6427029c4e
* Update all dependencies * Remove all `[[constraint]]` from Gopkg.toml * Add in the minimum number of `[[override]]` to build * Remove go get of github.com/inconshreveable/mousetrap as it is vendored * Update docs with new policy on constraints
14217 lines
579 KiB
Go
14217 lines
579 KiB
Go
// Code generated by private/model/cli/gen-api/main.go. DO NOT EDIT.
|
|
|
|
package organizations
|
|
|
|
import (
|
|
"time"
|
|
|
|
"github.com/aws/aws-sdk-go/aws"
|
|
"github.com/aws/aws-sdk-go/aws/awsutil"
|
|
"github.com/aws/aws-sdk-go/aws/request"
|
|
"github.com/aws/aws-sdk-go/private/protocol"
|
|
"github.com/aws/aws-sdk-go/private/protocol/jsonrpc"
|
|
)
|
|
|
|
const opAcceptHandshake = "AcceptHandshake"
|
|
|
|
// AcceptHandshakeRequest generates a "aws/request.Request" representing the
|
|
// client's request for the AcceptHandshake operation. The "output" return
|
|
// value will be populated with the request's response once the request completes
|
|
// successfuly.
|
|
//
|
|
// Use "Send" method on the returned Request to send the API call to the service.
|
|
// the "output" return value is not valid until after Send returns without error.
|
|
//
|
|
// See AcceptHandshake for more information on using the AcceptHandshake
|
|
// API call, and error handling.
|
|
//
|
|
// This method is useful when you want to inject custom logic or configuration
|
|
// into the SDK's request lifecycle. Such as custom headers, or retry logic.
|
|
//
|
|
//
|
|
// // Example sending a request using the AcceptHandshakeRequest method.
|
|
// req, resp := client.AcceptHandshakeRequest(params)
|
|
//
|
|
// err := req.Send()
|
|
// if err == nil { // resp is now filled
|
|
// fmt.Println(resp)
|
|
// }
|
|
//
|
|
// See also, https://docs.aws.amazon.com/goto/WebAPI/organizations-2016-11-28/AcceptHandshake
|
|
func (c *Organizations) AcceptHandshakeRequest(input *AcceptHandshakeInput) (req *request.Request, output *AcceptHandshakeOutput) {
|
|
op := &request.Operation{
|
|
Name: opAcceptHandshake,
|
|
HTTPMethod: "POST",
|
|
HTTPPath: "/",
|
|
}
|
|
|
|
if input == nil {
|
|
input = &AcceptHandshakeInput{}
|
|
}
|
|
|
|
output = &AcceptHandshakeOutput{}
|
|
req = c.newRequest(op, input, output)
|
|
return
|
|
}
|
|
|
|
// AcceptHandshake API operation for AWS Organizations.
|
|
//
|
|
// Sends a response to the originator of a handshake agreeing to the action
|
|
// proposed by the handshake request.
|
|
//
|
|
// This operation can be called only by the following principals when they also
|
|
// have the relevant IAM permissions:
|
|
//
|
|
// * Invitation to join or Approve all features request handshakes: only
|
|
// a principal from the member account.
|
|
//
|
|
// The user who calls the API for an invitation to join must have the organizations:AcceptHandshake
|
|
// permission. If you enabled all features in the organization, then the
|
|
// user must also have the iam:CreateServiceLinkedRole permission so that
|
|
// Organizations can create the required service-linked role named OrgsServiceLinkedRoleName.
|
|
// For more information, see AWS Organizations and Service-Linked Roles (http://docs.aws.amazon.com/organizations/latