFeatures
func (c *Organizations) EnableAllFeaturesRequest(input *EnableAllFeaturesInput) (req *request.Request, output *EnableAllFeaturesOutput) {
op := &request.Operation{
Name: opEnableAllFeatures,
HTTPMethod: "POST",
HTTPPath: "/",
}
if input == nil {
input = &EnableAllFeaturesInput{}
}
output = &EnableAllFeaturesOutput{}
req = c.newRequest(op, input, output)
return
}
// EnableAllFeatures API operation for AWS Organizations.
//
// Enables all features in an organization. This enables the use of organization
// policies that can restrict the services and actions that can be called in
// each account. Until you enable all features, you have access only to consolidated
// billing, and you can't use any of the advanced account administration features
// that AWS Organizations supports. For more information, see Enabling All Features
// in Your Organization (http://docs.aws.amazon.com/organizations/latest/userguide/orgs_manage_org_support-all-features.html)
// in the AWS Organizations User Guide.
//
// This operation is required only for organizations that were created explicitly
// with only the consolidated billing features enabled, or that were migrated
// from a Consolidated Billing account family to Organizations. Calling this
// operation sends a handshake to every invited account in the organization.
// The feature set change can be finalized and the additional features enabled
// only after all administrators in the invited accounts approve the change
// by accepting the handshake.
//
// After you enable all features, you can separately enable or disable individual
// policy types in a root using EnablePolicyType and DisablePolicyType. To see
// the status of policy types in a root, use ListRoots.
//
// After all invited member accounts accept the handshake, you finalize the
// feature set change by accepting the handshake that contains "Action": "ENABLE_ALL_FEATURES".
// This completes the change.
//
// After you enable all features in your organization, the master account in
// the organization can apply policies on all member accounts. These policies
// can restrict what users and even administrators in those accounts can do.
// The master account can apply policies that prevent accounts from leaving
// the organization. Ensure that your account administrators are aware of this.
//
// This operation can be called only from the organization's master account.
//
// Returns awserr.Error for service API and SDK errors. Use runtime type assertions
// with awserr.Error's Code and Message methods to get detailed information about
// the error.
//
// See the AWS API reference guide for AWS Organizations's
// API operation EnableAllFeatures for usage and error information.
//
// Returned Error Codes:
// * ErrCodeAccessDeniedException "AccessDeniedException"
// You don't have permissions to perform the requested operation. The user or
// role that is making the request must have at least one IAM permissions policy
// attached that grants the required permissions. For more information, see
// Access Management (http://docs.aws.amazon.com/IAM/latest/UserGuide/access.html)
// in the IAM User Guide.
//
// * ErrCodeAWSOrganizationsNotInUseException "AWSOrganizationsNotInUseException"
// Your account is not a member of an organization. To make this request, you
// must use the credentials of an account that belongs to an organization.
//
// * ErrCodeConcurrentModificationException "ConcurrentModificationException"
// The target of the operation is currently being modified by a different request.
// Try again later.
//
// * ErrCodeHandshakeConstraintViolationException "HandshakeConstraintViolationException"
// The requested operation would violate the constraint identified in the reason
// code.
//
// Some of the reasons in the following list might not be applicable to this
// specific API or operation:
//
// * ACCOUNT_NUMBER_LIMIT_EXCEEDED: You attempted to exceed the limit on
// the number of accounts in an organization. Note: deleted and closed accounts
// still count toward your limit.
//
// If you get an exception that indicates that you exceeded your account limits
// for the organization or that you can"t add an account because your organization
// is still initializing, please contact AWS Customer Support (https://console.aws.amazon.com/support/home#/).
//
// * HANDSHAKE_RATE_LIMIT_EXCEEDED: You attempted to exceed the number of
// handshakes you can send in one day.
//
// * ALREADY_IN_AN_ORGANIZATION: The handshake request is invalid because
// the invited account is already a member of an organization.
//
// * ORGANIZATION_ALREADY_HAS_ALL_FEATURES: The handshake request is invalid
// because the organization has already enabled all features.
//
// * INVITE_DISABLED_DURING_ENABLE_ALL_FEATURES: You cannot issue new invitations
// to join an organization while it is in the process of enabling all features.
// You can resume inviting accounts after you finalize the process when all
// accounts have agreed to the change.
//
// * PAYMENT_INSTRUMENT_REQUIRED: You cannot complete the operation with
// an account that does not have a payment instrument, such as a credit card,
// associated with it.
//
// * ORGANIZATION_FROM_DIFFERENT_SELLER_OF_RECORD: The request failed because
// the account is from a different marketplace than the accounts in the organization.
// For example, accounts with India addresses must be associated with the
// AISPL marketplace. All accounts in an organization must be from the same
// marketplace.
//
// * ORGANIZATION_MEMBERSHIP_CHANGE_RATE_LIMIT_EXCEEDED: You attempted to
// change the membership of an account too quickly after its previous change.
//
// * ErrCodeInvalidInputException "InvalidInputException"
// The requested operation failed because you provided invalid values for one
// or more of the request parameters. This exception includes a reason that
// contains additional information about the violated limit:
//
// Some of the reasons in the following list might not be applicable to this
// specific API or operation:
//
// * IMMUTABLE_POLICY: You specified a policy that is managed by AWS and
// cannot be modified.
//
// * INPUT_REQUIRED: You must include a value for all required parameters.
//
// * INVALID_ENUM: You specified a value that is not valid for that parameter.
//
// * INVALID_FULL_NAME_TARGET: You specified a full name that contains invalid
// characters.
//
// * INVALID_LIST_MEMBER: You provided a list to a parameter that contains
// at least one invalid value.
//
// * INVALID_PARTY_TYPE_TARGET: You specified the wrong type of entity (account,
// organization, or email) as a party.
//
// * INVALID_PAGINATION_TOKEN: Get the value for the NextToken parameter
// from the response to a previous call of the operation.
//
// * INVALID_PATTERN: You provided a value that doesn't match the required
// pattern.
//
// * INVALID_PATTERN_TARGET_ID: You specified a policy target ID that doesn't
// match the required pattern.
//
// * INVALID_ROLE_NAME: You provided a role name that is not valid. A role
// name can’t begin with the reserved prefix 'AWSServiceRoleFor'.
//
// * INVALID_SYNTAX_ORGANIZATION_ARN: You specified an invalid ARN for the
// organization.
//
// * INVALID_SYNTAX_POLICY_ID: You specified an invalid policy ID.
//
// * MAX_FILTER_LIMIT_EXCEEDED: You can specify only one filter parameter
// for the operation.
//
// * MAX_LENGTH_EXCEEDED: You provided a string parameter that is longer
// than allowed.
//
// * MAX_VALUE_EXCEEDED: You provided a numeric parameter that has a larger
// value than allowed.
//
// * MIN_LENGTH_EXCEEDED: You provided a string parameter that is shorter
// than allowed.
//
// * MIN_VALUE_EXCEEDED: You provided a numeric parameter that has a smaller
// value than allowed.
//
// * MOVING_ACCOUNT_BETWEEN_DIFFERENT_ROOTS: You can move an account only
// between entities in the same root.
//
// * ErrCodeServiceException "ServiceException"
// AWS Organizations can't complete your request because of an internal service
// error. Try again later.
//
// * ErrCodeTooManyRequestsException "TooManyRequestsException"
// You've sent too many requests in too short a period of time. The limit helps
// protect against denial-of-service attacks. Try again later.
//
// See also, https://docs.aws.amazon.com/goto/WebAPI/organizations-2016-11-28/EnableAllFeatures
func (c *Organizations) EnableAllFeatures(input *EnableAllFeaturesInput) (*EnableAllFeaturesOutput, error) {
req, out := c.EnableAllFeaturesRequest(input)
return out, req.Send()
}
// EnableAllFeaturesWithContext is the same as EnableAllFeatures with the addition of
// the ability to pass a context and additional request options.
//
// See EnableAllFeatures for details on how to use this API operation.
//
// The context must be non-nil and will be used for request cancellation. If
// the context is nil a panic will occur. In the future the SDK may create
// sub-contexts for http.Requests. See https://golang.org/pkg/context/
// for more information on using Contexts.
func (c *Organizations) EnableAllFeaturesWithContext(ctx aws.Context, input *EnableAllFeaturesInput, opts ...request.Option) (*EnableAllFeaturesOutput, error) {
req, out := c.EnableAllFeaturesRequest(input)
req.SetContext(ctx)
req.ApplyOptions(opts...)
return out, req.Send()
}
const opEnablePolicyType = "EnablePolicyType"
// EnablePolicyTypeRequest generates a "aws/request.Request" representing the
// client's request for the EnablePolicyType operation. The "output" return
// value will be populated with the request's response once the request completes
// successfuly.
//
// Use "Send" method on the returned Request to send the API call to the service.
// the "output" return value is not valid until after Send returns without error.
//
// See EnablePolicyType for more information on using the EnablePolicyType
// API call, and error handling.
//
// This method is useful when you want to inject custom logic or configuration
// into the SDK's request lifecycle. Such as custom headers, or retry logic.
//
//
// // Example sending a request using the EnablePolicyTypeRequest method.
// req, resp := client.EnablePolicyTypeRequest(params)
//
// err := req.Send()
// if err == nil { // resp is now filled
// fmt.Println(resp)
// }
//
// See also, https://docs.aws.amazon.com/goto/WebAPI/organizations-2016-11-28/EnablePolicyType
func (c *Organizations) EnablePolicyTypeRequest(input *EnablePolicyTypeInput) (req *request.Request, output *EnablePolicyTypeOutput) {
op := &request.Operation{
Name: opEnablePolicyType,
HTTPMethod: "POST",
HTTPPath: "/",
}
if input == nil {
input = &EnablePolicyTypeInput{}
}
output = &EnablePolicyTypeOutput{}
req = c.newRequest(op, input, output)
return
}
// EnablePolicyType API operation for AWS Organizations.
//
// Enables a policy type in a root. After you enable a policy type in a root,
// you can attach policies of that type to the root, any OU, or account in that
// root. You can undo this by using the DisablePolicyType operation.
//
// This operation can be called only from the organization's master account.
//
// You can enable a policy type in a root only if that policy type is available
// in the organization. Use DescribeOrganization to view the status of available
// policy types in the organization.
//
// To view the status of policy type in a root, use ListRoots.
//
// Returns awserr.Error for service API and SDK errors. Use runtime type assertions
// with awserr.Error's Code and Message methods to get detailed information about
// the error.
//
// See the AWS API reference guide for AWS Organizations's
// API operation EnablePolicyType for usage and error information.
//
// Returned Error Codes:
// * ErrCodeAccessDeniedException "AccessDeniedException"
// You don't have permissions to perform the requested operation. The user or
// role that is making the request must have at least one IAM permissions policy
// attached that grants the required permissions. For more information, see
// Access Management (http://docs.aws.amazon.com/IAM/latest/UserGuide/access.html)
// in the IAM User Guide.
//
// * ErrCodeAWSOrganizationsNotInUseException "AWSOrganizationsNotInUseException"
// Your account is not a member of an organization. To make this request, you
// must use the credentials of an account that belongs to an organization.
//
// * ErrCodeConcurrentModificationException "ConcurrentModificationException"
// The target of the operation is currently being modified by a different request.
// Try again later.
//
// * ErrCodeConstraintViolationException "ConstraintViolationException"
// Performing this operation violates a minimum or maximum value limit. For
// example, attempting to removing the last SCP from an OU or root, inviting
// or creating too many accounts to the organization, or attaching too many
// policies to an account, OU, or root. This exception includes a reason that
// contains additional information about the violated limit:
//
// Some of the reasons in the following list might not be applicable to this
// specific API or operation:
//
// ACCOUNT_NUMBER_LIMIT_EXCEEDED: You attempted to exceed the limit on the number
// of accounts in an organization. If you need more accounts, contact AWS Support
// to request an increase in your limit.
//
// Or, The number of invitations that you tried to send would cause you to exceed
// the limit of accounts in your organization. Send fewer invitations, or contact
// AWS Support to request an increase in the number of accounts.
//
// Note: deleted and closed accounts still count toward your limit.
//
// If you get an exception that indicates that you exceeded your account limits
// for the organization or that you can"t add an account because your organization
// is still initializing, please contact AWS Customer Support (https://console.aws.amazon.com/support/home#/).
//
// * HANDSHAKE_RATE_LIMIT_EXCEEDED: You attempted to exceed the number of
// handshakes you can send in one day.
//
// * OU_NUMBER_LIMIT_EXCEEDED: You attempted to exceed the number of organizational
// units you can have in an organization.
//
// * OU_DEPTH_LIMIT_EXCEEDED: You attempted to create an organizational unit
// tree that is too many levels deep.
//
// * POLICY_NUMBER_LIMIT_EXCEEDED. You attempted to exceed the number of
// policies that you can have in an organization.
//
// * MAX_POLICY_TYPE_ATTACHMENT_LIMIT_EXCEEDED: You attempted to exceed the
// number of policies of a certain type that can be attached to an entity
// at one time.
//
// * MIN_POLICY_TYPE_ATTACHMENT_LIMIT_EXCEEDED: You attempted to detach a
// policy from an entity that would cause the entity to have fewer than the
// minimum number of policies of a certain type required.
//
// * ACCOUNT_CANNOT_LEAVE_WITHOUT_EULA: You attempted to remove an account
// from the organization that does not yet have enough information to exist
// as a stand-alone account. This account requires you to first agree to
// the AWS Customer Agreement. Follow the steps at To leave an organization
// when all required account information has not yet been provided (http://docs.aws.amazon.com/organizations/latest/userguide/orgs_manage_accounts_remove.html#leave-without-all-info)
// in the AWS Organizations User Guide.
//
// * ACCOUNT_CANNOT_LEAVE_WITHOUT_PHONE_VERIFICATION: You attempted to remove
// an account from the organization that does not yet have enough information
// to exist as a stand-alone account. This account requires you to first
// complete phone verification. Follow the steps at To leave an organization
// when all required account information has not yet been provided (http://docs.aws.amazon.com/organizations/latest/userguide/orgs_manage_accounts_remove.html#leave-without-all-info)
// in the AWS Organizations User Guide.
//
// * MASTER_ACCOUNT_PAYMENT_INSTRUMENT_REQUIRED: To create an organization
// with this account, you first must associate a payment instrument, such
// as a credit card, with the account. Follow the steps at To leave an organization
// when all required account information has not yet been provided (http://docs.aws.amazon.com/organizations/latest/userguide/orgs_manage_accounts_remove.html#leave-without-all-info)
// in the AWS Organizations User Guide.
//
// * MEMBER_ACCOUNT_PAYMENT_INSTRUMENT_REQUIRED: To complete this operation
// with this member account, you first must associate a payment instrument,
// such as a credit card, with the account. Follow the steps at To leave
// an organization when all required account information has not yet been
// provided (http://docs.aws.amazon.com/organizations/latest/userguide/orgs_manage_accounts_remove.html#leave-without-all-info)
// in the AWS Organizations User Guide.
//
// * ACCOUNT_CREATION_RATE_LIMIT_EXCEEDED: You attempted to exceed the number
// of accounts that you can create in one day.
//
// * MASTER_ACCOUNT_ADDRESS_DOES_NOT_MATCH_MARKETPLACE: To create an account
// in this organization, you first must migrate the organization's master
// account to the marketplace that corresponds to the master account's address.
// For example, accounts with India addresses must be associated with the
// AISPL marketplace. All accounts in an organization must be associated
// with the same marketplace.
//
// * MASTER_ACCOUNT_MISSING_CONTACT_INFO: To complete this operation, you
// must first provide contact a valid address and phone number for the master
// account. Then try the operation again.
//
// * ErrCodeInvalidInputException "InvalidInputException"
// The requested operation failed because you provided invalid values for one
// or more of the request parameters. This exception includes a reason that
// contains additional information about the violated limit:
//
// Some of the reasons in the following list might not be applicable to this
// specific API or operation:
//
// * IMMUTABLE_POLICY: You specified a policy that is managed by AWS and
// cannot be modified.
//
// * INPUT_REQUIRED: You must include a value for all required parameters.
//
// * INVALID_ENUM: You specified a value that is not valid for that parameter.
//
// * INVALID_FULL_NAME_TARGET: You specified a full name that contains invalid
// characters.
//
// * INVALID_LIST_MEMBER: You provided a list to a parameter that contains
// at least one invalid value.
//
// * INVALID_PARTY_TYPE_TARGET: You specified the wrong type of entity (account,
// organization, or email) as a party.
//
// * INVALID_PAGINATION_TOKEN: Get the value for the NextToken parameter
// from the response to a previous call of the operation.
//
// * INVALID_PATTERN: You provided a value that doesn't match the required
// pattern.
//
// * INVALID_PATTERN_TARGET_ID: You specified a policy target ID that doesn't
// match the required pattern.
//
// * INVALID_ROLE_NAME: You provided a role name that is not valid. A role
// name can’t begin with the reserved prefix 'AWSServiceRoleFor'.
//
// * INVALID_SYNTAX_ORGANIZATION_ARN: You specified an invalid ARN for the
// organization.
//
// * INVALID_SYNTAX_POLICY_ID: You specified an invalid policy ID.
//
// * MAX_FILTER_LIMIT_EXCEEDED: You can specify only one filter parameter
// for the operation.
//
// * MAX_LENGTH_EXCEEDED: You provided a string parameter that is longer
// than allowed.
//
// * MAX_VALUE_EXCEEDED: You provided a numeric parameter that has a larger
// value than allowed.
//
// * MIN_LENGTH_EXCEEDED: You provided a string parameter that is shorter
// than allowed.
//
// * MIN_VALUE_EXCEEDED: You provided a numeric parameter that has a smaller
// value than allowed.
//
// * MOVING_ACCOUNT_BETWEEN_DIFFERENT_ROOTS: You can move an account only
// between entities in the same root.
//
// * ErrCodePolicyTypeAlreadyEnabledException "PolicyTypeAlreadyEnabledException"
// The specified policy type is already enabled in the specified root.
//
// * ErrCodeRootNotFoundException "RootNotFoundException"
// We can't find a root with the RootId that you specified.
//
// * ErrCodeServiceException "ServiceException"
// AWS Organizations can't complete your request because of an internal service
// error. Try again later.
//
// * ErrCodeTooManyRequestsException "TooManyRequestsException"
// You've sent too many requests in too short a period of time. The limit helps
// protect against denial-of-service attacks. Try again later.
//
// * ErrCodePolicyTypeNotAvailableForOrganizationException "PolicyTypeNotAvailableForOrganizationException"
// You can't use the specified policy type with the feature set currently enabled
// for this organization. For example, you can enable service control policies
// (SCPs) only after you enable all features in the organization. For more information,
// see Enabling and Disabling a Policy Type on a Root (http://docs.aws.amazon.com/organizations/latest/userguide/orgs_manage_policies.html#enable_policies_on_root)
// in the AWS Organizations User Guide.
//
// See also, https://docs.aws.amazon.com/goto/WebAPI/organizations-2016-11-28/EnablePolicyType
func (c *Organizations) EnablePolicyType(input *EnablePolicyTypeInput) (*EnablePolicyTypeOutput, error) {
req, out := c.EnablePolicyTypeRequest(input)
return out, req.Send()
}
// EnablePolicyTypeWithContext is the same as EnablePolicyType with the addition of
// the ability to pass a context and additional request options.
//
// See EnablePolicyType for details on how to use this API operation.
//
// The context must be non-nil and will be used for request cancellation. If
// the context is nil a panic will occur. In the future the SDK may create
// sub-contexts for http.Requests. See https://golang.org/pkg/context/
// for more information on using Contexts.
func (c *Organizations) EnablePolicyTypeWithContext(ctx aws.Context, input *EnablePolicyTypeInput, opts ...request.Option) (*EnablePolicyTypeOutput, error) {
req, out := c.EnablePolicyTypeRequest(input)
req.SetContext(ctx)
req.ApplyOptions(opts...)
return out, req.Send()
}
const opInviteAccountToOrganization = "InviteAccountToOrganization"
// InviteAccountToOrganizationRequest generates a "aws/request.Request" representing the
// client's request for the InviteAccountToOrganization operation. The "output" return
// value will be populated with the request's response once the request completes
// successfuly.
//
// Use "Send" method on the returned Request to send the API call to the service.
// the "output" return value is not valid until after Send returns without error.
//
// See InviteAccountToOrganization for more information on using the InviteAccountToOrganization
// API call, and error handling.
//
// This method is useful when you want to inject custom logic or configuration
// into the SDK's request lifecycle. Such as custom headers, or retry logic.
//
//
// // Example sending a request using the InviteAccountToOrganizationRequest method.
// req, resp := client.InviteAccountToOrganizationRequest(params)
//
// err := req.Send()
// if err == nil { // resp is now filled
// fmt.Println(resp)
// }
//
// See also, https://docs.aws.amazon.com/goto/WebAPI/organizations-2016-11-28/InviteAccountToOrganization
func (c *Organizations) InviteAccountToOrganizationRequest(input *InviteAccountToOrganizationInput) (req *request.Request, output *InviteAccountToOrganizationOutput) {
op := &request.Operation{
Name: opInviteAccountToOrganization,
HTTPMethod: "POST",
HTTPPath: "/",
}
if input == nil {
input = &InviteAccountToOrganizationInput{}
}
output = &InviteAccountToOrganizationOutput{}
req = c.newRequest(op, input, output)
return
}
// InviteAccountToOrganization API operation for AWS Organizations.
//
// Sends an invitation to another account to join your organization as a member
// account. Organizations sends email on your behalf to the email address that
// is associated with the other account's owner. The invitation is implemented
// as a Handshake whose details are in the response.
//
// You can invite AWS accounts only from the same seller as the master account.
// For example, if your organization's master account was created by Amazon
// Internet Services Pvt. Ltd (AISPL), an AWS seller in India, then you can
// only invite other AISPL accounts to your organization. You can't combine
// accounts from AISPL and AWS, or any other AWS seller. For more information,
// see Consolidated Billing in India (http://docs.aws.amazon.com/awsaccountbilling/latest/aboutv2/useconsolidatedbilliing-India.html).
//
// This operation can be called only from the organization's master account.
//
// If you get an exception that indicates that you exceeded your account limits
// for the organization or that you can"t add an account because your organization
// is still initializing, please contact AWS Customer Support (https://console.aws.amazon.com/support/home#/).
//
// Returns awserr.Error for service API and SDK errors. Use runtime type assertions
// with awserr.Error's Code and Message methods to get detailed information about
// the error.
//
// See the AWS API reference guide for AWS Organizations's
// API operation InviteAccountToOrganization for usage and error information.
//
// Returned Error Codes:
// * ErrCodeAccessDeniedException "AccessDeniedException"
// You don't have permissions to perform the requested operation. The user or
// role that is making the request must have at least one IAM permissions policy
// attached that grants the required permissions. For more information, see
// Access Management (http://docs.aws.amazon.com/IAM/latest/UserGuide/access.html)
// in the IAM User Guide.
//
// * ErrCodeAWSOrganizationsNotInUseException "AWSOrganizationsNotInUseException"
// Your account is not a member of an organization. To make this request, you
// must use the credentials of an account that belongs to an organization.
//
// * ErrCodeConcurrentModificationException "ConcurrentModificationException"
// The target of the operation is currently being modified by a different request.
// Try again later.
//
// * ErrCodeHandshakeConstraintViolationException "HandshakeConstraintViolationException"
// The requested operation would violate the constraint identified in the reason
// code.
//
// Some of the reasons in the following list might not be applicable to this
// specific API or operation:
//
// * ACCOUNT_NUMBER_LIMIT_EXCEEDED: You attempted to exceed the limit on
// the number of accounts in an organization. Note: deleted and closed accounts
// still count toward your limit.
//
// If you get an exception that indicates that you exceeded your account limits
// for the organization or that you can"t add an account because your organization
// is still initializing, please contact AWS Customer Support (https://console.aws.amazon.com/support/home#/).
//
// * HANDSHAKE_RATE_LIMIT_EXCEEDED: You attempted to exceed the number of
// handshakes you can send in one day.
//
// * ALREADY_IN_AN_ORGANIZATION: The handshake request is invalid because
// the invited account is already a member of an organization.
//
// * ORGANIZATION_ALREADY_HAS_ALL_FEATURES: The handshake request is invalid
// because the organization has already enabled all features.
//
// * INVITE_DISABLED_DURING_ENABLE_ALL_FEATURES: You cannot issue new invitations
// to join an organization while it is in the process of enabling all features.
// You can resume inviting accounts after you finalize the process when all
// accounts have agreed to the change.
//
// * PAYMENT_INSTRUMENT_REQUIRED: You cannot complete the operation with
// an account that does not have a payment instrument, such as a credit card,
// associated with it.
//
// * ORGANIZATION_FROM_DIFFERENT_SELLER_OF_RECORD: The request failed because
// the account is from a different marketplace than the accounts in the organization.
// For example, accounts with India addresses must be associated with the
// AISPL marketplace. All accounts in an organization must be from the same
// marketplace.
//
// * ORGANIZATION_MEMBERSHIP_CHANGE_RATE_LIMIT_EXCEEDED: You attempted to
// change the membership of an account too quickly after its previous change.
//
// * ErrCodeDuplicateHandshakeException "DuplicateHandshakeException"
// A handshake with the same action and target already exists. For example,
// if you invited an account to join your organization, the invited account
// might already have a pending invitation from this organization. If you intend
// to resend an invitation to an account, ensure that existing handshakes that
// might be considered duplicates are canceled or declined.
//
// * ErrCodeInvalidInputException "InvalidInputException"
// The requested operation failed because you provided invalid values for one
// or more of the request parameters. This exception includes a reason that
// contains additional information about the violated limit:
//
// Some of the reasons in the following list might not be applicable to this
// specific API or operation:
//
// * IMMUTABLE_POLICY: You specified a policy that is managed by AWS and
// cannot be modified.
//
// * INPUT_REQUIRED: You must include a value for all required parameters.
//
// * INVALID_ENUM: You specified a value that is not valid for that parameter.
//
// * INVALID_FULL_NAME_TARGET: You specified a full name that contains invalid
// characters.
//
// * INVALID_LIST_MEMBER: You provided a list to a parameter that contains
// at least one invalid value.
//
// * INVALID_PARTY_TYPE_TARGET: You specified the wrong type of entity (account,
// organization, or email) as a party.
//
// * INVALID_PAGINATION_TOKEN: Get the value for the NextToken parameter
// from the response to a previous call of the operation.
//
// * INVALID_PATTERN: You provided a value that doesn't match the required
// pattern.
//
// * INVALID_PATTERN_TARGET_ID: You specified a policy target ID that doesn't
// match the required pattern.
//
// * INVALID_ROLE_NAME: You provided a role name that is not valid. A role
// name can’t begin with the reserved prefix 'AWSServiceRoleFor'.
//
// * INVALID_SYNTAX_ORGANIZATION_ARN: You specified an invalid ARN for the
// organization.
//
// * INVALID_SYNTAX_POLICY_ID: You specified an invalid policy ID.
//
// * MAX_FILTER_LIMIT_EXCEEDED: You can specify only one filter parameter
// for the operation.
//
// * MAX_LENGTH_EXCEEDED: You provided a string parameter that is longer
// than allowed.
//
// * MAX_VALUE_EXCEEDED: You provided a numeric parameter that has a larger
// value than allowed.
//
// * MIN_LENGTH_EXCEEDED: You provided a string parameter that is shorter
// than allowed.
//
// * MIN_VALUE_EXCEEDED: You provided a numeric parameter that has a smaller
// value than allowed.
//
// * MOVING_ACCOUNT_BETWEEN_DIFFERENT_ROOTS: You can move an account only
// between entities in the same root.
//
// * ErrCodeFinalizingOrganizationException "FinalizingOrganizationException"
// AWS Organizations could not finalize the creation of your organization. Try
// again later. If this persists, contact AWS customer support.
//
// * ErrCodeServiceException "ServiceException"
// AWS Organizations can't complete your request because of an internal service
// error. Try again later.
//
// * ErrCodeTooManyRequestsException "TooManyRequestsException"
// You've sent too many requests in too short a period of time. The limit helps
// protect against denial-of-service attacks. Try again later.
//
// See also, https://docs.aws.amazon.com/goto/WebAPI/organizations-2016-11-28/InviteAccountToOrganization
func (c *Organizations) InviteAccountToOrganization(input *InviteAccountToOrganizationInput) (*InviteAccountToOrganizationOutput, error) {
req, out := c.InviteAccountToOrganizationRequest(input)
return out, req.Send()
}
// InviteAccountToOrganizationWithContext is the same as InviteAccountToOrganization with the addition of
// the ability to pass a context and additional request options.
//
// See InviteAccountToOrganization for details on how to use this API operation.
//
// The context must be non-nil and will be used for request cancellation. If
// the context is nil a panic will occur. In the future the SDK may create
// sub-contexts for http.Requests. See https://golang.org/pkg/context/
// for more information on using Contexts.
func (c *Organizations) InviteAccountToOrganizationWithContext(ctx aws.Context, input *InviteAccountToOrganizationInput, opts ...request.Option) (*InviteAccountToOrganizationOutput, error) {
req, out := c.InviteAccountToOrganizationRequest(input)
req.SetContext(ctx)
req.ApplyOptions(opts...)
return out, req.Send()
}
const opLeaveOrganization = "LeaveOrganization"
// LeaveOrganizationRequest generates a "aws/request.Request" representing the
// client's request for the LeaveOrganization operation. The "output" return
// value will be populated with the request's response once the request completes
// successfuly.
//
// Use "Send" method on the returned Request to send the API call to the service.
// the "output" return value is not valid until after Send returns without error.
//
// See LeaveOrganization for more information on using the LeaveOrganization
// API call, and error handling.
//
// This method is useful when you want to inject custom logic or configuration
// into the SDK's request lifecycle. Such as custom headers, or retry logic.
//
//
// // Example sending a request using the LeaveOrganizationRequest method.
// req, resp := client.LeaveOrganizationRequest(params)
//
// err := req.Send()
// if err == nil { // resp is now filled
// fmt.Println(resp)
// }
//
// See also, https://docs.aws.amazon.com/goto/WebAPI/organizations-2016-11-28/LeaveOrganization
func (c *Organizations) LeaveOrganizationRequest(input *LeaveOrganizationInput) (req *request.Request, output *LeaveOrganizationOutput) {
op := &request.Operation{
Name: opLeaveOrganization,
HTTPMethod: "POST",
HTTPPath: "/",
}
if input == nil {
input = &LeaveOrganizationInput{}
}
output = &LeaveOrganizationOutput{}
req = c.newRequest(op, input, output)
req.Handlers.Unmarshal.Remove(jsonrpc.UnmarshalHandler)
req.Handlers.Unmarshal.PushBackNamed(protocol.UnmarshalDiscardBodyHandler)
return
}
// LeaveOrganization API operation for AWS Organizations.
//
// Removes a member account from its parent organization. This version of the
// operation is performed by the account that wants to leave. To remove a member
// account as a user in the master account, use RemoveAccountFromOrganization
// instead.
//
// This operation can be called only from a member account in the organization.
//
// The master account in an organization with all features enabled can set service
// control policies (SCPs) that can restrict what administrators of member accounts
// can do, including preventing them from successfully calling LeaveOrganization
// and leaving the organization.
//
// You can leave an organization as a member account only if the account is
// configured with the information required to operate as a standalone account.
// When you create an account in an organization using the AWS Organizations
// console, API, or CLI commands, the information required of standalone accounts
// is not automatically collected. For each account that you want to make standalone,
// you must accept the End User License Agreement (EULA), choose a support plan,
// provide and verify the required contact information, and provide a current
// payment method. AWS uses the payment method to charge for any billable (not
// free tier) AWS activity that occurs while the account is not attached to
// an organization. Follow the steps at To leave an organization when all required
// account information has not yet been provided (http://docs.aws.amazon.com/organizations/latest/userguide/orgs_manage_accounts_remove.html#leave-without-all-info)
// in the AWS Organizations User Guide.
//
// You can leave an organization only after you enable IAM user access to billing
// in your account. For more information, see Activating Access to the Billing
// and Cost Management Console (http://docs.aws.amazon.com/awsaccountbilling/latest/aboutv2/grantaccess.html#ControllingAccessWebsite-Activate)
// in the AWS Billing and Cost Management User Guide.
//
// Returns awserr.Error for service API and SDK errors. Use runtime type assertions
// with awserr.Error's Code and Message methods to get detailed information about
// the error.
//
// See the AWS API reference guide for AWS Organizations's
// API operation LeaveOrganization for usage and error information.
//
// Returned Error Codes:
// * ErrCodeAccessDeniedException "AccessDeniedException"
// You don't have permissions to perform the requested operation. The user or
// role that is making the request must have at least one IAM permissions policy
// attached that grants the required permissions. For more information, see
// Access Management (http://docs.aws.amazon.com/IAM/latest/UserGuide/access.html)
// in the IAM User Guide.
//
// * ErrCodeAccountNotFoundException "AccountNotFoundException"
// We can't find an AWS account with the AccountId that you specified, or the
// account whose credentials you used to make this request is not a member of
// an organization.
//
// * ErrCodeAWSOrganizationsNotInUseException "AWSOrganizationsNotInUseException"
// Your account is not a member of an organization. To make this request, you
// must use the credentials of an account that belongs to an organization.
//
// * ErrCodeConcurrentModificationException "ConcurrentModificationException"
// The target of the operation is currently being modified by a different request.
// Try again later.
//
// * ErrCodeConstraintViolationException "ConstraintViolationException"
// Performing this operation violates a minimum or maximum value limit. For
// example, attempting to removing the last SCP from an OU or root, inviting
// or creating too many accounts to the organization, or attaching too many
// policies to an account, OU, or root. This exception includes a reason that
// contains additional information about the violated limit:
//
// Some of the reasons in the following list might not be applicable to this
// specific API or operation:
//
// ACCOUNT_NUMBER_LIMIT_EXCEEDED: You attempted to exceed the limit on the number
// of accounts in an organization. If you need more accounts, contact AWS Support
// to request an increase in your limit.
//
// Or, The number of invitations that you tried to send would cause you to exceed
// the limit of accounts in your organization. Send fewer invitations, or contact
// AWS Support to request an increase in the number of accounts.
//
// Note: deleted and closed accounts still count toward your limit.
//
// If you get an exception that indicates that you exceeded your account limits
// for the organization or that you can"t add an account because your organization
// is still initializing, please contact AWS Customer Support (https://console.aws.amazon.com/support/home#/).
//
// * HANDSHAKE_RATE_LIMIT_EXCEEDED: You attempted to exceed the number of
// handshakes you can send in one day.
//
// * OU_NUMBER_LIMIT_EXCEEDED: You attempted to exceed the number of organizational
// units you can have in an organization.
//
// * OU_DEPTH_LIMIT_EXCEEDED: You attempted to create an organizational unit
// tree that is too many levels deep.
//
// * POLICY_NUMBER_LIMIT_EXCEEDED. You attempted to exceed the number of
// policies that you can have in an organization.
//
// * MAX_POLICY_TYPE_ATTACHMENT_LIMIT_EXCEEDED: You attempted to exceed the
// number of policies of a certain type that can be attached to an entity
// at one time.
//
// * MIN_POLICY_TYPE_ATTACHMENT_LIMIT_EXCEEDED: You attempted to detach a
// policy from an entity that would cause the entity to have fewer than the
// minimum number of policies of a certain type required.
//
// * ACCOUNT_CANNOT_LEAVE_WITHOUT_EULA: You attempted to remove an account
// from the organization that does not yet have enough information to exist
// as a stand-alone account. This account requires you to first agree to
// the AWS Customer Agreement. Follow the steps at To leave an organization
// when all required account information has not yet been provided (http://docs.aws.amazon.com/organizations/latest/userguide/orgs_manage_accounts_remove.html#leave-without-all-info)
// in the AWS Organizations User Guide.
//
// * ACCOUNT_CANNOT_LEAVE_WITHOUT_PHONE_VERIFICATION: You attempted to remove
// an account from the organization that does not yet have enough information
// to exist as a stand-alone account. This account requires you to first
// complete phone verification. Follow the steps at To leave an organization
// when all required account information has not yet been provided (http://docs.aws.amazon.com/organizations/latest/userguide/orgs_manage_accounts_remove.html#leave-without-all-info)
// in the AWS Organizations User Guide.
//
// * MASTER_ACCOUNT_PAYMENT_INSTRUMENT_REQUIRED: To create an organization
// with this account, you first must associate a payment instrument, such
// as a credit card, with the account. Follow the steps at To leave an organization
// when all required account information has not yet been provided (http://docs.aws.amazon.com/organizations/latest/userguide/orgs_manage_accounts_remove.html#leave-without-all-info)
// in the AWS Organizations User Guide.
//
// * MEMBER_ACCOUNT_PAYMENT_INSTRUMENT_REQUIRED: To complete this operation
// with this member account, you first must associate a payment instrument,
// such as a credit card, with the account. Follow the steps at To leave
// an organization when all required account information has not yet been
// provided (http://docs.aws.amazon.com/organizations/latest/userguide/orgs_manage_accounts_remove.html#leave-without-all-info)
// in the AWS Organizations User Guide.
//
// * ACCOUNT_CREATION_RATE_LIMIT_EXCEEDED: You attempted to exceed the number
// of accounts that you can create in one day.
//
// * MASTER_ACCOUNT_ADDRESS_DOES_NOT_MATCH_MARKETPLACE: To create an account
// in this organization, you first must migrate the organization's master
// account to the marketplace that corresponds to the master account's address.
// For example, accounts with India addresses must be associated with the
// AISPL marketplace. All accounts in an organization must be associated
// with the same marketplace.
//
// * MASTER_ACCOUNT_MISSING_CONTACT_INFO: To complete this operation, you
// must first provide contact a valid address and phone number for the master
// account. Then try the operation again.
//
// * ErrCodeInvalidInputException "InvalidInputException"
// The requested operation failed because you provided invalid values for one
// or more of the request parameters. This exception includes a reason that
// contains additional information about the violated limit:
//
// Some of the reasons in the following list might not be applicable to this
// specific API or operation:
//
// * IMMUTABLE_POLICY: You specified a policy that is managed by AWS and
// cannot be modified.
//
// * INPUT_REQUIRED: You must include a value for all required parameters.
//
// * INVALID_ENUM: You specified a value that is not valid for that parameter.
//
// * INVALID_FULL_NAME_TARGET: You specified a full name that contains invalid
// characters.
//
// * INVALID_LIST_MEMBER: You provided a list to a parameter that contains
// at least one invalid value.
//
// * INVALID_PARTY_TYPE_TARGET: You specified the wrong type of entity (account,
// organization, or email) as a party.
//
// * INVALID_PAGINATION_TOKEN: Get the value for the NextToken parameter
// from the response to a previous call of the operation.
//
// * INVALID_PATTERN: You provided a value that doesn't match the required
// pattern.
//
// * INVALID_PATTERN_TARGET_ID: You specified a policy target ID that doesn't
// match the required pattern.
//
// * INVALID_ROLE_NAME: You provided a role name that is not valid. A role
// name can’t begin with the reserved prefix 'AWSServiceRoleFor'.
//
// * INVALID_SYNTAX_ORGANIZATION_ARN: You specified an invalid ARN for the
// organization.
//
// * INVALID_SYNTAX_POLICY_ID: You specified an invalid policy ID.
//
// * MAX_FILTER_LIMIT_EXCEEDED: You can specify only one filter parameter
// for the operation.
//
// * MAX_LENGTH_EXCEEDED: You provided a string parameter that is longer
// than allowed.
//
// * MAX_VALUE_EXCEEDED: You provided a numeric parameter that has a larger
// value than allowed.
//
// * MIN_LENGTH_EXCEEDED: You provided a string parameter that is shorter
// than allowed.
//
// * MIN_VALUE_EXCEEDED: You provided a numeric parameter that has a smaller
// value than allowed.
//
// * MOVING_ACCOUNT_BETWEEN_DIFFERENT_ROOTS: You can move an account only
// between entities in the same root.
//
// * ErrCodeMasterCannotLeaveOrganizationException "MasterCannotLeaveOrganizationException"
// You can't remove a master account from an organization. If you want the master
// account to become a member account in another organization, you must first
// delete the current organization of the master account.
//
// * ErrCodeServiceException "ServiceException"
// AWS Organizations can't complete your request because of an internal service
// error. Try again later.
//
// * ErrCodeTooManyRequestsException "TooManyRequestsException"
// You've sent too many requests in too short a period of time. The limit helps
// protect against denial-of-service attacks. Try again later.
//
// See also, https://docs.aws.amazon.com/goto/WebAPI/organizations-2016-11-28/LeaveOrganization
func (c *Organizations) LeaveOrganization(input *LeaveOrganizationInput) (*LeaveOrganizationOutput, error) {
req, out := c.LeaveOrganizationRequest(input)
return out, req.Send()
}
// LeaveOrganizationWithContext is the same as LeaveOrganization with the addition of
// the ability to pass a context and additional request options.
//
// See LeaveOrganization for details on how to use this API operation.
//
// The context must be non-nil and will be used for request cancellation. If
// the context is nil a panic will occur. In the future the SDK may create
// sub-contexts for http.Requests. See https://golang.org/pkg/context/
// for more information on using Contexts.
func (c *Organizations) LeaveOrganizationWithContext(ctx aws.Context, input *LeaveOrganizationInput, opts ...request.Option) (*LeaveOrganizationOutput, error) {
req, out := c.LeaveOrganizationRequest(input)
req.SetContext(ctx)
req.ApplyOptions(opts...)
return out, req.Send()
}
const opListAWSServiceAccessForOrganization = "ListAWSServiceAccessForOrganization"
// ListAWSServiceAccessForOrganizationRequest generates a "aws/request.Request" representing the
// client's request for the ListAWSServiceAccessForOrganization operation. The "output" return
// value will be populated with the request's response once the request completes
// successfuly.
//
// Use "Send" method on the returned Request to send the API call to the service.
// the "output" return value is not valid until after Send returns without error.
//
// See ListAWSServiceAccessForOrganization for more information on using the ListAWSServiceAccessForOrganization
// API call, and error handling.
//
// This method is useful when you want to inject custom logic or configuration
// into the SDK's request lifecycle. Such as custom headers, or retry logic.
//
//
// // Example sending a request using the ListAWSServiceAccessForOrganizationRequest method.
// req, resp := client.ListAWSServiceAccessForOrganizationRequest(params)
//
// err := req.Send()
// if err == nil { // resp is now filled
// fmt.Println(resp)
// }
//
// See also, https://docs.aws.amazon.com/goto/WebAPI/organizations-2016-11-28/ListAWSServiceAccessForOrganization
func (c *Organizations) ListAWSServiceAccessForOrganizationRequest(input *ListAWSServiceAccessForOrganizationInput) (req *request.Request, output *ListAWSServiceAccessForOrganizationOutput) {
op := &request.Operation{
Name: opListAWSServiceAccessForOrganization,
HTTPMethod: "POST",
HTTPPath: "/",
Paginator: &request.Paginator{
InputTokens: []string{"NextToken"},
OutputTokens: []string{"NextToken"},
LimitToken: "MaxResults",
TruncationToken: "",
},
}
if input == nil {
input = &ListAWSServiceAccessForOrganizationInput{}
}
output = &ListAWSServiceAccessForOrganizationOutput{}
req = c.newRequest(op, input, output)
return
}
// ListAWSServiceAccessForOrganization API operation for AWS Organizations.
//
// Returns a list of the AWS services that you enabled to integrate with your
// organization. After a service on this list creates the resources that it
// requires for the integration, it can perform operations on your organization
// and its accounts.
//
// For more information about integrating other services with AWS Organizations,
// including the list of services that currently work with Organizations, see
// Integrating AWS Organizations with Other AWS Services (http://docs.aws.amazon.com/organizations/latest/userguide/orgs_integrate_services.html)
// in the AWS Organizations User Guide.
//
// This operation can be called only from the organization's master account.
//
// Returns awserr.Error for service API and SDK errors. Use runtime type assertions
// with awserr.Error's Code and Message methods to get detailed information about
// the error.
//
// See the AWS API reference guide for AWS Organizations's
// API operation ListAWSServiceAccessForOrganization for usage and error information.
//
// Returned Error Codes:
// * ErrCodeAccessDeniedException "AccessDeniedException"
// You don't have permissions to perform the requested operation. The user or
// role that is making the request must have at least one IAM permissions policy
// attached that grants the required permissions. For more information, see
// Access Management (http://docs.aws.amazon.com/IAM/latest/UserGuide/access.html)
// in the IAM User Guide.
//
// * ErrCodeAWSOrganizationsNotInUseException "AWSOrganizationsNotInUseException"
// Your account is not a member of an organization. To make this request, you
// must use the credentials of an account that belongs to an organization.
//
// * ErrCodeConstraintViolationException "ConstraintViolationException"
// Performing this operation violates a minimum or maximum value limit. For
// example, attempting to removing the last SCP from an OU or root, inviting
// or creating too many accounts to the organization, or attaching too many
// policies to an account, OU, or root. This exception includes a reason that
// contains additional information about the violated limit:
//
// Some of the reasons in the following list might not be applicable to this
// specific API or operation:
//
// ACCOUNT_NUMBER_LIMIT_EXCEEDED: You attempted to exceed the limit on the number
// of accounts in an organization. If you need more accounts, contact AWS Support
// to request an increase in your limit.
//
// Or, The number of invitations that you tried to send would cause you to exceed
// the limit of accounts in your organization. Send fewer invitations, or contact
// AWS Support to request an increase in the number of accounts.
//
// Note: deleted and closed accounts still count toward your limit.
//
// If you get an exception that indicates that you exceeded your account limits
// for the organization or that you can"t add an account because your organization
// is still initializing, please contact AWS Customer Support (https://console.aws.amazon.com/support/home#/).
//
// * HANDSHAKE_RATE_LIMIT_EXCEEDED: You attempted to exceed the number of
// handshakes you can send in one day.
//
// * OU_NUMBER_LIMIT_EXCEEDED: You attempted to exceed the number of organizational
// units you can have in an organization.
//
// * OU_DEPTH_LIMIT_EXCEEDED: You attempted to create an organizational unit
// tree that is too many levels deep.
//
// * POLICY_NUMBER_LIMIT_EXCEEDED. You attempted to exceed the number of
// policies that you can have in an organization.
//
// * MAX_POLICY_TYPE_ATTACHMENT_LIMIT_EXCEEDED: You attempted to exceed the
// number of policies of a certain type that can be attached to an entity
// at one time.
//
// * MIN_POLICY_TYPE_ATTACHMENT_LIMIT_EXCEEDED: You attempted to detach a
// policy from an entity that would cause the entity to have fewer than the
// minimum number of policies of a certain type required.
//
// * ACCOUNT_CANNOT_LEAVE_WITHOUT_EULA: You attempted to remove an account
// from the organization that does not yet have enough information to exist
// as a stand-alone account. This account requires you to first agree to
// the AWS Customer Agreement. Follow the steps at To leave an organization
// when all required account information has not yet been provided (http://docs.aws.amazon.com/organizations/latest/userguide/orgs_manage_accounts_remove.html#leave-without-all-info)
// in the AWS Organizations User Guide.
//
// * ACCOUNT_CANNOT_LEAVE_WITHOUT_PHONE_VERIFICATION: You attempted to remove
// an account from the organization that does not yet have enough information
// to exist as a stand-alone account. This account requires you to first
// complete phone verification. Follow the steps at To leave an organization
// when all required account information has not yet been provided (http://docs.aws.amazon.com/organizations/latest/userguide/orgs_manage_accounts_remove.html#leave-without-all-info)
// in the AWS Organizations User Guide.
//
// * MASTER_ACCOUNT_PAYMENT_INSTRUMENT_REQUIRED: To create an organization
// with this account, you first must associate a payment instrument, such
// as a credit card, with the account. Follow the steps at To leave an organization
// when all required account information has not yet been provided (http://docs.aws.amazon.com/organizations/latest/userguide/orgs_manage_accounts_remove.html#leave-without-all-info)
// in the AWS Organizations User Guide.
//
// * MEMBER_ACCOUNT_PAYMENT_INSTRUMENT_REQUIRED: To complete this operation
// with this member account, you first must associate a payment instrument,
// such as a credit card, with the account. Follow the steps at To leave
// an organization when all required account information has not yet been
// provided (http://docs.aws.amazon.com/organizations/latest/userguide/orgs_manage_accounts_remove.html#leave-without-all-info)
// in the AWS Organizations User Guide.
//
// * ACCOUNT_CREATION_RATE_LIMIT_EXCEEDED: You attempted to exceed the number
// of accounts that you can create in one day.
//
// * MASTER_ACCOUNT_ADDRESS_DOES_NOT_MATCH_MARKETPLACE: To create an account
// in this organization, you first must migrate the organization's master
// account to the marketplace that corresponds to the master account's address.
// For example, accounts with India addresses must be associated with the
// AISPL marketplace. All accounts in an organization must be associated
// with the same marketplace.
//
// * MASTER_ACCOUNT_MISSING_CONTACT_INFO: To complete this operation, you
// must first provide contact a valid address and phone number for the master
// account. Then try the operation again.
//
// * ErrCodeInvalidInputException "InvalidInputException"
// The requested operation failed because you provided invalid values for one
// or more of the request parameters. This exception includes a reason that
// contains additional information about the violated limit:
//
// Some of the reasons in the following list might not be applicable to this
// specific API or operation:
//
// * IMMUTABLE_POLICY: You specified a policy that is managed by AWS and
// cannot be modified.
//
// * INPUT_REQUIRED: You must include a value for all required parameters.
//
// * INVALID_ENUM: You specified a value that is not valid for that parameter.
//
// * INVALID_FULL_NAME_TARGET: You specified a full name that contains invalid
// characters.
//
// * INVALID_LIST_MEMBER: You provided a list to a parameter that contains
// at least one invalid value.
//
// * INVALID_PARTY_TYPE_TARGET: You specified the wrong type of entity (account,
// organization, or email) as a party.
//
// * INVALID_PAGINATION_TOKEN: Get the value for the NextToken parameter
// from the response to a previous call of the operation.
//
// * INVALID_PATTERN: You provided a value that doesn't match the required
// pattern.
//
// * INVALID_PATTERN_TARGET_ID: You specified a policy target ID that doesn't
// match the required pattern.
//
// * INVALID_ROLE_NAME: You provided a role name that is not valid. A role
// name can’t begin with the reserved prefix 'AWSServiceRoleFor'.
//
// * INVALID_SYNTAX_ORGANIZATION_ARN: You specified an invalid ARN for the
// organization.
//
// * INVALID_SYNTAX_POLICY_ID: You specified an invalid policy ID.
//
// * MAX_FILTER_LIMIT_EXCEEDED: You can specify only one filter parameter
// for the operation.
//
// * MAX_LENGTH_EXCEEDED: You provided a string parameter that is longer
// than allowed.
//
// * MAX_VALUE_EXCEEDED: You provided a numeric parameter that has a larger
// value than allowed.
//
// * MIN_LENGTH_EXCEEDED: You provided a string parameter that is shorter
// than allowed.
//
// * MIN_VALUE_EXCEEDED: You provided a numeric parameter that has a smaller
// value than allowed.
//
// * MOVING_ACCOUNT_BETWEEN_DIFFERENT_ROOTS: You can move an account only
// between entities in the same root.
//
// * ErrCodeServiceException "ServiceException"
// AWS Organizations can't complete your request because of an internal service
// error. Try again later.
//
// * ErrCodeTooManyRequestsException "TooManyRequestsException"
// You've sent too many requests in too short a period of time. The limit helps
// protect against denial-of-service attacks. Try again later.
//
// See also, https://docs.aws.amazon.com/goto/WebAPI/organizations-2016-11-28/ListAWSServiceAccessForOrganization
func (c *Organizations) ListAWSServiceAccessForOrganization(input *ListAWSServiceAccessForOrganizationInput) (*ListAWSServiceAccessForOrganizationOutput, error) {
req, out := c.ListAWSServiceAccessForOrganizationRequest(input)
return out, req.Send()
}
// ListAWSServiceAccessForOrganizationWithContext is the same as ListAWSServiceAccessForOrganization with the addition of
// the ability to pass a context and additional request options.
//
// See ListAWSServiceAccessForOrganization for details on how to use this API operation.
//
// The context must be non-nil and will be used for request cancellation. If
// the context is nil a panic will occur. In the future the SDK may create
// sub-contexts for http.Requests. See https://golang.org/pkg/context/
// for more information on using Contexts.
func (c *Organizations) ListAWSServiceAccessForOrganizationWithContext(ctx aws.Context, input *ListAWSServiceAccessForOrganizationInput, opts ...request.Option) (*ListAWSServiceAccessForOrganizationOutput, error) {
req, out := c.ListAWSServiceAccessForOrganizationRequest(input)
req.SetContext(ctx)
req.ApplyOptions(opts...)
return out, req.Send()
}
// ListAWSServiceAccessForOrganizationPages iterates over the pages of a ListAWSServiceAccessForOrganization operation,
// calling the "fn" function with the response data for each page. To stop
// iterating, return false from the fn function.
//
// See ListAWSServiceAccessForOrganization method for more information on how to use this operation.
//
// Note: This operation can generate multiple requests to a service.
//
// // Example iterating over at most 3 pages of a ListAWSServiceAccessForOrganization operation.
// pageNum := 0
// err := client.ListAWSServiceAccessForOrganizationPages(params,
// func(page *ListAWSServiceAccessForOrganizationOutput, lastPage bool) bool {
// pageNum++
// fmt.Println(page)
// return pageNum <= 3
// })
//
func (c *Organizations) ListAWSServiceAccessForOrganizationPages(input *ListAWSServiceAccessForOrganizationInput, fn func(*ListAWSServiceAccessForOrganizationOutput, bool) bool) error {
return c.ListAWSServiceAccessForOrganizationPagesWithContext(aws.BackgroundContext(), input, fn)
}
// ListAWSServiceAccessForOrganizationPagesWithContext same as ListAWSServiceAccessForOrganizationPages except
// it takes a Context and allows setting request options on the pages.
//
// The context must be non-nil and will be used for request cancellation. If
// the context is nil a panic will occur. In the future the SDK may create
// sub-contexts for http.Requests. See https://golang.org/pkg/context/
// for more information on using Contexts.
func (c *Organizations) ListAWSServiceAccessForOrganizationPagesWithContext(ctx aws.Context, input *ListAWSServiceAccessForOrganizationInput, fn func(*ListAWSServiceAccessForOrganizationOutput, bool) bool, opts ...request.Option) error {
p := request.Pagination{
NewRequest: func() (*request.Request, error) {
var inCpy *ListAWSServiceAccessForOrganizationInput
if input != nil {
tmp := *input
inCpy = &tmp
}
req, _ := c.ListAWSServiceAccessForOrganizationRequest(inCpy)
req.SetContext(ctx)
req.ApplyOptions(opts...)
return req, nil
},
}
cont := true
for p.Next() && cont {
cont = fn(p.Page().(*ListAWSServiceAccessForOrganizationOutput), !p.HasNextPage())
}
return p.Err()
}
const opListAccounts = "ListAccounts"
// ListAccountsRequest generates a "aws/request.Request" representing the
// client's request for the ListAccounts operation. The "output" return
// value will be populated with the request's response once the request completes
// successfuly.
//
// Use "Send" method on the returned Request to send the API call to the service.
// the "output" return value is not valid until after Send returns without error.
//
// See ListAccounts for more information on using the ListAccounts
// API call, and error handling.
//
// This method is useful when you want to inject custom logic or configuration
// into the SDK's request lifecycle. Such as custom headers, or retry logic.
//
//
// // Example sending a request using the ListAccountsRequest method.
// req, resp := client.ListAccountsRequest(params)
//
// err := req.Send()
// if err == nil { // resp is now filled
// fmt.Println(resp)
// }
//
// See also, https://docs.aws.amazon.com/goto/WebAPI/organizations-2016-11-28/ListAccounts
func (c *Organizations) ListAccountsRequest(input *ListAccountsInput) (req *request.Request, output *ListAccountsOutput) {
op := &request.Operation{
Name: opListAccounts,
HTTPMethod: "POST",
HTTPPath: "/",
Paginator: &request.Paginator{
InputTokens: []string{"NextToken"},
OutputTokens: []string{"NextToken"},
LimitToken: "MaxResults",
TruncationToken: "",
},
}
if input == nil {
input = &ListAccountsInput{}
}
output = &ListAccountsOutput{}
req = c.newRequest(op, input, output)
return
}
// ListAccounts API operation for AWS Organizations.
//
// Lists all the accounts in the organization. To request only the accounts
// in a specified root or OU, use the ListAccountsForParent operation instead.
//
// Always check the NextToken response parameter for a null value when calling
// a List* operation. These operations can occasionally return an empty set
// of results even when there are more results available. The NextToken response
// parameter value is nullonly when there are no more results to display.
//
// This operation can be called only from the organization's master account.
//
// Returns awserr.Error for service API and SDK errors. Use runtime type assertions
// with awserr.Error's Code and Message methods to get detailed information about
// the error.
//
// See the AWS API reference guide for AWS Organizations's
// API operation ListAccounts for usage and error information.
//
// Returned Error Codes:
// * ErrCodeAccessDeniedException "AccessDeniedException"
// You don't have permissions to perform the requested operation. The user or
// role that is making the request must have at least one IAM permissions policy
// attached that grants the required permissions. For more information, see
// Access Management (http://docs.aws.amazon.com/IAM/latest/UserGuide/access.html)
// in the IAM User Guide.
//
// * ErrCodeAWSOrganizationsNotInUseException "AWSOrganizationsNotInUseException"
// Your account is not a member of an organization. To make this request, you
// must use the credentials of an account that belongs to an organization.
//
// * ErrCodeInvalidInputException "InvalidInputException"
// The requested operation failed because you provided invalid values for one
// or more of the request parameters. This exception includes a reason that
// contains additional information about the violated limit:
//
// Some of the reasons in the following list might not be applicable to this
// specific API or operation:
//
// * IMMUTABLE_POLICY: You specified a policy that is managed by AWS and
// cannot be modified.
//
// * INPUT_REQUIRED: You must include a value for all required parameters.
//
// * INVALID_ENUM: You specified a value that is not valid for that parameter.
//
// * INVALID_FULL_NAME_TARGET: You specified a full name that contains invalid
// characters.
//
// * INVALID_LIST_MEMBER: You provided a list to a parameter that contains
// at least one invalid value.
//
// * INVALID_PARTY_TYPE_TARGET: You specified the wrong type of entity (account,
// organization, or email) as a party.
//
// * INVALID_PAGINATION_TOKEN: Get the value for the NextToken parameter
// from the response to a previous call of the operation.
//
// * INVALID_PATTERN: You provided a value that doesn't match the required
// pattern.
//
// * INVALID_PATTERN_TARGET_ID: You specified a policy target ID that doesn't
// match the required pattern.
//
// * INVALID_ROLE_NAME: You provided a role name that is not valid. A role
// name can’t begin with the reserved prefix 'AWSServiceRoleFor'.
//
// * INVALID_SYNTAX_ORGANIZATION_ARN: You specified an invalid ARN for the
// organization.
//
// * INVALID_SYNTAX_POLICY_ID: You specified an invalid policy ID.
//
// * MAX_FILTER_LIMIT_EXCEEDED: You can specify only one filter parameter
// for the operation.
//
// * MAX_LENGTH_EXCEEDED: You provided a string parameter that is longer
// than allowed.
//
// * MAX_VALUE_EXCEEDED: You provided a numeric parameter that has a larger
// value than allowed.
//
// * MIN_LENGTH_EXCEEDED: You provided a string parameter that is shorter
// than allowed.
//
// * MIN_VALUE_EXCEEDED: You provided a numeric parameter that has a smaller
// value than allowed.
//
// * MOVING_ACCOUNT_BETWEEN_DIFFERENT_ROOTS: You can move an account only
// between entities in the same root.
//
// * ErrCodeServiceException "ServiceException"
// AWS Organizations can't complete your request because of an internal service
// error. Try again later.
//
// * ErrCodeTooManyRequestsException "TooManyRequestsException"
// You've sent too many requests in too short a period of time. The limit helps
// protect against denial-of-service attacks. Try again later.
//
// See also, https://docs.aws.amazon.com/goto/WebAPI/organizations-2016-11-28/ListAccounts
func (c *Organizations) ListAccounts(input *ListAccountsInput) (*ListAccountsOutput, error) {
req, out := c.ListAccountsRequest(input)
return out, req.Send()
}
// ListAccountsWithContext is the same as ListAccounts with the addition of
// the ability to pass a context and additional request options.
//
// See ListAccounts for details on how to use this API operation.
//
// The context must be non-nil and will be used for request cancellation. If
// the context is nil a panic will occur. In the future the SDK may create
// sub-contexts for http.Requests. See https://golang.org/pkg/context/
// for more information on using Contexts.
func (c *Organizations) ListAccountsWithContext(ctx aws.Context, input *ListAccountsInput, opts ...request.Option) (*ListAccountsOutput, error) {
req, out := c.ListAccountsRequest(input)
req.SetContext(ctx)
req.ApplyOptions(opts...)
return out, req.Send()
}
// ListAccountsPages iterates over the pages of a ListAccounts operation,
// calling the "fn" function with the response data for each page. To stop
// iterating, return false from the fn function.
//
// See ListAccounts method for more information on how to use this operation.
//
// Note: This operation can generate multiple requests to a service.
//
// // Example iterating over at most 3 pages of a ListAccounts operation.
// pageNum := 0
// err := client.ListAccountsPages(params,
// func(page *ListAccountsOutput, lastPage bool) bool {
// pageNum++
// fmt.Println(page)
// return pageNum <= 3
// })
//
func (c *Organizations) ListAccountsPages(input *ListAccountsInput, fn func(*ListAccountsOutput, bool) bool) error {
return c.ListAccountsPagesWithContext(aws.BackgroundContext(), input, fn)
}
// ListAccountsPagesWithContext same as ListAccountsPages except
// it takes a Context and allows setting request options on the pages.
//
// The context must be non-nil and will be used for request cancellation. If
// the context is nil a panic will occur. In the future the SDK may create
// sub-contexts for http.Requests. See https://golang.org/pkg/context/
// for more information on using Contexts.
func (c *Organizations) ListAccountsPagesWithContext(ctx aws.Context, input *ListAccountsInput, fn func(*ListAccountsOutput, bool) bool, opts ...request.Option) error {
p := request.Pagination{
NewRequest: func() (*request.Request, error) {
var inCpy *ListAccountsInput
if input != nil {
tmp := *input
inCpy = &tmp
}
req, _ := c.ListAccountsRequest(inCpy)
req.SetContext(ctx)
req.ApplyOptions(opts...)
return req, nil
},
}
cont := true
for p.Next() && cont {
cont = fn(p.Page().(*ListAccountsOutput), !p.HasNextPage())
}
return p.Err()
}
const opListAccountsForParent = "ListAccountsForParent"
// ListAccountsForParentRequest generates a "aws/request.Request" representing the
// client's request for the ListAccountsForParent operation. The "output" return
// value will be populated with the request's response once the request completes
// successfuly.
//
// Use "Send" method on the returned Request to send the API call to the service.
// the "output" return value is not valid until after Send returns without error.
//
// See ListAccountsForParent for more information on using the ListAccountsForParent
// API call, and error handling.
//
// This method is useful when you want to inject custom logic or configuration
// into the SDK's request lifecycle. Such as custom headers, or retry logic.
//
//
// // Example sending a request using the ListAccountsForParentRequest method.
// req, resp := client.ListAccountsForParentRequest(params)
//
// err := req.Send()
// if err == nil { // resp is now filled
// fmt.Println(resp)
// }
//
// See also, https://docs.aws.amazon.com/goto/WebAPI/organizations-2016-11-28/ListAccountsForParent
func (c *Organizations) ListAccountsForParentRequest(input *ListAccountsForParentInput) (req *request.Request, output *ListAccountsForParentOutput) {
op := &request.Operation{
Name: opListAccountsForParent,
HTTPMethod: "POST",
HTTPPath: "/",
Paginator: &request.Paginator{
InputTokens: []string{"NextToken"},
OutputTokens: []string{"NextToken"},
LimitToken: "MaxResults",
TruncationToken: "",
},
}
if input == nil {
input = &ListAccountsForParentInput{}
}
output = &ListAccountsForParentOutput{}
req = c.newRequest(op, input, output)
return
}
// ListAccountsForParent API operation for AWS Organizations.
//
// Lists the accounts in an organization that are contained by the specified
// target root or organizational unit (OU). If you specify the root, you get
// a list of all the accounts that are not in any OU. If you specify an OU,
// you get a list of all the accounts in only that OU, and not in any child
// OUs. To get a list of all accounts in the organization, use the ListAccounts
// operation.
//
// Always check the NextToken response parameter for a null value when calling
// a List* operation. These operations can occasionally return an empty set
// of results even when there are more results available. The NextToken response
// parameter value is nullonly when there are no more results to display.
//
// This operation can be called only from the organization's master account.
//
// Returns awserr.Error for service API and SDK errors. Use runtime type assertions
// with awserr.Error's Code and Message methods to get detailed information about
// the error.
//
// See the AWS API reference guide for AWS Organizations's
// API operation ListAccountsForParent for usage and error information.
//
// Returned Error Codes:
// * ErrCodeAccessDeniedException "AccessDeniedException"
// You don't have permissions to perform the requested operation. The user or
// role that is making the request must have at least one IAM permissions policy
// attached that grants the required permissions. For more information, see
// Access Management (http://docs.aws.amazon.com/IAM/latest/UserGuide/access.html)
// in the IAM User Guide.
//
// * ErrCodeAWSOrganizationsNotInUseException "AWSOrganizationsNotInUseException"
// Your account is not a member of an organization. To make this request, you
// must use the credentials of an account that belongs to an organization.
//
// * ErrCodeInvalidInputException "InvalidInputException"
// The requested operation failed because you provided invalid values for one
// or more of the request parameters. This exception includes a reason that
// contains additional information about the violated limit:
//
// Some of the reasons in the following list might not be applicable to this
// specific API or operation:
//
// * IMMUTABLE_POLICY: You specified a policy that is managed by AWS and
// cannot be modified.
//
// * INPUT_REQUIRED: You must include a value for all required parameters.
//
// * INVALID_ENUM: You specified a value that is not valid for that parameter.
//
// * INVALID_FULL_NAME_TARGET: You specified a full name that contains invalid
// characters.
//
// * INVALID_LIST_MEMBER: You provided a list to a parameter that contains
// at least one invalid value.
//
// * INVALID_PARTY_TYPE_TARGET: You specified the wrong type of entity (account,
// organization, or email) as a party.
//
// * INVALID_PAGINATION_TOKEN: Get the value for the NextToken parameter
// from the response to a previous call of the operation.
//
// * INVALID_PATTERN: You provided a value that doesn't match the required
// pattern.
//
// * INVALID_PATTERN_TARGET_ID: You specified a policy target ID that doesn't
// match the required pattern.
//
// * INVALID_ROLE_NAME: You provided a role name that is not valid. A role
// name can’t begin with the reserved prefix 'AWSServiceRoleFor'.
//
// * INVALID_SYNTAX_ORGANIZATION_ARN: You specified an invalid ARN for the
// organization.
//
// * INVALID_SYNTAX_POLICY_ID: You specified an invalid policy ID.
//
// * MAX_FILTER_LIMIT_EXCEEDED: You can specify only one filter parameter
// for the operation.
//
// * MAX_LENGTH_EXCEEDED: You provided a string parameter that is longer
// than allowed.
//
// * MAX_VALUE_EXCEEDED: You provided a numeric parameter that has a larger
// value than allowed.
//
// * MIN_LENGTH_EXCEEDED: You provided a string parameter that is shorter
// than allowed.
//
// * MIN_VALUE_EXCEEDED: You provided a numeric parameter that has a smaller
// value than allowed.
//
// * MOVING_ACCOUNT_BETWEEN_DIFFERENT_ROOTS: You can move an account only
// between entities in the same root.
//
// * ErrCodeParentNotFoundException "ParentNotFoundException"
// We can't find a root or organizational unit (OU) with the ParentId that you
// specified.
//
// * ErrCodeServiceException "ServiceException"
// AWS Organizations can't complete your request because of an internal service
// error. Try again later.
//
// * ErrCodeTooManyRequestsException "TooManyRequestsException"
// You've sent too many requests in too short a period of time. The limit helps
// protect against denial-of-service attacks. Try again later.
//
// See also, https://docs.aws.amazon.com/goto/WebAPI/organizations-2016-11-28/ListAccountsForParent
func (c *Organizations) ListAccountsForParent(input *ListAccountsForParentInput) (*ListAccountsForParentOutput, error) {
req, out := c.ListAccountsForParentRequest(input)
return out, req.Send()
}
// ListAccountsForParentWithContext is the same as ListAccountsForParent with the addition of
// the ability to pass a context and additional request options.
//
// See ListAccountsForParent for details on how to use this API operation.
//
// The context must be non-nil and will be used for request cancellation. If
// the context is nil a panic will occur. In the future the SDK may create
// sub-contexts for http.Requests. See https://golang.org/pkg/context/
// for more information on using Contexts.
func (c *Organizations) ListAccountsForParentWithContext(ctx aws.Context, input *ListAccountsForParentInput, opts ...request.Option) (*ListAccountsForParentOutput, error) {
req, out := c.ListAccountsForParentRequest(input)
req.SetContext(ctx)
req.ApplyOptions(opts...)
return out, req.Send()
}
// ListAccountsForParentPages iterates over the pages of a ListAccountsForParent operation,
// calling the "fn" function with the response data for each page. To stop
// iterating, return false from the fn function.
//
// See ListAccountsForParent method for more information on how to use this operation.
//
// Note: This operation can generate multiple requests to a service.
//
// // Example iterating over at most 3 pages of a ListAccountsForParent operation.
// pageNum := 0
// err := client.ListAccountsForParentPages(params,
// func(page *ListAccountsForParentOutput, lastPage bool) bool {
// pageNum++
// fmt.Println(page)
// return pageNum <= 3
// })
//
func (c *Organizations) ListAccountsForParentPages(input *ListAccountsForParentInput, fn func(*ListAccountsForParentOutput, bool) bool) error {
return c.ListAccountsForParentPagesWithContext(aws.BackgroundContext(), input, fn)
}
// ListAccountsForParentPagesWithContext same as ListAccountsForParentPages except
// it takes a Context and allows setting request options on the pages.
//
// The context must be non-nil and will be used for request cancellation. If
// the context is nil a panic will occur. In the future the SDK may create
// sub-contexts for http.Requests. See https://golang.org/pkg/context/
// for more information on using Contexts.
func (c *Organizations) ListAccountsForParentPagesWithContext(ctx aws.Context, input *ListAccountsForParentInput, fn func(*ListAccountsForParentOutput, bool) bool, opts ...request.Option) error {
p := request.Pagination{
NewRequest: func() (*request.Request, error) {
var inCpy *ListAccountsForParentInput
if input != nil {
tmp := *input
inCpy = &tmp
}
req, _ := c.ListAccountsForParentRequest(inCpy)
req.SetContext(ctx)
req.ApplyOptions(opts...)
return req, nil
},
}
cont := true
for p.Next() && cont {
cont = fn(p.Page().(*ListAccountsForParentOutput), !p.HasNextPage())
}
return p.Err()
}
const opListChildren = "ListChildren"
// ListChildrenRequest generates a "aws/request.Request" representing the
// client's request for the ListChildren operation. The "output" return
// value will be populated with the request's response once the request completes
// successfuly.
//
// Use "Send" method on the returned Request to send the API call to the service.
// the "output" return value is not valid until after Send returns without error.
//
// See ListChildren for more information on using the ListChildren
// API call, and error handling.
//
// This method is useful when you want to inject custom logic or configuration
// into the SDK's request lifecycle. Such as custom headers, or retry logic.
//
//
// // Example sending a request using the ListChildrenRequest method.
// req, resp := client.ListChildrenRequest(params)
//
// err := req.Send()
// if err == nil { // resp is now filled
// fmt.Println(resp)
// }
//
// See also, https://docs.aws.amazon.com/goto/WebAPI/organizations-2016-11-28/ListChildren
func (c *Organizations) ListChildrenRequest(input *ListChildrenInput) (req *request.Request, output *ListChildrenOutput) {
op := &request.Operation{
Name: opListChildren,
HTTPMethod: "POST",
HTTPPath: "/",
Paginator: &request.Paginator{
InputTokens: []string{"NextToken"},
OutputTokens: []string{"NextToken"},
LimitToken: "MaxResults",
TruncationToken: "",
},
}
if input == nil {
input = &ListChildrenInput{}
}
output = &ListChildrenOutput{}
req = c.newRequest(op, input, output)
return
}
// ListChildren API operation for AWS Organizations.
//
// Lists all of the OUs or accounts that are contained in the specified parent
// OU or root. This operation, along with ListParents enables you to traverse
// the tree structure that makes up this root.
//
// Always check the NextToken response parameter for a null value when calling
// a List* operation. These operations can occasionally return an empty set
// of results even when there are more results available. The NextToken response
// parameter value is nullonly when there are no more results to display.
//
// This operation can be called only from the organization's master account.
//
// Returns awserr.Error for service API and SDK errors. Use runtime type assertions
// with awserr.Error's Code and Message methods to get detailed information about
// the error.
//
// See the AWS API reference guide for AWS Organizations's
// API operation ListChildren for usage and error information.
//
// Returned Error Codes:
// * ErrCodeAccessDeniedException "AccessDeniedException"
// You don't have permissions to perform the requested operation. The user or
// role that is making the request must have at least one IAM permissions policy
// attached that grants the required permissions. For more information, see
// Access Management (http://docs.aws.amazon.com/IAM/latest/UserGuide/access.html)
// in the IAM User Guide.
//
// * ErrCodeAWSOrganizationsNotInUseException "AWSOrganizationsNotInUseException"
// Your account is not a member of an organization. To make this request, you
// must use the credentials of an account that belongs to an organization.
//
// * ErrCodeInvalidInputException "InvalidInputException"
// The requested operation failed because you provided invalid values for one
// or more of the request parameters. This exception includes a reason that
// contains additional information about the violated limit:
//
// Some of the reasons in the following list might not be applicable to this
// specific API or operation:
//
// * IMMUTABLE_POLICY: You specified a policy that is managed by AWS and
// cannot be modified.
//
// * INPUT_REQUIRED: You must include a value for all required parameters.
//
// * INVALID_ENUM: You specified a value that is not valid for that parameter.
//
// * INVALID_FULL_NAME_TARGET: You specified a full name that contains invalid
// characters.
//
// * INVALID_LIST_MEMBER: You provided a list to a parameter that contains
// at least one invalid value.
//
// * INVALID_PARTY_TYPE_TARGET: You specified the wrong type of entity (account,
// organization, or email) as a party.
//
// * INVALID_PAGINATION_TOKEN: Get the value for the NextToken parameter
// from the response to a previous call of the operation.
//
// * INVALID_PATTERN: You provided a value that doesn't match the required
// pattern.
//
// * INVALID_PATTERN_TARGET_ID: You specified a policy target ID that doesn't
// match the required pattern.
//
// * INVALID_ROLE_NAME: You provided a role name that is not valid. A role
// name can’t begin with the reserved prefix 'AWSServiceRoleFor'.
//
// * INVALID_SYNTAX_ORGANIZATION_ARN: You specified an invalid ARN for the
// organization.
//
// * INVALID_SYNTAX_POLICY_ID: You specified an invalid policy ID.
//
// * MAX_FILTER_LIMIT_EXCEEDED: You can specify only one filter parameter
// for the operation.
//
// * MAX_LENGTH_EXCEEDED: You provided a string parameter that is longer
// than allowed.
//
// * MAX_VALUE_EXCEEDED: You provided a numeric parameter that has a larger
// value than allowed.
//
// * MIN_LENGTH_EXCEEDED: You provided a string parameter that is shorter
// than allowed.
//
// * MIN_VALUE_EXCEEDED: You provided a numeric parameter that has a smaller
// value than allowed.
//
// * MOVING_ACCOUNT_BETWEEN_DIFFERENT_ROOTS: You can move an account only
// between entities in the same root.
//
// * ErrCodeParentNotFoundException "ParentNotFoundException"
// We can't find a root or organizational unit (OU) with the ParentId that you
// specified.
//
// * ErrCodeServiceException "ServiceException"
// AWS Organizations can't complete your request because of an internal service
// error. Try again later.
//
// * ErrCodeTooManyRequestsException "TooManyRequestsException"
// You've sent too many requests in too short a period of time. The limit helps
// protect against denial-of-service attacks. Try again later.
//
// See also, https://docs.aws.amazon.com/goto/WebAPI/organizations-2016-11-28/ListChildren
func (c *Organizations) ListChildren(input *ListChildrenInput) (*ListChildrenOutput, error) {
req, out := c.ListChildrenRequest(input)
return out, req.Send()
}
// ListChildrenWithContext is the same as ListChildren with the addition of
// the ability to pass a context and additional request options.
//
// See ListChildren for details on how to use this API operation.
//
// The context must be non-nil and will be used for request cancellation. If
// the context is nil a panic will occur. In the future the SDK may create
// sub-contexts for http.Requests. See https://golang.org/pkg/context/
// for more information on using Contexts.
func (c *Organizations) ListChildrenWithContext(ctx aws.Context, input *ListChildrenInput, opts ...request.Option) (*ListChildrenOutput, error) {
req, out := c.ListChildrenRequest(input)
req.SetContext(ctx)
req.ApplyOptions(opts...)
return out, req.Send()
}
// ListChildrenPages iterates over the pages of a ListChildren operation,
// calling the "fn" function with the response data for each page. To stop
// iterating, return false from the fn function.
//
// See ListChildren method for more information on how to use this operation.
//
// Note: This operation can generate multiple requests to a service.
//
// // Example iterating over at most 3 pages of a ListChildren operation.
// pageNum := 0
// err := client.ListChildrenPages(params,
// func(page *ListChildrenOutput, lastPage bool) bool {
// pageNum++
// fmt.Println(page)
// return pageNum <= 3
// })
//
func (c *Organizations) ListChildrenPages(input *ListChildrenInput, fn func(*ListChildrenOutput, bool) bool) error {
return c.ListChildrenPagesWithContext(aws.BackgroundContext(), input, fn)
}
// ListChildrenPagesWithContext same as ListChildrenPages except
// it takes a Context and allows setting request options on the pages.
//
// The context must be non-nil and will be used for request cancellation. If
// the context is nil a panic will occur. In the future the SDK may create
// sub-contexts for http.Requests. See https://golang.org/pkg/context/
// for more information on using Contexts.
func (c *Organizations) ListChildrenPagesWithContext(ctx aws.Context, input *ListChildrenInput, fn func(*ListChildrenOutput, bool) bool, opts ...request.Option) error {
p := request.Pagination{
NewRequest: func() (*request.Request, error) {
var inCpy *ListChildrenInput
if input != nil {
tmp := *input
inCpy = &tmp
}
req, _ := c.ListChildrenRequest(inCpy)
req.SetContext(ctx)
req.ApplyOptions(opts...)
return req, nil
},
}
cont := true
for p.Next() && cont {
cont = fn(p.Page().(*ListChildrenOutput), !p.HasNextPage())
}
return p.Err()
}
const opListCreateAccountStatus = "ListCreateAccountStatus"
// ListCreateAccountStatusRequest generates a "aws/request.Request" representing the
// client's request for the ListCreateAccountStatus operation. The "output" return
// value will be populated with the request's response once the request completes
// successfuly.
//
// Use "Send" method on the returned Request to send the API call to the service.
// the "output" return value is not valid until after Send returns without error.
//
// See ListCreateAccountStatus for more information on using the ListCreateAccountStatus
// API call, and error handling.
//
// This method is useful when you want to inject custom logic or configuration
// into the SDK's request lifecycle. Such as custom headers, or retry logic.
//
//
// // Example sending a request using the ListCreateAccountStatusRequest method.
// req, resp := client.ListCreateAccountStatusRequest(params)
//
// err := req.Send()
// if err == nil { // resp is now filled
// fmt.Println(resp)
// }
//
// See also, https://docs.aws.amazon.com/goto/WebAPI/organizations-2016-11-28/ListCreateAccountStatus
func (c *Organizations) ListCreateAccountStatusRequest(input *ListCreateAccountStatusInput) (req *request.Request, output *ListCreateAccountStatusOutput) {
op := &request.Operation{
Name: opListCreateAccountStatus,
HTTPMethod: "POST",
HTTPPath: "/",
Paginator: &request.Paginator{
InputTokens: []string{"NextToken"},
OutputTokens: []string{"NextToken"},
LimitToken: "MaxResults",
TruncationToken: "",
},
}
if input == nil {
input = &ListCreateAccountStatusInput{}
}
output = &ListCreateAccountStatusOutput{}
req = c.newRequest(op, input, output)
return
}
// ListCreateAccountStatus API operation for AWS Organizations.
//
// Lists the account creation requests that match the specified status that
// is currently being tracked for the organization.
//
// Always check the NextToken response parameter for a null value when calling
// a List* operation. These operations can occasionally return an empty set
// of results even when there are more results available. The NextToken response
// parameter value is nullonly when there are no more results to display.
//
// This operation can be called only from the organization's master account.
//
// Returns awserr.Error for service API and SDK errors. Use runtime type assertions
// with awserr.Error's Code and Message methods to get detailed information about
// the error.
//
// See the AWS API reference guide for AWS Organizations's
// API operation ListCreateAccountStatus for usage and error information.
//
// Returned Error Codes:
// * ErrCodeAccessDeniedException "AccessDeniedException"
// You don't have permissions to perform the requested operation. The user or
// role that is making the request must have at least one IAM permissions policy
// attached that grants the required permissions. For more information, see
// Access Management (http://docs.aws.amazon.com/IAM/latest/UserGuide/access.html)
// in the IAM User Guide.
//
// * ErrCodeAWSOrganizationsNotInUseException "AWSOrganizationsNotInUseException"
// Your account is not a member of an organization. To make this request, you
// must use the credentials of an account that belongs to an organization.
//
// * ErrCodeInvalidInputException "InvalidInputException"
// The requested operation failed because you provided invalid values for one
// or more of the request parameters. This exception includes a reason that
// contains additional information about the violated limit:
//
// Some of the reasons in the following list might not be applicable to this
// specific API or operation:
//
// * IMMUTABLE_POLICY: You specified a policy that is managed by AWS and
// cannot be modified.
//
// * INPUT_REQUIRED: You must include a value for all required parameters.
//
// * INVALID_ENUM: You specified a value that is not valid for that parameter.
//
// * INVALID_FULL_NAME_TARGET: You specified a full name that contains invalid
// characters.
//
// * INVALID_LIST_MEMBER: You provided a list to a parameter that contains
// at least one invalid value.
//
// * INVALID_PARTY_TYPE_TARGET: You specified the wrong type of entity (account,
// organization, or email) as a party.
//
// * INVALID_PAGINATION_TOKEN: Get the value for the NextToken parameter
// from the response to a previous call of the operation.
//
// * INVALID_PATTERN: You provided a value that doesn't match the required
// pattern.
//
// * INVALID_PATTERN_TARGET_ID: You specified a policy target ID that doesn't
// match the required pattern.
//
// * INVALID_ROLE_NAME: You provided a role name that is not valid. A role
// name can’t begin with the reserved prefix 'AWSServiceRoleFor'.
//
// * INVALID_SYNTAX_ORGANIZATION_ARN: You specified an invalid ARN for the
// organization.
//
// * INVALID_SYNTAX_POLICY_ID: You specified an invalid policy ID.
//
// * MAX_FILTER_LIMIT_EXCEEDED: You can specify only one filter parameter
// for the operation.
//
// * MAX_LENGTH_EXCEEDED: You provided a string parameter that is longer
// than allowed.
//
// * MAX_VALUE_EXCEEDED: You provided a numeric parameter that has a larger
// value than allowed.
//
// * MIN_LENGTH_EXCEEDED: You provided a string parameter that is shorter
// than allowed.
//
// * MIN_VALUE_EXCEEDED: You provided a numeric parameter that has a smaller
// value than allowed.
//
// * MOVING_ACCOUNT_BETWEEN_DIFFERENT_ROOTS: You can move an account only
// between entities in the same root.
//
// * ErrCodeServiceException "ServiceException"
// AWS Organizations can't complete your request because of an internal service
// error. Try again later.
//
// * ErrCodeTooManyRequestsException "TooManyRequestsException"
// You've sent too many requests in too short a period of time. The limit helps
// protect against denial-of-service attacks. Try again later.
//
// See also, https://docs.aws.amazon.com/goto/WebAPI/organizations-2016-11-28/ListCreateAccountStatus
func (c *Organizations) ListCreateAccountStatus(input *ListCreateAccountStatusInput) (*ListCreateAccountStatusOutput, error) {
req, out := c.ListCreateAccountStatusRequest(input)
return out, req.Send()
}
// ListCreateAccountStatusWithContext is the same as ListCreateAccountStatus with the addition of
// the ability to pass a context and additional request options.
//
// See ListCreateAccountStatus for details on how to use this API operation.
//
// The context must be non-nil and will be used for request cancellation. If
// the context is nil a panic will occur. In the future the SDK may create
// sub-contexts for http.Requests. See https://golang.org/pkg/context/
// for more information on using Contexts.
func (c *Organizations) ListCreateAccountStatusWithContext(ctx aws.Context, input *ListCreateAccountStatusInput, opts ...request.Option) (*ListCreateAccountStatusOutput, error) {
req, out := c.ListCreateAccountStatusRequest(input)
req.SetContext(ctx)
req.ApplyOptions(opts...)
return out, req.Send()
}
// ListCreateAccountStatusPages iterates over the pages of a ListCreateAccountStatus operation,
// calling the "fn" function with the response data for each page. To stop
// iterating, return false from the fn function.
//
// See ListCreateAccountStatus method for more information on how to use this operation.
//
// Note: This operation can generate multiple requests to a service.
//
// // Example iterating over at most 3 pages of a ListCreateAccountStatus operation.
// pageNum := 0
// err := client.ListCreateAccountStatusPages(params,
// func(page *ListCreateAccountStatusOutput, lastPage bool) bool {
// pageNum++
// fmt.Println(page)
// return pageNum <= 3
// })
//
func (c *Organizations) ListCreateAccountStatusPages(input *ListCreateAccountStatusInput, fn func(*ListCreateAccountStatusOutput, bool) bool) error {
return c.ListCreateAccountStatusPagesWithContext(aws.BackgroundContext(), input, fn)
}
// ListCreateAccountStatusPagesWithContext same as ListCreateAccountStatusPages except
// it takes a Context and allows setting request options on the pages.
//
// The context must be non-nil and will be used for request cancellation. If
// the context is nil a panic will occur. In the future the SDK may create
// sub-contexts for http.Requests. See https://golang.org/pkg/context/
// for more information on using Contexts.
func (c *Organizations) ListCreateAccountStatusPagesWithContext(ctx aws.Context, input *ListCreateAccountStatusInput, fn func(*ListCreateAccountStatusOutput, bool) bool, opts ...request.Option) error {
p := request.Pagination{
NewRequest: func() (*request.Request, error) {
var inCpy *ListCreateAccountStatusInput
if input != nil {
tmp := *input
inCpy = &tmp
}
req, _ := c.ListCreateAccountStatusRequest(inCpy)
req.SetContext(ctx)
req.ApplyOptions(opts...)
return req, nil
},
}
cont := true
for p.Next() && cont {
cont = fn(p.Page().(*ListCreateAccountStatusOutput), !p.HasNextPage())
}
return p.Err()
}
const opListHandshakesForAccount = "ListHandshakesForAccount"
// ListHandshakesForAccountRequest generates a "aws/request.Request" representing the
// client's request for the ListHandshakesForAccount operation. The "output" return
// value will be populated with the request's response once the request completes
// successfuly.
//
// Use "Send" method on the returned Request to send the API call to the service.
// the "output" return value is not valid until after Send returns without error.
//
// See ListHandshakesForAccount for more information on using the ListHandshakesForAccount
// API call, and error handling.
//
// This method is useful when you want to inject custom logic or configuration
// into the SDK's request lifecycle. Such as custom headers, or retry logic.
//
//
// // Example sending a request using the ListHandshakesForAccountRequest method.
// req, resp := client.ListHandshakesForAccountRequest(params)
//
// err := req.Send()
// if err == nil { // resp is now filled
// fmt.Println(resp)
// }
//
// See also, https://docs.aws.amazon.com/goto/WebAPI/organizations-2016-11-28/ListHandshakesForAccount
func (c *Organizations) ListHandshakesForAccountRequest(input *ListHandshakesForAccountInput) (req *request.Request, output *ListHandshakesForAccountOutput) {
op := &request.Operation{
Name: opListHandshakesForAccount,
HTTPMethod: "POST",
HTTPPath: "/",
Paginator: &request.Paginator{
InputTokens: []string{"NextToken"},
OutputTokens: []string{"NextToken"},
LimitToken: "MaxResults",
TruncationToken: "",
},
}
if input == nil {
input = &ListHandshakesForAccountInput{}
}
output = &ListHandshakesForAccountOutput{}
req = c.newRequest(op, input, output)
return
}
// ListHandshakesForAccount API operation for AWS Organizations.
//
// Lists the current handshakes that are associated with the account of the
// requesting user.
//
// Handshakes that are ACCEPTED, DECLINED, or CANCELED appear in the results
// of this API for only 30 days after changing to that state. After that they
// are deleted and no longer accessible.
//
// Always check the NextToken response parameter for a null value when calling
// a List* operation. These operations can occasionally return an empty set
// of results even when there are more results available. The NextToken response
// parameter value is nullonly when there are no more results to display.
//
// This operation can be called from any account in the organization.
//
// Returns awserr.Error for service API and SDK errors. Use runtime type assertions
// with awserr.Error's Code and Message methods to get detailed information about
// the error.
//
// See the AWS API reference guide for AWS Organizations's
// API operation ListHandshakesForAccount for usage and error information.
//
// Returned Error Codes:
// * ErrCodeAccessDeniedException "AccessDeniedException"
// You don't have permissions to perform the requested operation. The user or
// role that is making the request must have at least one IAM permissions policy
// attached that grants the required permissions. For more information, see
// Access Management (http://docs.aws.amazon.com/IAM/latest/UserGuide/access.html)
// in the IAM User Guide.
//
// * ErrCodeConcurrentModificationException "ConcurrentModificationException"
// The target of the operation is currently being modified by a different request.
// Try again later.
//
// * ErrCodeInvalidInputException "InvalidInputException"
// The requested operation failed because you provided invalid values for one
// or more of the request parameters. This exception includes a reason that
// contains additional information about the violated limit:
//
// Some of the reasons in the following list might not be applicable to this
// specific API or operation:
//
// * IMMUTABLE_POLICY: You specified a policy that is managed by AWS and
// cannot be modified.
//
// * INPUT_REQUIRED: You must include a value for all required parameters.
//
// * INVALID_ENUM: You specified a value that is not valid for that parameter.
//
// * INVALID_FULL_NAME_TARGET: You specified a full name that contains invalid
// characters.
//
// * INVALID_LIST_MEMBER: You provided a list to a parameter that contains
// at least one invalid value.
//
// * INVALID_PARTY_TYPE_TARGET: You specified the wrong type of entity (account,
// organization, or email) as a party.
//
// * INVALID_PAGINATION_TOKEN: Get the value for the NextToken parameter
// from the response to a previous call of the operation.
//
// * INVALID_PATTERN: You provided a value that doesn't match the required
// pattern.
//
// * INVALID_PATTERN_TARGET_ID: You specified a policy target ID that doesn't
// match the required pattern.
//
// * INVALID_ROLE_NAME: You provided a role name that is not valid. A role
// name can’t begin with the reserved prefix 'AWSServiceRoleFor'.
//
// * INVALID_SYNTAX_ORGANIZATION_ARN: You specified an invalid ARN for the
// organization.
//
// * INVALID_SYNTAX_POLICY_ID: You specified an invalid policy ID.
//
// * MAX_FILTER_LIMIT_EXCEEDED: You can specify only one filter parameter
// for the operation.
//
// * MAX_LENGTH_EXCEEDED: You provided a string parameter that is longer
// than allowed.
//
// * MAX_VALUE_EXCEEDED: You provided a numeric parameter that has a larger
// value than allowed.
//
// * MIN_LENGTH_EXCEEDED: You provided a string parameter that is shorter
// than allowed.
//
// * MIN_VALUE_EXCEEDED: You provided a numeric parameter that has a smaller
// value than allowed.
//
// * MOVING_ACCOUNT_BETWEEN_DIFFERENT_ROOTS: You can move an account only
// between entities in the same root.
//
// * ErrCodeServiceException "ServiceException"
// AWS Organizations can't complete your request because of an internal service
// error. Try again later.
//
// * ErrCodeTooManyRequestsException "TooManyRequestsException"
// You've sent too many requests in too short a period of time. The limit helps
// protect against denial-of-service attacks. Try again later.
//
// See also, https://docs.aws.amazon.com/goto/WebAPI/organizations-2016-11-28/ListHandshakesForAccount
func (c *Organizations) ListHandshakesForAccount(input *ListHandshakesForAccountInput) (*ListHandshakesForAccountOutput, error) {
req, out := c.ListHandshakesForAccountRequest(input)
return out, req.Send()
}
// ListHandshakesForAccountWithContext is the same as ListHandshakesForAccount with the addition of
// the ability to pass a context and additional request options.
//
// See ListHandshakesForAccount for details on how to use this API operation.
//
// The context must be non-nil and will be used for request cancellation. If
// the context is nil a panic will occur. In the future the SDK may create
// sub-contexts for http.Requests. See https://golang.org/pkg/context/
// for more information on using Contexts.
func (c *Organizations) ListHandshakesForAccountWithContext(ctx aws.Context, input *ListHandshakesForAccountInput, opts ...request.Option) (*ListHandshakesForAccountOutput, error) {
req, out := c.ListHandshakesForAccountRequest(input)
req.SetContext(ctx)
req.ApplyOptions(opts...)
return out, req.Send()
}
// ListHandshakesForAccountPages iterates over the pages of a ListHandshakesForAccount operation,
// calling the "fn" function with the response data for each page. To stop
// iterating, return false from the fn function.
//
// See ListHandshakesForAccount method for more information on how to use this operation.
//
// Note: This operation can generate multiple requests to a service.
//
// // Example iterating over at most 3 pages of a ListHandshakesForAccount operation.
// pageNum := 0
// err := client.ListHandshakesForAccountPages(params,
// func(page *ListHandshakesForAccountOutput, lastPage bool) bool {
// pageNum++
// fmt.Println(page)
// return pageNum <= 3
// })
//
func (c *Organizations) ListHandshakesForAccountPages(input *ListHandshakesForAccountInput, fn func(*ListHandshakesForAccountOutput, bool) bool) error {
return c.ListHandshakesForAccountPagesWithContext(aws.BackgroundContext(), input, fn)
}
// ListHandshakesForAccountPagesWithContext same as ListHandshakesForAccountPages except
// it takes a Context and allows setting request options on the pages.
//
// The context must be non-nil and will be used for request cancellation. If
// the context is nil a panic will occur. In the future the SDK may create
// sub-contexts for http.Requests. See https://golang.org/pkg/context/
// for more information on using Contexts.
func (c *Organizations) ListHandshakesForAccountPagesWithContext(ctx aws.Context, input *ListHandshakesForAccountInput, fn func(*ListHandshakesForAccountOutput, bool) bool, opts ...request.Option) error {
p := request.Pagination{
NewRequest: func() (*request.Request, error) {
var inCpy *ListHandshakesForAccountInput
if input != nil {
tmp := *input
inCpy = &tmp
}
req, _ := c.ListHandshakesForAccountRequest(inCpy)
req.SetContext(ctx)
req.ApplyOptions(opts...)
return req, nil
},
}
cont := true
for p.Next() && cont {
cont = fn(p.Page().(*ListHandshakesForAccountOutput), !p.HasNextPage())
}
return p.Err()
}
const opListHandshakesForOrganization = "ListHandshakesForOrganization"
// ListHandshakesForOrganizationRequest generates a "aws/request.Request" representing the
// client's request for the ListHandshakesForOrganization operation. The "output" return
// value will be populated with the request's response once the request completes
// successfuly.
//
// Use "Send" method on the returned Request to send the API call to the service.
// the "output" return value is not valid until after Send returns without error.
//
// See ListHandshakesForOrganization for more information on using the ListHandshakesForOrganization
// API call, and error handling.
//
// This method is useful when you want to inject custom logic or configuration
// into the SDK's request lifecycle. Such as custom headers, or retry logic.
//
//
// // Example sending a request using the ListHandshakesForOrganizationRequest method.
// req, resp := client.ListHandshakesForOrganizationRequest(params)
//
// err := req.Send()
// if err == nil { // resp is now filled
// fmt.Println(resp)
// }
//
// See also, https://docs.aws.amazon.com/goto/WebAPI/organizations-2016-11-28/ListHandshakesForOrganization
func (c *Organizations) ListHandshakesForOrganizationRequest(input *ListHandshakesForOrganizationInput) (req *request.Request, output *ListHandshakesForOrganizationOutput) {
op := &request.Operation{
Name: opListHandshakesForOrganization,
HTTPMethod: "POST",
HTTPPath: "/",
Paginator: &request.Paginator{
InputTokens: []string{"NextToken"},
OutputTokens: []string{"NextToken"},
LimitToken: "MaxResults",
TruncationToken: "",
},
}
if input == nil {
input = &ListHandshakesForOrganizationInput{}
}
output = &ListHandshakesForOrganizationOutput{}
req = c.newRequest(op, input, output)
return
}
// ListHandshakesForOrganization API operation for AWS Organizations.
//
// Lists the handshakes that are associated with the organization that the requesting
// user is part of. The ListHandshakesForOrganization operation returns a list
// of handshake structures. Each structure contains details and status about
// a handshake.
//
// Handshakes that are ACCEPTED, DECLINED, or CANCELED appear in the results
// of this API for only 30 days after changing to that state. After that they
// are deleted and no longer accessible.
//
// Always check the NextToken response parameter for a null value when calling
// a List* operation. These operations can occasionally return an empty set
// of results even when there are more results available. The NextToken response
// parameter value is nullonly when there are no more results to display.
//
// This operation can be called only from the organization's master account.
//
// Returns awserr.Error for service API and SDK errors. Use runtime type assertions
// with awserr.Error's Code and Message methods to get detailed information about
// the error.
//
// See the AWS API reference guide for AWS Organizations's
// API operation ListHandshakesForOrganization for usage and error information.
//
// Returned Error Codes:
// * ErrCodeAccessDeniedException "AccessDeniedException"
// You don't have permissions to perform the requested operation. The user or
// role that is making the request must have at least one IAM permissions policy
// attached that grants the required permissions. For more information, see
// Access Management (http://docs.aws.amazon.com/IAM/latest/UserGuide/access.html)
// in the IAM User Guide.
//
// * ErrCodeAWSOrganizationsNotInUseException "AWSOrganizationsNotInUseException"
// Your account is not a member of an organization. To make this request, you
// must use the credentials of an account that belongs to an organization.
//
// * ErrCodeConcurrentModificationException "ConcurrentModificationException"
// The target of the operation is currently being modified by a different request.
// Try again later.
//
// * ErrCodeInvalidInputException "InvalidInputException"
// The requested operation failed because you provided invalid values for one
// or more of the request parameters. This exception includes a reason that
// contains additional information about the violated limit:
//
// Some of the reasons in the following list might not be applicable to this
// specific API or operation:
//
// * IMMUTABLE_POLICY: You specified a policy that is managed by AWS and
// cannot be modified.
//
// * INPUT_REQUIRED: You must include a value for all required parameters.
//
// * INVALID_ENUM: You specified a value that is not valid for that parameter.
//
// * INVALID_FULL_NAME_TARGET: You specified a full name that contains invalid
// characters.
//
// * INVALID_LIST_MEMBER: You provided a list to a parameter that contains
// at least one invalid value.
//
// * INVALID_PARTY_TYPE_TARGET: You specified the wrong type of entity (account,
// organization, or email) as a party.
//
// * INVALID_PAGINATION_TOKEN: Get the value for the NextToken parameter
// from the response to a previous call of the operation.
//
// * INVALID_PATTERN: You provided a value that doesn't match the required
// pattern.
//
// * INVALID_PATTERN_TARGET_ID: You specified a policy target ID that doesn't
// match the required pattern.
//
// * INVALID_ROLE_NAME: You provided a role name that is not valid. A role
// name can’t begin with the reserved prefix 'AWSServiceRoleFor'.
//
// * INVALID_SYNTAX_ORGANIZATION_ARN: You specified an invalid ARN for the
// organization.
//
// * INVALID_SYNTAX_POLICY_ID: You specified an invalid policy ID.
//
// * MAX_FILTER_LIMIT_EXCEEDED: You can specify only one filter parameter
// for the operation.
//
// * MAX_LENGTH_EXCEEDED: You provided a string parameter that is longer
// than allowed.
//
// * MAX_VALUE_EXCEEDED: You provided a numeric parameter that has a larger
// value than allowed.
//
// * MIN_LENGTH_EXCEEDED: You provided a string parameter that is shorter
// than allowed.
//
// * MIN_VALUE_EXCEEDED: You provided a numeric parameter that has a smaller
// value than allowed.
//
// * MOVING_ACCOUNT_BETWEEN_DIFFERENT_ROOTS: You can move an account only
// between entities in the same root.
//
// * ErrCodeServiceException "ServiceException"
// AWS Organizations can't complete your request because of an internal service
// error. Try again later.
//
// * ErrCodeTooManyRequestsException "TooManyRequestsException"
// You've sent too many requests in too short a period of time. The limit helps
// protect against denial-of-service attacks. Try again later.
//
// See also, https://docs.aws.amazon.com/goto/WebAPI/organizations-2016-11-28/ListHandshakesForOrganization
func (c *Organizations) ListHandshakesForOrganization(input *ListHandshakesForOrganizationInput) (*ListHandshakesForOrganizationOutput, error) {
req, out := c.ListHandshakesForOrganizationRequest(input)
return out, req.Send()
}
// ListHandshakesForOrganizationWithContext is the same as ListHandshakesForOrganization with the addition of
// the ability to pass a context and additional request options.
//
// See ListHandshakesForOrganization for details on how to use this API operation.
//
// The context must be non-nil and will be used for request cancellation. If
// the context is nil a panic will occur. In the future the SDK may create
// sub-contexts for http.Requests. See https://golang.org/pkg/context/
// for more information on using Contexts.
func (c *Organizations) ListHandshakesForOrganizationWithContext(ctx aws.Context, input *ListHandshakesForOrganizationInput, opts ...request.Option) (*ListHandshakesForOrganizationOutput, error) {
req, out := c.ListHandshakesForOrganizationRequest(input)
req.SetContext(ctx)
req.ApplyOptions(opts...)
return out, req.Send()
}
// ListHandshakesForOrganizationPages iterates over the pages of a ListHandshakesForOrganization operation,
// calling the "fn" function with the response data for each page. To stop
// iterating, return false from the fn function.
//
// See ListHandshakesForOrganization method for more information on how to use this operation.
//
// Note: This operation can generate multiple requests to a service.
//
// // Example iterating over at most 3 pages of a ListHandshakesForOrganization operation.
// pageNum := 0
// err := client.ListHandshakesForOrganizationPages(params,
// func(page *ListHandshakesForOrganizationOutput, lastPage bool) bool {
// pageNum++
// fmt.Println(page)
// return pageNum <= 3
// })
//
func (c *Organizations) ListHandshakesForOrganizationPages(input *ListHandshakesForOrganizationInput, fn func(*ListHandshakesForOrganizationOutput, bool) bool) error {
return c.ListHandshakesForOrganizationPagesWithContext(aws.BackgroundContext(), input, fn)
}
// ListHandshakesForOrganizationPagesWithContext same as ListHandshakesForOrganizationPages except
// it takes a Context and allows setting request options on the pages.
//
// The context must be non-nil and will be used for request cancellation. If
// the context is nil a panic will occur. In the future the SDK may create
// sub-contexts for http.Requests. See https://golang.org/pkg/context/
// for more information on using Contexts.
func (c *Organizations) ListHandshakesForOrganizationPagesWithContext(ctx aws.Context, input *ListHandshakesForOrganizationInput, fn func(*ListHandshakesForOrganizationOutput, bool) bool, opts ...request.Option) error {
p := request.Pagination{
NewRequest: func() (*request.Request, error) {
var inCpy *ListHandshakesForOrganizationInput
if input != nil {
tmp := *input
inCpy = &tmp
}
req, _ := c.ListHandshakesForOrganizationRequest(inCpy)
req.SetContext(ctx)
req.ApplyOptions(opts...)
return req, nil
},
}
cont := true
for p.Next() && cont {
cont = fn(p.Page().(*ListHandshakesForOrganizationOutput), !p.HasNextPage())
}
return p.Err()
}
const opListOrganizationalUnitsForParent = "ListOrganizationalUnitsForParent"
// ListOrganizationalUnitsForParentRequest generates a "aws/request.Request" representing the
// client's request for the ListOrganizationalUnitsForParent operation. The "output" return
// value will be populated with the request's response once the request completes
// successfuly.
//
// Use "Send" method on the returned Request to send the API call to the service.
// the "output" return value is not valid until after Send returns without error.
//
// See ListOrganizationalUnitsForParent for more information on using the ListOrganizationalUnitsForParent
// API call, and error handling.
//
// This method is useful when you want to inject custom logic or configuration
// into the SDK's request lifecycle. Such as custom headers, or retry logic.
//
//
// // Example sending a request using the ListOrganizationalUnitsForParentRequest method.
// req, resp := client.ListOrganizationalUnitsForParentRequest(params)
//
// err := req.Send()
// if err == nil { // resp is now filled
// fmt.Println(resp)
// }
//
// See also, https://docs.aws.amazon.com/goto/WebAPI/organizations-2016-11-28/ListOrganizationalUnitsForParent
func (c *Organizations) ListOrganizationalUnitsForParentRequest(input *ListOrganizationalUnitsForParentInput) (req *request.Request, output *ListOrganizationalUnitsForParentOutput) {
op := &request.Operation{
Name: opListOrganizationalUnitsForParent,
HTTPMethod: "POST",
HTTPPath: "/",
Paginator: &request.Paginator{
InputTokens: []string{"NextToken"},
OutputTokens: []string{"NextToken"},
LimitToken: "MaxResults",
TruncationToken: "",
},
}
if input == nil {
input = &ListOrganizationalUnitsForParentInput{}
}
output = &ListOrganizationalUnitsForParentOutput{}
req = c.newRequest(op, input, output)
return
}
// ListOrganizationalUnitsForParent API operation for AWS Organizations.
//
// Lists the organizational units (OUs) in a parent organizational unit or root.
//
// Always check the NextToken response parameter for a null value when calling
// a List* operation. These operations can occasionally return an empty set
// of results even when there are more results available. The NextToken response
// parameter value is nullonly when there are no more results to display.
//
// This operation can be called only from the organization's master account.
//
// Returns awserr.Error for service API and SDK errors. Use runtime type assertions
// with awserr.Error's Code and Message methods to get detailed information about
// the error.
//
// See the AWS API reference guide for AWS Organizations's
// API operation ListOrganizationalUnitsForParent for usage and error information.
//
// Returned Error Codes:
// * ErrCodeAccessDeniedException "AccessDeniedException"
// You don't have permissions to perform the requested operation. The user or
// role that is making the request must have at least one IAM permissions policy
// attached that grants the required permissions. For more information, see
// Access Management (http://docs.aws.amazon.com/IAM/latest/UserGuide/access.html)
// in the IAM User Guide.
//
// * ErrCodeAWSOrganizationsNotInUseException "AWSOrganizationsNotInUseException"
// Your account is not a member of an organization. To make this request, you
// must use the credentials of an account that belongs to an organization.
//
// * ErrCodeInvalidInputException "InvalidInputException"
// The requested operation failed because you provided invalid values for one
// or more of the request parameters. This exception includes a reason that
// contains additional information about the violated limit:
//
// Some of the reasons in the following list might not be applicable to this
// specific API or operation:
//
// * IMMUTABLE_POLICY: You specified a policy that is managed by AWS and
// cannot be modified.
//
// * INPUT_REQUIRED: You must include a value for all required parameters.
//
// * INVALID_ENUM: You specified a value that is not valid for that parameter.
//
// * INVALID_FULL_NAME_TARGET: You specified a full name that contains invalid
// characters.
//
// * INVALID_LIST_MEMBER: You provided a list to a parameter that contains
// at least one invalid value.
//
// * INVALID_PARTY_TYPE_TARGET: You specified the wrong type of entity (account,
// organization, or email) as a party.
//
// * INVALID_PAGINATION_TOKEN: Get the value for the NextToken parameter
// from the response to a previous call of the operation.
//
// * INVALID_PATTERN: You provided a value that doesn't match the required
// pattern.
//
// * INVALID_PATTERN_TARGET_ID: You specified a policy target ID that doesn't
// match the required pattern.
//
// * INVALID_ROLE_NAME: You provided a role name that is not valid. A role
// name can’t begin with the reserved prefix 'AWSServiceRoleFor'.
//
// * INVALID_SYNTAX_ORGANIZATION_ARN: You specified an invalid ARN for the
// organization.
//
// * INVALID_SYNTAX_POLICY_ID: You specified an invalid policy ID.
//
// * MAX_FILTER_LIMIT_EXCEEDED: You can specify only one filter parameter
// for the operation.
//
// * MAX_LENGTH_EXCEEDED: You provided a string parameter that is longer
// than allowed.
//
// * MAX_VALUE_EXCEEDED: You provided a numeric parameter that has a larger
// value than allowed.
//
// * MIN_LENGTH_EXCEEDED: You provided a string parameter that is shorter
// than allowed.
//
// * MIN_VALUE_EXCEEDED: You provided a numeric parameter that has a smaller
// value than allowed.
//
// * MOVING_ACCOUNT_BETWEEN_DIFFERENT_ROOTS: You can move an account only
// between entities in the same root.
//
// * ErrCodeParentNotFoundException "ParentNotFoundException"
// We can't find a root or organizational unit (OU) with the ParentId that you
// specified.
//
// * ErrCodeServiceException "ServiceException"
// AWS Organizations can't complete your request because of an internal service
// error. Try again later.
//
// * ErrCodeTooManyRequestsException "TooManyRequestsException"
// You've sent too many requests in too short a period of time. The limit helps
// protect against denial-of-service attacks. Try again later.
//
// See also, https://docs.aws.amazon.com/goto/WebAPI/organizations-2016-11-28/ListOrganizationalUnitsForParent
func (c *Organizations) ListOrganizationalUnitsForParent(input *ListOrganizationalUnitsForParentInput) (*ListOrganizationalUnitsForParentOutput, error) {
req, out := c.ListOrganizationalUnitsForParentRequest(input)
return out, req.Send()
}
// ListOrganizationalUnitsForParentWithContext is the same as ListOrganizationalUnitsForParent with the addition of
// the ability to pass a context and additional request options.
//
// See ListOrganizationalUnitsForParent for details on how to use this API operation.
//
// The context must be non-nil and will be used for request cancellation. If
// the context is nil a panic will occur. In the future the SDK may create
// sub-contexts for http.Requests. See https://golang.org/pkg/context/
// for more information on using Contexts.
func (c *Organizations) ListOrganizationalUnitsForParentWithContext(ctx aws.Context, input *ListOrganizationalUnitsForParentInput, opts ...request.Option) (*ListOrganizationalUnitsForParentOutput, error) {
req, out := c.ListOrganizationalUnitsForParentRequest(input)
req.SetContext(ctx)
req.ApplyOptions(opts...)
return out, req.Send()
}
// ListOrganizationalUnitsForParentPages iterates over the pages of a ListOrganizationalUnitsForParent operation,
// calling the "fn" function with the response data for each page. To stop
// iterating, return false from the fn function.
//
// See ListOrganizationalUnitsForParent method for more information on how to use this operation.
//
// Note: This operation can generate multiple requests to a service.
//
// // Example iterating over at most 3 pages of a ListOrganizationalUnitsForParent operation.
// pageNum := 0
// err := client.ListOrganizationalUnitsForParentPages(params,
// func(page *ListOrganizationalUnitsForParentOutput, lastPage bool) bool {
// pageNum++
// fmt.Println(page)
// return pageNum <= 3
// })
//
func (c *Organizations) ListOrganizationalUnitsForParentPages(input *ListOrganizationalUnitsForParentInput, fn func(*ListOrganizationalUnitsForParentOutput, bool) bool) error {
return c.ListOrganizationalUnitsForParentPagesWithContext(aws.BackgroundContext(), input, fn)
}
// ListOrganizationalUnitsForParentPagesWithContext same as ListOrganizationalUnitsForParentPages except
// it takes a Context and allows setting request options on the pages.
//
// The context must be non-nil and will be used for request cancellation. If
// the context is nil a panic will occur. In the future the SDK may create
// sub-contexts for http.Requests. See https://golang.org/pkg/context/
// for more information on using Contexts.
func (c *Organizations) ListOrganizationalUnitsForParentPagesWithContext(ctx aws.Context, input *ListOrganizationalUnitsForParentInput, fn func(*ListOrganizationalUnitsForParentOutput, bool) bool, opts ...request.Option) error {
p := request.Pagination{
NewRequest: func() (*request.Request, error) {
var inCpy *ListOrganizationalUnitsForParentInput
if input != nil {
tmp := *input
inCpy = &tmp
}
req, _ := c.ListOrganizationalUnitsForParentRequest(inCpy)
req.SetContext(ctx)
req.ApplyOptions(opts...)
return req, nil
},
}
cont := true
for p.Next() && cont {
cont = fn(p.Page().(*ListOrganizationalUnitsForParentOutput), !p.HasNextPage())
}
return p.Err()
}
const opListParents = "ListParents"
// ListParentsRequest generates a "aws/request.Request" representing the
// client's request for the ListParents operation. The "output" return
// value will be populated with the request's response once the request completes
// successfuly.
//
// Use "Send" method on the returned Request to send the API call to the service.
// the "output" return value is not valid until after Send returns without error.
//
// See ListParents for more information on using the ListParents
// API call, and error handling.
//
// This method is useful when you want to inject custom logic or configuration
// into the SDK's request lifecycle. Such as custom headers, or retry logic.
//
//
// // Example sending a request using the ListParentsRequest method.
// req, resp := client.ListParentsRequest(params)
//
// err := req.Send()
// if err == nil { // resp is now filled
// fmt.Println(resp)
// }
//
// See also, https://docs.aws.amazon.com/goto/WebAPI/organizations-2016-11-28/ListParents
func (c *Organizations) ListParentsRequest(input *ListParentsInput) (req *request.Request, output *ListParentsOutput) {
op := &request.Operation{
Name: opListParents,
HTTPMethod: "POST",
HTTPPath: "/",
Paginator: &request.Paginator{
InputTokens: []string{"NextToken"},
OutputTokens: []string{"NextToken"},
LimitToken: "MaxResults",
TruncationToken: "",
},
}
if input == nil {
input = &ListParentsInput{}
}
output = &ListParentsOutput{}
req = c.newRequest(op, input, output)
return
}
// ListParents API operation for AWS Organizations.
//
// Lists the root or organizational units (OUs) that serve as the immediate
// parent of the specified child OU or account. This operation, along with ListChildren
// enables you to traverse the tree structure that makes up this root.
//
// Always check the NextToken response parameter for a null value when calling
// a List* operation. These operations can occasionally return an empty set
// of results even when there are more results available. The NextToken response
// parameter value is nullonly when there are no more results to display.
//
// This operation can be called only from the organization's master account.
//
// In the current release, a child can have only a single parent.
//
// Returns awserr.Error for service API and SDK errors. Use runtime type assertions
// with awserr.Error's Code and Message methods to get detailed information about
// the error.
//
// See the AWS API reference guide for AWS Organizations's
// API operation ListParents for usage and error information.
//
// Returned Error Codes:
// * ErrCodeAccessDeniedException "AccessDeniedException"
// You don't have permissions to perform the requested operation. The user or
// role that is making the request must have at least one IAM permissions policy
// attached that grants the required permissions. For more information, see
// Access Management (http://docs.aws.amazon.com/IAM/latest/UserGuide/access.html)
// in the IAM User Guide.
//
// * ErrCodeAWSOrganizationsNotInUseException "AWSOrganizationsNotInUseException"
// Your account is not a member of an organization. To make this request, you
// must use the credentials of an account that belongs to an organization.
//
// * ErrCodeChildNotFoundException "ChildNotFoundException"
// We can't find an organizational unit (OU) or AWS account with the ChildId
// that you specified.
//
// * ErrCodeInvalidInputException "InvalidInputException"
// The requested operation failed because you provided invalid values for one
// or more of the request parameters. This exception includes a reason that
// contains additional information about the violated limit:
//
// Some of the reasons in the following list might not be applicable to this
// specific API or operation:
//
// * IMMUTABLE_POLICY: You specified a policy that is managed by AWS and
// cannot be modified.
//
// * INPUT_REQUIRED: You must include a value for all required parameters.
//
// * INVALID_ENUM: You specified a value that is not valid for that parameter.
//
// * INVALID_FULL_NAME_TARGET: You specified a full name that contains invalid
// characters.
//
// * INVALID_LIST_MEMBER: You provided a list to a parameter that contains
// at least one invalid value.
//
// * INVALID_PARTY_TYPE_TARGET: You specified the wrong type of entity (account,
// organization, or email) as a party.
//
// * INVALID_PAGINATION_TOKEN: Get the value for the NextToken parameter
// from the response to a previous call of the operation.
//
// * INVALID_PATTERN: You provided a value that doesn't match the required
// pattern.
//
// * INVALID_PATTERN_TARGET_ID: You specified a policy target ID that doesn't
// match the required pattern.
//
// * INVALID_ROLE_NAME: You provided a role name that is not valid. A role
// name can’t begin with the reserved prefix 'AWSServiceRoleFor'.
//
// * INVALID_SYNTAX_ORGANIZATION_ARN: You specified an invalid ARN for the
// organization.
//
// * INVALID_SYNTAX_POLICY_ID: You specified an invalid policy ID.
//
// * MAX_FILTER_LIMIT_EXCEEDED: You can specify only one filter parameter
// for the operation.
//
// * MAX_LENGTH_EXCEEDED: You provided a string parameter that is longer
// than allowed.
//
// * MAX_VALUE_EXCEEDED: You provided a numeric parameter that has a larger
// value than allowed.
//
// * MIN_LENGTH_EXCEEDED: You provided a string parameter that is shorter
// than allowed.
//
// * MIN_VALUE_EXCEEDED: You provided a numeric parameter that has a smaller
// value than allowed.
//
// * MOVING_ACCOUNT_BETWEEN_DIFFERENT_ROOTS: You can move an account only
// between entities in the same root.
//
// * ErrCodeServiceException "ServiceException"
// AWS Organizations can't complete your request because of an internal service
// error. Try again later.
//
// * ErrCodeTooManyRequestsException "TooManyRequestsException"
// You've sent too many requests in too short a period of time. The limit helps
// protect against denial-of-service attacks. Try again later.
//
// See also, https://docs.aws.amazon.com/goto/WebAPI/organizations-2016-11-28/ListParents
func (c *Organizations) ListParents(input *ListParentsInput) (*ListParentsOutput, error) {
req, out := c.ListParentsRequest(input)
return out, req.Send()
}
// ListParentsWithContext is the same as ListParents with the addition of
// the ability to pass a context and additional request options.
//
// See ListParents for details on how to use this API operation.
//
// The context must be non-nil and will be used for request cancellation. If
// the context is nil a panic will occur. In the future the SDK may create
// sub-contexts for http.Requests. See https://golang.org/pkg/context/
// for more information on using Contexts.
func (c *Organizations) ListParentsWithContext(ctx aws.Context, input *ListParentsInput, opts ...request.Option) (*ListParentsOutput, error) {
req, out := c.ListParentsRequest(input)
req.SetContext(ctx)
req.ApplyOptions(opts...)
return out, req.Send()
}
// ListParentsPages iterates over the pages of a ListParents operation,
// calling the "fn" function with the response data for each page. To stop
// iterating, return false from the fn function.
//
// See ListParents method for more information on how to use this operation.
//
// Note: This operation can generate multiple requests to a service.
//
// // Example iterating over at most 3 pages of a ListParents operation.
// pageNum := 0
// err := client.ListParentsPages(params,
// func(page *ListParentsOutput, lastPage bool) bool {
// pageNum++
// fmt.Println(page)
// return pageNum <= 3
// })
//
func (c *Organizations) ListParentsPages(input *ListParentsInput, fn func(*ListParentsOutput, bool) bool) error {
return c.ListParentsPagesWithContext(aws.BackgroundContext(), input, fn)
}
// ListParentsPagesWithContext same as ListParentsPages except
// it takes a Context and allows setting request options on the pages.
//
// The context must be non-nil and will be used for request cancellation. If
// the context is nil a panic will occur. In the future the SDK may create
// sub-contexts for http.Requests. See https://golang.org/pkg/context/
// for more information on using Contexts.
func (c *Organizations) ListParentsPagesWithContext(ctx aws.Context, input *ListParentsInput, fn func(*ListParentsOutput, bool) bool, opts ...request.Option) error {
p := request.Pagination{
NewRequest: func() (*request.Request, error) {
var inCpy *ListParentsInput
if input != nil {
tmp := *input
inCpy = &tmp
}
req, _ := c.ListParentsRequest(inCpy)
req.SetContext(ctx)
req.ApplyOptions(opts...)
return req, nil
},
}
cont := true
for p.Next() && cont {
cont = fn(p.Page().(*ListParentsOutput), !p.HasNextPage())
}
return p.Err()
}
const opListPolicies = "ListPolicies"
// ListPoliciesRequest generates a "aws/request.Request" representing the
// client's request for the ListPolicies operation. The "output" return
// value will be populated with the request's response once the request completes
// successfuly.
//
// Use "Send" method on the returned Request to send the API call to the service.
// the "output" return value is not valid until after Send returns without error.
//
// See ListPolicies for more information on using the ListPolicies
// API call, and error handling.
//
// This method is useful when you want to inject custom logic or configuration
// into the SDK's request lifecycle. Such as custom headers, or retry logic.
//
//
// // Example sending a request using the ListPoliciesRequest method.
// req, resp := client.ListPoliciesRequest(params)
//
// err := req.Send()
// if err == nil { // resp is now filled
// fmt.Println(resp)
// }
//
// See also, https://docs.aws.amazon.com/goto/WebAPI/organizations-2016-11-28/ListPolicies
func (c *Organizations) ListPoliciesRequest(input *ListPoliciesInput) (req *request.Request, output *ListPoliciesOutput) {
op := &request.Operation{
Name: opListPolicies,
HTTPMethod: "POST",
HTTPPath: "/",
Paginator: &request.Paginator{
InputTokens: []string{"NextToken"},
OutputTokens: []string{"NextToken"},
LimitToken: "MaxResults",
TruncationToken: "",
},
}
if input == nil {
input = &ListPoliciesInput{}
}
output = &ListPoliciesOutput{}
req = c.newRequest(op, input, output)
return
}
// ListPolicies API operation for AWS Organizations.
//
// Retrieves the list of all policies in an organization of a specified type.
//
// Always check the NextToken response parameter for a null value when calling
// a List* operation. These operations can occasionally return an empty set
// of results even when there are more results available. The NextToken response
// parameter value is nullonly when there are no more results to display.
//
// This operation can be called only from the organization's master account.
//
// Returns awserr.Error for service API and SDK errors. Use runtime type assertions
// with awserr.Error's Code and Message methods to get detailed information about
// the error.
//
// See the AWS API reference guide for AWS Organizations's
// API operation ListPolicies for usage and error information.
//
// Returned Error Codes:
// * ErrCodeAccessDeniedException "AccessDeniedException"
// You don't have permissions to perform the requested operation. The user or
// role that is making the request must have at least one IAM permissions policy
// attached that grants the required permissions. For more information, see
// Access Management (http://docs.aws.amazon.com/IAM/latest/UserGuide/access.html)
// in the IAM User Guide.
//
// * ErrCodeAWSOrganizationsNotInUseException "AWSOrganizationsNotInUseException"
// Your account is not a member of an organization. To make this request, you
// must use the credentials of an account that belongs to an organization.
//
// * ErrCodeInvalidInputException "InvalidInputException"
// The requested operation failed because you provided invalid values for one
// or more of the request parameters. This exception includes a reason that
// contains additional information about the violated limit:
//
// Some of the reasons in the following list might not be applicable to this
// specific API or operation:
//
// * IMMUTABLE_POLICY: You specified a policy that is managed by AWS and
// cannot be modified.
//
// * INPUT_REQUIRED: You must include a value for all required parameters.
//
// * INVALID_ENUM: You specified a value that is not valid for that parameter.
//
// * INVALID_FULL_NAME_TARGET: You specified a full name that contains invalid
// characters.
//
// * INVALID_LIST_MEMBER: You provided a list to a parameter that contains
// at least one invalid value.
//
// * INVALID_PARTY_TYPE_TARGET: You specified the wrong type of entity (account,
// organization, or email) as a party.
//
// * INVALID_PAGINATION_TOKEN: Get the value for the NextToken parameter
// from the response to a previous call of the operation.
//
// * INVALID_PATTERN: You provided a value that doesn't match the required
// pattern.
//
// * INVALID_PATTERN_TARGET_ID: You specified a policy target ID that doesn't
// match the required pattern.
//
// * INVALID_ROLE_NAME: You provided a role name that is not valid. A role
// name can’t begin with the reserved prefix 'AWSServiceRoleFor'.
//
// * INVALID_SYNTAX_ORGANIZATION_ARN: You specified an invalid ARN for the
// organization.
//
// * INVALID_SYNTAX_POLICY_ID: You specified an invalid policy ID.
//
// * MAX_FILTER_LIMIT_EXCEEDED: You can specify only one filter parameter
// for the operation.
//
// * MAX_LENGTH_EXCEEDED: You provided a string parameter that is longer
// than allowed.
//
// * MAX_VALUE_EXCEEDED: You provided a numeric parameter that has a larger
// value than allowed.
//
// * MIN_LENGTH_EXCEEDED: You provided a string parameter that is shorter
// than allowed.
//
// * MIN_VALUE_EXCEEDED: You provided a numeric parameter that has a smaller
// value than allowed.
//
// * MOVING_ACCOUNT_BETWEEN_DIFFERENT_ROOTS: You can move an account only
// between entities in the same root.
//
// * ErrCodeServiceException "ServiceException"
// AWS Organizations can't complete your request because of an internal service
// error. Try again later.
//
// * ErrCodeTooManyRequestsException "TooManyRequestsException"
// You've sent too many requests in too short a period of time. The limit helps
// protect against denial-of-service attacks. Try again later.
//
// See also, https://docs.aws.amazon.com/goto/WebAPI/organizations-2016-11-28/ListPolicies
func (c *Organizations) ListPolicies(input *ListPoliciesInput) (*ListPoliciesOutput, error) {
req, out := c.ListPoliciesRequest(input)
return out, req.Send()
}
// ListPoliciesWithContext is the same as ListPolicies with the addition of
// the ability to pass a context and additional request options.
//
// See ListPolicies for details on how to use this API operation.
//
// The context must be non-nil and will be used for request cancellation. If
// the context is nil a panic will occur. In the future the SDK may create
// sub-contexts for http.Requests. See https://golang.org/pkg/context/
// for more information on using Contexts.
func (c *Organizations) ListPoliciesWithContext(ctx aws.Context, input *ListPoliciesInput, opts ...request.Option) (*ListPoliciesOutput, error) {
req, out := c.ListPoliciesRequest(input)
req.SetContext(ctx)
req.ApplyOptions(opts...)
return out, req.Send()
}
// ListPoliciesPages iterates over the pages of a ListPolicies operation,
// calling the "fn" function with the response data for each page. To stop
// iterating, return false from the fn function.
//
// See ListPolicies method for more information on how to use this operation.
//
// Note: This operation can generate multiple requests to a service.
//
// // Example iterating over at most 3 pages of a ListPolicies operation.
// pageNum := 0
// err := client.ListPoliciesPages(params,
// func(page *ListPoliciesOutput, lastPage bool) bool {
// pageNum++
// fmt.Println(page)
// return pageNum <= 3
// })
//
func (c *Organizations) ListPoliciesPages(input *ListPoliciesInput, fn func(*ListPoliciesOutput, bool) bool) error {
return c.ListPoliciesPagesWithContext(aws.BackgroundContext(), input, fn)
}
// ListPoliciesPagesWithContext same as ListPoliciesPages except
// it takes a Context and allows setting request options on the pages.
//
// The context must be non-nil and will be used for request cancellation. If
// the context is nil a panic will occur. In the future the SDK may create
// sub-contexts for http.Requests. See https://golang.org/pkg/context/
// for more information on using Contexts.
func (c *Organizations) ListPoliciesPagesWithContext(ctx aws.Context, input *ListPoliciesInput, fn func(*ListPoliciesOutput, bool) bool, opts ...request.Option) error {
p := request.Pagination{
NewRequest: func() (*request.Request, error) {
var inCpy *ListPoliciesInput
if input != nil {
tmp := *input
inCpy = &tmp
}
req, _ := c.ListPoliciesRequest(inCpy)
req.SetContext(ctx)
req.ApplyOptions(opts...)
return req, nil
},
}
cont := true
for p.Next() && cont {
cont = fn(p.Page().(*ListPoliciesOutput), !p.HasNextPage())
}
return p.Err()
}
const opListPoliciesForTarget = "ListPoliciesForTarget"
// ListPoliciesForTargetRequest generates a "aws/request.Request" representing the
// client's request for the ListPoliciesForTarget operation. The "output" return
// value will be populated with the request's response once the request completes
// successfuly.
//
// Use "Send" method on the returned Request to send the API call to the service.
// the "output" return value is not valid until after Send returns without error.
//
// See ListPoliciesForTarget for more information on using the ListPoliciesForTarget
// API call, and error handling.
//
// This method is useful when you want to inject custom logic or configuration
// into the SDK's request lifecycle. Such as custom headers, or retry logic.
//
//
// // Example sending a request using the ListPoliciesForTargetRequest method.
// req, resp := client.ListPoliciesForTargetRequest(params)
//
// err := req.Send()
// if err == nil { // resp is now filled
// fmt.Println(resp)
// }
//
// See also, https://docs.aws.amazon.com/goto/WebAPI/organizations-2016-11-28/ListPoliciesForTarget
func (c *Organizations) ListPoliciesForTargetRequest(input *ListPoliciesForTargetInput) (req *request.Request, output *ListPoliciesForTargetOutput) {
op := &request.Operation{
Name: opListPoliciesForTarget,
HTTPMethod: "POST",
HTTPPath: "/",
Paginator: &request.Paginator{
InputTokens: []string{"NextToken"},
OutputTokens: []string{"NextToken"},
LimitToken: "MaxResults",
TruncationToken: "",
},
}
if input == nil {
input = &ListPoliciesForTargetInput{}
}
output = &ListPoliciesForTargetOutput{}
req = c.newRequest(op, input, output)
return
}
// ListPoliciesForTarget API operation for AWS Organizations.
//
// Lists the policies that are directly attached to the specified target root,
// organizational unit (OU), or account. You must specify the policy type that
// you want included in the returned list.
//
// Always check the NextToken response parameter for a null value when calling
// a List* operation. These operations can occasionally return an empty set
// of results even when there are more results available. The NextToken response
// parameter value is nullonly when there are no more results to display.
//
// This operation can be called only from the organization's master account.
//
// Returns awserr.Error for service API and SDK errors. Use runtime type assertions
// with awserr.Error's Code and Message methods to get detailed information about
// the error.
//
// See the AWS API reference guide for AWS Organizations's
// API operation ListPoliciesForTarget for usage and error information.
//
// Returned Error Codes:
// * ErrCodeAccessDeniedException "AccessDeniedException"
// You don't have permissions to perform the requested operation. The user or
// role that is making the request must have at least one IAM permissions policy
// attached that grants the required permissions. For more information, see
// Access Management (http://docs.aws.amazon.com/IAM/latest/UserGuide/access.html)
// in the IAM User Guide.
//
// * ErrCodeAWSOrganizationsNotInUseException "AWSOrganizationsNotInUseException"
// Your account is not a member of an organization. To make this request, you
// must use the credentials of an account that belongs to an organization.
//
// * ErrCodeInvalidInputException "InvalidInputException"
// The requested operation failed because you provided invalid values for one
// or more of the request parameters. This exception includes a reason that
// contains additional information about the violated limit:
//
// Some of the reasons in the following list might not be applicable to this
// specific API or operation:
//
// * IMMUTABLE_POLICY: You specified a policy that is managed by AWS and
// cannot be modified.
//
// * INPUT_REQUIRED: You must include a value for all required parameters.
//
// * INVALID_ENUM: You specified a value that is not valid for that parameter.
//
// * INVALID_FULL_NAME_TARGET: You specified a full name that contains invalid
// characters.
//
// * INVALID_LIST_MEMBER: You provided a list to a parameter that contains
// at least one invalid value.
//
// * INVALID_PARTY_TYPE_TARGET: You specified the wrong type of entity (account,
// organization, or email) as a party.
//
// * INVALID_PAGINATION_TOKEN: Get the value for the NextToken parameter
// from the response to a previous call of the operation.
//
// * INVALID_PATTERN: You provided a value that doesn't match the required
// pattern.
//
// * INVALID_PATTERN_TARGET_ID: You specified a policy target ID that doesn't
// match the required pattern.
//
// * INVALID_ROLE_NAME: You provided a role name that is not valid. A role
// name can’t begin with the reserved prefix 'AWSServiceRoleFor'.
//
// * INVALID_SYNTAX_ORGANIZATION_ARN: You specified an invalid ARN for the
// organization.
//
// * INVALID_SYNTAX_POLICY_ID: You specified an invalid policy ID.
//
// * MAX_FILTER_LIMIT_EXCEEDED: You can specify only one filter parameter
// for the operation.
//
// * MAX_LENGTH_EXCEEDED: You provided a string parameter that is longer
// than allowed.
//
// * MAX_VALUE_EXCEEDED: You provided a numeric parameter that has a larger
// value than allowed.
//
// * MIN_LENGTH_EXCEEDED: You provided a string parameter that is shorter
// than allowed.
//
// * MIN_VALUE_EXCEEDED: You provided a numeric parameter that has a smaller
// value than allowed.
//
// * MOVING_ACCOUNT_BETWEEN_DIFFERENT_ROOTS: You can move an account only
// between entities in the same root.
//
// * ErrCodeServiceException "ServiceException"
// AWS Organizations can't complete your request because of an internal service
// error. Try again later.
//
// * ErrCodeTargetNotFoundException "TargetNotFoundException"
// We can't find a root, OU, or account with the TargetId that you specified.
//
// * ErrCodeTooManyRequestsException "TooManyRequestsException"
// You've sent too many requests in too short a period of time. The limit helps
// protect against denial-of-service attacks. Try again later.
//
// See also, https://docs.aws.amazon.com/goto/WebAPI/organizations-2016-11-28/ListPoliciesForTarget
func (c *Organizations) ListPoliciesForTarget(input *ListPoliciesForTargetInput) (*ListPoliciesForTargetOutput, error) {
req, out := c.ListPoliciesForTargetRequest(input)
return out, req.Send()
}
// ListPoliciesForTargetWithContext is the same as ListPoliciesForTarget with the addition of
// the ability to pass a context and additional request options.
//
// See ListPoliciesForTarget for details on how to use this API operation.
//
// The context must be non-nil and will be used for request cancellation. If
// the context is nil a panic will occur. In the future the SDK may create
// sub-contexts for http.Requests. See https://golang.org/pkg/context/
// for more information on using Contexts.
func (c *Organizations) ListPoliciesForTargetWithContext(ctx aws.Context, input *ListPoliciesForTargetInput, opts ...request.Option) (*ListPoliciesForTargetOutput, error) {
req, out := c.ListPoliciesForTargetRequest(input)
req.SetContext(ctx)
req.ApplyOptions(opts...)
return out, req.Send()
}
// ListPoliciesForTargetPages iterates over the pages of a ListPoliciesForTarget operation,
// calling the "fn" function with the response data for each page. To stop
// iterating, return false from the fn function.
//
// See ListPoliciesForTarget method for more information on how to use this operation.
//
// Note: This operation can generate multiple requests to a service.
//
// // Example iterating over at most 3 pages of a ListPoliciesForTarget operation.
// pageNum := 0
// err := client.ListPoliciesForTargetPages(params,
// func(page *ListPoliciesForTargetOutput, lastPage bool) bool {
// pageNum++
// fmt.Println(page)
// return pageNum <= 3
// })
//
func (c *Organizations) ListPoliciesForTargetPages(input *ListPoliciesForTargetInput, fn func(*ListPoliciesForTargetOutput, bool) bool) error {
return c.ListPoliciesForTargetPagesWithContext(aws.BackgroundContext(), input, fn)
}
// ListPoliciesForTargetPagesWithContext same as ListPoliciesForTargetPages except
// it takes a Context and allows setting request options on the pages.
//
// The context must be non-nil and will be used for request cancellation. If
// the context is nil a panic will occur. In the future the SDK may create
// sub-contexts for http.Requests. See https://golang.org/pkg/context/
// for more information on using Contexts.
func (c *Organizations) ListPoliciesForTargetPagesWithContext(ctx aws.Context, input *ListPoliciesForTargetInput, fn func(*ListPoliciesForTargetOutput, bool) bool, opts ...request.Option) error {
p := request.Pagination{
NewRequest: func() (*request.Request, error) {
var inCpy *ListPoliciesForTargetInput
if input != nil {
tmp := *input
inCpy = &tmp
}
req, _ := c.ListPoliciesForTargetRequest(inCpy)
req.SetContext(ctx)
req.ApplyOptions(opts...)
return req, nil
},
}
cont := true
for p.Next() && cont {
cont = fn(p.Page().(*ListPoliciesForTargetOutput), !p.HasNextPage())
}
return p.Err()
}
const opListRoots = "ListRoots"
// ListRootsRequest generates a "aws/request.Request" representing the
// client's request for the ListRoots operation. The "output" return
// value will be populated with the request's response once the request completes
// successfuly.
//
// Use "Send" method on the returned Request to send the API call to the service.
// the "output" return value is not valid until after Send returns without error.
//
// See ListRoots for more information on using the ListRoots
// API call, and error handling.
//
// This method is useful when you want to inject custom logic or configuration
// into the SDK's request lifecycle. Such as custom headers, or retry logic.
//
//
// // Example sending a request using the ListRootsRequest method.
// req, resp := client.ListRootsRequest(params)
//
// err := req.Send()
// if err == nil { // resp is now filled
// fmt.Println(resp)
// }
//
// See also, https://docs.aws.amazon.com/goto/WebAPI/organizations-2016-11-28/ListRoots
func (c *Organizations) ListRootsRequest(input *ListRootsInput) (req *request.Request, output *ListRootsOutput) {
op := &request.Operation{
Name: opListRoots,
HTTPMethod: "POST",
HTTPPath: "/",
Paginator: &request.Paginator{
InputTokens: []string{"NextToken"},
OutputTokens: []string{"NextToken"},
LimitToken: "MaxResults",
TruncationToken: "",
},
}
if input == nil {
input = &ListRootsInput{}
}
output = &ListRootsOutput{}
req = c.newRequest(op, input, output)
return
}
// ListRoots API operation for AWS Organizations.
//
// Lists the roots that are defined in the current organization.
//
// Always check the NextToken response parameter for a null value when calling
// a List* operation. These operations can occasionally return an empty set
// of results even when there are more results available. The NextToken response
// parameter value is nullonly when there are no more results to display.
//
// This operation can be called only from the organization's master account.
//
// Policy types can be enabled and disabled in roots. This is distinct from
// whether they are available in the organization. When you enable all features,
// you make policy types available for use in that organization. Individual
// policy types can then be enabled and disabled in a root. To see the availability
// of a policy type in an organization, use DescribeOrganization.
//
// Returns awserr.Error for service API and SDK errors. Use runtime type assertions
// with awserr.Error's Code and Message methods to get detailed information about
// the error.
//
// See the AWS API reference guide for AWS Organizations's
// API operation ListRoots for usage and error information.
//
// Returned Error Codes:
// * ErrCodeAccessDeniedException "AccessDeniedException"
// You don't have permissions to perform the requested operation. The user or
// role that is making the request must have at least one IAM permissions policy
// attached that grants the required permissions. For more information, see
// Access Management (http://docs.aws.amazon.com/IAM/latest/UserGuide/access.html)
// in the IAM User Guide.
//
// * ErrCodeAWSOrganizationsNotInUseException "AWSOrganizationsNotInUseException"
// Your account is not a member of an organization. To make this request, you
// must use the credentials of an account that belongs to an organization.
//
// * ErrCodeInvalidInputException "InvalidInputException"
// The requested operation failed because you provided invalid values for one
// or more of the request parameters. This exception includes a reason that
// contains additional information about the violated limit:
//
// Some of the reasons in the following list might not be applicable to this
// specific API or operation:
//
// * IMMUTABLE_POLICY: You specified a policy that is managed by AWS and
// cannot be modified.
//
// * INPUT_REQUIRED: You must include a value for all required parameters.
//
// * INVALID_ENUM: You specified a value that is not valid for that parameter.
//
// * INVALID_FULL_NAME_TARGET: You specified a full name that contains invalid
// characters.
//
// * INVALID_LIST_MEMBER: You provided a list to a parameter that contains
// at least one invalid value.
//
// * INVALID_PARTY_TYPE_TARGET: You specified the wrong type of entity (account,
// organization, or email) as a party.
//
// * INVALID_PAGINATION_TOKEN: Get the value for the NextToken parameter
// from the response to a previous call of the operation.
//
// * INVALID_PATTERN: You provided a value that doesn't match the required
// pattern.
//
// * INVALID_PATTERN_TARGET_ID: You specified a policy target ID that doesn't
// match the required pattern.
//
// * INVALID_ROLE_NAME: You provided a role name that is not valid. A role
// name can’t begin with the reserved prefix 'AWSServiceRoleFor'.
//
// * INVALID_SYNTAX_ORGANIZATION_ARN: You specified an invalid ARN for the
// organization.
//
// * INVALID_SYNTAX_POLICY_ID: You specified an invalid policy ID.
//
// * MAX_FILTER_LIMIT_EXCEEDED: You can specify only one filter parameter
// for the operation.
//
// * MAX_LENGTH_EXCEEDED: You provided a string parameter that is longer
// than allowed.
//
// * MAX_VALUE_EXCEEDED: You provided a numeric parameter that has a larger
// value than allowed.
//
// * MIN_LENGTH_EXCEEDED: You provided a string parameter that is shorter
// than allowed.
//
// * MIN_VALUE_EXCEEDED: You provided a numeric parameter that has a smaller
// value than allowed.
//
// * MOVING_ACCOUNT_BETWEEN_DIFFERENT_ROOTS: You can move an account only
// between entities in the same root.
//
// * ErrCodeServiceException "ServiceException"
// AWS Organizations can't complete your request because of an internal service
// error. Try again later.
//
// * ErrCodeTooManyRequestsException "TooManyRequestsException"
// You've sent too many requests in too short a period of time. The limit helps
// protect against denial-of-service attacks. Try again later.
//
// See also, https://docs.aws.amazon.com/goto/WebAPI/organizations-2016-11-28/ListRoots
func (c *Organizations) ListRoots(input *ListRootsInput) (*ListRootsOutput, error) {
req, out := c.ListRootsRequest(input)
return out, req.Send()
}
// ListRootsWithContext is the same as ListRoots with the addition of
// the ability to pass a context and additional request options.
//
// See ListRoots for details on how to use this API operation.
//
// The context must be non-nil and will be used for request cancellation. If
// the context is nil a panic will occur. In the future the SDK may create
// sub-contexts for http.Requests. See https://golang.org/pkg/context/
// for more information on using Contexts.
func (c *Organizations) ListRootsWithContext(ctx aws.Context, input *ListRootsInput, opts ...request.Option) (*ListRootsOutput, error) {
req, out := c.ListRootsRequest(input)
req.SetContext(ctx)
req.ApplyOptions(opts...)
return out, req.Send()
}
// ListRootsPages iterates over the pages of a ListRoots operation,
// calling the "fn" function with the response data for each page. To stop
// iterating, return false from the fn function.
//
// See ListRoots method for more information on how to use this operation.
//
// Note: This operation can generate multiple requests to a service.
//
// // Example iterating over at most 3 pages of a ListRoots operation.
// pageNum := 0
// err := client.ListRootsPages(params,
// func(page *ListRootsOutput, lastPage bool) bool {
// pageNum++
// fmt.Println(page)
// return pageNum <= 3
// })
//
func (c *Organizations) ListRootsPages(input *ListRootsInput, fn func(*ListRootsOutput, bool) bool) error {
return c.ListRootsPagesWithContext(aws.BackgroundContext(), input, fn)
}
// ListRootsPagesWithContext same as ListRootsPages except
// it takes a Context and allows setting request options on the pages.
//
// The context must be non-nil and will be used for request cancellation. If
// the context is nil a panic will occur. In the future the SDK may create
// sub-contexts for http.Requests. See https://golang.org/pkg/context/
// for more information on using Contexts.
func (c *Organizations) ListRootsPagesWithContext(ctx aws.Context, input *ListRootsInput, fn func(*ListRootsOutput, bool) bool, opts ...request.Option) error {
p := request.Pagination{
NewRequest: func() (*request.Request, error) {
var inCpy *ListRootsInput
if input != nil {
tmp := *input
inCpy = &tmp
}
req, _ := c.ListRootsRequest(inCpy)
req.SetContext(ctx)
req.ApplyOptions(opts...)
return req, nil
},
}
cont := true
for p.Next() && cont {
cont = fn(p.Page().(*ListRootsOutput), !p.HasNextPage())
}
return p.Err()
}
const opListTargetsForPolicy = "ListTargetsForPolicy"
// ListTargetsForPolicyRequest generates a "aws/request.Request" representing the
// client's request for the ListTargetsForPolicy operation. The "output" return
// value will be populated with the request's response once the request completes
// successfuly.
//
// Use "Send" method on the returned Request to send the API call to the service.
// the "output" return value is not valid until after Send returns without error.
//
// See ListTargetsForPolicy for more information on using the ListTargetsForPolicy
// API call, and error handling.
//
// This method is useful when you want to inject custom logic or configuration
// into the SDK's request lifecycle. Such as custom headers, or retry logic.
//
//
// // Example sending a request using the ListTargetsForPolicyRequest method.
// req, resp := client.ListTargetsForPolicyRequest(params)
//
// err := req.Send()
// if err == nil { // resp is now filled
// fmt.Println(resp)
// }
//
// See also, https://docs.aws.amazon.com/goto/WebAPI/organizations-2016-11-28/ListTargetsForPolicy
func (c *Organizations) ListTargetsForPolicyRequest(input *ListTargetsForPolicyInput) (req *request.Request, output *ListTargetsForPolicyOutput) {
op := &request.Operation{
Name: opListTargetsForPolicy,
HTTPMethod: "POST",
HTTPPath: "/",
Paginator: &request.Paginator{
InputTokens: []string{"NextToken"},
OutputTokens: []string{"NextToken"},
LimitToken: "MaxResults",
TruncationToken: "",
},
}
if input == nil {
input = &ListTargetsForPolicyInput{}
}
output = &ListTargetsForPolicyOutput{}
req = c.newRequest(op, input, output)
return
}
// ListTargetsForPolicy API operation for AWS Organizations.
//
// Lists all the roots, OUs, and accounts to which the specified policy is attached.
//
// Always check the NextToken response parameter for a null value when calling
// a List* operation. These operations can occasionally return an empty set
// of results even when there are more results available. The NextToken response
// parameter value is nullonly when there are no more results to display.
//
// This operation can be called only from the organization's master account.
//
// Returns awserr.Error for service API and SDK errors. Use runtime type assertions
// with awserr.Error's Code and Message methods to get detailed information about
// the error.
//
// See the AWS API reference guide for AWS Organizations's
// API operation ListTargetsForPolicy for usage and error information.
//
// Returned Error Codes:
// * ErrCodeAccessDeniedException "AccessDeniedException"
// You don't have permissions to perform the requested operation. The user or
// role that is making the request must have at least one IAM permissions policy
// attached that grants the required permissions. For more information, see
// Access Management (http://docs.aws.amazon.com/IAM/latest/UserGuide/access.html)
// in the IAM User Guide.
//
// * ErrCodeAWSOrganizationsNotInUseException "AWSOrganizationsNotInUseException"
// Your account is not a member of an organization. To make this request, you
// must use the credentials of an account that belongs to an organization.
//
// * ErrCodeInvalidInputException "InvalidInputException"
// The requested operation failed because you provided invalid values for one
// or more of the request parameters. This exception includes a reason that
// contains additional information about the violated limit:
//
// Some of the reasons in the following list might not be applicable to this
// specific API or operation:
//
// * IMMUTABLE_POLICY: You specified a policy that is managed by AWS and
// cannot be modified.
//
// * INPUT_REQUIRED: You must include a value for all required parameters.
//
// * INVALID_ENUM: You specified a value that is not valid for that parameter.
//
// * INVALID_FULL_NAME_TARGET: You specified a full name that contains invalid
// characters.
//
// * INVALID_LIST_MEMBER: You provided a list to a parameter that contains
// at least one invalid value.
//
// * INVALID_PARTY_TYPE_TARGET: You specified the wrong type of entity (account,
// organization, or email) as a party.
//
// * INVALID_PAGINATION_TOKEN: Get the value for the NextToken parameter
// from the response to a previous call of the operation.
//
// * INVALID_PATTERN: You provided a value that doesn't match the required
// pattern.
//
// * INVALID_PATTERN_TARGET_ID: You specified a policy target ID that doesn't
// match the required pattern.
//
// * INVALID_ROLE_NAME: You provided a role name that is not valid. A role
// name can’t begin with the reserved prefix 'AWSServiceRoleFor'.
//
// * INVALID_SYNTAX_ORGANIZATION_ARN: You specified an invalid ARN for the
// organization.
//
// * INVALID_SYNTAX_POLICY_ID: You specified an invalid policy ID.
//
// * MAX_FILTER_LIMIT_EXCEEDED: You can specify only one filter parameter
// for the operation.
//
// * MAX_LENGTH_EXCEEDED: You provided a string parameter that is longer
// than allowed.
//
// * MAX_VALUE_EXCEEDED: You provided a numeric parameter that has a larger
// value than allowed.
//
// * MIN_LENGTH_EXCEEDED: You provided a string parameter that is shorter
// than allowed.
//
// * MIN_VALUE_EXCEEDED: You provided a numeric parameter that has a smaller
// value than allowed.
//
// * MOVING_ACCOUNT_BETWEEN_DIFFERENT_ROOTS: You can move an account only
// between entities in the same root.
//
// * ErrCodePolicyNotFoundException "PolicyNotFoundException"
// We can't find a policy with the PolicyId that you specified.
//
// * ErrCodeServiceException "ServiceException"
// AWS Organizations can't complete your request because of an internal service
// error. Try again later.
//
// * ErrCodeTooManyRequestsException "TooManyRequestsException"
// You've sent too many requests in too short a period of time. The limit helps
// protect against denial-of-service attacks. Try again later.
//
// See also, https://docs.aws.amazon.com/goto/WebAPI/organizations-2016-11-28/ListTargetsForPolicy
func (c *Organizations) ListTargetsForPolicy(input *ListTargetsForPolicyInput) (*ListTargetsForPolicyOutput, error) {
req, out := c.ListTargetsForPolicyRequest(input)
return out, req.Send()
}
// ListTargetsForPolicyWithContext is the same as ListTargetsForPolicy with the addition of
// the ability to pass a context and additional request options.
//
// See ListTargetsForPolicy for details on how to use this API operation.
//
// The context must be non-nil and will be used for request cancellation. If
// the context is nil a panic will occur. In the future the SDK may create
// sub-contexts for http.Requests. See https://golang.org/pkg/context/
// for more information on using Contexts.
func (c *Organizations) ListTargetsForPolicyWithContext(ctx aws.Context, input *ListTargetsForPolicyInput, opts ...request.Option) (*ListTargetsForPolicyOutput, error) {
req, out := c.ListTargetsForPolicyRequest(input)
req.SetContext(ctx)
req.ApplyOptions(opts...)
return out, req.Send()
}
// ListTargetsForPolicyPages iterates over the pages of a ListTargetsForPolicy operation,
// calling the "fn" function with the response data for each page. To stop
// iterating, return false from the fn function.
//
// See ListTargetsForPolicy method for more information on how to use this operation.
//
// Note: This operation can generate multiple requests to a service.
//
// // Example iterating over at most 3 pages of a ListTargetsForPolicy operation.
// pageNum := 0
// err := client.ListTargetsForPolicyPages(params,
// func(page *ListTargetsForPolicyOutput, lastPage bool) bool {
// pageNum++
// fmt.Println(page)
// return pageNum <= 3
// })
//
func (c *Organizations) ListTargetsForPolicyPages(input *ListTargetsForPolicyInput, fn func(*ListTargetsForPolicyOutput, bool) bool) error {
return c.ListTargetsForPolicyPagesWithContext(aws.BackgroundContext(), input, fn)
}
// ListTargetsForPolicyPagesWithContext same as ListTargetsForPolicyPages except
// it takes a Context and allows setting request options on the pages.
//
// The context must be non-nil and will be used for request cancellation. If
// the context is nil a panic will occur. In the future the SDK may create
// sub-contexts for http.Requests. See https://golang.org/pkg/context/
// for more information on using Contexts.
func (c *Organizations) ListTargetsForPolicyPagesWithContext(ctx aws.Context, input *ListTargetsForPolicyInput, fn func(*ListTargetsForPolicyOutput, bool) bool, opts ...request.Option) error {
p := request.Pagination{
NewRequest: func() (*request.Request, error) {
var inCpy *ListTargetsForPolicyInput
if input != nil {
tmp := *input
inCpy = &tmp
}
req, _ := c.ListTargetsForPolicyRequest(inCpy)
req.SetContext(ctx)
req.ApplyOptions(opts...)
return req, nil
},
}
cont := true
for p.Next() && cont {
cont = fn(p.Page().(*ListTargetsForPolicyOutput), !p.HasNextPage())
}
return p.Err()
}
const opMoveAccount = "MoveAccount"
// MoveAccountRequest generates a "aws/request.Request" representing the
// client's request for the MoveAccount operation. The "output" return
// value will be populated with the request's response once the request completes
// successfuly.
//
// Use "Send" method on the returned Request to send the API call to the service.
// the "output" return value is not valid until after Send returns without error.
//
// See MoveAccount for more information on using the MoveAccount
// API call, and error handling.
//
// This method is useful when you want to inject custom logic or configuration
// into the SDK's request lifecycle. Such as custom headers, or retry logic.
//
//
// // Example sending a request using the MoveAccountRequest method.
// req, resp := client.MoveAccountRequest(params)
//
// err := req.Send()
// if err == nil { // resp is now filled
// fmt.Println(resp)
// }
//
// See also, https://docs.aws.amazon.com/goto/WebAPI/organizations-2016-11-28/MoveAccount
func (c *Organizations) MoveAccountRequest(input *MoveAccountInput) (req *request.Request, output *MoveAccountOutput) {
op := &request.Operation{
Name: opMoveAccount,
HTTPMethod: "POST",
HTTPPath: "/",
}
if input == nil {
input = &MoveAccountInput{}
}
output = &MoveAccountOutput{}
req = c.newRequest(op, input, output)
req.Handlers.Unmarshal.Remove(jsonrpc.UnmarshalHandler)
req.Handlers.Unmarshal.PushBackNamed(protocol.UnmarshalDiscardBodyHandler)
return
}
// MoveAccount API operation for AWS Organizations.
//
// Moves an account from its current source parent root or OU to the specified
// destination parent root or OU.
//
// This operation can be called only from the organization's master account.
//
// Returns awserr.Error for service API and SDK errors. Use runtime type assertions
// with awserr.Error's Code and Message methods to get detailed information about
// the error.
//
// See the AWS API reference guide for AWS Organizations's
// API operation MoveAccount for usage and error information.
//
// Returned Error Codes:
// * ErrCodeAccessDeniedException "AccessDeniedException"
// You don't have permissions to perform the requested operation. The user or
// role that is making the request must have at least one IAM permissions policy
// attached that grants the required permissions. For more information, see
// Access Management (http://docs.aws.amazon.com/IAM/latest/UserGuide/access.html)
// in the IAM User Guide.
//
// * ErrCodeInvalidInputException "InvalidInputException"
// The requested operation failed because you provided invalid values for one
// or more of the request parameters. This exception includes a reason that
// contains additional information about the violated limit:
//
// Some of the reasons in the following list might not be applicable to this
// specific API or operation:
//
// * IMMUTABLE_POLICY: You specified a policy that is managed by AWS and
// cannot be modified.
//
// * INPUT_REQUIRED: You must include a value for all required parameters.
//
// * INVALID_ENUM: You specified a value that is not valid for that parameter.
//
// * INVALID_FULL_NAME_TARGET: You specified a full name that contains invalid
// characters.
//
// * INVALID_LIST_MEMBER: You provided a list to a parameter that contains
// at least one invalid value.
//
// * INVALID_PARTY_TYPE_TARGET: You specified the wrong type of entity (account,
// organization, or email) as a party.
//
// * INVALID_PAGINATION_TOKEN: Get the value for the NextToken parameter
// from the response to a previous call of the operation.
//
// * INVALID_PATTERN: You provided a value that doesn't match the required
// pattern.
//
// * INVALID_PATTERN_TARGET_ID: You specified a policy target ID that doesn't
// match the required pattern.
//
// * INVALID_ROLE_NAME: You provided a role name that is not valid. A role
// name can’t begin with the reserved prefix 'AWSServiceRoleFor'.
//
// * INVALID_SYNTAX_ORGANIZATION_ARN: You specified an invalid ARN for the
// organization.
//
// * INVALID_SYNTAX_POLICY_ID: You specified an invalid policy ID.
//
// * MAX_FILTER_LIMIT_EXCEEDED: You can specify only one filter parameter
// for the operation.
//
// * MAX_LENGTH_EXCEEDED: You provided a string parameter that is longer
// than allowed.
//
// * MAX_VALUE_EXCEEDED: You provided a numeric parameter that has a larger
// value than allowed.
//
// * MIN_LENGTH_EXCEEDED: You provided a string parameter that is shorter
// than allowed.
//
// * MIN_VALUE_EXCEEDED: You provided a numeric parameter that has a smaller
// value than allowed.
//
// * MOVING_ACCOUNT_BETWEEN_DIFFERENT_ROOTS: You can move an account only
// between entities in the same root.
//
// * ErrCodeSourceParentNotFoundException "SourceParentNotFoundException"
// We can't find a source root or OU with the ParentId that you specified.
//
// * ErrCodeDestinationParentNotFoundException "DestinationParentNotFoundException"
// We can't find the destination container (a root or OU) with the ParentId
// that you specified.
//
// * ErrCodeDuplicateAccountException "DuplicateAccountException"
// That account is already present in the specified destination.
//
// * ErrCodeAccountNotFoundException "AccountNotFoundException"
// We can't find an AWS account with the AccountId that you specified, or the
// account whose credentials you used to make this request is not a member of
// an organization.
//
// * ErrCodeTooManyRequestsException "TooManyRequestsException"
// You've sent too many requests in too short a period of time. The limit helps
// protect against denial-of-service attacks. Try again later.
//
// * ErrCodeConcurrentModificationException "ConcurrentModificationException"
// The target of the operation is currently being modified by a different request.
// Try again later.
//
// * ErrCodeAWSOrganizationsNotInUseException "AWSOrganizationsNotInUseException"
// Your account is not a member of an organization. To make this request, you
// must use the credentials of an account that belongs to an organization.
//
// * ErrCodeServiceException "ServiceException"
// AWS Organizations can't complete your request because of an internal service
// error. Try again later.
//
// See also, https://docs.aws.amazon.com/goto/WebAPI/organizations-2016-11-28/MoveAccount
func (c *Organizations) MoveAccount(input *MoveAccountInput) (*MoveAccountOutput, error) {
req, out := c.MoveAccountRequest(input)
return out, req.Send()
}
// MoveAccountWithContext is the same as MoveAccount with the addition of
// the ability to pass a context and additional request options.
//
// See MoveAccount for details on how to use this API operation.
//
// The context must be non-nil and will be used for request cancellation. If
// the context is nil a panic will occur. In the future the SDK may create
// sub-contexts for http.Requests. See https://golang.org/pkg/context/
// for more information on using Contexts.
func (c *Organizations) MoveAccountWithContext(ctx aws.Context, input *MoveAccountInput, opts ...request.Option) (*MoveAccountOutput, error) {
req, out := c.MoveAccountRequest(input)
req.SetContext(ctx)
req.ApplyOptions(opts...)
return out, req.Send()
}
const opRemoveAccountFromOrganization = "RemoveAccountFromOrganization"
// RemoveAccountFromOrganizationRequest generates a "aws/request.Request" representing the
// client's request for the RemoveAccountFromOrganization operation. The "output" return
// value will be populated with the request's response once the request completes
// successfuly.
//
// Use "Send" method on the returned Request to send the API call to the service.
// the "output" return value is not valid until after Send returns without error.
//
// See RemoveAccountFromOrganization for more information on using the RemoveAccountFromOrganization
// API call, and error handling.
//
// This method is useful when you want to inject custom logic or configuration
// into the SDK's request lifecycle. Such as custom headers, or retry logic.
//
//
// // Example sending a request using the RemoveAccountFromOrganizationRequest method.
// req, resp := client.RemoveAccountFromOrganizationRequest(params)
//
// err := req.Send()
// if err == nil { // resp is now filled
// fmt.Println(resp)
// }
//
// See also, https://docs.aws.amazon.com/goto/WebAPI/organizations-2016-11-28/RemoveAccountFromOrganization
func (c *Organizations) RemoveAccountFromOrganizationRequest(input *RemoveAccountFromOrganizationInput) (req *request.Request, output *RemoveAccountFromOrganizationOutput) {
op := &request.Operation{
Name: opRemoveAccountFromOrganization,
HTTPMethod: "POST",
HTTPPath: "/",
}
if input == nil {
input = &RemoveAccountFromOrganizationInput{}
}
output = &RemoveAccountFromOrganizationOutput{}
req = c.newRequest(op, input, output)
req.Handlers.Unmarshal.Remove(jsonrpc.UnmarshalHandler)
req.Handlers.Unmarshal.PushBackNamed(protocol.UnmarshalDiscardBodyHandler)
return
}
// RemoveAccountFromOrganization API operation for AWS Organizations.
//
// Removes the specified account from the organization.
//
// The removed account becomes a stand-alone account that is not a member of
// any organization. It is no longer subject to any policies and is responsible
// for its own bill payments. The organization's master account is no longer
// charged for any expenses accrued by the member account after it is removed
// from the organization.
//
// This operation can be called only from the organization's master account.
// Member accounts can remove themselves with LeaveOrganization instead.
//
// You can remove an account from your organization only if the account is configured
// with the information required to operate as a standalone account. When you
// create an account in an organization using the AWS Organizations console,
// API, or CLI commands, the information required of standalone accounts is
// not automatically collected. For an account that you want to make standalone,
// you must accept the End User License Agreement (EULA), choose a support plan,
// provide and verify the required contact information, and provide a current
// payment method. AWS uses the payment method to charge for any billable (not
// free tier) AWS activity that occurs while the account is not attached to
// an organization. To remove an account that does not yet have this information,
// you must sign in as the member account and follow the steps at To leave
// an organization when all required account information has not yet been provided
// (http://docs.aws.amazon.com/organizations/latest/userguide/orgs_manage_accounts_remove.html#leave-without-all-info)
// in the AWS Organizations User Guide.
//
// You can remove a member account only after you enable IAM user access to
// billing in the member account. For more information, see Activating Access
// to the Billing and Cost Management Console (http://docs.aws.amazon.com/awsaccountbilling/latest/aboutv2/grantaccess.html#ControllingAccessWebsite-Activate)
// in the AWS Billing and Cost Management User Guide.
//
// Returns awserr.Error for service API and SDK errors. Use runtime type assertions
// with awserr.Error's Code and Message methods to get detailed information about
// the error.
//
// See the AWS API reference guide for AWS Organizations's
// API operation RemoveAccountFromOrganization for usage and error information.
//
// Returned Error Codes:
// * ErrCodeAccessDeniedException "AccessDeniedException"
// You don't have permissions to perform the requested operation. The user or
// role that is making the request must have at least one IAM permissions policy
// attached that grants the required permissions. For more information, see
// Access Management (http://docs.aws.amazon.com/IAM/latest/UserGuide/access.html)
// in the IAM User Guide.
//
// * ErrCodeAccountNotFoundException "AccountNotFoundException"
// We can't find an AWS account with the AccountId that you specified, or the
// account whose credentials you used to make this request is not a member of
// an organization.
//
// * ErrCodeAWSOrganizationsNotInUseException "AWSOrganizationsNotInUseException"
// Your account is not a member of an organization. To make this request, you
// must use the credentials of an account that belongs to an organization.
//
// * ErrCodeConcurrentModificationException "ConcurrentModificationException"
// The target of the operation is currently being modified by a different request.
// Try again later.
//
// * ErrCodeConstraintViolationException "ConstraintViolationException"
// Performing this operation violates a minimum or maximum value limit. For
// example, attempting to removing the last SCP from an OU or root, inviting
// or creating too many accounts to the organization, or attaching too many
// policies to an account, OU, or root. This exception includes a reason that
// contains additional information about the violated limit:
//
// Some of the reasons in the following list might not be applicable to this
// specific API or operation:
//
// ACCOUNT_NUMBER_LIMIT_EXCEEDED: You attempted to exceed the limit on the number
// of accounts in an organization. If you need more accounts, contact AWS Support
// to request an increase in your limit.
//
// Or, The number of invitations that you tried to send would cause you to exceed
// the limit of accounts in your organization. Send fewer invitations, or contact
// AWS Support to request an increase in the number of accounts.
//
// Note: deleted and closed accounts still count toward your limit.
//
// If you get an exception that indicates that you exceeded your account limits
// for the organization or that you can"t add an account because your organization
// is still initializing, please contact AWS Customer Support (https://console.aws.amazon.com/support/home#/).
//
// * HANDSHAKE_RATE_LIMIT_EXCEEDED: You attempted to exceed the number of
// handshakes you can send in one day.
//
// * OU_NUMBER_LIMIT_EXCEEDED: You attempted to exceed the number of organizational
// units you can have in an organization.
//
// * OU_DEPTH_LIMIT_EXCEEDED: You attempted to create an organizational unit
// tree that is too many levels deep.
//
// * POLICY_NUMBER_LIMIT_EXCEEDED. You attempted to exceed the number of
// policies that you can have in an organization.
//
// * MAX_POLICY_TYPE_ATTACHMENT_LIMIT_EXCEEDED: You attempted to exceed the
// number of policies of a certain type that can be attached to an entity
// at one time.
//
// * MIN_POLICY_TYPE_ATTACHMENT_LIMIT_EXCEEDED: You attempted to detach a
// policy from an entity that would cause the entity to have fewer than the
// minimum number of policies of a certain type required.
//
// * ACCOUNT_CANNOT_LEAVE_WITHOUT_EULA: You attempted to remove an account
// from the organization that does not yet have enough information to exist
// as a stand-alone account. This account requires you to first agree to
// the AWS Customer Agreement. Follow the steps at To leave an organization
// when all required account information has not yet been provided (http://docs.aws.amazon.com/organizations/latest/userguide/orgs_manage_accounts_remove.html#leave-without-all-info)
// in the AWS Organizations User Guide.
//
// * ACCOUNT_CANNOT_LEAVE_WITHOUT_PHONE_VERIFICATION: You attempted to remove
// an account from the organization that does not yet have enough information
// to exist as a stand-alone account. This account requires you to first
// complete phone verification. Follow the steps at To leave an organization
// when all required account information has not yet been provided (http://docs.aws.amazon.com/organizations/latest/userguide/orgs_manage_accounts_remove.html#leave-without-all-info)
// in the AWS Organizations User Guide.
//
// * MASTER_ACCOUNT_PAYMENT_INSTRUMENT_REQUIRED: To create an organization
// with this account, you first must associate a payment instrument, such
// as a credit card, with the account. Follow the steps at To leave an organization
// when all required account information has not yet been provided (http://docs.aws.amazon.com/organizations/latest/userguide/orgs_manage_accounts_remove.html#leave-without-all-info)
// in the AWS Organizations User Guide.
//
// * MEMBER_ACCOUNT_PAYMENT_INSTRUMENT_REQUIRED: To complete this operation
// with this member account, you first must associate a payment instrument,
// such as a credit card, with the account. Follow the steps at To leave
// an organization when all required account information has not yet been
// provided (http://docs.aws.amazon.com/organizations/latest/userguide/orgs_manage_accounts_remove.html#leave-without-all-info)
// in the AWS Organizations User Guide.
//
// * ACCOUNT_CREATION_RATE_LIMIT_EXCEEDED: You attempted to exceed the number
// of accounts that you can create in one day.
//
// * MASTER_ACCOUNT_ADDRESS_DOES_NOT_MATCH_MARKETPLACE: To create an account
// in this organization, you first must migrate the organization's master
// account to the marketplace that corresponds to the master account's address.
// For example, accounts with India addresses must be associated with the
// AISPL marketplace. All accounts in an organization must be associated
// with the same marketplace.
//
// * MASTER_ACCOUNT_MISSING_CONTACT_INFO: To complete this operation, you
// must first provide contact a valid address and phone number for the master
// account. Then try the operation again.
//
// * ErrCodeInvalidInputException "InvalidInputException"
// The requested operation failed because you provided invalid values for one
// or more of the request parameters. This exception includes a reason that
// contains additional information about the violated limit:
//
// Some of the reasons in the following list might not be applicable to this
// specific API or operation:
//
// * IMMUTABLE_POLICY: You specified a policy that is managed by AWS and
// cannot be modified.
//
// * INPUT_REQUIRED: You must include a value for all required parameters.
//
// * INVALID_ENUM: You specified a value that is not valid for that parameter.
//
// * INVALID_FULL_NAME_TARGET: You specified a full name that contains invalid
// characters.
//
// * INVALID_LIST_MEMBER: You provided a list to a parameter that contains
// at least one invalid value.
//
// * INVALID_PARTY_TYPE_TARGET: You specified the wrong type of entity (account,
// organization, or email) as a party.
//
// * INVALID_PAGINATION_TOKEN: Get the value for the NextToken parameter
// from the response to a previous call of the operation.
//
// * INVALID_PATTERN: You provided a value that doesn't match the required
// pattern.
//
// * INVALID_PATTERN_TARGET_ID: You specified a policy target ID that doesn't
// match the required pattern.
//
// * INVALID_ROLE_NAME: You provided a role name that is not valid. A role
// name can’t begin with the reserved prefix 'AWSServiceRoleFor'.
//
// * INVALID_SYNTAX_ORGANIZATION_ARN: You specified an invalid ARN for the
// organization.
//
// * INVALID_SYNTAX_POLICY_ID: You specified an invalid policy ID.
//
// * MAX_FILTER_LIMIT_EXCEEDED: You can specify only one filter parameter
// for the operation.
//
// * MAX_LENGTH_EXCEEDED: You provided a string parameter that is longer
// than allowed.
//
// * MAX_VALUE_EXCEEDED: You provided a numeric parameter that has a larger
// value than allowed.
//
// * MIN_LENGTH_EXCEEDED: You provided a string parameter that is shorter
// than allowed.
//
// * MIN_VALUE_EXCEEDED: You provided a numeric parameter that has a smaller
// value than allowed.
//
// * MOVING_ACCOUNT_BETWEEN_DIFFERENT_ROOTS: You can move an account only
// between entities in the same root.
//
// * ErrCodeMasterCannotLeaveOrganizationException "MasterCannotLeaveOrganizationException"
// You can't remove a master account from an organization. If you want the master
// account to become a member account in another organization, you must first
// delete the current organization of the master account.
//
// * ErrCodeServiceException "ServiceException"
// AWS Organizations can't complete your request because of an internal service
// error. Try again later.
//
// * ErrCodeTooManyRequestsException "TooManyRequestsException"
// You've sent too many requests in too short a period of time. The limit helps
// protect against denial-of-service attacks. Try again later.
//
// See also, https://docs.aws.amazon.com/goto/WebAPI/organizations-2016-11-28/RemoveAccountFromOrganization
func (c *Organizations) RemoveAccountFromOrganization(input *RemoveAccountFromOrganizationInput) (*RemoveAccountFromOrganizationOutput, error) {
req, out := c.RemoveAccountFromOrganizationRequest(input)
return out, req.Send()
}
// RemoveAccountFromOrganizationWithContext is the same as RemoveAccountFromOrganization with the addition of
// the ability to pass a context and additional request options.
//
// See RemoveAccountFromOrganization for details on how to use this API operation.
//
// The context must be non-nil and will be used for request cancellation. If
// the context is nil a panic will occur. In the future the SDK may create
// sub-contexts for http.Requests. See https://golang.org/pkg/context/
// for more information on using Contexts.
func (c *Organizations) RemoveAccountFromOrganizationWithContext(ctx aws.Context, input *RemoveAccountFromOrganizationInput, opts ...request.Option) (*RemoveAccountFromOrganizationOutput, error) {
req, out := c.RemoveAccountFromOrganizationRequest(input)
req.SetContext(ctx)
req.ApplyOptions(opts...)
return out, req.Send()
}
const opUpdateOrganizationalUnit = "UpdateOrganizationalUnit"
// UpdateOrganizationalUnitRequest generates a "aws/request.Request" representing the
// client's request for the UpdateOrganizationalUnit operation. The "output" return
// value will be populated with the request's response once the request completes
// successfuly.
//
// Use "Send" method on the returned Request to send the API call to the service.
// the "output" return value is not valid until after Send returns without error.
//
// See UpdateOrganizationalUnit for more information on using the UpdateOrganizationalUnit
// API call, and error handling.
//
// This method is useful when you want to inject custom logic or configuration
// into the SDK's request lifecycle. Such as custom headers, or retry logic.
//
//
// // Example sending a request using the UpdateOrganizationalUnitRequest method.
// req, resp := client.UpdateOrganizationalUnitRequest(params)
//
// err := req.Send()
// if err == nil { // resp is now filled
// fmt.Println(resp)
// }
//
// See also, https://docs.aws.amazon.com/goto/WebAPI/organizations-2016-11-28/UpdateOrganizationalUnit
func (c *Organizations) UpdateOrganizationalUnitRequest(input *UpdateOrganizationalUnitInput) (req *request.Request, output *UpdateOrganizationalUnitOutput) {
op := &request.Operation{
Name: opUpdateOrganizationalUnit,
HTTPMethod: "POST",
HTTPPath: "/",
}
if input == nil {
input = &UpdateOrganizationalUnitInput{}
}
output = &UpdateOrganizationalUnitOutput{}
req = c.newRequest(op, input, output)
return
}
// UpdateOrganizationalUnit API operation for AWS Organizations.
//
// Renames the specified organizational unit (OU). The ID and ARN do not change.
// The child OUs and accounts remain in place, and any attached policies of
// the OU remain attached.
//
// This operation can be called only from the organization's master account.
//
// Returns awserr.Error for service API and SDK errors. Use runtime type assertions
// with awserr.Error's Code and Message methods to get detailed information about
// the error.
//
// See the AWS API reference guide for AWS Organizations's
// API operation UpdateOrganizationalUnit for usage and error information.
//
// Returned Error Codes:
// * ErrCodeAccessDeniedException "AccessDeniedException"
// You don't have permissions to perform the requested operation. The user or
// role that is making the request must have at least one IAM permissions policy
// attached that grants the required permissions. For more information, see
// Access Management (http://docs.aws.amazon.com/IAM/latest/UserGuide/access.html)
// in the IAM User Guide.
//
// * ErrCodeAWSOrganizationsNotInUseException "AWSOrganizationsNotInUseException"
// Your account is not a member of an organization. To make this request, you
// must use the credentials of an account that belongs to an organization.
//
// * ErrCodeConcurrentModificationException "ConcurrentModificationException"
// The target of the operation is currently being modified by a different request.
// Try again later.
//
// * ErrCodeDuplicateOrganizationalUnitException "DuplicateOrganizationalUnitException"
// An organizational unit (OU) with the same name already exists.
//
// * ErrCodeInvalidInputException "InvalidInputException"
// The requested operation failed because you provided invalid values for one
// or more of the request parameters. This exception includes a reason that
// contains additional information about the violated limit:
//
// Some of the reasons in the following list might not be applicable to this
// specific API or operation:
//
// * IMMUTABLE_POLICY: You specified a policy that is managed by AWS and
// cannot be modified.
//
// * INPUT_REQUIRED: You must include a value for all required parameters.
//
// * INVALID_ENUM: You specified a value that is not valid for that parameter.
//
// * INVALID_FULL_NAME_TARGET: You specified a full name that contains invalid
// characters.
//
// * INVALID_LIST_MEMBER: You provided a list to a parameter that contains
// at least one invalid value.
//
// * INVALID_PARTY_TYPE_TARGET: You specified the wrong type of entity (account,
// organization, or email) as a party.
//
// * INVALID_PAGINATION_TOKEN: Get the value for the NextToken parameter
// from the response to a previous call of the operation.
//
// * INVALID_PATTERN: You provided a value that doesn't match the required
// pattern.
//
// * INVALID_PATTERN_TARGET_ID: You specified a policy target ID that doesn't
// match the required pattern.
//
// * INVALID_ROLE_NAME: You provided a role name that is not valid. A role
// name can’t begin with the reserved prefix 'AWSServiceRoleFor'.
//
// * INVALID_SYNTAX_ORGANIZATION_ARN: You specified an invalid ARN for the
// organization.
//
// * INVALID_SYNTAX_POLICY_ID: You specified an invalid policy ID.
//
// * MAX_FILTER_LIMIT_EXCEEDED: You can specify only one filter parameter
// for the operation.
//
// * MAX_LENGTH_EXCEEDED: You provided a string parameter that is longer
// than allowed.
//
// * MAX_VALUE_EXCEEDED: You provided a numeric parameter that has a larger
// value than allowed.
//
// * MIN_LENGTH_EXCEEDED: You provided a string parameter that is shorter
// than allowed.
//
// * MIN_VALUE_EXCEEDED: You provided a numeric parameter that has a smaller
// value than allowed.
//
// * MOVING_ACCOUNT_BETWEEN_DIFFERENT_ROOTS: You can move an account only
// between entities in the same root.
//
// * ErrCodeOrganizationalUnitNotFoundException "OrganizationalUnitNotFoundException"
// We can't find an organizational unit (OU) with the OrganizationalUnitId that
// you specified.
//
// * ErrCodeServiceException "ServiceException"
// AWS Organizations can't complete your request because of an internal service
// error. Try again later.
//
// * ErrCodeTooManyRequestsException "TooManyRequestsException"
// You've sent too many requests in too short a period of time. The limit helps
// protect against denial-of-service attacks. Try again later.
//
// See also, https://docs.aws.amazon.com/goto/WebAPI/organizations-2016-11-28/UpdateOrganizationalUnit
func (c *Organizations) UpdateOrganizationalUnit(input *UpdateOrganizationalUnitInput) (*UpdateOrganizationalUnitOutput, error) {
req, out := c.UpdateOrganizationalUnitRequest(input)
return out, req.Send()
}
// UpdateOrganizationalUnitWithContext is the same as UpdateOrganizationalUnit with the addition of
// the ability to pass a context and additional request options.
//
// See UpdateOrganizationalUnit for details on how to use this API operation.
//
// The context must be non-nil and will be used for request cancellation. If
// the context is nil a panic will occur. In the future the SDK may create
// sub-contexts for http.Requests. See https://golang.org/pkg/context/
// for more information on using Contexts.
func (c *Organizations) UpdateOrganizationalUnitWithContext(ctx aws.Context, input *UpdateOrganizationalUnitInput, opts ...request.Option) (*UpdateOrganizationalUnitOutput, error) {
req, out := c.UpdateOrganizationalUnitRequest(input)
req.SetContext(ctx)
req.ApplyOptions(opts...)
return out, req.Send()
}
const opUpdatePolicy = "UpdatePolicy"
// UpdatePolicyRequest generates a "aws/request.Request" representing the
// client's request for the UpdatePolicy operation. The "output" return
// value will be populated with the request's response once the request completes
// successfuly.
//
// Use "Send" method on the returned Request to send the API call to the service.
// the "output" return value is not valid until after Send returns without error.
//
// See UpdatePolicy for more information on using the UpdatePolicy
// API call, and error handling.
//
// This method is useful when you want to inject custom logic or configuration
// into the SDK's request lifecycle. Such as custom headers, or retry logic.
//
//
// // Example sending a request using the UpdatePolicyRequest method.
// req, resp := client.UpdatePolicyRequest(params)
//
// err := req.Send()
// if err == nil { // resp is now filled
// fmt.Println(resp)
// }
//
// See also, https://docs.aws.amazon.com/goto/WebAPI/organizations-2016-11-28/UpdatePolicy
func (c *Organizations) UpdatePolicyRequest(input *UpdatePolicyInput) (req *request.Request, output *UpdatePolicyOutput) {
op := &request.Operation{
Name: opUpdatePolicy,
HTTPMethod: "POST",
HTTPPath: "/",
}
if input == nil {
input = &UpdatePolicyInput{}
}
output = &UpdatePolicyOutput{}
req = c.newRequest(op, input, output)
return
}
// UpdatePolicy API operation for AWS Organizations.
//
// Updates an existing policy with a new name, description, or content. If any
// parameter is not supplied, that value remains unchanged. Note that you cannot
// change a policy's type.
//
// This operation can be called only from the organization's master account.
//
// Returns awserr.Error for service API and SDK errors. Use runtime type assertions
// with awserr.Error's Code and Message methods to get detailed information about
// the error.
//
// See the AWS API reference guide for AWS Organizations's
// API operation UpdatePolicy for usage and error information.
//
// Returned Error Codes:
// * ErrCodeAccessDeniedException "AccessDeniedException"
// You don't have permissions to perform the requested operation. The user or
// role that is making the request must have at least one IAM permissions policy
// attached that grants the required permissions. For more information, see
// Access Management (http://docs.aws.amazon.com/IAM/latest/UserGuide/access.html)
// in the IAM User Guide.
//
// * ErrCodeAWSOrganizationsNotInUseException "AWSOrganizationsNotInUseException"
// Your account is not a member of an organization. To make this request, you
// must use the credentials of an account that belongs to an organization.
//
// * ErrCodeConcurrentModificationException "ConcurrentModificationException"
// The target of the operation is currently being modified by a different request.
// Try again later.
//
// * ErrCodeConstraintViolationException "ConstraintViolationException"
// Performing this operation violates a minimum or maximum value limit. For
// example, attempting to removing the last SCP from an OU or root, inviting
// or creating too many accounts to the organization, or attaching too many
// policies to an account, OU, or root. This exception includes a reason that
// contains additional information about the violated limit:
//
// Some of the reasons in the following list might not be applicable to this
// specific API or operation:
//
// ACCOUNT_NUMBER_LIMIT_EXCEEDED: You attempted to exceed the limit on the number
// of accounts in an organization. If you need more accounts, contact AWS Support
// to request an increase in your limit.
//
// Or, The number of invitations that you tried to send would cause you to exceed
// the limit of accounts in your organization. Send fewer invitations, or contact
// AWS Support to request an increase in the number of accounts.
//
// Note: deleted and closed accounts still count toward your limit.
//
// If you get an exception that indicates that you exceeded your account limits
// for the organization or that you can"t add an account because your organization
// is still initializing, please contact AWS Customer Support (https://console.aws.amazon.com/support/home#/).
//
// * HANDSHAKE_RATE_LIMIT_EXCEEDED: You attempted to exceed the number of
// handshakes you can send in one day.
//
// * OU_NUMBER_LIMIT_EXCEEDED: You attempted to exceed the number of organizational
// units you can have in an organization.
//
// * OU_DEPTH_LIMIT_EXCEEDED: You attempted to create an organizational unit
// tree that is too many levels deep.
//
// * POLICY_NUMBER_LIMIT_EXCEEDED. You attempted to exceed the number of
// policies that you can have in an organization.
//
// * MAX_POLICY_TYPE_ATTACHMENT_LIMIT_EXCEEDED: You attempted to exceed the
// number of policies of a certain type that can be attached to an entity
// at one time.
//
// * MIN_POLICY_TYPE_ATTACHMENT_LIMIT_EXCEEDED: You attempted to detach a
// policy from an entity that would cause the entity to have fewer than the
// minimum number of policies of a certain type required.
//
// * ACCOUNT_CANNOT_LEAVE_WITHOUT_EULA: You attempted to remove an account
// from the organization that does not yet have enough information to exist
// as a stand-alone account. This account requires you to first agree to
// the AWS Customer Agreement. Follow the steps at To leave an organization
// when all required account information has not yet been provided (http://docs.aws.amazon.com/organizations/latest/userguide/orgs_manage_accounts_remove.html#leave-without-all-info)
// in the AWS Organizations User Guide.
//
// * ACCOUNT_CANNOT_LEAVE_WITHOUT_PHONE_VERIFICATION: You attempted to remove
// an account from the organization that does not yet have enough information
// to exist as a stand-alone account. This account requires you to first
// complete phone verification. Follow the steps at To leave an organization
// when all required account information has not yet been provided (http://docs.aws.amazon.com/organizations/latest/userguide/orgs_manage_accounts_remove.html#leave-without-all-info)
// in the AWS Organizations User Guide.
//
// * MASTER_ACCOUNT_PAYMENT_INSTRUMENT_REQUIRED: To create an organization
// with this account, you first must associate a payment instrument, such
// as a credit card, with the account. Follow the steps at To leave an organization
// when all required account information has not yet been provided (http://docs.aws.amazon.com/organizations/latest/userguide/orgs_manage_accounts_remove.html#leave-without-all-info)
// in the AWS Organizations User Guide.
//
// * MEMBER_ACCOUNT_PAYMENT_INSTRUMENT_REQUIRED: To complete this operation
// with this member account, you first must associate a payment instrument,
// such as a credit card, with the account. Follow the steps at To leave
// an organization when all required account information has not yet been
// provided (http://docs.aws.amazon.com/organizations/latest/userguide/orgs_manage_accounts_remove.html#leave-without-all-info)
// in the AWS Organizations User Guide.
//
// * ACCOUNT_CREATION_RATE_LIMIT_EXCEEDED: You attempted to exceed the number
// of accounts that you can create in one day.
//
// * MASTER_ACCOUNT_ADDRESS_DOES_NOT_MATCH_MARKETPLACE: To create an account
// in this organization, you first must migrate the organization's master
// account to the marketplace that corresponds to the master account's address.
// For example, accounts with India addresses must be associated with the
// AISPL marketplace. All accounts in an organization must be associated
// with the same marketplace.
//
// * MASTER_ACCOUNT_MISSING_CONTACT_INFO: To complete this operation, you
// must first provide contact a valid address and phone number for the master
// account. Then try the operation again.
//
// * ErrCodeDuplicatePolicyException "DuplicatePolicyException"
// A policy with the same name already exists.
//
// * ErrCodeInvalidInputException "InvalidInputException"
// The requested operation failed because you provided invalid values for one
// or more of the request parameters. This exception includes a reason that
// contains additional information about the violated limit:
//
// Some of the reasons in the following list might not be applicable to this
// specific API or operation:
//
// * IMMUTABLE_POLICY: You specified a policy that is managed by AWS and
// cannot be modified.
//
// * INPUT_REQUIRED: You must include a value for all required parameters.
//
// * INVALID_ENUM: You specified a value that is not valid for that parameter.
//
// * INVALID_FULL_NAME_TARGET: You specified a full name that contains invalid
// characters.
//
// * INVALID_LIST_MEMBER: You provided a list to a parameter that contains
// at least one invalid value.
//
// * INVALID_PARTY_TYPE_TARGET: You specified the wrong type of entity (account,
// organization, or email) as a party.
//
// * INVALID_PAGINATION_TOKEN: Get the value for the NextToken parameter
// from the response to a previous call of the operation.
//
// * INVALID_PATTERN: You provided a value that doesn't match the required
// pattern.
//
// * INVALID_PATTERN_TARGET_ID: You specified a policy target ID that doesn't
// match the required pattern.
//
// * INVALID_ROLE_NAME: You provided a role name that is not valid. A role
// name can’t begin with the reserved prefix 'AWSServiceRoleFor'.
//
// * INVALID_SYNTAX_ORGANIZATION_ARN: You specified an invalid ARN for the
// organization.
//
// * INVALID_SYNTAX_POLICY_ID: You specified an invalid policy ID.
//
// * MAX_FILTER_LIMIT_EXCEEDED: You can specify only one filter parameter
// for the operation.
//
// * MAX_LENGTH_EXCEEDED: You provided a string parameter that is longer
// than allowed.
//
// * MAX_VALUE_EXCEEDED: You provided a numeric parameter that has a larger
// value than allowed.
//
// * MIN_LENGTH_EXCEEDED: You provided a string parameter that is shorter
// than allowed.
//
// * MIN_VALUE_EXCEEDED: You provided a numeric parameter that has a smaller
// value than allowed.
//
// * MOVING_ACCOUNT_BETWEEN_DIFFERENT_ROOTS: You can move an account only
// between entities in the same root.
//
// * ErrCodeMalformedPolicyDocumentException "MalformedPolicyDocumentException"
// The provided policy document does not meet the requirements of the specified
// policy type. For example, the syntax might be incorrect. For details about
// service control policy syntax, see Service Control Policy Syntax (http://docs.aws.amazon.com/organizations/latest/userguide/orgs_reference_scp-syntax.html)
// in the AWS Organizations User Guide.
//
// * ErrCodePolicyNotFoundException "PolicyNotFoundException"
// We can't find a policy with the PolicyId that you specified.
//
// * ErrCodeServiceException "ServiceException"
// AWS Organizations can't complete your request because of an internal service
// error. Try again later.
//
// * ErrCodeTooManyRequestsException "TooManyRequestsException"
// You've sent too many requests in too short a period of time. The limit helps
// protect against denial-of-service attacks. Try again later.
//
// See also, https://docs.aws.amazon.com/goto/WebAPI/organizations-2016-11-28/UpdatePolicy
func (c *Organizations) UpdatePolicy(input *UpdatePolicyInput) (*UpdatePolicyOutput, error) {
req, out := c.UpdatePolicyRequest(input)
return out, req.Send()
}
// UpdatePolicyWithContext is the same as UpdatePolicy with the addition of
// the ability to pass a context and additional request options.
//
// See UpdatePolicy for details on how to use this API operation.
//
// The context must be non-nil and will be used for request cancellation. If
// the context is nil a panic will occur. In the future the SDK may create
// sub-contexts for http.Requests. See https://golang.org/pkg/context/
// for more information on using Contexts.
func (c *Organizations) UpdatePolicyWithContext(ctx aws.Context, input *UpdatePolicyInput, opts ...request.Option) (*UpdatePolicyOutput, error) {
req, out := c.UpdatePolicyRequest(input)
req.SetContext(ctx)
req.ApplyOptions(opts...)
return out, req.Send()
}
type AcceptHandshakeInput struct {
_ struct{} `type:"structure"`
// The unique identifier (ID) of the handshake that you want to accept.
//
// The regex pattern (http://wikipedia.org/wiki/regex) for handshake ID string
// requires "h-" followed by from 8 to 32 lower-case letters or digits.
//
// HandshakeId is a required field
HandshakeId *string `type:"string" required:"true"`
}
// String returns the string representation
func (s AcceptHandshakeInput) String() string {
return awsutil.Prettify(s)
}
// GoString returns the string representation
func (s AcceptHandshakeInput) GoString() string {
return s.String()
}
// Validate inspects the fields of the type to determine if they are valid.
func (s *AcceptHandshakeInput) Validate() error {
invalidParams := request.ErrInvalidParams{Context: "AcceptHandshakeInput"}
if s.HandshakeId == nil {
invalidParams.Add(request.NewErrParamRequired("HandshakeId"))
}
if invalidParams.Len() > 0 {
return invalidParams
}
return nil
}
// SetHandshakeId sets the HandshakeId field's value.
func (s *AcceptHandshakeInput) SetHandshakeId(v string) *AcceptHandshakeInput {
s.HandshakeId = &v
return s
}
type AcceptHandshakeOutput struct {
_ struct{} `type:"structure"`
// A structure that contains details about the accepted handshake.
Handshake *Handshake `type:"structure"`
}
// String returns the string representation
func (s AcceptHandshakeOutput) String() string {
return awsutil.Prettify(s)
}
// GoString returns the string representation
func (s AcceptHandshakeOutput) GoString() string {
return s.String()
}
// SetHandshake sets the Handshake field's value.
func (s *AcceptHandshakeOutput) SetHandshake(v *Handshake) *AcceptHandshakeOutput {
s.Handshake = v
return s
}
// Contains information about an AWS account that is a member of an organization.
type Account struct {
_ struct{} `type:"structure"`
// The Amazon Resource Name (ARN) of the account.
//
// For more information about ARNs in Organizations, see ARN Formats Supported
// by Organizations (http://docs.aws.amazon.com/organizations/latest/userguide/orgs_permissions.html#orgs-permissions-arns)
// in the AWS Organizations User Guide.
Arn *string `type:"string"`
// The email address associated with the AWS account.
//
// The regex pattern (http://wikipedia.org/wiki/regex) for this parameter is
// a string of characters that represents a standard Internet email address.
Email *string `min:"6" type:"string"`
// The unique identifier (ID) of the account.
//
// The regex pattern (http://wikipedia.org/wiki/regex) for an account ID string
// requires exactly 12 digits.
Id *string `type:"string"`
// The method by which the account joined the organization.
JoinedMethod *string `type:"string" enum:"AccountJoinedMethod"`
// The date the account became a part of the organization.
JoinedTimestamp *time.Time `type:"timestamp" timestampFormat:"unix"`
// The friendly name of the account.
//
// The regex pattern (http://wikipedia.org/wiki/regex) that is used to validate
// this parameter is a string of any of the characters in the ASCII character
// range.
Name *string `min:"1" type:"string"`
// The status of the account in the organization.
Status *string `type:"string" enum:"AccountStatus"`
}
// String returns the string representation
func (s Account) String() string {
return awsutil.Prettify(s)
}
// GoString returns the string representation
func (s Account) GoString() string {
return s.String()
}
// SetArn sets the Arn field's value.
func (s *Account) SetArn(v string) *Account {
s.Arn = &v
return s
}
// SetEmail sets the Email field's value.
func (s *Account) SetEmail(v string) *Account {
s.Email = &v
return s
}
// SetId sets the Id field's value.
func (s *Account) SetId(v string) *Account {
s.Id = &v
return s
}
// SetJoinedMethod sets the JoinedMethod field's value.
func (s *Account) SetJoinedMethod(v string) *Account {
s.JoinedMethod = &v
return s
}
// SetJoinedTimestamp sets the JoinedTimestamp field's value.
func (s *Account) SetJoinedTimestamp(v time.Time) *Account {
s.JoinedTimestamp = &v
return s
}
// SetName sets the Name field's value.
func (s *Account) SetName(v string) *Account {
s.Name = &v
return s
}
// SetStatus sets the Status field's value.
func (s *Account) SetStatus(v string) *Account {
s.Status = &v
return s
}
type AttachPolicyInput struct {
_ struct{} `type:"structure"`
// The unique identifier (ID) of the policy that you want to attach to the target.
// You can get the ID for the policy by calling the ListPolicies operation.
//
// The regex pattern (http://wikipedia.org/wiki/regex) for a policy ID string
// requires "p-" followed by from 8 to 128 lower-case letters or digits.
//
// PolicyId is a required field
PolicyId *string `type:"string" required:"true"`
// The unique identifier (ID) of the root, OU, or account that you want to attach
// the policy to. You can get the ID by calling the ListRoots, ListOrganizationalUnitsForParent,
// or ListAccounts operations.
//
// The regex pattern (http://wikipedia.org/wiki/regex) for a target ID string
// requires one of the following:
//
// * Root: a string that begins with "r-" followed by from 4 to 32 lower-case
// letters or digits.
//
// * Account: a string that consists of exactly 12 digits.
//
// * Organizational unit (OU): a string that begins with "ou-" followed by
// from 4 to 32 lower-case letters or digits (the ID of the root that the
// OU is in) followed by a second "-" dash and from 8 to 32 additional lower-case
// letters or digits.
//
// TargetId is a required field
TargetId *string `type:"string" required:"true"`
}
// String returns the string representation
func (s AttachPolicyInput) String() string {
return awsutil.Prettify(s)
}
// GoString returns the string representation
func (s AttachPolicyInput) GoString() string {
return s.String()
}
// Validate inspects the fields of the type to determine if they are valid.
func (s *AttachPolicyInput) Validate() error {
invalidParams := request.ErrInvalidParams{Context: "AttachPolicyInput"}
if s.PolicyId == nil {
invalidParams.Add(request.NewErrParamRequired("PolicyId"))
}
if s.TargetId == nil {
invalidParams.Add(request.NewErrParamRequired("TargetId"))
}
if invalidParams.Len() > 0 {
return invalidParams
}
return nil
}
// SetPolicyId sets the PolicyId field's value.
func (s *AttachPolicyInput) SetPolicyId(v string) *AttachPolicyInput {
s.PolicyId = &v
return s
}
// SetTargetId sets the TargetId field's value.
func (s *AttachPolicyInput) SetTargetId(v string) *AttachPolicyInput {
s.TargetId = &v
return s
}
type AttachPolicyOutput struct {
_ struct{} `type:"structure"`
}
// String returns the string representation
func (s AttachPolicyOutput) String() string {
return awsutil.Prettify(s)
}
// GoString returns the string representation
func (s AttachPolicyOutput) GoString() string {
return s.String()
}
type CancelHandshakeInput struct {
_ struct{} `type:"structure"`
// The unique identifier (ID) of the handshake that you want to cancel. You
// can get the ID from the ListHandshakesForOrganization operation.
//
// The regex pattern (http://wikipedia.org/wiki/regex) for handshake ID string
// requires "h-" followed by from 8 to 32 lower-case letters or digits.
//
// HandshakeId is a required field
HandshakeId *string `type:"string" required:"true"`
}
// String returns the string representation
func (s CancelHandshakeInput) String() string {
return awsutil.Prettify(s)
}
// GoString returns the string representation
func (s CancelHandshakeInput) GoString() string {
return s.String()
}
// Validate inspects the fields of the type to determine if they are valid.
func (s *CancelHandshakeInput) Validate() error {
invalidParams := request.ErrInvalidParams{Context: "CancelHandshakeInput"}
if s.HandshakeId == nil {
invalidParams.Add(request.NewErrParamRequired("HandshakeId"))
}
if invalidParams.Len() > 0 {
return invalidParams
}
return nil
}
// SetHandshakeId sets the HandshakeId field's value.
func (s *CancelHandshakeInput) SetHandshakeId(v string) *CancelHandshakeInput {
s.HandshakeId = &v
return s
}
type CancelHandshakeOutput struct {
_ struct{} `type:"structure"`
// A structure that contains details about the handshake that you canceled.
Handshake *Handshake `type:"structure"`
}
// String returns the string representation
func (s CancelHandshakeOutput) String() string {
return awsutil.Prettify(s)
}
// GoString returns the string representation
func (s CancelHandshakeOutput) GoString() string {
return s.String()
}
// SetHandshake sets the Handshake field's value.
func (s *CancelHandshakeOutput) SetHandshake(v *Handshake) *CancelHandshakeOutput {
s.Handshake = v
return s
}
// Contains a list of child entities, either OUs or accounts.
type Child struct {
_ struct{} `type:"structure"`
// The unique identifier (ID) of this child entity.
//
// The regex pattern (http://wikipedia.org/wiki/regex) for a child ID string
// requires one of the following:
//
// * Account: a string that consists of exactly 12 digits.
//
// * Organizational unit (OU): a string that begins with "ou-" followed by
// from 4 to 32 lower-case letters or digits (the ID of the root that contains
// the OU) followed by a second "-" dash and from 8 to 32 additional lower-case
// letters or digits.
Id *string `type:"string"`
// The type of this child entity.
Type *string `type:"string" enum:"ChildType"`
}
// String returns the string representation
func (s Child) String() string {
return awsutil.Prettify(s)
}
// GoString returns the string representation
func (s Child) GoString() string {
return s.String()
}
// SetId sets the Id field's value.
func (s *Child) SetId(v string) *Child {
s.Id = &v
return s
}
// SetType sets the Type field's value.
func (s *Child) SetType(v string) *Child {
s.Type = &v
return s
}
type CreateAccountInput struct {
_ struct{} `type:"structure"`
// The friendly name of the member account.
//
// AccountName is a required field
AccountName *string `min:"1" type:"string" required:"true"`
// The email address of the owner to assign to the new member account. This
// email address must not already be associated with another AWS account. You
// must use a valid email address to complete account creation. You cannot access
// the root user of the account or remove an account that was created with an
// invalid email address.
//
// Email is a required field
Email *string `min:"6" type:"string" required:"true"`
// If set to ALLOW, the new account enables IAM users to access account billing
// information if they have the required permissions. If set to DENY, then only
// the root user of the new account can access account billing information.
// For more information, see Activating Access to the Billing and Cost Management
// Console (http://docs.aws.amazon.com/awsaccountbilling/latest/aboutv2/grantaccess.html#ControllingAccessWebsite-Activate)
// in the AWS Billing and Cost Management User Guide.
//
// If you do not specify this parameter, the value defaults to ALLOW, and IAM
// users and roles with the required permissions can access billing information
// for the new account.
IamUserAccessToBilling *string `type:"string" enum:"IAMUserAccessToBilling"`
// (Optional)
//
// The name of an IAM role that Organizations automatically preconfigures in
// the new member account. This role trusts the master account, allowing users
// in the master account to assume the role, as permitted by the master account
// administrator. The role has administrator permissions in the new member account.
//
// If you do not specify this parameter, the role name defaults to OrganizationAccountAccessRole.
//
// For more information about how to use this role to access the member account,
// see Accessing and Administering the Member Accounts in Your Organization
// (http://docs.aws.amazon.com/organizations/latest/userguide/orgs_manage_accounts_access.html#orgs_manage_accounts_create-cross-account-role)
// in the AWS Organizations User Guide, and steps 2 and 3 in Tutorial: Delegate
// Access Across AWS Accounts Using IAM Roles (http://docs.aws.amazon.com/IAM/latest/UserGuide/tutorial_cross-account-with-roles.html)
// in the IAM User Guide.
//
// The regex pattern (http://wikipedia.org/wiki/regex) that is used to validate
// this parameter is a string of characters that can consist of uppercase letters,
// lowercase letters, digits with no spaces, and any of the following characters:
// =,.@-
RoleName *string `type:"string"`
}
// String returns the string representation
func (s CreateAccountInput) String() string {
return awsutil.Prettify(s)
}
// GoString returns the string representation
func (s CreateAccountInput) GoString() string {
return s.String()
}
// Validate inspects the fields of the type to determine if they are valid.
func (s *CreateAccountInput) Validate() error {
invalidParams := request.ErrInvalidParams{Context: "CreateAccountInput"}
if s.AccountName == nil {
invalidParams.Add(request.NewErrParamRequired("AccountName"))
}
if s.AccountName != nil && len(*s.AccountName) < 1 {
invalidParams.Add(request.NewErrParamMinLen("AccountName", 1))
}
if s.Email == nil {
invalidParams.Add(request.NewErrParamRequired("Email"))
}
if s.Email != nil && len(*s.Email) < 6 {
invalidParams.Add(request.NewErrParamMinLen("Email", 6))
}
if invalidParams.Len() > 0 {
return invalidParams
}
return nil
}
// SetAccountName sets the AccountName field's value.
func (s *CreateAccountInput) SetAccountName(v string) *CreateAccountInput {
s.AccountName = &v
return s
}
// SetEmail sets the Email field's value.
func (s *CreateAccountInput) SetEmail(v string) *CreateAccountInput {
s.Email = &v
return s
}
// SetIamUserAccessToBilling sets the IamUserAccessToBilling field's value.
func (s *CreateAccountInput) SetIamUserAccessToBilling(v string) *CreateAccountInput {
s.IamUserAccessToBilling = &v
return s
}
// SetRoleName sets the RoleName field's value.
func (s *CreateAccountInput) SetRoleName(v string) *CreateAccountInput {
s.RoleName = &v
return s
}
type CreateAccountOutput struct {
_ struct{} `type:"structure"`
// A structure that contains details about the request to create an account.
// This response structure might not be fully populated when you first receive
// it because account creation is an asynchronous process. You can pass the
// returned CreateAccountStatus ID as a parameter to DescribeCreateAccountStatus
// to get status about the progress of the request at later times.
CreateAccountStatus *CreateAccountStatus `type:"structure"`
}
// String returns the string representation
func (s CreateAccountOutput) String() string {
return awsutil.Prettify(s)
}
// GoString returns the string representation
func (s CreateAccountOutput) GoString() string {
return s.String()
}
// SetCreateAccountStatus sets the CreateAccountStatus field's value.
func (s *CreateAccountOutput) SetCreateAccountStatus(v *CreateAccountStatus) *CreateAccountOutput {
s.CreateAccountStatus = v
return s
}
// Contains the status about a CreateAccount request to create an AWS account
// in an organization.
type CreateAccountStatus struct {
_ struct{} `type:"structure"`
// If the account was created successfully, the unique identifier (ID) of the
// new account.
//
// The regex pattern (http://wikipedia.org/wiki/regex) for an account ID string
// requires exactly 12 digits.
AccountId *string `type:"string"`
// The account name given to the account when it was created.
AccountName *string `min:"1" type:"string"`
// The date and time that the account was created and the request completed.
CompletedTimestamp *time.Time `type:"timestamp" timestampFormat:"unix"`
// If the request failed, a description of the reason for the failure.
//
// * ACCOUNT_LIMIT_EXCEEDED: The account could not be created because you
// have reached the limit on the number of accounts in your organization.
//
// * EMAIL_ALREADY_EXISTS: The account could not be created because another
// AWS account with that email address already exists.
//
// * INVALID_ADDRESS: The account could not be created because the address
// you provided is not valid.
//
// * INVALID_EMAIL: The account could not be created because the email address
// you provided is not valid.
//
// * INTERNAL_FAILURE: The account could not be created because of an internal
// failure. Try again later. If the problem persists, contact Customer Support.
FailureReason *string `type:"string" enum:"CreateAccountFailureReason"`
// The unique identifier (ID) that references this request. You get this value
// from the response of the initial CreateAccount request to create the account.
//
// The regex pattern (http://wikipedia.org/wiki/regex) for an create account
// request ID string requires "car-" followed by from 8 to 32 lower-case letters
// or digits.
Id *string `type:"string"`
// The date and time that the request was made for the account creation.
RequestedTimestamp *time.Time `type:"timestamp" timestampFormat:"unix"`
// The status of the request.
State *string `type:"string" enum:"CreateAccountState"`
}
// String returns the string representation
func (s CreateAccountStatus) String() string {
return awsutil.Prettify(s)
}
// GoString returns the string representation
func (s CreateAccountStatus) GoString() string {
return s.String()
}
// SetAccountId sets the AccountId field's value.
func (s *CreateAccountStatus) SetAccountId(v string) *CreateAccountStatus {
s.AccountId = &v
return s
}
// SetAccountName sets the AccountName field's value.
func (s *CreateAccountStatus) SetAccountName(v string) *CreateAccountStatus {
s.AccountName = &v
return s
}
// SetCompletedTimestamp sets the CompletedTimestamp field's value.
func (s *CreateAccountStatus) SetCompletedTimestamp(v time.Time) *CreateAccountStatus {
s.CompletedTimestamp = &v
return s
}
// SetFailureReason sets the FailureReason field's value.
func (s *CreateAccountStatus) SetFailureReason(v string) *CreateAccountStatus {
s.FailureReason = &v
return s
}
// SetId sets the Id field's value.
func (s *CreateAccountStatus) SetId(v string) *CreateAccountStatus {
s.Id = &v
return s
}
// SetRequestedTimestamp sets the RequestedTimestamp field's value.
func (s *CreateAccountStatus) SetRequestedTimestamp(v time.Time) *CreateAccountStatus {
s.RequestedTimestamp = &v
return s
}
// SetState sets the State field's value.
func (s *CreateAccountStatus) SetState(v string) *CreateAccountStatus {
s.State = &v
return s
}
type CreateOrganizationInput struct {
_ struct{} `type:"structure"`
// Specifies the feature set supported by the new organization. Each feature
// set supports different levels of functionality.
//
// * CONSOLIDATED_BILLING: All member accounts have their bills consolidated
// to and paid by the master account. For more information, see Consolidated
// Billing (http://docs.aws.amazon.com/organizations/latest/userguide/orgs_getting-started_concepts.html#feature-set-cb-only)
// in the AWS Organizations User Guide.
//
// * ALL: In addition to all the features supported by the consolidated billing
// feature set, the master account can also apply any type of policy to any
// member account in the organization. For more information, see All features
// (http://docs.aws.amazon.com/organizations/latest/userguide/orgs_getting-started_concepts.html#feature-set-all)
// in the AWS Organizations User Guide.
FeatureSet *string `type:"string" enum:"OrganizationFeatureSet"`
}
// String returns the string representation
func (s CreateOrganizationInput) String() string {
return awsutil.Prettify(s)
}
// GoString returns the string representation
func (s CreateOrganizationInput) GoString() string {
return s.String()
}
// SetFeatureSet sets the FeatureSet field's value.
func (s *CreateOrganizationInput) SetFeatureSet(v string) *CreateOrganizationInput {
s.FeatureSet = &v
return s
}
type CreateOrganizationOutput struct {
_ struct{} `type:"structure"`
// A structure that contains details about the newly created organization.
Organization *Organization `type:"structure"`
}
// String returns the string representation
func (s CreateOrganizationOutput) String() string {
return awsutil.Prettify(s)
}
// GoString returns the string representation
func (s CreateOrganizationOutput) GoString() string {
return s.String()
}
// SetOrganization sets the Organization field's value.
func (s *CreateOrganizationOutput) SetOrganization(v *Organization) *CreateOrganizationOutput {
s.Organization = v
return s
}
type CreateOrganizationalUnitInput struct {
_ struct{} `type:"structure"`
// The friendly name to assign to the new OU.
//
// Name is a required field
Name *string `min:"1" type:"string" required:"true"`
// The unique identifier (ID) of the parent root or OU in which you want to
// create the new OU.
//
// The regex pattern (http://wikipedia.org/wiki/regex) for a parent ID string
// requires one of the following:
//
// * Root: a string that begins with "r-" followed by from 4 to 32 lower-case
// letters or digits.
//
// * Organizational unit (OU): a string that begins with "ou-" followed by
// from 4 to 32 lower-case letters or digits (the ID of the root that the
// OU is in) followed by a second "-" dash and from 8 to 32 additional lower-case
// letters or digits.
//
// ParentId is a required field
ParentId *string `type:"string" required:"true"`
}
// String returns the string representation
func (s CreateOrganizationalUnitInput) String() string {
return awsutil.Prettify(s)
}
// GoString returns the string representation
func (s CreateOrganizationalUnitInput) GoString() string {
return s.String()
}
// Validate inspects the fields of the type to determine if they are valid.
func (s *CreateOrganizationalUnitInput) Validate() error {
invalidParams := request.ErrInvalidParams{Context: "CreateOrganizationalUnitInput"}
if s.Name == nil {
invalidParams.Add(request.NewErrParamRequired("Name"))
}
if s.Name != nil && len(*s.Name) < 1 {
invalidParams.Add(request.NewErrParamMinLen("Name", 1))
}
if s.ParentId == nil {
invalidParams.Add(request.NewErrParamRequired("ParentId"))
}
if invalidParams.Len() > 0 {
return invalidParams
}
return nil
}
// SetName sets the Name field's value.
func (s *CreateOrganizationalUnitInput) SetName(v string) *CreateOrganizationalUnitInput {
s.Name = &v
return s
}
// SetParentId sets the ParentId field's value.
func (s *CreateOrganizationalUnitInput) SetParentId(v string) *CreateOrganizationalUnitInput {
s.ParentId = &v
return s
}
type CreateOrganizationalUnitOutput struct {
_ struct{} `type:"structure"`
// A structure that contains details about the newly created OU.
OrganizationalUnit *OrganizationalUnit `type:"structure"`
}
// String returns the string representation
func (s CreateOrganizationalUnitOutput) String() string {
return awsutil.Prettify(s)
}
// GoString returns the string representation
func (s CreateOrganizationalUnitOutput) GoString() string {
return s.String()
}
// SetOrganizationalUnit sets the OrganizationalUnit field's value.
func (s *CreateOrganizationalUnitOutput) SetOrganizationalUnit(v *OrganizationalUnit) *CreateOrganizationalUnitOutput {
s.OrganizationalUnit = v
return s
}
type CreatePolicyInput struct {
_ struct{} `type:"structure"`
// The policy content to add to the new policy. For example, if you create a
// service control policy (http://docs.aws.amazon.com/organizations/latest/userguide/orgs_manage_policies_scp.html)
// (SCP), this string must be JSON text that specifies the permissions that
// admins in attached accounts can delegate to their users, groups, and roles.
// For more information about the SCP syntax, see Service Control Policy Syntax
// (http://docs.aws.amazon.com/organizations/latest/userguide/orgs_reference_scp-syntax.html)
// in the AWS Organizations User Guide.
//
// Content is a required field
Content *string `min:"1" type:"string" required:"true"`
// An optional description to assign to the policy.
//
// Description is a required field
Description *string `type:"string" required:"true"`
// The friendly name to assign to the policy.
//
// The regex pattern (http://wikipedia.org/wiki/regex) that is used to validate
// this parameter is a string of any of the characters in the ASCII character
// range.
//
// Name is a required field
Name *string `min:"1" type:"string" required:"true"`
// The type of policy to create.
//
// In the current release, the only type of policy that you can create is a
// service control policy (SCP).
//
// Type is a required field
Type *string `type:"string" required:"true" enum:"PolicyType"`
}
// String returns the string representation
func (s CreatePolicyInput) String() string {
return awsutil.Prettify(s)
}
// GoString returns the string representation
func (s CreatePolicyInput) GoString() string {
return s.String()
}
// Validate inspects the fields of the type to determine if they are valid.
func (s *CreatePolicyInput) Validate() error {
invalidParams := request.ErrInvalidParams{Context: "CreatePolicyInput"}
if s.Content == nil {
invalidParams.Add(request.NewErrParamRequired("Content"))
}
if s.Content != nil && len(*s.Content) < 1 {
invalidParams.Add(request.NewErrParamMinLen("Content", 1))
}
if s.Description == nil {
invalidParams.Add(request.NewErrParamRequired("Description"))
}
if s.Name == nil {
invalidParams.Add(request.NewErrParamRequired("Name"))
}
if s.Name != nil && len(*s.Name) < 1 {
invalidParams.Add(request.NewErrParamMinLen("Name", 1))
}
if s.Type == nil {
invalidParams.Add(request.NewErrParamRequired("Type"))
}
if invalidParams.Len() > 0 {
return invalidParams
}
return nil
}
// SetContent sets the Content field's value.
func (s *CreatePolicyInput) SetContent(v string) *CreatePolicyInput {
s.Content = &v
return s
}
// SetDescription sets the Description field's value.
func (s *CreatePolicyInput) SetDescription(v string) *CreatePolicyInput {
s.Description = &v
return s
}
// SetName sets the Name field's value.
func (s *CreatePolicyInput) SetName(v string) *CreatePolicyInput {
s.Name = &v
return s
}
// SetType sets the Type field's value.
func (s *CreatePolicyInput) SetType(v string) *CreatePolicyInput {
s.Type = &v
return s
}
type CreatePolicyOutput struct {
_ struct{} `type:"structure"`
// A structure that contains details about the newly created policy.
Policy *Policy `type:"structure"`
}
// String returns the string representation
func (s CreatePolicyOutput) String() string {
return awsutil.Prettify(s)
}
// GoString returns the string representation
func (s CreatePolicyOutput) GoString() string {
return s.String()
}
// SetPolicy sets the Policy field's value.
func (s *CreatePolicyOutput) SetPolicy(v *Policy) *CreatePolicyOutput {
s.Policy = v
return s
}
type DeclineHandshakeInput struct {
_ struct{} `type:"structure"`
// The unique identifier (ID) of the handshake that you want to decline. You
// can get the ID from the ListHandshakesForAccount operation.
//
// The regex pattern (http://wikipedia.org/wiki/regex) for handshake ID string
// requires "h-" followed by from 8 to 32 lower-case letters or digits.
//
// HandshakeId is a required field
HandshakeId *string `type:"string" required:"true"`
}
// String returns the string representation
func (s DeclineHandshakeInput) String() string {
return awsutil.Prettify(s)
}
// GoString returns the string representation
func (s DeclineHandshakeInput) GoString() string {
return s.String()
}
// Validate inspects the fields of the type to determine if they are valid.
func (s *DeclineHandshakeInput) Validate() error {
invalidParams := request.ErrInvalidParams{Context: "DeclineHandshakeInput"}
if s.HandshakeId == nil {
invalidParams.Add(request.NewErrParamRequired("HandshakeId"))
}
if invalidParams.Len() > 0 {
return invalidParams
}
return nil
}
// SetHandshakeId sets the HandshakeId field's value.
func (s *DeclineHandshakeInput) SetHandshakeId(v string) *DeclineHandshakeInput {
s.HandshakeId = &v
return s
}
type DeclineHandshakeOutput struct {
_ struct{} `type:"structure"`
// A structure that contains details about the declined handshake. The state
// is updated to show the value DECLINED.
Handshake *Handshake `type:"structure"`
}
// String returns the string representation
func (s DeclineHandshakeOutput) String() string {
return awsutil.Prettify(s)
}
// GoString returns the string representation
func (s DeclineHandshakeOutput) GoString() string {
return s.String()
}
// SetHandshake sets the Handshake field's value.
func (s *DeclineHandshakeOutput) SetHandshake(v *Handshake) *DeclineHandshakeOutput {
s.Handshake = v
return s
}
type DeleteOrganizationInput struct {
_ struct{} `type:"structure"`
}
// String returns the string representation
func (s DeleteOrganizationInput) String() string {
return awsutil.Prettify(s)
}
// GoString returns the string representation
func (s DeleteOrganizationInput) GoString() string {
return s.String()
}
type DeleteOrganizationOutput struct {
_ struct{} `type:"structure"`
}
// String returns the string representation
func (s DeleteOrganizationOutput) String() string {
return awsutil.Prettify(s)
}
// GoString returns the string representation
func (s DeleteOrganizationOutput) GoString() string {
return s.String()
}
type DeleteOrganizationalUnitInput struct {
_ struct{} `type:"structure"`
// The unique identifier (ID) of the organizational unit that you want to delete.
// You can get the ID from the ListOrganizationalUnitsForParent operation.
//
// The regex pattern (http://wikipedia.org/wiki/regex) for an organizational
// unit ID string requires "ou-" followed by from 4 to 32 lower-case letters
// or digits (the ID of the root that contains the OU) followed by a second
// "-" dash and from 8 to 32 additional lower-case letters or digits.
//
// OrganizationalUnitId is a required field
OrganizationalUnitId *string `type:"string" required:"true"`
}
// String returns the string representation
func (s DeleteOrganizationalUnitInput) String() string {
return awsutil.Prettify(s)
}
// GoString returns the string representation
func (s DeleteOrganizationalUnitInput) GoString() string {
return s.String()
}
// Validate inspects the fields of the type to determine if they are valid.
func (s *DeleteOrganizationalUnitInput) Validate() error {
invalidParams := request.ErrInvalidParams{Context: "DeleteOrganizationalUnitInput"}
if s.OrganizationalUnitId == nil {
invalidParams.Add(request.NewErrParamRequired("OrganizationalUnitId"))
}
if invalidParams.Len() > 0 {
return invalidParams
}
return nil
}
// SetOrganizationalUnitId sets the OrganizationalUnitId field's value.
func (s *DeleteOrganizationalUnitInput) SetOrganizationalUnitId(v string) *DeleteOrganizationalUnitInput {
s.OrganizationalUnitId = &v
return s
}
type DeleteOrganizationalUnitOutput struct {
_ struct{} `type:"structure"`
}
// String returns the string representation
func (s DeleteOrganizationalUnitOutput) String() string {
return awsutil.Prettify(s)
}
// GoString returns the string representation
func (s DeleteOrganizationalUnitOutput) GoString() string {
return s.String()
}
type DeletePolicyInput struct {
_ struct{} `type:"structure"`
// The unique identifier (ID) of the policy that you want to delete. You can
// get the ID from the ListPolicies or ListPoliciesForTarget operations.
//
// The regex pattern (http://wikipedia.org/wiki/regex) for a policy ID string
// requires "p-" followed by from 8 to 128 lower-case letters or digits.
//
// PolicyId is a required field
PolicyId *string `type:"string" required:"true"`
}
// String returns the string representation
func (s DeletePolicyInput) String() string {
return awsutil.Prettify(s)
}
// GoString returns the string representation
func (s DeletePolicyInput) GoString() string {
return s.String()
}
// Validate inspects the fields of the type to determine if they are valid.
func (s *DeletePolicyInput) Validate() error {
invalidParams := request.ErrInvalidParams{Context: "DeletePolicyInput"}
if s.PolicyId == nil {
invalidParams.Add(request.NewErrParamRequired("PolicyId"))
}
if invalidParams.Len() > 0 {
return invalidParams
}
return nil
}
// SetPolicyId sets the PolicyId field's value.
func (s *DeletePolicyInput) SetPolicyId(v string) *DeletePolicyInput {
s.PolicyId = &v
return s
}
type DeletePolicyOutput struct {
_ struct{} `type:"structure"`
}
// String returns the string representation
func (s DeletePolicyOutput) String() string {
return awsutil.Prettify(s)
}
// GoString returns the string representation
func (s DeletePolicyOutput) GoString() string {
return s.String()
}
type DescribeAccountInput struct {
_ struct{} `type:"structure"`
// The unique identifier (ID) of the AWS account that you want information about.
// You can get the ID from the ListAccounts or ListAccountsForParent operations.
//
// The regex pattern (http://wikipedia.org/wiki/regex) for an account ID string
// requires exactly 12 digits.
//
// AccountId is a required field
AccountId *string `type:"string" required:"true"`
}
// String returns the string representation
func (s DescribeAccountInput) String() string {
return awsutil.Prettify(s)
}
// GoString returns the string representation
func (s DescribeAccountInput) GoString() string {
return s.String()
}
// Validate inspects the fields of the type to determine if they are valid.
func (s *DescribeAccountInput) Validate() error {
invalidParams := request.ErrInvalidParams{Context: "DescribeAccountInput"}
if s.AccountId == nil {
invalidParams.Add(request.NewErrParamRequired("AccountId"))
}
if invalidParams.Len() > 0 {
return invalidParams
}
return nil
}
// SetAccountId sets the AccountId field's value.
func (s *DescribeAccountInput) SetAccountId(v string) *DescribeAccountInput {
s.AccountId = &v
return s
}
type DescribeAccountOutput struct {
_ struct{} `type:"structure"`
// A structure that contains information about the requested account.
Account *Account `type:"structure"`
}
// String returns the string representation
func (s DescribeAccountOutput) String() string {
return awsutil.Prettify(s)
}
// GoString returns the string representation
func (s DescribeAccountOutput) GoString() string {
return s.String()
}
// SetAccount sets the Account field's value.
func (s *DescribeAccountOutput) SetAccount(v *Account) *DescribeAccountOutput {
s.Account = v
return s
}
type DescribeCreateAccountStatusInput struct {
_ struct{} `type:"structure"`
// Specifies the operationId that uniquely identifies the request. You can get
// the ID from the response to an earlier CreateAccount request, or from the
// ListCreateAccountStatus operation.
//
// The regex pattern (http://wikipedia.org/wiki/regex) for an create account
// request ID string requires "car-" followed by from 8 to 32 lower-case letters
// or digits.
//
// CreateAccountRequestId is a required field
CreateAccountRequestId *string `type:"string" required:"true"`
}
// String returns the string representation
func (s DescribeCreateAccountStatusInput) String() string {
return awsutil.Prettify(s)
}
// GoString returns the string representation
func (s DescribeCreateAccountStatusInput) GoString() string {
return s.String()
}
// Validate inspects the fields of the type to determine if they are valid.
func (s *DescribeCreateAccountStatusInput) Validate() error {
invalidParams := request.ErrInvalidParams{Context: "DescribeCreateAccountStatusInput"}
if s.CreateAccountRequestId == nil {
invalidParams.Add(request.NewErrParamRequired("CreateAccountRequestId"))
}
if invalidParams.Len() > 0 {
return invalidParams
}
return nil
}
// SetCreateAccountRequestId sets the CreateAccountRequestId field's value.
func (s *DescribeCreateAccountStatusInput) SetCreateAccountRequestId(v string) *DescribeCreateAccountStatusInput {
s.CreateAccountRequestId = &v
return s
}
type DescribeCreateAccountStatusOutput struct {
_ struct{} `type:"structure"`
// A structure that contains the current status of an account creation request.
CreateAccountStatus *CreateAccountStatus `type:"structure"`
}
// String returns the string representation
func (s DescribeCreateAccountStatusOutput) String() string {
return awsutil.Prettify(s)
}
// GoString returns the string representation
func (s DescribeCreateAccountStatusOutput) GoString() string {
return s.String()
}
// SetCreateAccountStatus sets the CreateAccountStatus field's value.
func (s *DescribeCreateAccountStatusOutput) SetCreateAccountStatus(v *CreateAccountStatus) *DescribeCreateAccountStatusOutput {
s.CreateAccountStatus = v
return s
}
type DescribeHandshakeInput struct {
_ struct{} `type:"structure"`
// The unique identifier (ID) of the handshake that you want information about.
// You can get the ID from the original call to InviteAccountToOrganization,
// or from a call to ListHandshakesForAccount or ListHandshakesForOrganization.
//
// The regex pattern (http://wikipedia.org/wiki/regex) for handshake ID string
// requires "h-" followed by from 8 to 32 lower-case letters or digits.
//
// HandshakeId is a required field
HandshakeId *string `type:"string" required:"true"`
}
// String returns the string representation
func (s DescribeHandshakeInput) String() string {
return awsutil.Prettify(s)
}
// GoString returns the string representation
func (s DescribeHandshakeInput) GoString() string {
return s.String()
}
// Validate inspects the fields of the type to determine if they are valid.
func (s *DescribeHandshakeInput) Validate() error {
invalidParams := request.ErrInvalidParams{Context: "DescribeHandshakeInput"}
if s.HandshakeId == nil {
invalidParams.Add(request.NewErrParamRequired("HandshakeId"))
}
if invalidParams.Len() > 0 {
return invalidParams
}
return nil
}
// SetHandshakeId sets the HandshakeId field's value.
func (s *DescribeHandshakeInput) SetHandshakeId(v string) *DescribeHandshakeInput {
s.HandshakeId = &v
return s
}
type DescribeHandshakeOutput struct {
_ struct{} `type:"structure"`
// A structure that contains information about the specified handshake.
Handshake *Handshake `type:"structure"`
}
// String returns the string representation
func (s DescribeHandshakeOutput) String() string {
return awsutil.Prettify(s)
}
// GoString returns the string representation
func (s DescribeHandshakeOutput) GoString() string {
return s.String()
}
// SetHandshake sets the Handshake field's value.
func (s *DescribeHandshakeOutput) SetHandshake(v *Handshake) *DescribeHandshakeOutput {
s.Handshake = v
return s
}
type DescribeOrganizationInput struct {
_ struct{} `type:"structure"`
}
// String returns the string representation
func (s DescribeOrganizationInput) String() string {
return awsutil.Prettify(s)
}
// GoString returns the string representation
func (s DescribeOrganizationInput) GoString() string {
return s.String()
}
type DescribeOrganizationOutput struct {
_ struct{} `type:"structure"`
// A structure that contains information about the organization.
Organization *Organization `type:"structure"`
}
// String returns the string representation
func (s DescribeOrganizationOutput) String() string {
return awsutil.Prettify(s)
}
// GoString returns the string representation
func (s DescribeOrganizationOutput) GoString() string {
return s.String()
}
// SetOrganization sets the Organization field's value.
func (s *DescribeOrganizationOutput) SetOrganization(v *Organization) *DescribeOrganizationOutput {
s.Organization = v
return s
}
type DescribeOrganizationalUnitInput struct {
_ struct{} `type:"structure"`
// The unique identifier (ID) of the organizational unit that you want details
// about. You can get the ID from the ListOrganizationalUnitsForParent operation.
//
// The regex pattern (http://wikipedia.org/wiki/regex) for an organizational
// unit ID string requires "ou-" followed by from 4 to 32 lower-case letters
// or digits (the ID of the root that contains the OU) followed by a second
// "-" dash and from 8 to 32 additional lower-case letters or digits.
//
// OrganizationalUnitId is a required field
OrganizationalUnitId *string `type:"string" required:"true"`
}
// String returns the string representation
func (s DescribeOrganizationalUnitInput) String() string {
return awsutil.Prettify(s)
}
// GoString returns the string representation
func (s DescribeOrganizationalUnitInput) GoString() string {
return s.String()
}
// Validate inspects the fields of the type to determine if they are valid.
func (s *DescribeOrganizationalUnitInput) Validate() error {
invalidParams := request.ErrInvalidParams{Context: "DescribeOrganizationalUnitInput"}
if s.OrganizationalUnitId == nil {
invalidParams.Add(request.NewErrParamRequired("OrganizationalUnitId"))
}
if invalidParams.Len() > 0 {
return invalidParams
}
return nil
}
// SetOrganizationalUnitId sets the OrganizationalUnitId field's value.
func (s *DescribeOrganizationalUnitInput) SetOrganizationalUnitId(v string) *DescribeOrganizationalUnitInput {
s.OrganizationalUnitId = &v
return s
}
type DescribeOrganizationalUnitOutput struct {
_ struct{} `type:"structure"`
// A structure that contains details about the specified OU.
OrganizationalUnit *OrganizationalUnit `type:"structure"`
}
// String returns the string representation
func (s DescribeOrganizationalUnitOutput) String() string {
return awsutil.Prettify(s)
}
// GoString returns the string representation
func (s DescribeOrganizationalUnitOutput) GoString() string {
return s.String()
}
// SetOrganizationalUnit sets the OrganizationalUnit field's value.
func (s *DescribeOrganizationalUnitOutput) SetOrganizationalUnit(v *OrganizationalUnit) *DescribeOrganizationalUnitOutput {
s.OrganizationalUnit = v
return s
}
type DescribePolicyInput struct {
_ struct{} `type:"structure"`
// The unique identifier (ID) of the policy that you want details about. You
// can get the ID from the ListPolicies or ListPoliciesForTarget operations.
//
// The regex pattern (http://wikipedia.org/wiki/regex) for a policy ID string
// requires "p-" followed by from 8 to 128 lower-case letters or digits.
//
// PolicyId is a required field
PolicyId *string `type:"string" required:"true"`
}
// String returns the string representation
func (s DescribePolicyInput) String() string {
return awsutil.Prettify(s)
}
// GoString returns the string representation
func (s DescribePolicyInput) GoString() string {
return s.String()
}
// Validate inspects the fields of the type to determine if they are valid.
func (s *DescribePolicyInput) Validate() error {
invalidParams := request.ErrInvalidParams{Context: "DescribePolicyInput"}
if s.PolicyId == nil {
invalidParams.Add(request.NewErrParamRequired("PolicyId"))
}
if invalidParams.Len() > 0 {
return invalidParams
}
return nil
}
// SetPolicyId sets the PolicyId field's value.
func (s *DescribePolicyInput) SetPolicyId(v string) *DescribePolicyInput {
s.PolicyId = &v
return s
}
type DescribePolicyOutput struct {
_ struct{} `type:"structure"`
// A structure that contains details about the specified policy.
Policy *Policy `type:"structure"`
}
// String returns the string representation
func (s DescribePolicyOutput) String() string {
return awsutil.Prettify(s)
}
// GoString returns the string representation
func (s DescribePolicyOutput) GoString() string {
return s.String()
}
// SetPolicy sets the Policy field's value.
func (s *DescribePolicyOutput) SetPolicy(v *Policy) *DescribePolicyOutput {
s.Policy = v
return s
}
type DetachPolicyInput struct {
_ struct{} `type:"structure"`
// The unique identifier (ID) of the policy you want to detach. You can get
// the ID from the ListPolicies or ListPoliciesForTarget operations.
//
// The regex pattern (http://wikipedia.org/wiki/regex) for a policy ID string
// requires "p-" followed by from 8 to 128 lower-case letters or digits.
//
// PolicyId is a required field
PolicyId *string `type:"string" required:"true"`
// The unique identifier (ID) of the root, OU, or account from which you want
// to detach the policy. You can get the ID from the ListRoots, ListOrganizationalUnitsForParent,
// or ListAccounts operations.
//
// The regex pattern (http://wikipedia.org/wiki/regex) for a target ID string
// requires one of the following:
//
// * Root: a string that begins with "r-" followed by from 4 to 32 lower-case
// letters or digits.
//
// * Account: a string that consists of exactly 12 digits.
//
// * Organizational unit (OU): a string that begins with "ou-" followed by
// from 4 to 32 lower-case letters or digits (the ID of the root that the
// OU is in) followed by a second "-" dash and from 8 to 32 additional lower-case
// letters or digits.
//
// TargetId is a required field
TargetId *string `type:"string" required:"true"`
}
// String returns the string representation
func (s DetachPolicyInput) String() string {
return awsutil.Prettify(s)
}
// GoString returns the string representation
func (s DetachPolicyInput) GoString() string {
return s.String()
}
// Validate inspects the fields of the type to determine if they are valid.
func (s *DetachPolicyInput) Validate() error {
invalidParams := request.ErrInvalidParams{Context: "DetachPolicyInput"}
if s.PolicyId == nil {
invalidParams.Add(request.NewErrParamRequired("PolicyId"))
}
if s.TargetId == nil {
invalidParams.Add(request.NewErrParamRequired("TargetId"))
}
if invalidParams.Len() > 0 {
return invalidParams
}
return nil
}
// SetPolicyId sets the PolicyId field's value.
func (s *DetachPolicyInput) SetPolicyId(v string) *DetachPolicyInput {
s.PolicyId = &v
return s
}
// SetTargetId sets the TargetId field's value.
func (s *DetachPolicyInput) SetTargetId(v string) *DetachPolicyInput {
s.TargetId = &v
return s
}
type DetachPolicyOutput struct {
_ struct{} `type:"structure"`
}
// String returns the string representation
func (s DetachPolicyOutput) String() string {
return awsutil.Prettify(s)
}
// GoString returns the string representation
func (s DetachPolicyOutput) GoString() string {
return s.String()
}
type DisableAWSServiceAccessInput struct {
_ struct{} `type:"structure"`
// The service principal name of the AWS service for which you want to disable
// integration with your organization. This is typically in the form of a URL,
// such as service-abbreviation.amazonaws.com.
//
// ServicePrincipal is a required field
ServicePrincipal *string `min:"1" type:"string" required:"true"`
}
// String returns the string representation
func (s DisableAWSServiceAccessInput) String() string {
return awsutil.Prettify(s)
}
// GoString returns the string representation
func (s DisableAWSServiceAccessInput) GoString() string {
return s.String()
}
// Validate inspects the fields of the type to determine if they are valid.
func (s *DisableAWSServiceAccessInput) Validate() error {
invalidParams := request.ErrInvalidParams{Context: "DisableAWSServiceAccessInput"}
if s.ServicePrincipal == nil {
invalidParams.Add(request.NewErrParamRequired("ServicePrincipal"))
}
if s.ServicePrincipal != nil && len(*s.ServicePrincipal) < 1 {
invalidParams.Add(request.NewErrParamMinLen("ServicePrincipal", 1))
}
if invalidParams.Len() > 0 {
return invalidParams
}
return nil
}
// SetServicePrincipal sets the ServicePrincipal field's value.
func (s *DisableAWSServiceAccessInput) SetServicePrincipal(v string) *DisableAWSServiceAccessInput {
s.ServicePrincipal = &v
return s
}
type DisableAWSServiceAccessOutput struct {
_ struct{} `type:"structure"`
}
// String returns the string representation
func (s DisableAWSServiceAccessOutput) String() string {
return awsutil.Prettify(s)
}
// GoString returns the string representation
func (s DisableAWSServiceAccessOutput) GoString() string {
return s.String()
}
type DisablePolicyTypeInput struct {
_ struct{} `type:"structure"`
// The policy type that you want to disable in this root.
//
// PolicyType is a required field
PolicyType *string `type:"string" required:"true" enum:"PolicyType"`
// The unique identifier (ID) of the root in which you want to disable a policy
// type. You can get the ID from the ListRoots operation.
//
// The regex pattern (http://wikipedia.org/wiki/regex) for a root ID string
// requires "r-" followed by from 4 to 32 lower-case letters or digits.
//
// RootId is a required field
RootId *string `type:"string" required:"true"`
}
// String returns the string representation
func (s DisablePolicyTypeInput) String() string {
return awsutil.Prettify(s)
}
// GoString returns the string representation
func (s DisablePolicyTypeInput) GoString() string {
return s.String()
}
// Validate inspects the fields of the type to determine if they are valid.
func (s *DisablePolicyTypeInput) Validate() error {
invalidParams := request.ErrInvalidParams{Context: "DisablePolicyTypeInput"}
if s.PolicyType == nil {
invalidParams.Add(request.NewErrParamRequired("PolicyType"))
}
if s.RootId == nil {
invalidParams.Add(request.NewErrParamRequired("RootId"))
}
if invalidParams.Len() > 0 {
return invalidParams
}
return nil
}
// SetPolicyType sets the PolicyType field's value.
func (s *DisablePolicyTypeInput) SetPolicyType(v string) *DisablePolicyTypeInput {
s.PolicyType = &v
return s
}
// SetRootId sets the RootId field's value.
func (s *DisablePolicyTypeInput) SetRootId(v string) *DisablePolicyTypeInput {
s.RootId = &v
return s
}
type DisablePolicyTypeOutput struct {
_ struct{} `type:"structure"`
// A structure that shows the root with the updated list of enabled policy types.
Root *Root `type:"structure"`
}
// String returns the string representation
func (s DisablePolicyTypeOutput) String() string {
return awsutil.Prettify(s)
}
// GoString returns the string representation
func (s DisablePolicyTypeOutput) GoString() string {
return s.String()
}
// SetRoot sets the Root field's value.
func (s *DisablePolicyTypeOutput) SetRoot(v *Root) *DisablePolicyTypeOutput {
s.Root = v
return s
}
type EnableAWSServiceAccessInput struct {
_ struct{} `type:"structure"`
// The service principal name of the AWS service for which you want to enable
// integration with your organization. This is typically in the form of a URL,
// such as service-abbreviation.amazonaws.com.
//
// ServicePrincipal is a required field
ServicePrincipal *string `min:"1" type:"string" required:"true"`
}
// String returns the string representation
func (s EnableAWSServiceAccessInput) String() string {
return awsutil.Prettify(s)
}
// GoString returns the string representation
func (s EnableAWSServiceAccessInput) GoString() string {
return s.String()
}
// Validate inspects the fields of the type to determine if they are valid.
func (s *EnableAWSServiceAccessInput) Validate() error {
invalidParams := request.ErrInvalidParams{Context: "EnableAWSServiceAccessInput"}
if s.ServicePrincipal == nil {
invalidParams.Add(request.NewErrParamRequired("ServicePrincipal"))
}
if s.ServicePrincipal != nil && len(*s.ServicePrincipal) < 1 {
invalidParams.Add(request.NewErrParamMinLen("ServicePrincipal", 1))
}
if invalidParams.Len() > 0 {
return invalidParams
}
return nil
}
// SetServicePrincipal sets the ServicePrincipal field's value.
func (s *EnableAWSServiceAccessInput) SetServicePrincipal(v string) *EnableAWSServiceAccessInput {
s.ServicePrincipal = &v
return s
}
type EnableAWSServiceAccessOutput struct {
_ struct{} `type:"structure"`
}
// String returns the string representation
func (s EnableAWSServiceAccessOutput) String() string {
return awsutil.Prettify(s)
}
// GoString returns the string representation
func (s EnableAWSServiceAccessOutput) GoString() string {
return s.String()
}
type EnableAllFeaturesInput struct {
_ struct{} `type:"structure"`
}
// String returns the string representation
func (s EnableAllFeaturesInput) String() string {
return awsutil.Prettify(s)
}
// GoString returns the string representation
func (s EnableAllFeaturesInput) GoString() string {
return s.String()
}
type EnableAllFeaturesOutput struct {
_ struct{} `type:"structure"`
// A structure that contains details about the handshake created to support
// this request to enable all features in the organization.
Handshake *Handshake `type:"structure"`
}
// String returns the string representation
func (s EnableAllFeaturesOutput) String() string {
return awsutil.Prettify(s)
}
// GoString returns the string representation
func (s EnableAllFeaturesOutput) GoString() string {
return s.String()
}
// SetHandshake sets the Handshake field's value.
func (s *EnableAllFeaturesOutput) SetHandshake(v *Handshake) *EnableAllFeaturesOutput {
s.Handshake = v
return s
}
type EnablePolicyTypeInput struct {
_ struct{} `type:"structure"`
// The policy type that you want to enable.
//
// PolicyType is a required field
PolicyType *string `type:"string" required:"true" enum:"PolicyType"`
// The unique identifier (ID) of the root in which you want to enable a policy
// type. You can get the ID from the ListRoots operation.
//
// The regex pattern (http://wikipedia.org/wiki/regex) for a root ID string
// requires "r-" followed by from 4 to 32 lower-case letters or digits.
//
// RootId is a required field
RootId *string `type:"string" required:"true"`
}
// String returns the string representation
func (s EnablePolicyTypeInput) String() string {
return awsutil.Prettify(s)
}
// GoString returns the string representation
func (s EnablePolicyTypeInput) GoString() string {
return s.String()
}
// Validate inspects the fields of the type to determine if they are valid.
func (s *EnablePolicyTypeInput) Validate() error {
invalidParams := request.ErrInvalidParams{Context: "EnablePolicyTypeInput"}
if s.PolicyType == nil {
invalidParams.Add(request.NewErrParamRequired("PolicyType"))
}
if s.RootId == nil {
invalidParams.Add(request.NewErrParamRequired("RootId"))
}
if invalidParams.Len() > 0 {
return invalidParams
}
return nil
}
// SetPolicyType sets the PolicyType field's value.
func (s *EnablePolicyTypeInput) SetPolicyType(v string) *EnablePolicyTypeInput {
s.PolicyType = &v
return s
}
// SetRootId sets the RootId field's value.
func (s *EnablePolicyTypeInput) SetRootId(v string) *EnablePolicyTypeInput {
s.RootId = &v
return s
}
type EnablePolicyTypeOutput struct {
_ struct{} `type:"structure"`
// A structure that shows the root with the updated list of enabled policy types.
Root *Root `type:"structure"`
}
// String returns the string representation
func (s EnablePolicyTypeOutput) String() string {
return awsutil.Prettify(s)
}
// GoString returns the string representation
func (s EnablePolicyTypeOutput) GoString() string {
return s.String()
}
// SetRoot sets the Root field's value.
func (s *EnablePolicyTypeOutput) SetRoot(v *Root) *EnablePolicyTypeOutput {
s.Root = v
return s
}
// A structure that contains details of a service principal that is enabled
// to integrate with AWS Organizations.
type EnabledServicePrincipal struct {
_ struct{} `type:"structure"`
// The date that the service principal was enabled for integration with AWS
// Organizations.
DateEnabled *time.Time `type:"timestamp" timestampFormat:"unix"`
// The name of the service principal. This is typically in the form of a URL,
// such as: servicename.amazonaws.com.
ServicePrincipal *string `min:"1" type:"string"`
}
// String returns the string representation
func (s EnabledServicePrincipal) String() string {
return awsutil.Prettify(s)
}
// GoString returns the string representation
func (s EnabledServicePrincipal) GoString() string {
return s.String()
}
// SetDateEnabled sets the DateEnabled field's value.
func (s *EnabledServicePrincipal) SetDateEnabled(v time.Time) *EnabledServicePrincipal {
s.DateEnabled = &v
return s
}
// SetServicePrincipal sets the ServicePrincipal field's value.
func (s *EnabledServicePrincipal) SetServicePrincipal(v string) *EnabledServicePrincipal {
s.ServicePrincipal = &v
return s
}
// Contains information that must be exchanged to securely establish a relationship
// between two accounts (an originator and a recipient). For example, when a
// master account (the originator) invites another account (the recipient) to
// join its organization, the two accounts exchange information as a series
// of handshake requests and responses.
//
// Note: Handshakes that are CANCELED, ACCEPTED, or DECLINED show up in lists
// for only 30 days after entering that state After that they are deleted.
type Handshake struct {
_ struct{} `type:"structure"`
// The type of handshake, indicating what action occurs when the recipient accepts
// the handshake. The following handshake types are supported:
//
// * INVITE: This type of handshake represents a request to join an organization.
// It is always sent from the master account to only non-member accounts.
//
// * ENABLE_ALL_FEATURES: This type of handshake represents a request to
// enable all features in an organization. It is always sent from the master
// account to only invited member accounts. Created accounts do not receive
// this because those accounts were created by the organization's master
// account and approval is inferred.
//
// * APPROVE_ALL_FEATURES: This type of handshake is sent from the Organizations
// service when all member accounts have approved the ENABLE_ALL_FEATURES
// invitation. It is sent only to the master account and signals the master
// that it can finalize the process to enable all features.
Action *string `type:"string" enum:"ActionType"`
// The Amazon Resource Name (ARN) of a handshake.
//
// For more information about ARNs in Organizations, see ARN Formats Supported
// by Organizations (http://docs.aws.amazon.com/organizations/latest/userguide/orgs_permissions.html#orgs-permissions-arns)
// in the AWS Organizations User Guide.
Arn *string `type:"string"`
// The date and time that the handshake expires. If the recipient of the handshake
// request fails to respond before the specified date and time, the handshake
// becomes inactive and is no longer valid.
ExpirationTimestamp *time.Time `type:"timestamp" timestampFormat:"unix"`
// The unique identifier (ID) of a handshake. The originating account creates
// the ID when it initiates the handshake.
//
// The regex pattern (http://wikipedia.org/wiki/regex) for handshake ID string
// requires "h-" followed by from 8 to 32 lower-case letters or digits.
Id *string `type:"string"`
// Information about the two accounts that are participating in the handshake.
Parties []*HandshakeParty `type:"list"`
// The date and time that the handshake request was made.
RequestedTimestamp *time.Time `type:"timestamp" timestampFormat:"unix"`
// Additional information that is needed to process the handshake.
Resources []*HandshakeResource `type:"list"`
// The current state of the handshake. Use the state to trace the flow of the
// handshake through the process from its creation to its acceptance. The meaning
// of each of the valid values is as follows:
//
// * REQUESTED: This handshake was sent to multiple recipients (applicable
// to only some handshake types) and not all recipients have responded yet.
// The request stays in this state until all recipients respond.
//
// * OPEN: This handshake was sent to multiple recipients (applicable to
// only some policy types) and all recipients have responded, allowing the
// originator to complete the handshake action.
//
// * CANCELED: This handshake is no longer active because it was canceled
// by the originating account.
//
// * ACCEPTED: This handshake is complete because it has been accepted by
// the recipient.
//
// * DECLINED: This handshake is no longer active because it was declined
// by the recipient account.
//
// * EXPIRED: This handshake is no longer active because the originator did
// not receive a response of any kind from the recipient before the expiration
// time (15 days).
State *string `type:"string" enum:"HandshakeState"`
}
// String returns the string representation
func (s Handshake) String() string {
return awsutil.Prettify(s)
}
// GoString returns the string representation
func (s Handshake) GoString() string {
return s.String()
}
// SetAction sets the Action field's value.
func (s *Handshake) SetAction(v string) *Handshake {
s.Action = &v
return s
}
// SetArn sets the Arn field's value.
func (s *Handshake) SetArn(v string) *Handshake {
s.Arn = &v
return s
}
// SetExpirationTimestamp sets the ExpirationTimestamp field's value.
func (s *Handshake) SetExpirationTimestamp(v time.Time) *Handshake {
s.ExpirationTimestamp = &v
return s
}
// SetId sets the Id field's value.
func (s *Handshake) SetId(v string) *Handshake {
s.Id = &v
return s
}
// SetParties sets the Parties field's value.
func (s *Handshake) SetParties(v []*HandshakeParty) *Handshake {
s.Parties = v
return s
}
// SetRequestedTimestamp sets the RequestedTimestamp field's value.
func (s *Handshake) SetRequestedTimestamp(v time.Time) *Handshake {
s.RequestedTimestamp = &v
return s
}
// SetResources sets the Resources field's value.
func (s *Handshake) SetResources(v []*HandshakeResource) *Handshake {
s.Resources = v
return s
}
// SetState sets the State field's value.
func (s *Handshake) SetState(v string) *Handshake {
s.State = &v
return s
}
// Specifies the criteria that are used to select the handshakes for the operation.
type HandshakeFilter struct {
_ struct{} `type:"structure"`
// Specifies the type of handshake action.
//
// If you specify ActionType, you cannot also specify ParentHandshakeId.
ActionType *string `type:"string" enum:"ActionType"`
// Specifies the parent handshake. Only used for handshake types that are a
// child of another type.
//
// If you specify ParentHandshakeId, you cannot also specify ActionType.
//
// The regex pattern (http://wikipedia.org/wiki/regex) for handshake ID string
// requires "h-" followed by from 8 to 32 lower-case letters or digits.
ParentHandshakeId *string `type:"string"`
}
// String returns the string representation
func (s HandshakeFilter) String() string {
return awsutil.Prettify(s)
}
// GoString returns the string representation
func (s HandshakeFilter) GoString() string {
return s.String()
}
// SetActionType sets the ActionType field's value.
func (s *HandshakeFilter) SetActionType(v string) *HandshakeFilter {
s.ActionType = &v
return s
}
// SetParentHandshakeId sets the ParentHandshakeId field's value.
func (s *HandshakeFilter) SetParentHandshakeId(v string) *HandshakeFilter {
s.ParentHandshakeId = &v
return s
}
// Identifies a participant in a handshake.
type HandshakeParty struct {
_ struct{} `type:"structure"`
// The unique identifier (ID) for the party.
//
// The regex pattern (http://wikipedia.org/wiki/regex) for handshake ID string
// requires "h-" followed by from 8 to 32 lower-case letters or digits.
//
// Id is a required field
Id *string `min:"1" type:"string" required:"true"`
// The type of party.
//
// Type is a required field
Type *string `type:"string" required:"true" enum:"HandshakePartyType"`
}
// String returns the string representation
func (s HandshakeParty) String() string {
return awsutil.Prettify(s)
}
// GoString returns the string representation
func (s HandshakeParty) GoString() string {
return s.String()
}
// Validate inspects the fields of the type to determine if they are valid.
func (s *HandshakeParty) Validate() error {
invalidParams := request.ErrInvalidParams{Context: "HandshakeParty"}
if s.Id == nil {
invalidParams.Add(request.NewErrParamRequired("Id"))
}
if s.Id != nil && len(*s.Id) < 1 {
invalidParams.Add(request.NewErrParamMinLen("Id", 1))
}
if s.Type == nil {
invalidParams.Add(request.NewErrParamRequired("Type"))
}
if invalidParams.Len() > 0 {
return invalidParams
}
return nil
}
// SetId sets the Id field's value.
func (s *HandshakeParty) SetId(v string) *HandshakeParty {
s.Id = &v
return s
}
// SetType sets the Type field's value.
func (s *HandshakeParty) SetType(v string) *HandshakeParty {
s.Type = &v
return s
}
// Contains additional data that is needed to process a handshake.
type HandshakeResource struct {
_ struct{} `type:"structure"`
// When needed, contains an additional array of HandshakeResource objects.
Resources []*HandshakeResource `type:"list"`
// The type of information being passed, specifying how the value is to be interpreted
// by the other party:
//
// * ACCOUNT - Specifies an AWS account ID number.
//
// * ORGANIZATION - Specifies an organization ID number.
//
// * EMAIL - Specifies the email address that is associated with the account
// that receives the handshake.
//
// * OWNER_EMAIL - Specifies the email address associated with the master
// account. Included as information about an organization.
//
// * OWNER_NAME - Specifies the name associated with the master account.
// Included as information about an organization.
//
// * NOTES - Additional text provided by the handshake initiator and intended
// for the recipient to read.
Type *string `type:"string" enum:"HandshakeResourceType"`
// The information that is passed to the other party in the handshake. The format
// of the value string must match the requirements of the specified type.
Value *string `type:"string"`
}
// String returns the string representation
func (s HandshakeResource) String() string {
return awsutil.Prettify(s)
}
// GoString returns the string representation
func (s HandshakeResource) GoString() string {
return s.String()
}
// SetResources sets the Resources field's value.
func (s *HandshakeResource) SetResources(v []*HandshakeResource) *HandshakeResource {
s.Resources = v
return s
}
// SetType sets the Type field's value.
func (s *HandshakeResource) SetType(v string) *HandshakeResource {
s.Type = &v
return s
}
// SetValue sets the Value field's value.
func (s *HandshakeResource) SetValue(v string) *HandshakeResource {
s.Value = &v
return s
}
type InviteAccountToOrganizationInput struct {
_ struct{} `type:"structure"`
// Additional information that you want to include in the generated email to
// the recipient account owner.
Notes *string `type:"string"`
// The identifier (ID) of the AWS account that you want to invite to join your
// organization. This is a JSON object that contains the following elements:
//
// { "Type": "ACCOUNT", "Id": "<account id number>" }
//
// If you use the AWS CLI, you can submit this as a single string, similar to
// the following example:
//
// --target Id=123456789012,Type=ACCOUNT
//
// If you specify "Type": "ACCOUNT", then you must provide the AWS account ID
// number as the Id. If you specify "Type": "EMAIL", then you must specify the
// email address that is associated with the account.
//
// --target Id=bill@example.com,Type=EMAIL
//
// Target is a required field
Target *HandshakeParty `type:"structure" required:"true"`
}
// String returns the string representation
func (s InviteAccountToOrganizationInput) String() string {
return awsutil.Prettify(s)
}
// GoString returns the string representation
func (s InviteAccountToOrganizationInput) GoString() string {
return s.String()
}
// Validate inspects the fields of the type to determine if they are valid.
func (s *InviteAccountToOrganizationInput) Validate() error {
invalidParams := request.ErrInvalidParams{Context: "InviteAccountToOrganizationInput"}
if s.Target == nil {
invalidParams.Add(request.NewErrParamRequired("Target"))
}
if s.Target != nil {
if err := s.Target.Validate(); err != nil {
invalidParams.AddNested("Target", err.(request.ErrInvalidParams))
}
}
if invalidParams.Len() > 0 {
return invalidParams
}
return nil
}
// SetNotes sets the Notes field's value.
func (s *InviteAccountToOrganizationInput) SetNotes(v string) *InviteAccountToOrganizationInput {
s.Notes = &v
return s
}
// SetTarget sets the Target field's value.
func (s *InviteAccountToOrganizationInput) SetTarget(v *HandshakeParty) *InviteAccountToOrganizationInput {
s.Target = v
return s
}
type InviteAccountToOrganizationOutput struct {
_ struct{} `type:"structure"`
// A structure that contains details about the handshake that is created to
// support this invitation request.
Handshake *Handshake `type:"structure"`
}
// String returns the string representation
func (s InviteAccountToOrganizationOutput) String() string {
return awsutil.Prettify(s)
}
// GoString returns the string representation
func (s InviteAccountToOrganizationOutput) GoString() string {
return s.String()
}
// SetHandshake sets the Handshake field's value.
func (s *InviteAccountToOrganizationOutput) SetHandshake(v *Handshake) *InviteAccountToOrganizationOutput {
s.Handshake = v
return s
}
type LeaveOrganizationInput struct {
_ struct{} `type:"structure"`
}
// String returns the string representation
func (s LeaveOrganizationInput) String() string {
return awsutil.Prettify(s)
}
// GoString returns the string representation
func (s LeaveOrganizationInput) GoString() string {
return s.String()
}
type LeaveOrganizationOutput struct {
_ struct{} `type:"structure"`
}
// String returns the string representation
func (s LeaveOrganizationOutput) String() string {
return awsutil.Prettify(s)
}
// GoString returns the string representation
func (s LeaveOrganizationOutput) GoString() string {
return s.String()
}
type ListAWSServiceAccessForOrganizationInput struct {
_ struct{} `type:"structure"`
// (Optional) Use this to limit the number of results you want included in the
// response. If you do not include this parameter, it defaults to a value that
// is specific to the operation. If additional items exist beyond the maximum
// you specify, the NextToken response element is present and has a value (is
// not null). Include that value as the NextToken request parameter in the next
// call to the operation to get the next part of the results. Note that Organizations
// might return fewer results than the maximum even when there are more results
// available. You should check NextToken after every operation to ensure that
// you receive all of the results.
MaxResults *int64 `min:"1" type:"integer"`
// Use this parameter if you receive a NextToken response in a previous request
// that indicates that there is more output available. Set it to the value of
// the previous call's NextToken response to indicate where the output should
// continue from.
NextToken *string `type:"string"`
}
// String returns the string representation
func (s ListAWSServiceAccessForOrganizationInput) String() string {
return awsutil.Prettify(s)
}
// GoString returns the string representation
func (s ListAWSServiceAccessForOrganizationInput) GoString() string {
return s.String()
}
// Validate inspects the fields of the type to determine if they are valid.
func (s *ListAWSServiceAccessForOrganizationInput) Validate() error {
invalidParams := request.ErrInvalidParams{Context: "ListAWSServiceAccessForOrganizationInput"}
if s.MaxResults != nil && *s.MaxResults < 1 {
invalidParams.Add(request.NewErrParamMinValue("MaxResults", 1))
}
if invalidParams.Len() > 0 {
return invalidParams
}
return nil
}
// SetMaxResults sets the MaxResults field's value.
func (s *ListAWSServiceAccessForOrganizationInput) SetMaxResults(v int64) *ListAWSServiceAccessForOrganizationInput {
s.MaxResults = &v
return s
}
// SetNextToken sets the NextToken field's value.
func (s *ListAWSServiceAccessForOrganizationInput) SetNextToken(v string) *ListAWSServiceAccessForOrganizationInput {
s.NextToken = &v
return s
}
type ListAWSServiceAccessForOrganizationOutput struct {
_ struct{} `type:"structure"`
// A list of the service principals for the services that are enabled to integrate
// with your organization. Each principal is a structure that includes the name
// and the date that it was enabled for integration with AWS Organizations.
EnabledServicePrincipals []*EnabledServicePrincipal `type:"list"`
// If present, this value indicates that there is more output available than
// is included in the current response. Use this value in the NextToken request
// parameter in a subsequent call to the operation to get the next part of the
// output. You should repeat this until the NextToken response element comes
// back as null.
NextToken *string `type:"string"`
}
// String returns the string representation
func (s ListAWSServiceAccessForOrganizationOutput) String() string {
return awsutil.Prettify(s)
}
// GoString returns the string representation
func (s ListAWSServiceAccessForOrganizationOutput) GoString() string {
return s.String()
}
// SetEnabledServicePrincipals sets the EnabledServicePrincipals field's value.
func (s *ListAWSServiceAccessForOrganizationOutput) SetEnabledServicePrincipals(v []*EnabledServicePrincipal) *ListAWSServiceAccessForOrganizationOutput {
s.EnabledServicePrincipals = v
return s
}
// SetNextToken sets the NextToken field's value.
func (s *ListAWSServiceAccessForOrganizationOutput) SetNextToken(v string) *ListAWSServiceAccessForOrganizationOutput {
s.NextToken = &v
return s
}
type ListAccountsForParentInput struct {
_ struct{} `type:"structure"`
// (Optional) Use this to limit the number of results you want included in the
// response. If you do not include this parameter, it defaults to a value that
// is specific to the operation. If additional items exist beyond the maximum
// you specify, the NextToken response element is present and has a value (is
// not null). Include that value as the NextToken request parameter in the next
// call to the operation to get the next part of the results. Note that Organizations
// might return fewer results than the maximum even when there are more results
// available. You should check NextToken after every operation to ensure that
// you receive all of the results.
MaxResults *int64 `min:"1" type:"integer"`
// Use this parameter if you receive a NextToken response in a previous request
// that indicates that there is more output available. Set it to the value of
// the previous call's NextToken response to indicate where the output should
// continue from.
NextToken *string `type:"string"`
// The unique identifier (ID) for the parent root or organization unit (OU)
// whose accounts you want to list.
//
// ParentId is a required field
ParentId *string `type:"string" required:"true"`
}
// String returns the string representation
func (s ListAccountsForParentInput) String() string {
return awsutil.Prettify(s)
}
// GoString returns the string representation
func (s ListAccountsForParentInput) GoString() string {
return s.String()
}
// Validate inspects the fields of the type to determine if they are valid.
func (s *ListAccountsForParentInput) Validate() error {
invalidParams := request.ErrInvalidParams{Context: "ListAccountsForParentInput"}
if s.MaxResults != nil && *s.MaxResults < 1 {
invalidParams.Add(request.NewErrParamMinValue("MaxResults", 1))
}
if s.ParentId == nil {
invalidParams.Add(request.NewErrParamRequired("ParentId"))
}
if invalidParams.Len() > 0 {
return invalidParams
}
return nil
}
// SetMaxResults sets the MaxResults field's value.
func (s *ListAccountsForParentInput) SetMaxResults(v int64) *ListAccountsForParentInput {
s.MaxResults = &v
return s
}
// SetNextToken sets the NextToken field's value.
func (s *ListAccountsForParentInput) SetNextToken(v string) *ListAccountsForParentInput {
s.NextToken = &v
return s
}
// SetParentId sets the ParentId field's value.
func (s *ListAccountsForParentInput) SetParentId(v string) *ListAccountsForParentInput {
s.ParentId = &v
return s
}
type ListAccountsForParentOutput struct {
_ struct{} `type:"structure"`
// A list of the accounts in the specified root or OU.
Accounts []*Account `type:"list"`
// If present, this value indicates that there is more output available than
// is included in the current response. Use this value in the NextToken request
// parameter in a subsequent call to the operation to get the next part of the
// output. You should repeat this until the NextToken response element comes
// back as null.
NextToken *string `type:"string"`
}
// String returns the string representation
func (s ListAccountsForParentOutput) String() string {
return awsutil.Prettify(s)
}
// GoString returns the string representation
func (s ListAccountsForParentOutput) GoString() string {
return s.String()
}
// SetAccounts sets the Accounts field's value.
func (s *ListAccountsForParentOutput) SetAccounts(v []*Account) *ListAccountsForParentOutput {
s.Accounts = v
return s
}
// SetNextToken sets the NextToken field's value.
func (s *ListAccountsForParentOutput) SetNextToken(v string) *ListAccountsForParentOutput {
s.NextToken = &v
return s
}
type ListAccountsInput struct {
_ struct{} `type:"structure"`
// (Optional) Use this to limit the number of results you want included in the
// response. If you do not include this parameter, it defaults to a value that
// is specific to the operation. If additional items exist beyond the maximum
// you specify, the NextToken response element is present and has a value (is
// not null). Include that value as the NextToken request parameter in the next
// call to the operation to get the next part of the results. Note that Organizations
// might return fewer results than the maximum even when there are more results
// available. You should check NextToken after every operation to ensure that
// you receive all of the results.
MaxResults *int64 `min:"1" type:"integer"`
// Use this parameter if you receive a NextToken response in a previous request
// that indicates that there is more output available. Set it to the value of
// the previous call's NextToken response to indicate where the output should
// continue from.
NextToken *string `type:"string"`
}
// String returns the string representation
func (s ListAccountsInput) String() string {
return awsutil.Prettify(s)
}
// GoString returns the string representation
func (s ListAccountsInput) GoString() string {
return s.String()
}
// Validate inspects the fields of the type to determine if they are valid.
func (s *ListAccountsInput) Validate() error {
invalidParams := request.ErrInvalidParams{Context: "ListAccountsInput"}
if s.MaxResults != nil && *s.MaxResults < 1 {
invalidParams.Add(request.NewErrParamMinValue("MaxResults", 1))
}
if invalidParams.Len() > 0 {
return invalidParams
}
return nil
}
// SetMaxResults sets the MaxResults field's value.
func (s *ListAccountsInput) SetMaxResults(v int64) *ListAccountsInput {
s.MaxResults = &v
return s
}
// SetNextToken sets the NextToken field's value.
func (s *ListAccountsInput) SetNextToken(v string) *ListAccountsInput {
s.NextToken = &v
return s
}
type ListAccountsOutput struct {
_ struct{} `type:"structure"`
// A list of objects in the organization.
Accounts []*Account `type:"list"`
// If present, this value indicates that there is more output available than
// is included in the current response. Use this value in the NextToken request
// parameter in a subsequent call to the operation to get the next part of the
// output. You should repeat this until the NextToken response element comes
// back as null.
NextToken *string `type:"string"`
}
// String returns the string representation
func (s ListAccountsOutput) String() string {
return awsutil.Prettify(s)
}
// GoString returns the string representation
func (s ListAccountsOutput) GoString() string {
return s.String()
}
// SetAccounts sets the Accounts field's value.
func (s *ListAccountsOutput) SetAccounts(v []*Account) *ListAccountsOutput {
s.Accounts = v
return s
}
// SetNextToken sets the NextToken field's value.
func (s *ListAccountsOutput) SetNextToken(v string) *ListAccountsOutput {
s.NextToken = &v
return s
}
type ListChildrenInput struct {
_ struct{} `type:"structure"`
// Filters the output to include only the specified child type.
//
// ChildType is a required field
ChildType *string `type:"string" required:"true" enum:"ChildType"`
// (Optional) Use this to limit the number of results you want included in the
// response. If you do not include this parameter, it defaults to a value that
// is specific to the operation. If additional items exist beyond the maximum
// you specify, the NextToken response element is present and has a value (is
// not null). Include that value as the NextToken request parameter in the next
// call to the operation to get the next part of the results. Note that Organizations
// might return fewer results than the maximum even when there are more results
// available. You should check NextToken after every operation to ensure that
// you receive all of the results.
MaxResults *int64 `min:"1" type:"integer"`
// Use this parameter if you receive a NextToken response in a previous request
// that indicates that there is more output available. Set it to the value of
// the previous call's NextToken response to indicate where the output should
// continue from.
NextToken *string `type:"string"`
// The unique identifier (ID) for the parent root or OU whose children you want
// to list.
//
// The regex pattern (http://wikipedia.org/wiki/regex) for a parent ID string
// requires one of the following:
//
// * Root: a string that begins with "r-" followed by from 4 to 32 lower-case
// letters or digits.
//
// * Organizational unit (OU): a string that begins with "ou-" followed by
// from 4 to 32 lower-case letters or digits (the ID of the root that the
// OU is in) followed by a second "-" dash and from 8 to 32 additional lower-case
// letters or digits.
//
// ParentId is a required field
ParentId *string `type:"string" required:"true"`
}
// String returns the string representation
func (s ListChildrenInput) String() string {
return awsutil.Prettify(s)
}
// GoString returns the string representation
func (s ListChildrenInput) GoString() string {
return s.String()
}
// Validate inspects the fields of the type to determine if they are valid.
func (s *ListChildrenInput) Validate() error {
invalidParams := request.ErrInvalidParams{Context: "ListChildrenInput"}
if s.ChildType == nil {
invalidParams.Add(request.NewErrParamRequired("ChildType"))
}
if s.MaxResults != nil && *s.MaxResults < 1 {
invalidParams.Add(request.NewErrParamMinValue("MaxResults", 1))
}
if s.ParentId == nil {
invalidParams.Add(request.NewErrParamRequired("ParentId"))
}
if invalidParams.Len() > 0 {
return invalidParams
}
return nil
}
// SetChildType sets the ChildType field's value.
func (s *ListChildrenInput) SetChildType(v string) *ListChildrenInput {
s.ChildType = &v
return s
}
// SetMaxResults sets the MaxResults field's value.
func (s *ListChildrenInput) SetMaxResults(v int64) *ListChildrenInput {
s.MaxResults = &v
return s
}
// SetNextToken sets the NextToken field's value.
func (s *ListChildrenInput) SetNextToken(v string) *ListChildrenInput {
s.NextToken = &v
return s
}
// SetParentId sets the ParentId field's value.
func (s *ListChildrenInput) SetParentId(v string) *ListChildrenInput {
s.ParentId = &v
return s
}
type ListChildrenOutput struct {
_ struct{} `type:"structure"`
// The list of children of the specified parent container.
Children []*Child `type:"list"`
// If present, this value indicates that there is more output available than
// is included in the current response. Use this value in the NextToken request
// parameter in a subsequent call to the operation to get the next part of the
// output. You should repeat this until the NextToken response element comes
// back as null.
NextToken *string `type:"string"`
}
// String returns the string representation
func (s ListChildrenOutput) String() string {
return awsutil.Prettify(s)
}
// GoString returns the string representation
func (s ListChildrenOutput) GoString() string {
return s.String()
}
// SetChildren sets the Children field's value.
func (s *ListChildrenOutput) SetChildren(v []*Child) *ListChildrenOutput {
s.Children = v
return s
}
// SetNextToken sets the NextToken field's value.
func (s *ListChildrenOutput) SetNextToken(v string) *ListChildrenOutput {
s.NextToken = &v
return s
}
type ListCreateAccountStatusInput struct {
_ struct{} `type:"structure"`
// (Optional) Use this to limit the number of results you want included in the
// response. If you do not include this parameter, it defaults to a value that
// is specific to the operation. If additional items exist beyond the maximum
// you specify, the NextToken response element is present and has a value (is
// not null). Include that value as the NextToken request parameter in the next
// call to the operation to get the next part of the results. Note that Organizations
// might return fewer results than the maximum even when there are more results
// available. You should check NextToken after every operation to ensure that
// you receive all of the results.
MaxResults *int64 `min:"1" type:"integer"`
// Use this parameter if you receive a NextToken response in a previous request
// that indicates that there is more output available. Set it to the value of
// the previous call's NextToken response to indicate where the output should
// continue from.
NextToken *string `type:"string"`
// A list of one or more states that you want included in the response. If this
// parameter is not present, then all requests are included in the response.
States []*string `type:"list"`
}
// String returns the string representation
func (s ListCreateAccountStatusInput) String() string {
return awsutil.Prettify(s)
}
// GoString returns the string representation
func (s ListCreateAccountStatusInput) GoString() string {
return s.String()
}
// Validate inspects the fields of the type to determine if they are valid.
func (s *ListCreateAccountStatusInput) Validate() error {
invalidParams := request.ErrInvalidParams{Context: "ListCreateAccountStatusInput"}
if s.MaxResults != nil && *s.MaxResults < 1 {
invalidParams.Add(request.NewErrParamMinValue("MaxResults", 1))
}
if invalidParams.Len() > 0 {
return invalidParams
}
return nil
}
// SetMaxResults sets the MaxResults field's value.
func (s *ListCreateAccountStatusInput) SetMaxResults(v int64) *ListCreateAccountStatusInput {
s.MaxResults = &v
return s
}
// SetNextToken sets the NextToken field's value.
func (s *ListCreateAccountStatusInput) SetNextToken(v string) *ListCreateAccountStatusInput {
s.NextToken = &v
return s
}
// SetStates sets the States field's value.
func (s *ListCreateAccountStatusInput) SetStates(v []*string) *ListCreateAccountStatusInput {
s.States = v
return s
}
type ListCreateAccountStatusOutput struct {
_ struct{} `type:"structure"`
// A list of objects with details about the requests. Certain elements, such
// as the accountId number, are present in the output only after the account
// has been successfully created.
CreateAccountStatuses []*CreateAccountStatus `type:"list"`
// If present, this value indicates that there is more output available than
// is included in the current response. Use this value in the NextToken request
// parameter in a subsequent call to the operation to get the next part of the
// output. You should repeat this until the NextToken response element comes
// back as null.
NextToken *string `type:"string"`
}
// String returns the string representation
func (s ListCreateAccountStatusOutput) String() string {
return awsutil.Prettify(s)
}
// GoString returns the string representation
func (s ListCreateAccountStatusOutput) GoString() string {
return s.String()
}
// SetCreateAccountStatuses sets the CreateAccountStatuses field's value.
func (s *ListCreateAccountStatusOutput) SetCreateAccountStatuses(v []*CreateAccountStatus) *ListCreateAccountStatusOutput {
s.CreateAccountStatuses = v
return s
}
// SetNextToken sets the NextToken field's value.
func (s *ListCreateAccountStatusOutput) SetNextToken(v string) *ListCreateAccountStatusOutput {
s.NextToken = &v
return s
}
type ListHandshakesForAccountInput struct {
_ struct{} `type:"structure"`
// Filters the handshakes that you want included in the response. The default
// is all types. Use the ActionType element to limit the output to only a specified
// type, such as INVITE, ENABLE-FULL-CONTROL, or APPROVE-FULL-CONTROL. Alternatively,
// for the ENABLE-FULL-CONTROL handshake that generates a separate child handshake
// for each member account, you can specify ParentHandshakeId to see only the
// handshakes that were generated by that parent request.
Filter *HandshakeFilter `type:"structure"`
// (Optional) Use this to limit the number of results you want included in the
// response. If you do not include this parameter, it defaults to a value that
// is specific to the operation. If additional items exist beyond the maximum
// you specify, the NextToken response element is present and has a value (is
// not null). Include that value as the NextToken request parameter in the next
// call to the operation to get the next part of the results. Note that Organizations
// might return fewer results than the maximum even when there are more results
// available. You should check NextToken after every operation to ensure that
// you receive all of the results.
MaxResults *int64 `min:"1" type:"integer"`
// Use this parameter if you receive a NextToken response in a previous request
// that indicates that there is more output available. Set it to the value of
// the previous call's NextToken response to indicate where the output should
// continue from.
NextToken *string `type:"string"`
}
// String returns the string representation
func (s ListHandshakesForAccountInput) String() string {
return awsutil.Prettify(s)
}
// GoString returns the string representation
func (s ListHandshakesForAccountInput) GoString() string {
return s.String()
}
// Validate inspects the fields of the type to determine if they are valid.
func (s *ListHandshakesForAccountInput) Validate() error {
invalidParams := request.ErrInvalidParams{Context: "ListHandshakesForAccountInput"}
if s.MaxResults != nil && *s.MaxResults < 1 {
invalidParams.Add(request.NewErrParamMinValue("MaxResults", 1))
}
if invalidParams.Len() > 0 {
return invalidParams
}
return nil
}
// SetFilter sets the Filter field's value.
func (s *ListHandshakesForAccountInput) SetFilter(v *HandshakeFilter) *ListHandshakesForAccountInput {
s.Filter = v
return s
}
// SetMaxResults sets the MaxResults field's value.
func (s *ListHandshakesForAccountInput) SetMaxResults(v int64) *ListHandshakesForAccountInput {
s.MaxResults = &v
return s
}
// SetNextToken sets the NextToken field's value.
func (s *ListHandshakesForAccountInput) SetNextToken(v string) *ListHandshakesForAccountInput {
s.NextToken = &v
return s
}
type ListHandshakesForAccountOutput struct {
_ struct{} `type:"structure"`
// A list of Handshake objects with details about each of the handshakes that
// is associated with the specified account.
Handshakes []*Handshake `type:"list"`
// If present, this value indicates that there is more output available than
// is included in the current response. Use this value in the NextToken request
// parameter in a subsequent call to the operation to get the next part of the
// output. You should repeat this until the NextToken response element comes
// back as null.
NextToken *string `type:"string"`
}
// String returns the string representation
func (s ListHandshakesForAccountOutput) String() string {
return awsutil.Prettify(s)
}
// GoString returns the string representation
func (s ListHandshakesForAccountOutput) GoString() string {
return s.String()
}
// SetHandshakes sets the Handshakes field's value.
func (s *ListHandshakesForAccountOutput) SetHandshakes(v []*Handshake) *ListHandshakesForAccountOutput {
s.Handshakes = v
return s
}
// SetNextToken sets the NextToken field's value.
func (s *ListHandshakesForAccountOutput) SetNextToken(v string) *ListHandshakesForAccountOutput {
s.NextToken = &v
return s
}
type ListHandshakesForOrganizationInput struct {
_ struct{} `type:"structure"`
// A filter of the handshakes that you want included in the response. The default
// is all types. Use the ActionType element to limit the output to only a specified
// type, such as INVITE, ENABLE-ALL-FEATURES, or APPROVE-ALL-FEATURES. Alternatively,
// for the ENABLE-ALL-FEATURES handshake that generates a separate child handshake
// for each member account, you can specify the ParentHandshakeId to see only
// the handshakes that were generated by that parent request.
Filter *HandshakeFilter `type:"structure"`
// (Optional) Use this to limit the number of results you want included in the
// response. If you do not include this parameter, it defaults to a value that
// is specific to the operation. If additional items exist beyond the maximum
// you specify, the NextToken response element is present and has a value (is
// not null). Include that value as the NextToken request parameter in the next
// call to the operation to get the next part of the results. Note that Organizations
// might return fewer results than the maximum even when there are more results
// available. You should check NextToken after every operation to ensure that
// you receive all of the results.
MaxResults *int64 `min:"1" type:"integer"`
// Use this parameter if you receive a NextToken response in a previous request
// that indicates that there is more output available. Set it to the value of
// the previous call's NextToken response to indicate where the output should
// continue from.
NextToken *string `type:"string"`
}
// String returns the string representation
func (s ListHandshakesForOrganizationInput) String() string {
return awsutil.Prettify(s)
}
// GoString returns the string representation
func (s ListHandshakesForOrganizationInput) GoString() string {
return s.String()
}
// Validate inspects the fields of the type to determine if they are valid.
func (s *ListHandshakesForOrganizationInput) Validate() error {
invalidParams := request.ErrInvalidParams{Context: "ListHandshakesForOrganizationInput"}
if s.MaxResults != nil && *s.MaxResults < 1 {
invalidParams.Add(request.NewErrParamMinValue("MaxResults", 1))
}
if invalidParams.Len() > 0 {
return invalidParams
}
return nil
}
// SetFilter sets the Filter field's value.
func (s *ListHandshakesForOrganizationInput) SetFilter(v *HandshakeFilter) *ListHandshakesForOrganizationInput {
s.Filter = v
return s
}
// SetMaxResults sets the MaxResults field's value.
func (s *ListHandshakesForOrganizationInput) SetMaxResults(v int64) *ListHandshakesForOrganizationInput {
s.MaxResults = &v
return s
}
// SetNextToken sets the NextToken field's value.
func (s *ListHandshakesForOrganizationInput) SetNextToken(v string) *ListHandshakesForOrganizationInput {
s.NextToken = &v
return s
}
type ListHandshakesForOrganizationOutput struct {
_ struct{} `type:"structure"`
// A list of Handshake objects with details about each of the handshakes that
// are associated with an organization.
Handshakes []*Handshake `type:"list"`
// If present, this value indicates that there is more output available than
// is included in the current response. Use this value in the NextToken request
// parameter in a subsequent call to the operation to get the next part of the
// output. You should repeat this until the NextToken response element comes
// back as null.
NextToken *string `type:"string"`
}
// String returns the string representation
func (s ListHandshakesForOrganizationOutput) String() string {
return awsutil.Prettify(s)
}
// GoString returns the string representation
func (s ListHandshakesForOrganizationOutput) GoString() string {
return s.String()
}
// SetHandshakes sets the Handshakes field's value.
func (s *ListHandshakesForOrganizationOutput) SetHandshakes(v []*Handshake) *ListHandshakesForOrganizationOutput {
s.Handshakes = v
return s
}
// SetNextToken sets the NextToken field's value.
func (s *ListHandshakesForOrganizationOutput) SetNextToken(v string) *ListHandshakesForOrganizationOutput {
s.NextToken = &v
return s
}
type ListOrganizationalUnitsForParentInput struct {
_ struct{} `type:"structure"`
// (Optional) Use this to limit the number of results you want included in the
// response. If you do not include this parameter, it defaults to a value that
// is specific to the operation. If additional items exist beyond the maximum
// you specify, the NextToken response element is present and has a value (is
// not null). Include that value as the NextToken request parameter in the next
// call to the operation to get the next part of the results. Note that Organizations
// might return fewer results than the maximum even when there are more results
// available. You should check NextToken after every operation to ensure that
// you receive all of the results.
MaxResults *int64 `min:"1" type:"integer"`
// Use this parameter if you receive a NextToken response in a previous request
// that indicates that there is more output available. Set it to the value of
// the previous call's NextToken response to indicate where the output should
// continue from.
NextToken *string `type:"string"`
// The unique identifier (ID) of the root or OU whose child OUs you want to
// list.
//
// The regex pattern (http://wikipedia.org/wiki/regex) for a parent ID string
// requires one of the following:
//
// * Root: a string that begins with "r-" followed by from 4 to 32 lower-case
// letters or digits.
//
// * Organizational unit (OU): a string that begins with "ou-" followed by
// from 4 to 32 lower-case letters or digits (the ID of the root that the
// OU is in) followed by a second "-" dash and from 8 to 32 additional lower-case
// letters or digits.
//
// ParentId is a required field
ParentId *string `type:"string" required:"true"`
}
// String returns the string representation
func (s ListOrganizationalUnitsForParentInput) String() string {
return awsutil.Prettify(s)
}
// GoString returns the string representation
func (s ListOrganizationalUnitsForParentInput) GoString() string {
return s.String()
}
// Validate inspects the fields of the type to determine if they are valid.
func (s *ListOrganizationalUnitsForParentInput) Validate() error {
invalidParams := request.ErrInvalidParams{Context: "ListOrganizationalUnitsForParentInput"}
if s.MaxResults != nil && *s.MaxResults < 1 {
invalidParams.Add(request.NewErrParamMinValue("MaxResults", 1))
}
if s.ParentId == nil {
invalidParams.Add(request.NewErrParamRequired("ParentId"))
}
if invalidParams.Len() > 0 {
return invalidParams
}
return nil
}
// SetMaxResults sets the MaxResults field's value.
func (s *ListOrganizationalUnitsForParentInput) SetMaxResults(v int64) *ListOrganizationalUnitsForParentInput {
s.MaxResults = &v
return s
}
// SetNextToken sets the NextToken field's value.
func (s *ListOrganizationalUnitsForParentInput) SetNextToken(v string) *ListOrganizationalUnitsForParentInput {
s.NextToken = &v
return s
}
// SetParentId sets the ParentId field's value.
func (s *ListOrganizationalUnitsForParentInput) SetParentId(v string) *ListOrganizationalUnitsForParentInput {
s.ParentId = &v
return s
}
type ListOrganizationalUnitsForParentOutput struct {
_ struct{} `type:"structure"`
// If present, this value indicates that there is more output available than
// is included in the current response. Use this value in the NextToken request
// parameter in a subsequent call to the operation to get the next part of the
// output. You should repeat this until the NextToken response element comes
// back as null.
NextToken *string `type:"string"`
// A list of the OUs in the specified root or parent OU.
OrganizationalUnits []*OrganizationalUnit `type:"list"`
}
// String returns the string representation
func (s ListOrganizationalUnitsForParentOutput) String() string {
return awsutil.Prettify(s)
}
// GoString returns the string representation
func (s ListOrganizationalUnitsForParentOutput) GoString() string {
return s.String()
}
// SetNextToken sets the NextToken field's value.
func (s *ListOrganizationalUnitsForParentOutput) SetNextToken(v string) *ListOrganizationalUnitsForParentOutput {
s.NextToken = &v
return s
}
// SetOrganizationalUnits sets the OrganizationalUnits field's value.
func (s *ListOrganizationalUnitsForParentOutput) SetOrganizationalUnits(v []*OrganizationalUnit) *ListOrganizationalUnitsForParentOutput {
s.OrganizationalUnits = v
return s
}
type ListParentsInput struct {
_ struct{} `type:"structure"`
// The unique identifier (ID) of the OU or account whose parent containers you
// want to list. Do not specify a root.
//
// The regex pattern (http://wikipedia.org/wiki/regex) for a child ID string
// requires one of the following:
//
// * Account: a string that consists of exactly 12 digits.
//
// * Organizational unit (OU): a string that begins with "ou-" followed by
// from 4 to 32 lower-case letters or digits (the ID of the root that contains
// the OU) followed by a second "-" dash and from 8 to 32 additional lower-case
// letters or digits.
//
// ChildId is a required field
ChildId *string `type:"string" required:"true"`
// (Optional) Use this to limit the number of results you want included in the
// response. If you do not include this parameter, it defaults to a value that
// is specific to the operation. If additional items exist beyond the maximum
// you specify, the NextToken response element is present and has a value (is
// not null). Include that value as the NextToken request parameter in the next
// call to the operation to get the next part of the results. Note that Organizations
// might return fewer results than the maximum even when there are more results
// available. You should check NextToken after every operation to ensure that
// you receive all of the results.
MaxResults *int64 `min:"1" type:"integer"`
// Use this parameter if you receive a NextToken response in a previous request
// that indicates that there is more output available. Set it to the value of
// the previous call's NextToken response to indicate where the output should
// continue from.
NextToken *string `type:"string"`
}
// String returns the string representation
func (s ListParentsInput) String() string {
return awsutil.Prettify(s)
}
// GoString returns the string representation
func (s ListParentsInput) GoString() string {
return s.String()
}
// Validate inspects the fields of the type to determine if they are valid.
func (s *ListParentsInput) Validate() error {
invalidParams := request.ErrInvalidParams{Context: "ListParentsInput"}
if s.ChildId == nil {
invalidParams.Add(request.NewErrParamRequired("ChildId"))
}
if s.MaxResults != nil && *s.MaxResults < 1 {
invalidParams.Add(request.NewErrParamMinValue("MaxResults", 1))
}
if invalidParams.Len() > 0 {
return invalidParams
}
return nil
}
// SetChildId sets the ChildId field's value.
func (s *ListParentsInput) SetChildId(v string) *ListParentsInput {
s.ChildId = &v
return s
}
// SetMaxResults sets the MaxResults field's value.
func (s *ListParentsInput) SetMaxResults(v int64) *ListParentsInput {
s.MaxResults = &v
return s
}
// SetNextToken sets the NextToken field's value.
func (s *ListParentsInput) SetNextToken(v string) *ListParentsInput {
s.NextToken = &v
return s
}
type ListParentsOutput struct {
_ struct{} `type:"structure"`
// If present, this value indicates that there is more output available than
// is included in the current response. Use this value in the NextToken request
// parameter in a subsequent call to the operation to get the next part of the
// output. You should repeat this until the NextToken response element comes
// back as null.
NextToken *string `type:"string"`
// A list of parents for the specified child account or OU.
Parents []*Parent `type:"list"`
}
// String returns the string representation
func (s ListParentsOutput) String() string {
return awsutil.Prettify(s)
}
// GoString returns the string representation
func (s ListParentsOutput) GoString() string {
return s.String()
}
// SetNextToken sets the NextToken field's value.
func (s *ListParentsOutput) SetNextToken(v string) *ListParentsOutput {
s.NextToken = &v
return s
}
// SetParents sets the Parents field's value.
func (s *ListParentsOutput) SetParents(v []*Parent) *ListParentsOutput {
s.Parents = v
return s
}
type ListPoliciesForTargetInput struct {
_ struct{} `type:"structure"`
// The type of policy that you want to include in the returned list.
//
// Filter is a required field
Filter *string `type:"string" required:"true" enum:"PolicyType"`
// (Optional) Use this to limit the number of results you want included in the
// response. If you do not include this parameter, it defaults to a value that
// is specific to the operation. If additional items exist beyond the maximum
// you specify, the NextToken response element is present and has a value (is
// not null). Include that value as the NextToken request parameter in the next
// call to the operation to get the next part of the results. Note that Organizations
// might return fewer results than the maximum even when there are more results
// available. You should check NextToken after every operation to ensure that
// you receive all of the results.
MaxResults *int64 `min:"1" type:"integer"`
// Use this parameter if you receive a NextToken response in a previous request
// that indicates that there is more output available. Set it to the value of
// the previous call's NextToken response to indicate where the output should
// continue from.
NextToken *string `type:"string"`
// The unique identifier (ID) of the root, organizational unit, or account whose
// policies you want to list.
//
// The regex pattern (http://wikipedia.org/wiki/regex) for a target ID string
// requires one of the following:
//
// * Root: a string that begins with "r-" followed by from 4 to 32 lower-case
// letters or digits.
//
// * Account: a string that consists of exactly 12 digits.
//
// * Organizational unit (OU): a string that begins with "ou-" followed by
// from 4 to 32 lower-case letters or digits (the ID of the root that the
// OU is in) followed by a second "-" dash and from 8 to 32 additional lower-case
// letters or digits.
//
// TargetId is a required field
TargetId *string `type:"string" required:"true"`
}
// String returns the string representation
func (s ListPoliciesForTargetInput) String() string {
return awsutil.Prettify(s)
}
// GoString returns the string representation
func (s ListPoliciesForTargetInput) GoString() string {
return s.String()
}
// Validate inspects the fields of the type to determine if they are valid.
func (s *ListPoliciesForTargetInput) Validate() error {
invalidParams := request.ErrInvalidParams{Context: "ListPoliciesForTargetInput"}
if s.Filter == nil {
invalidParams.Add(request.NewErrParamRequired("Filter"))
}
if s.MaxResults != nil && *s.MaxResults < 1 {
invalidParams.Add(request.NewErrParamMinValue("MaxResults", 1))
}
if s.TargetId == nil {
invalidParams.Add(request.NewErrParamRequired("TargetId"))
}
if invalidParams.Len() > 0 {
return invalidParams
}
return nil
}
// SetFilter sets the Filter field's value.
func (s *ListPoliciesForTargetInput) SetFilter(v string) *ListPoliciesForTargetInput {
s.Filter = &v
return s
}
// SetMaxResults sets the MaxResults field's value.
func (s *ListPoliciesForTargetInput) SetMaxResults(v int64) *ListPoliciesForTargetInput {
s.MaxResults = &v
return s
}
// SetNextToken sets the NextToken field's value.
func (s *ListPoliciesForTargetInput) SetNextToken(v string) *ListPoliciesForTargetInput {
s.NextToken = &v
return s
}
// SetTargetId sets the TargetId field's value.
func (s *ListPoliciesForTargetInput) SetTargetId(v string) *ListPoliciesForTargetInput {
s.TargetId = &v
return s
}
type ListPoliciesForTargetOutput struct {
_ struct{} `type:"structure"`
// If present, this value indicates that there is more output available than
// is included in the current response. Use this value in the NextToken request
// parameter in a subsequent call to the operation to get the next part of the
// output. You should repeat this until the NextToken response element comes
// back as null.
NextToken *string `type:"string"`
// The list of policies that match the criteria in the request.
Policies []*PolicySummary `type:"list"`
}
// String returns the string representation
func (s ListPoliciesForTargetOutput) String() string {
return awsutil.Prettify(s)
}
// GoString returns the string representation
func (s ListPoliciesForTargetOutput) GoString() string {
return s.String()
}
// SetNextToken sets the NextToken field's value.
func (s *ListPoliciesForTargetOutput) SetNextToken(v string) *ListPoliciesForTargetOutput {
s.NextToken = &v
return s
}
// SetPolicies sets the Policies field's value.
func (s *ListPoliciesForTargetOutput) SetPolicies(v []*PolicySummary) *ListPoliciesForTargetOutput {
s.Policies = v
return s
}
type ListPoliciesInput struct {
_ struct{} `type:"structure"`
// Specifies the type of policy that you want to include in the response.
//
// Filter is a required field
Filter *string `type:"string" required:"true" enum:"PolicyType"`
// (Optional) Use this to limit the number of results you want included in the
// response. If you do not include this parameter, it defaults to a value that
// is specific to the operation. If additional items exist beyond the maximum
// you specify, the NextToken response element is present and has a value (is
// not null). Include that value as the NextToken request parameter in the next
// call to the operation to get the next part of the results. Note that Organizations
// might return fewer results than the maximum even when there are more results
// available. You should check NextToken after every operation to ensure that
// you receive all of the results.
MaxResults *int64 `min:"1" type:"integer"`
// Use this parameter if you receive a NextToken response in a previous request
// that indicates that there is more output available. Set it to the value of
// the previous call's NextToken response to indicate where the output should
// continue from.
NextToken *string `type:"string"`
}
// String returns the string representation
func (s ListPoliciesInput) String() string {
return awsutil.Prettify(s)
}
// GoString returns the string representation
func (s ListPoliciesInput) GoString() string {
return s.String()
}
// Validate inspects the fields of the type to determine if they are valid.
func (s *ListPoliciesInput) Validate() error {
invalidParams := request.ErrInvalidParams{Context: "ListPoliciesInput"}
if s.Filter == nil {
invalidParams.Add(request.NewErrParamRequired("Filter"))
}
if s.MaxResults != nil && *s.MaxResults < 1 {
invalidParams.Add(request.NewErrParamMinValue("MaxResults", 1))
}
if invalidParams.Len() > 0 {
return invalidParams
}
return nil
}
// SetFilter sets the Filter field's value.
func (s *ListPoliciesInput) SetFilter(v string) *ListPoliciesInput {
s.Filter = &v
return s
}
// SetMaxResults sets the MaxResults field's value.
func (s *ListPoliciesInput) SetMaxResults(v int64) *ListPoliciesInput {
s.MaxResults = &v
return s
}
// SetNextToken sets the NextToken field's value.
func (s *ListPoliciesInput) SetNextToken(v string) *ListPoliciesInput {
s.NextToken = &v
return s
}
type ListPoliciesOutput struct {
_ struct{} `type:"structure"`
// If present, this value indicates that there is more output available than
// is included in the current response. Use this value in the NextToken request
// parameter in a subsequent call to the operation to get the next part of the
// output. You should repeat this until the NextToken response element comes
// back as null.
NextToken *string `type:"string"`
// A list of policies that match the filter criteria in the request. The output
// list does not include the policy contents. To see the content for a policy,
// see DescribePolicy.
Policies []*PolicySummary `type:"list"`
}
// String returns the string representation
func (s ListPoliciesOutput) String() string {
return awsutil.Prettify(s)
}
// GoString returns the string representation
func (s ListPoliciesOutput) GoString() string {
return s.String()
}
// SetNextToken sets the NextToken field's value.
func (s *ListPoliciesOutput) SetNextToken(v string) *ListPoliciesOutput {
s.NextToken = &v
return s
}
// SetPolicies sets the Policies field's value.
func (s *ListPoliciesOutput) SetPolicies(v []*PolicySummary) *ListPoliciesOutput {
s.Policies = v
return s
}
type ListRootsInput struct {
_ struct{} `type:"structure"`
// (Optional) Use this to limit the number of results you want included in the
// response. If you do not include this parameter, it defaults to a value that
// is specific to the operation. If additional items exist beyond the maximum
// you specify, the NextToken response element is present and has a value (is
// not null). Include that value as the NextToken request parameter in the next
// call to the operation to get the next part of the results. Note that Organizations
// might return fewer results than the maximum even when there are more results
// available. You should check NextToken after every operation to ensure that
// you receive all of the results.
MaxResults *int64 `min:"1" type:"integer"`
// Use this parameter if you receive a NextToken response in a previous request
// that indicates that there is more output available. Set it to the value of
// the previous call's NextToken response to indicate where the output should
// continue from.
NextToken *string `type:"string"`
}
// String returns the string representation
func (s ListRootsInput) String() string {
return awsutil.Prettify(s)
}
// GoString returns the string representation
func (s ListRootsInput) GoString() string {
return s.String()
}
// Validate inspects the fields of the type to determine if they are valid.
func (s *ListRootsInput) Validate() error {
invalidParams := request.ErrInvalidParams{Context: "ListRootsInput"}
if s.MaxResults != nil && *s.MaxResults < 1 {
invalidParams.Add(request.NewErrParamMinValue("MaxResults", 1))
}
if invalidParams.Len() > 0 {
return invalidParams
}
return nil
}
// SetMaxResults sets the MaxResults field's value.
func (s *ListRootsInput) SetMaxResults(v int64) *ListRootsInput {
s.MaxResults = &v
return s
}
// SetNextToken sets the NextToken field's value.
func (s *ListRootsInput) SetNextToken(v string) *ListRootsInput {
s.NextToken = &v
return s
}
type ListRootsOutput struct {
_ struct{} `type:"structure"`
// If present, this value indicates that there is more output available than
// is included in the current response. Use this value in the NextToken request
// parameter in a subsequent call to the operation to get the next part of the
// output. You should repeat this until the NextToken response element comes
// back as null.
NextToken *string `type:"string"`
// A list of roots that are defined in an organization.
Roots []*Root `type:"list"`
}
// String returns the string representation
func (s ListRootsOutput) String() string {
return awsutil.Prettify(s)
}
// GoString returns the string representation
func (s ListRootsOutput) GoString() string {
return s.String()
}
// SetNextToken sets the NextToken field's value.
func (s *ListRootsOutput) SetNextToken(v string) *ListRootsOutput {
s.NextToken = &v
return s
}
// SetRoots sets the Roots field's value.
func (s *ListRootsOutput) SetRoots(v []*Root) *ListRootsOutput {
s.Roots = v
return s
}
type ListTargetsForPolicyInput struct {
_ struct{} `type:"structure"`
// (Optional) Use this to limit the number of results you want included in the
// response. If you do not include this parameter, it defaults to a value that
// is specific to the operation. If additional items exist beyond the maximum
// you specify, the NextToken response element is present and has a value (is
// not null). Include that value as the NextToken request parameter in the next
// call to the operation to get the next part of the results. Note that Organizations
// might return fewer results than the maximum even when there are more results
// available. You should check NextToken after every operation to ensure that
// you receive all of the results.
MaxResults *int64 `min:"1" type:"integer"`
// Use this parameter if you receive a NextToken response in a previous request
// that indicates that there is more output available. Set it to the value of
// the previous call's NextToken response to indicate where the output should
// continue from.
NextToken *string `type:"string"`
// The unique identifier (ID) of the policy for which you want to know its attachments.
//
// The regex pattern (http://wikipedia.org/wiki/regex) for a policy ID string
// requires "p-" followed by from 8 to 128 lower-case letters or digits.
//
// PolicyId is a required field
PolicyId *string `type:"string" required:"true"`
}
// String returns the string representation
func (s ListTargetsForPolicyInput) String() string {
return awsutil.Prettify(s)
}
// GoString returns the string representation
func (s ListTargetsForPolicyInput) GoString() string {
return s.String()
}
// Validate inspects the fields of the type to determine if they are valid.
func (s *ListTargetsForPolicyInput) Validate() error {
invalidParams := request.ErrInvalidParams{Context: "ListTargetsForPolicyInput"}
if s.MaxResults != nil && *s.MaxResults < 1 {
invalidParams.Add(request.NewErrParamMinValue("MaxResults", 1))
}
if s.PolicyId == nil {
invalidParams.Add(request.NewErrParamRequired("PolicyId"))
}
if invalidParams.Len() > 0 {
return invalidParams
}
return nil
}
// SetMaxResults sets the MaxResults field's value.
func (s *ListTargetsForPolicyInput) SetMaxResults(v int64) *ListTargetsForPolicyInput {
s.MaxResults = &v
return s
}
// SetNextToken sets the NextToken field's value.
func (s *ListTargetsForPolicyInput) SetNextToken(v string) *ListTargetsForPolicyInput {
s.NextToken = &v
return s
}
// SetPolicyId sets the PolicyId field's value.
func (s *ListTargetsForPolicyInput) SetPolicyId(v string) *ListTargetsForPolicyInput {
s.PolicyId = &v
return s
}
type ListTargetsForPolicyOutput struct {
_ struct{} `type:"structure"`
// If present, this value indicates that there is more output available than
// is included in the current response. Use this value in the NextToken request
// parameter in a subsequent call to the operation to get the next part of the
// output. You should repeat this until the NextToken response element comes
// back as null.
NextToken *string `type:"string"`
// A list of structures, each of which contains details about one of the entities
// to which the specified policy is attached.
Targets []*PolicyTargetSummary `type:"list"`
}
// String returns the string representation
func (s ListTargetsForPolicyOutput) String() string {
return awsutil.Prettify(s)
}
// GoString returns the string representation
func (s ListTargetsForPolicyOutput) GoString() string {
return s.String()
}
// SetNextToken sets the NextToken field's value.
func (s *ListTargetsForPolicyOutput) SetNextToken(v string) *ListTargetsForPolicyOutput {
s.NextToken = &v
return s
}
// SetTargets sets the Targets field's value.
func (s *ListTargetsForPolicyOutput) SetTargets(v []*PolicyTargetSummary) *ListTargetsForPolicyOutput {
s.Targets = v
return s
}
type MoveAccountInput struct {
_ struct{} `type:"structure"`
// The unique identifier (ID) of the account that you want to move.
//
// The regex pattern (http://wikipedia.org/wiki/regex) for an account ID string
// requires exactly 12 digits.
//
// AccountId is a required field
AccountId *string `type:"string" required:"true"`
// The unique identifier (ID) of the root or organizational unit that you want
// to move the account to.
//
// The regex pattern (http://wikipedia.org/wiki/regex) for a parent ID string
// requires one of the following:
//
// * Root: a string that begins with "r-" followed by from 4 to 32 lower-case
// letters or digits.
//
// * Organizational unit (OU): a string that begins with "ou-" followed by
// from 4 to 32 lower-case letters or digits (the ID of the root that the
// OU is in) followed by a second "-" dash and from 8 to 32 additional lower-case
// letters or digits.
//
// DestinationParentId is a required field
DestinationParentId *string `type:"string" required:"true"`
// The unique identifier (ID) of the root or organizational unit that you want
// to move the account from.
//
// The regex pattern (http://wikipedia.org/wiki/regex) for a parent ID string
// requires one of the following:
//
// * Root: a string that begins with "r-" followed by from 4 to 32 lower-case
// letters or digits.
//
// * Organizational unit (OU): a string that begins with "ou-" followed by
// from 4 to 32 lower-case letters or digits (the ID of the root that the
// OU is in) followed by a second "-" dash and from 8 to 32 additional lower-case
// letters or digits.
//
// SourceParentId is a required field
SourceParentId *string `type:"string" required:"true"`
}
// String returns the string representation
func (s MoveAccountInput) String() string {
return awsutil.Prettify(s)
}
// GoString returns the string representation
func (s MoveAccountInput) GoString() string {
return s.String()
}
// Validate inspects the fields of the type to determine if they are valid.
func (s *MoveAccountInput) Validate() error {
invalidParams := request.ErrInvalidParams{Context: "MoveAccountInput"}
if s.AccountId == nil {
invalidParams.Add(request.NewErrParamRequired("AccountId"))
}
if s.DestinationParentId == nil {
invalidParams.Add(request.NewErrParamRequired("DestinationParentId"))
}
if s.SourceParentId == nil {
invalidParams.Add(request.NewErrParamRequired("SourceParentId"))
}
if invalidParams.Len() > 0 {
return invalidParams
}
return nil
}
// SetAccountId sets the AccountId field's value.
func (s *MoveAccountInput) SetAccountId(v string) *MoveAccountInput {
s.AccountId = &v
return s
}
// SetDestinationParentId sets the DestinationParentId field's value.
func (s *MoveAccountInput) SetDestinationParentId(v string) *MoveAccountInput {
s.DestinationParentId = &v
return s
}
// SetSourceParentId sets the SourceParentId field's value.
func (s *MoveAccountInput) SetSourceParentId(v string) *MoveAccountInput {
s.SourceParentId = &v
return s
}
type MoveAccountOutput struct {
_ struct{} `type:"structure"`
}
// String returns the string representation
func (s MoveAccountOutput) String() string {
return awsutil.Prettify(s)
}
// GoString returns the string representation
func (s MoveAccountOutput) GoString() string {
return s.String()
}
// Contains details about an organization. An organization is a collection of
// accounts that are centrally managed together using consolidated billing,
// organized hierarchically with organizational units (OUs), and controlled
// with policies .
type Organization struct {
_ struct{} `type:"structure"`
// The Amazon Resource Name (ARN) of an organization.
//
// For more information about ARNs in Organizations, see ARN Formats Supported
// by Organizations (http://docs.aws.amazon.com/organizations/latest/userguide/orgs_permissions.html#orgs-permissions-arns)
// in the AWS Organizations User Guide.
Arn *string `type:"string"`
// A list of policy types that are enabled for this organization. For example,
// if your organization has all features enabled, then service control policies
// (SCPs) are included in the list.
//
// Even if a policy type is shown as available in the organization, you can
// separately enable and disable them at the root level by using EnablePolicyType
// and DisablePolicyType. Use ListRoots to see the status of a policy type in
// that root.
AvailablePolicyTypes []*PolicyTypeSummary `type:"list"`
// Specifies the functionality that currently is available to the organization.
// If set to "ALL", then all features are enabled and policies can be applied
// to accounts in the organization. If set to "CONSOLIDATED_BILLING", then only
// consolidated billing functionality is available. For more information, see
// Enabling All Features in Your Organization (http://docs.aws.amazon.com/IAM/latest/UserGuide/orgs_manage_org_support-all-features.html)
// in the AWS Organizations User Guide.
FeatureSet *string `type:"string" enum:"OrganizationFeatureSet"`
// The unique identifier (ID) of an organization.
//
// The regex pattern (http://wikipedia.org/wiki/regex) for an organization ID
// string requires "o-" followed by from 10 to 32 lower-case letters or digits.
Id *string `type:"string"`
// The Amazon Resource Name (ARN) of the account that is designated as the master
// account for the organization.
//
// For more information about ARNs in Organizations, see ARN Formats Supported
// by Organizations (http://docs.aws.amazon.com/organizations/latest/userguide/orgs_permissions.html#orgs-permissions-arns)
// in the AWS Organizations User Guide.
MasterAccountArn *string `type:"string"`
// The email address that is associated with the AWS account that is designated
// as the master account for the organization.
MasterAccountEmail *string `min:"6" type:"string"`
// The unique identifier (ID) of the master account of an organization.
//
// The regex pattern (http://wikipedia.org/wiki/regex) for an account ID string
// requires exactly 12 digits.
MasterAccountId *string `type:"string"`
}
// String returns the string representation
func (s Organization) String() string {
return awsutil.Prettify(s)
}
// GoString returns the string representation
func (s Organization) GoString() string {
return s.String()
}
// SetArn sets the Arn field's value.
func (s *Organization) SetArn(v string) *Organization {
s.Arn = &v
return s
}
// SetAvailablePolicyTypes sets the AvailablePolicyTypes field's value.
func (s *Organization) SetAvailablePolicyTypes(v []*PolicyTypeSummary) *Organization {
s.AvailablePolicyTypes = v
return s
}
// SetFeatureSet sets the FeatureSet field's value.
func (s *Organization) SetFeatureSet(v string) *Organization {
s.FeatureSet = &v
return s
}
// SetId sets the Id field's value.
func (s *Organization) SetId(v string) *Organization {
s.Id = &v
return s
}
// SetMasterAccountArn sets the MasterAccountArn field's value.
func (s *Organization) SetMasterAccountArn(v string) *Organization {
s.MasterAccountArn = &v
return s
}
// SetMasterAccountEmail sets the MasterAccountEmail field's value.
func (s *Organization) SetMasterAccountEmail(v string) *Organization {
s.MasterAccountEmail = &v
return s
}
// SetMasterAccountId sets the MasterAccountId field's value.
func (s *Organization) SetMasterAccountId(v string) *Organization {
s.MasterAccountId = &v
return s
}
// Contains details about an organizational unit (OU). An OU is a container
// of AWS accounts within a root of an organization. Policies that are attached
// to an OU apply to all accounts contained in that OU and in any child OUs.
type OrganizationalUnit struct {
_ struct{} `type:"structure"`
// The Amazon Resource Name (ARN) of this OU.
//
// For more information about ARNs in Organizations, see ARN Formats Supported
// by Organizations (http://docs.aws.amazon.com/organizations/latest/userguide/orgs_permissions.html#orgs-permissions-arns)
// in the AWS Organizations User Guide.
Arn *string `type:"string"`
// The unique identifier (ID) associated with this OU.
//
// The regex pattern (http://wikipedia.org/wiki/regex) for an organizational
// unit ID string requires "ou-" followed by from 4 to 32 lower-case letters
// or digits (the ID of the root that contains the OU) followed by a second
// "-" dash and from 8 to 32 additional lower-case letters or digits.
Id *string `type:"string"`
// The friendly name of this OU.
//
// The regex pattern (http://wikipedia.org/wiki/regex) that is used to validate
// this parameter is a string of any of the characters in the ASCII character
// range.
Name *string `min:"1" type:"string"`
}
// String returns the string representation
func (s OrganizationalUnit) String() string {
return awsutil.Prettify(s)
}
// GoString returns the string representation
func (s OrganizationalUnit) GoString() string {
return s.String()
}
// SetArn sets the Arn field's value.
func (s *OrganizationalUnit) SetArn(v string) *OrganizationalUnit {
s.Arn = &v
return s
}
// SetId sets the Id field's value.
func (s *OrganizationalUnit) SetId(v string) *OrganizationalUnit {
s.Id = &v
return s
}
// SetName sets the Name field's value.
func (s *OrganizationalUnit) SetName(v string) *OrganizationalUnit {
s.Name = &v
return s
}
// Contains information about either a root or an organizational unit (OU) that
// can contain OUs or accounts in an organization.
type Parent struct {
_ struct{} `type:"structure"`
// The unique identifier (ID) of the parent entity.
//
// The regex pattern (http://wikipedia.org/wiki/regex) for a parent ID string
// requires one of the following:
//
// * Root: a string that begins with "r-" followed by from 4 to 32 lower-case
// letters or digits.
//
// * Organizational unit (OU): a string that begins with "ou-" followed by
// from 4 to 32 lower-case letters or digits (the ID of the root that the
// OU is in) followed by a second "-" dash and from 8 to 32 additional lower-case
// letters or digits.
Id *string `type:"string"`
// The type of the parent entity.
Type *string `type:"string" enum:"ParentType"`
}
// String returns the string representation
func (s Parent) String() string {
return awsutil.Prettify(s)
}
// GoString returns the string representation
func (s Parent) GoString() string {
return s.String()
}
// SetId sets the Id field's value.
func (s *Parent) SetId(v string) *Parent {
s.Id = &v
return s
}
// SetType sets the Type field's value.
func (s *Parent) SetType(v string) *Parent {
s.Type = &v
return s
}
// Contains rules to be applied to the affected accounts. Policies can be attached
// directly to accounts, or to roots and OUs to affect all accounts in those
// hierarchies.
type Policy struct {
_ struct{} `type:"structure"`
// The text content of the policy.
Content *string `min:"1" type:"string"`
// A structure that contains additional details about the policy.
PolicySummary *PolicySummary `type:"structure"`
}
// String returns the string representation
func (s Policy) String() string {
return awsutil.Prettify(s)
}
// GoString returns the string representation
func (s Policy) GoString() string {
return s.String()
}
// SetContent sets the Content field's value.
func (s *Policy) SetContent(v string) *Policy {
s.Content = &v
return s
}
// SetPolicySummary sets the PolicySummary field's value.
func (s *Policy) SetPolicySummary(v *PolicySummary) *Policy {
s.PolicySummary = v
return s
}
// Contains information about a policy, but does not include the content. To
// see the content of a policy, see DescribePolicy.
type PolicySummary struct {
_ struct{} `type:"structure"`
// The Amazon Resource Name (ARN) of the policy.
//
// For more information about ARNs in Organizations, see ARN Formats Supported
// by Organizations (http://docs.aws.amazon.com/organizations/latest/userguide/orgs_permissions.html#orgs-permissions-arns)
// in the AWS Organizations User Guide.
Arn *string `type:"string"`
// A boolean value that indicates whether the specified policy is an AWS managed
// policy. If true, then you can attach the policy to roots, OUs, or accounts,
// but you cannot edit it.
AwsManaged *bool `type:"boolean"`
// The description of the policy.
Description *string `type:"string"`
// The unique identifier (ID) of the policy.
//
// The regex pattern (http://wikipedia.org/wiki/regex) for a policy ID string
// requires "p-" followed by from 8 to 128 lower-case letters or digits.
Id *string `type:"string"`
// The friendly name of the policy.
//
// The regex pattern (http://wikipedia.org/wiki/regex) that is used to validate
// this parameter is a string of any of the characters in the ASCII character
// range.
Name *string `min:"1" type:"string"`
// The type of policy.
Type *string `type:"string" enum:"PolicyType"`
}
// String returns the string representation
func (s PolicySummary) String() string {
return awsutil.Prettify(s)
}
// GoString returns the string representation
func (s PolicySummary) GoString() string {
return s.String()
}
// SetArn sets the Arn field's value.
func (s *PolicySummary) SetArn(v string) *PolicySummary {
s.Arn = &v
return s
}
// SetAwsManaged sets the AwsManaged field's value.
func (s *PolicySummary) SetAwsManaged(v bool) *PolicySummary {
s.AwsManaged = &v
return s
}
// SetDescription sets the Description field's value.
func (s *PolicySummary) SetDescription(v string) *PolicySummary {
s.Description = &v
return s
}
// SetId sets the Id field's value.
func (s *PolicySummary) SetId(v string) *PolicySummary {
s.Id = &v
return s
}
// SetName sets the Name field's value.
func (s *PolicySummary) SetName(v string) *PolicySummary {
s.Name = &v
return s
}
// SetType sets the Type field's value.
func (s *PolicySummary) SetType(v string) *PolicySummary {
s.Type = &v
return s
}
// Contains information about a root, OU, or account that a policy is attached
// to.
type PolicyTargetSummary struct {
_ struct{} `type:"structure"`
// The Amazon Resource Name (ARN) of the policy target.
//
// For more information about ARNs in Organizations, see ARN Formats Supported
// by Organizations (http://docs.aws.amazon.com/organizations/latest/userguide/orgs_permissions.html#orgs-permissions-arns)
// in the AWS Organizations User Guide.
Arn *string `type:"string"`
// The friendly name of the policy target.
//
// The regex pattern (http://wikipedia.org/wiki/regex) that is used to validate
// this parameter is a string of any of the characters in the ASCII character
// range.
Name *string `min:"1" type:"string"`
// The unique identifier (ID) of the policy target.
//
// The regex pattern (http://wikipedia.org/wiki/regex) for a target ID string
// requires one of the following:
//
// * Root: a string that begins with "r-" followed by from 4 to 32 lower-case
// letters or digits.
//
// * Account: a string that consists of exactly 12 digits.
//
// * Organizational unit (OU): a string that begins with "ou-" followed by
// from 4 to 32 lower-case letters or digits (the ID of the root that the
// OU is in) followed by a second "-" dash and from 8 to 32 additional lower-case
// letters or digits.
TargetId *string `type:"string"`
// The type of the policy target.
Type *string `type:"string" enum:"TargetType"`
}
// String returns the string representation
func (s PolicyTargetSummary) String() string {
return awsutil.Prettify(s)
}
// GoString returns the string representation
func (s PolicyTargetSummary) GoString() string {
return s.String()
}
// SetArn sets the Arn field's value.
func (s *PolicyTargetSummary) SetArn(v string) *PolicyTargetSummary {
s.Arn = &v
return s
}
// SetName sets the Name field's value.
func (s *PolicyTargetSummary) SetName(v string) *PolicyTargetSummary {
s.Name = &v
return s
}
// SetTargetId sets the TargetId field's value.
func (s *PolicyTargetSummary) SetTargetId(v string) *PolicyTargetSummary {
s.TargetId = &v
return s
}
// SetType sets the Type field's value.
func (s *PolicyTargetSummary) SetType(v string) *PolicyTargetSummary {
s.Type = &v
return s
}
// Contains information about a policy type and its status in the associated
// root.
type PolicyTypeSummary struct {
_ struct{} `type:"structure"`
// The status of the policy type as it relates to the associated root. To attach
// a policy of the specified type to a root or to an OU or account in that root,
// it must be available in the organization and enabled for that root.
Status *string `type:"string" enum:"PolicyTypeStatus"`
// The name of the policy type.
Type *string `type:"string" enum:"PolicyType"`
}
// String returns the string representation
func (s PolicyTypeSummary) String() string {
return awsutil.Prettify(s)
}
// GoString returns the string representation
func (s PolicyTypeSummary) GoString() string {
return s.String()
}
// SetStatus sets the Status field's value.
func (s *PolicyTypeSummary) SetStatus(v string) *PolicyTypeSummary {
s.Status = &v
return s
}
// SetType sets the Type field's value.
func (s *PolicyTypeSummary) SetType(v string) *PolicyTypeSummary {
s.Type = &v
return s
}
type RemoveAccountFromOrganizationInput struct {
_ struct{} `type:"structure"`
// The unique identifier (ID) of the member account that you want to remove
// from the organization.
//
// The regex pattern (http://wikipedia.org/wiki/regex) for an account ID string
// requires exactly 12 digits.
//
// AccountId is a required field
AccountId *string `type:"string" required:"true"`
}
// String returns the string representation
func (s RemoveAccountFromOrganizationInput) String() string {
return awsutil.Prettify(s)
}
// GoString returns the string representation
func (s RemoveAccountFromOrganizationInput) GoString() string {
return s.String()
}
// Validate inspects the fields of the type to determine if they are valid.
func (s *RemoveAccountFromOrganizationInput) Validate() error {
invalidParams := request.ErrInvalidParams{Context: "RemoveAccountFromOrganizationInput"}
if s.AccountId == nil {
invalidParams.Add(request.NewErrParamRequired("AccountId"))
}
if invalidParams.Len() > 0 {
return invalidParams
}
return nil
}
// SetAccountId sets the AccountId field's value.
func (s *RemoveAccountFromOrganizationInput) SetAccountId(v string) *RemoveAccountFromOrganizationInput {
s.AccountId = &v
return s
}
type RemoveAccountFromOrganizationOutput struct {
_ struct{} `type:"structure"`
}
// String returns the string representation
func (s RemoveAccountFromOrganizationOutput) String() string {
return awsutil.Prettify(s)
}
// GoString returns the string representation
func (s RemoveAccountFromOrganizationOutput) GoString() string {
return s.String()
}
// Contains details about a root. A root is a top-level parent node in the hierarchy
// of an organization that can contain organizational units (OUs) and accounts.
// Every root contains every AWS account in the organization. Each root enables
// the accounts to be organized in a different way and to have different policy
// types enabled for use in that root.
type Root struct {
_ struct{} `type:"structure"`
// The Amazon Resource Name (ARN) of the root.
//
// For more information about ARNs in Organizations, see ARN Formats Supported
// by Organizations (http://docs.aws.amazon.com/organizations/latest/userguide/orgs_permissions.html#orgs-permissions-arns)
// in the AWS Organizations User Guide.
Arn *string `type:"string"`
// The unique identifier (ID) for the root.
//
// The regex pattern (http://wikipedia.org/wiki/regex) for a root ID string
// requires "r-" followed by from 4 to 32 lower-case letters or digits.
Id *string `type:"string"`
// The friendly name of the root.
//
// The regex pattern (http://wikipedia.org/wiki/regex) that is used to validate
// this parameter is a string of any of the characters in the ASCII character
// range.
Name *string `min:"1" type:"string"`
// The types of policies that are currently enabled for the root and therefore
// can be attached to the root or to its OUs or accounts.
//
// Even if a policy type is shown as available in the organization, you can
// separately enable and disable them at the root level by using EnablePolicyType
// and DisablePolicyType. Use DescribeOrganization to see the availability of
// the policy types in that organization.
PolicyTypes []*PolicyTypeSummary `type:"list"`
}
// String returns the string representation
func (s Root) String() string {
return awsutil.Prettify(s)
}
// GoString returns the string representation
func (s Root) GoString() string {
return s.String()
}
// SetArn sets the Arn field's value.
func (s *Root) SetArn(v string) *Root {
s.Arn = &v
return s
}
// SetId sets the Id field's value.
func (s *Root) SetId(v string) *Root {
s.Id = &v
return s
}
// SetName sets the Name field's value.
func (s *Root) SetName(v string) *Root {
s.Name = &v
return s
}
// SetPolicyTypes sets the PolicyTypes field's value.
func (s *Root) SetPolicyTypes(v []*PolicyTypeSummary) *Root {
s.PolicyTypes = v
return s
}
type UpdateOrganizationalUnitInput struct {
_ struct{} `type:"structure"`
// The new name that you want to assign to the OU.
//
// The regex pattern (http://wikipedia.org/wiki/regex) that is used to validate
// this parameter is a string of any of the characters in the ASCII character
// range.
Name *string `min:"1" type:"string"`
// The unique identifier (ID) of the OU that you want to rename. You can get
// the ID from the ListOrganizationalUnitsForParent operation.
//
// The regex pattern (http://wikipedia.org/wiki/regex) for an organizational
// unit ID string requires "ou-" followed by from 4 to 32 lower-case letters
// or digits (the ID of the root that contains the OU) followed by a second
// "-" dash and from 8 to 32 additional lower-case letters or digits.
//
// OrganizationalUnitId is a required field
OrganizationalUnitId *string `type:"string" required:"true"`
}
// String returns the string representation
func (s UpdateOrganizationalUnitInput) String() string {
return awsutil.Prettify(s)
}
// GoString returns the string representation
func (s UpdateOrganizationalUnitInput) GoString() string {
return s.String()
}
// Validate inspects the fields of the type to determine if they are valid.
func (s *UpdateOrganizationalUnitInput) Validate() error {
invalidParams := request.ErrInvalidParams{Context: "UpdateOrganizationalUnitInput"}
if s.Name != nil && len(*s.Name) < 1 {
invalidParams.Add(request.NewErrParamMinLen("Name", 1))
}
if s.OrganizationalUnitId == nil {
invalidParams.Add(request.NewErrParamRequired("OrganizationalUnitId"))
}
if invalidParams.Len() > 0 {
return invalidParams
}
return nil
}
// SetName sets the Name field's value.
func (s *UpdateOrganizationalUnitInput) SetName(v string) *UpdateOrganizationalUnitInput {
s.Name = &v
return s
}
// SetOrganizationalUnitId sets the OrganizationalUnitId field's value.
func (s *UpdateOrganizationalUnitInput) SetOrganizationalUnitId(v string) *UpdateOrganizationalUnitInput {
s.OrganizationalUnitId = &v
return s
}
type UpdateOrganizationalUnitOutput struct {
_ struct{} `type:"structure"`
// A structure that contains the details about the specified OU, including its
// new name.
OrganizationalUnit *OrganizationalUnit `type:"structure"`
}
// String returns the string representation
func (s UpdateOrganizationalUnitOutput) String() string {
return awsutil.Prettify(s)
}
// GoString returns the string representation
func (s UpdateOrganizationalUnitOutput) GoString() string {
return s.String()
}
// SetOrganizationalUnit sets the OrganizationalUnit field's value.
func (s *UpdateOrganizationalUnitOutput) SetOrganizationalUnit(v *OrganizationalUnit) *UpdateOrganizationalUnitOutput {
s.OrganizationalUnit = v
return s
}
type UpdatePolicyInput struct {
_ struct{} `type:"structure"`
// If provided, the new content for the policy. The text must be correctly formatted
// JSON that complies with the syntax for the policy's type. For more information,
// see Service Control Policy Syntax (http://docs.aws.amazon.com/organizations/latest/userguide/orgs_reference_scp-syntax.html)
// in the AWS Organizations User Guide.
Content *string `min:"1" type:"string"`
// If provided, the new description for the policy.
Description *string `type:"string"`
// If provided, the new name for the policy.
//
// The regex pattern (http://wikipedia.org/wiki/regex) that is used to validate
// this parameter is a string of any of the characters in the ASCII character
// range.
Name *string `min:"1" type:"string"`
// The unique identifier (ID) of the policy that you want to update.
//
// The regex pattern (http://wikipedia.org/wiki/regex) for a policy ID string
// requires "p-" followed by from 8 to 128 lower-case letters or digits.
//
// PolicyId is a required field
PolicyId *string `type:"string" required:"true"`
}
// String returns the string representation
func (s UpdatePolicyInput) String() string {
return awsutil.Prettify(s)
}
// GoString returns the string representation
func (s UpdatePolicyInput) GoString() string {
return s.String()
}
// Validate inspects the fields of the type to determine if they are valid.
func (s *UpdatePolicyInput) Validate() error {
invalidParams := request.ErrInvalidParams{Context: "UpdatePolicyInput"}
if s.Content != nil && len(*s.Content) < 1 {
invalidParams.Add(request.NewErrParamMinLen("Content", 1))
}
if s.Name != nil && len(*s.Name) < 1 {
invalidParams.Add(request.NewErrParamMinLen("Name", 1))
}
if s.PolicyId == nil {
invalidParams.Add(request.NewErrParamRequired("PolicyId"))
}
if invalidParams.Len() > 0 {
return invalidParams
}
return nil
}
// SetContent sets the Content field's value.
func (s *UpdatePolicyInput) SetContent(v string) *UpdatePolicyInput {
s.Content = &v
return s
}
// SetDescription sets the Description field's value.
func (s *UpdatePolicyInput) SetDescription(v string) *UpdatePolicyInput {
s.Description = &v
return s
}
// SetName sets the Name field's value.
func (s *UpdatePolicyInput) SetName(v string) *UpdatePolicyInput {
s.Name = &v
return s
}
// SetPolicyId sets the PolicyId field's value.
func (s *UpdatePolicyInput) SetPolicyId(v string) *UpdatePolicyInput {
s.PolicyId = &v
return s
}
type UpdatePolicyOutput struct {
_ struct{} `type:"structure"`
// A structure that contains details about the updated policy, showing the requested
// changes.
Policy *Policy `type:"structure"`
}
// String returns the string representation
func (s UpdatePolicyOutput) String() string {
return awsutil.Prettify(s)
}
// GoString returns the string representation
func (s UpdatePolicyOutput) GoString() string {
return s.String()
}
// SetPolicy sets the Policy field's value.
func (s *UpdatePolicyOutput) SetPolicy(v *Policy) *UpdatePolicyOutput {
s.Policy = v
return s
}
const (
// AccessDeniedForDependencyExceptionReasonAccessDeniedDuringCreateServiceLinkedRole is a AccessDeniedForDependencyExceptionReason enum value
AccessDeniedForDependencyExceptionReasonAccessDeniedDuringCreateServiceLinkedRole = "ACCESS_DENIED_DURING_CREATE_SERVICE_LINKED_ROLE"
)
const (
// AccountJoinedMethodInvited is a AccountJoinedMethod enum value
AccountJoinedMethodInvited = "INVITED"
// AccountJoinedMethodCreated is a AccountJoinedMethod enum value
AccountJoinedMethodCreated = "CREATED"
)
const (
// AccountStatusActive is a AccountStatus enum value
AccountStatusActive = "ACTIVE"
// AccountStatusSuspended is a AccountStatus enum value
AccountStatusSuspended = "SUSPENDED"
)
const (
// ActionTypeInvite is a ActionType enum value
ActionTypeInvite = "INVITE"
// ActionTypeEnableAllFeatures is a ActionType enum value
ActionTypeEnableAllFeatures = "ENABLE_ALL_FEATURES"
// ActionTypeApproveAllFeatures is a ActionType enum value
ActionTypeApproveAllFeatures = "APPROVE_ALL_FEATURES"
// ActionTypeAddOrganizationsServiceLinkedRole is a ActionType enum value
ActionTypeAddOrganizationsServiceLinkedRole = "ADD_ORGANIZATIONS_SERVICE_LINKED_ROLE"
)
const (
// ChildTypeAccount is a ChildType enum value
ChildTypeAccount = "ACCOUNT"
// ChildTypeOrganizationalUnit is a ChildType enum value
ChildTypeOrganizationalUnit = "ORGANIZATIONAL_UNIT"
)
const (
// ConstraintViolationExceptionReasonAccountNumberLimitExceeded is a ConstraintViolationExceptionReason enum value
ConstraintViolationExceptionReasonAccountNumberLimitExceeded = "ACCOUNT_NUMBER_LIMIT_EXCEEDED"
// ConstraintViolationExceptionReasonHandshakeRateLimitExceeded is a ConstraintViolationExceptionReason enum value
ConstraintViolationExceptionReasonHandshakeRateLimitExceeded = "HANDSHAKE_RATE_LIMIT_EXCEEDED"
// ConstraintViolationExceptionReasonOuNumberLimitExceeded is a ConstraintViolationExceptionReason enum value
ConstraintViolationExceptionReasonOuNumberLimitExceeded = "OU_NUMBER_LIMIT_EXCEEDED"
// ConstraintViolationExceptionReasonOuDepthLimitExceeded is a ConstraintViolationExceptionReason enum value
ConstraintViolationExceptionReasonOuDepthLimitExceeded = "OU_DEPTH_LIMIT_EXCEEDED"
// ConstraintViolationExceptionReasonPolicyNumberLimitExceeded is a ConstraintViolationExceptionReason enum value
ConstraintViolationExceptionReasonPolicyNumberLimitExceeded = "POLICY_NUMBER_LIMIT_EXCEEDED"
// ConstraintViolationExceptionReasonMaxPolicyTypeAttachmentLimitExceeded is a ConstraintViolationExceptionReason enum value
ConstraintViolationExceptionReasonMaxPolicyTypeAttachmentLimitExceeded = "MAX_POLICY_TYPE_ATTACHMENT_LIMIT_EXCEEDED"
// ConstraintViolationExceptionReasonMinPolicyTypeAttachmentLimitExceeded is a ConstraintViolationExceptionReason enum value
ConstraintViolationExceptionReasonMinPolicyTypeAttachmentLimitExceeded = "MIN_POLICY_TYPE_ATTACHMENT_LIMIT_EXCEEDED"
// ConstraintViolationExceptionReasonAccountCannotLeaveOrganization is a ConstraintViolationExceptionReason enum value
ConstraintViolationExceptionReasonAccountCannotLeaveOrganization = "ACCOUNT_CANNOT_LEAVE_ORGANIZATION"
// ConstraintViolationExceptionReasonAccountCannotLeaveWithoutEula is a ConstraintViolationExceptionReason enum value
ConstraintViolationExceptionReasonAccountCannotLeaveWithoutEula = "ACCOUNT_CANNOT_LEAVE_WITHOUT_EULA"
// ConstraintViolationExceptionReasonAccountCannotLeaveWithoutPhoneVerification is a ConstraintViolationExceptionReason enum value
ConstraintViolationExceptionReasonAccountCannotLeaveWithoutPhoneVerification = "ACCOUNT_CANNOT_LEAVE_WITHOUT_PHONE_VERIFICATION"
// ConstraintViolationExceptionReasonMasterAccountPaymentInstrumentRequired is a ConstraintViolationExceptionReason enum value
ConstraintViolationExceptionReasonMasterAccountPaymentInstrumentRequired = "MASTER_ACCOUNT_PAYMENT_INSTRUMENT_REQUIRED"
// ConstraintViolationExceptionReasonMemberAccountPaymentInstrumentRequired is a ConstraintViolationExceptionReason enum value
ConstraintViolationExceptionReasonMemberAccountPaymentInstrumentRequired = "MEMBER_ACCOUNT_PAYMENT_INSTRUMENT_REQUIRED"
// ConstraintViolationExceptionReasonAccountCreationRateLimitExceeded is a ConstraintViolationExceptionReason enum value
ConstraintViolationExceptionReasonAccountCreationRateLimitExceeded = "ACCOUNT_CREATION_RATE_LIMIT_EXCEEDED"
// ConstraintViolationExceptionReasonMasterAccountAddressDoesNotMatchMarketplace is a ConstraintViolationExceptionReason enum value
ConstraintViolationExceptionReasonMasterAccountAddressDoesNotMatchMarketplace = "MASTER_ACCOUNT_ADDRESS_DOES_NOT_MATCH_MARKETPLACE"
// ConstraintViolationExceptionReasonMasterAccountMissingContactInfo is a ConstraintViolationExceptionReason enum value
ConstraintViolationExceptionReasonMasterAccountMissingContactInfo = "MASTER_ACCOUNT_MISSING_CONTACT_INFO"
// ConstraintViolationExceptionReasonOrganizationNotInAllFeaturesMode is a ConstraintViolationExceptionReason enum value
ConstraintViolationExceptionReasonOrganizationNotInAllFeaturesMode = "ORGANIZATION_NOT_IN_ALL_FEATURES_MODE"
)
const (
// CreateAccountFailureReasonAccountLimitExceeded is a CreateAccountFailureReason enum value
CreateAccountFailureReasonAccountLimitExceeded = "ACCOUNT_LIMIT_EXCEEDED"
// CreateAccountFailureReasonEmailAlreadyExists is a CreateAccountFailureReason enum value
CreateAccountFailureReasonEmailAlreadyExists = "EMAIL_ALREADY_EXISTS"
// CreateAccountFailureReasonInvalidAddress is a CreateAccountFailureReason enum value
CreateAccountFailureReasonInvalidAddress = "INVALID_ADDRESS"
// CreateAccountFailureReasonInvalidEmail is a CreateAccountFailureReason enum value
CreateAccountFailureReasonInvalidEmail = "INVALID_EMAIL"
// CreateAccountFailureReasonConcurrentAccountModification is a CreateAccountFailureReason enum value
CreateAccountFailureReasonConcurrentAccountModification = "CONCURRENT_ACCOUNT_MODIFICATION"
// CreateAccountFailureReasonInternalFailure is a CreateAccountFailureReason enum value
CreateAccountFailureReasonInternalFailure = "INTERNAL_FAILURE"
)
const (
// CreateAccountStateInProgress is a CreateAccountState enum value
CreateAccountStateInProgress = "IN_PROGRESS"
// CreateAccountStateSucceeded is a CreateAccountState enum value
CreateAccountStateSucceeded = "SUCCEEDED"
// CreateAccountStateFailed is a CreateAccountState enum value
CreateAccountStateFailed = "FAILED"
)
const (
// HandshakeConstraintViolationExceptionReasonAccountNumberLimitExceeded is a HandshakeConstraintViolationExceptionReason enum value
HandshakeConstraintViolationExceptionReasonAccountNumberLimitExceeded = "ACCOUNT_NUMBER_LIMIT_EXCEEDED"
// HandshakeConstraintViolationExceptionReasonHandshakeRateLimitExceeded is a HandshakeConstraintViolationExceptionReason enum value
HandshakeConstraintViolationExceptionReasonHandshakeRateLimitExceeded = "HANDSHAKE_RATE_LIMIT_EXCEEDED"
// HandshakeConstraintViolationExceptionReasonAlreadyInAnOrganization is a HandshakeConstraintViolationExceptionReason enum value
HandshakeConstraintViolationExceptionReasonAlreadyInAnOrganization = "ALREADY_IN_AN_ORGANIZATION"
// HandshakeConstraintViolationExceptionReasonOrganizationAlreadyHasAllFeatures is a HandshakeConstraintViolationExceptionReason enum value
HandshakeConstraintViolationExceptionReasonOrganizationAlreadyHasAllFeatures = "ORGANIZATION_ALREADY_HAS_ALL_FEATURES"
// HandshakeConstraintViolationExceptionReasonInviteDisabledDuringEnableAllFeatures is a HandshakeConstraintViolationExceptionReason enum value
HandshakeConstraintViolationExceptionReasonInviteDisabledDuringEnableAllFeatures = "INVITE_DISABLED_DURING_ENABLE_ALL_FEATURES"
// HandshakeConstraintViolationExceptionReasonPaymentInstrumentRequired is a HandshakeConstraintViolationExceptionReason enum value
HandshakeConstraintViolationExceptionReasonPaymentInstrumentRequired = "PAYMENT_INSTRUMENT_REQUIRED"
// HandshakeConstraintViolationExceptionReasonOrganizationFromDifferentSellerOfRecord is a HandshakeConstraintViolationExceptionReason enum value
HandshakeConstraintViolationExceptionReasonOrganizationFromDifferentSellerOfRecord = "ORGANIZATION_FROM_DIFFERENT_SELLER_OF_RECORD"
// HandshakeConstraintViolationExceptionReasonOrganizationMembershipChangeRateLimitExceeded is a HandshakeConstraintViolationExceptionReason enum value
HandshakeConstraintViolationExceptionReasonOrganizationMembershipChangeRateLimitExceeded = "ORGANIZATION_MEMBERSHIP_CHANGE_RATE_LIMIT_EXCEEDED"
)
const (
// HandshakePartyTypeAccount is a HandshakePartyType enum value
HandshakePartyTypeAccount = "ACCOUNT"
// HandshakePartyTypeOrganization is a HandshakePartyType enum value
HandshakePartyTypeOrganization = "ORGANIZATION"
// HandshakePartyTypeEmail is a HandshakePartyType enum value
HandshakePartyTypeEmail = "EMAIL"
)
const (
// HandshakeResourceTypeAccount is a HandshakeResourceType enum value
HandshakeResourceTypeAccount = "ACCOUNT"
// HandshakeResourceTypeOrganization is a HandshakeResourceType enum value
HandshakeResourceTypeOrganization = "ORGANIZATION"
// HandshakeResourceTypeOrganizationFeatureSet is a HandshakeResourceType enum value
HandshakeResourceTypeOrganizationFeatureSet = "ORGANIZATION_FEATURE_SET"
// HandshakeResourceTypeEmail is a HandshakeResourceType enum value
HandshakeResourceTypeEmail = "EMAIL"
// HandshakeResourceTypeMasterEmail is a HandshakeResourceType enum value
HandshakeResourceTypeMasterEmail = "MASTER_EMAIL"
// HandshakeResourceTypeMasterName is a HandshakeResourceType enum value
HandshakeResourceTypeMasterName = "MASTER_NAME"
// HandshakeResourceTypeNotes is a HandshakeResourceType enum value
HandshakeResourceTypeNotes = "NOTES"
// HandshakeResourceTypeParentHandshake is a HandshakeResourceType enum value
HandshakeResourceTypeParentHandshake = "PARENT_HANDSHAKE"
)
const (
// HandshakeStateRequested is a HandshakeState enum value
HandshakeStateRequested = "REQUESTED"
// HandshakeStateOpen is a HandshakeState enum value
HandshakeStateOpen = "OPEN"
// HandshakeStateCanceled is a HandshakeState enum value
HandshakeStateCanceled = "CANCELED"
// HandshakeStateAccepted is a HandshakeState enum value
HandshakeStateAccepted = "ACCEPTED"
// HandshakeStateDeclined is a HandshakeState enum value
HandshakeStateDeclined = "DECLINED"
// HandshakeStateExpired is a HandshakeState enum value
HandshakeStateExpired = "EXPIRED"
)
const (
// IAMUserAccessToBillingAllow is a IAMUserAccessToBilling enum value
IAMUserAccessToBillingAllow = "ALLOW"
// IAMUserAccessToBillingDeny is a IAMUserAccessToBilling enum value
IAMUserAccessToBillingDeny = "DENY"
)
const (
// InvalidInputExceptionReasonInvalidPartyTypeTarget is a InvalidInputExceptionReason enum value
InvalidInputExceptionReasonInvalidPartyTypeTarget = "INVALID_PARTY_TYPE_TARGET"
// InvalidInputExceptionReasonInvalidSyntaxOrganizationArn is a InvalidInputExceptionReason enum value
InvalidInputExceptionReasonInvalidSyntaxOrganizationArn = "INVALID_SYNTAX_ORGANIZATION_ARN"
// InvalidInputExceptionReasonInvalidSyntaxPolicyId is a InvalidInputExceptionReason enum value
InvalidInputExceptionReasonInvalidSyntaxPolicyId = "INVALID_SYNTAX_POLICY_ID"
// InvalidInputExceptionReasonInvalidEnum is a InvalidInputExceptionReason enum value
InvalidInputExceptionReasonInvalidEnum = "INVALID_ENUM"
// InvalidInputExceptionReasonInvalidListMember is a InvalidInputExceptionReason enum value
InvalidInputExceptionReasonInvalidListMember = "INVALID_LIST_MEMBER"
// InvalidInputExceptionReasonMaxLengthExceeded is a InvalidInputExceptionReason enum value
InvalidInputExceptionReasonMaxLengthExceeded = "MAX_LENGTH_EXCEEDED"
// InvalidInputExceptionReasonMaxValueExceeded is a InvalidInputExceptionReason enum value
InvalidInputExceptionReasonMaxValueExceeded = "MAX_VALUE_EXCEEDED"
// InvalidInputExceptionReasonMinLengthExceeded is a InvalidInputExceptionReason enum value
InvalidInputExceptionReasonMinLengthExceeded = "MIN_LENGTH_EXCEEDED"
// InvalidInputExceptionReasonMinValueExceeded is a InvalidInputExceptionReason enum value
InvalidInputExceptionReasonMinValueExceeded = "MIN_VALUE_EXCEEDED"
// InvalidInputExceptionReasonImmutablePolicy is a InvalidInputExceptionReason enum value
InvalidInputExceptionReasonImmutablePolicy = "IMMUTABLE_POLICY"
// InvalidInputExceptionReasonInvalidPattern is a InvalidInputExceptionReason enum value
InvalidInputExceptionReasonInvalidPattern = "INVALID_PATTERN"
// InvalidInputExceptionReasonInvalidPatternTargetId is a InvalidInputExceptionReason enum value
InvalidInputExceptionReasonInvalidPatternTargetId = "INVALID_PATTERN_TARGET_ID"
// InvalidInputExceptionReasonInputRequired is a InvalidInputExceptionReason enum value
InvalidInputExceptionReasonInputRequired = "INPUT_REQUIRED"
// InvalidInputExceptionReasonInvalidNextToken is a InvalidInputExceptionReason enum value
InvalidInputExceptionReasonInvalidNextToken = "INVALID_NEXT_TOKEN"
// InvalidInputExceptionReasonMaxLimitExceededFilter is a InvalidInputExceptionReason enum value
InvalidInputExceptionReasonMaxLimitExceededFilter = "MAX_LIMIT_EXCEEDED_FILTER"
// InvalidInputExceptionReasonMovingAccountBetweenDifferentRoots is a InvalidInputExceptionReason enum value
InvalidInputExceptionReasonMovingAccountBetweenDifferentRoots = "MOVING_ACCOUNT_BETWEEN_DIFFERENT_ROOTS"
// InvalidInputExceptionReasonInvalidFullNameTarget is a InvalidInputExceptionReason enum value
InvalidInputExceptionReasonInvalidFullNameTarget = "INVALID_FULL_NAME_TARGET"
// InvalidInputExceptionReasonUnrecognizedServicePrincipal is a InvalidInputExceptionReason enum value
InvalidInputExceptionReasonUnrecognizedServicePrincipal = "UNRECOGNIZED_SERVICE_PRINCIPAL"
// InvalidInputExceptionReasonInvalidRoleName is a InvalidInputExceptionReason enum value
InvalidInputExceptionReasonInvalidRoleName = "INVALID_ROLE_NAME"
)
const (
// OrganizationFeatureSetAll is a OrganizationFeatureSet enum value
OrganizationFeatureSetAll = "ALL"
// OrganizationFeatureSetConsolidatedBilling is a OrganizationFeatureSet enum value
OrganizationFeatureSetConsolidatedBilling = "CONSOLIDATED_BILLING"
)
const (
// ParentTypeRoot is a ParentType enum value
ParentTypeRoot = "ROOT"
// ParentTypeOrganizationalUnit is a ParentType enum value
ParentTypeOrganizationalUnit = "ORGANIZATIONAL_UNIT"
)
const (
// PolicyTypeServiceControlPolicy is a PolicyType enum value
PolicyTypeServiceControlPolicy = "SERVICE_CONTROL_POLICY"
)
const (
// PolicyTypeStatusEnabled is a PolicyTypeStatus enum value
PolicyTypeStatusEnabled = "ENABLED"
// PolicyTypeStatusPendingEnable is a PolicyTypeStatus enum value
PolicyTypeStatusPendingEnable = "PENDING_ENABLE"
// PolicyTypeStatusPendingDisable is a PolicyTypeStatus enum value
PolicyTypeStatusPendingDisable = "PENDING_DISABLE"
)
const (
// TargetTypeAccount is a TargetType enum value
TargetTypeAccount = "ACCOUNT"
// TargetTypeOrganizationalUnit is a TargetType enum value
TargetTypeOrganizationalUnit = "ORGANIZATIONAL_UNIT"
// TargetTypeRoot is a TargetType enum value
TargetTypeRoot = "ROOT"
)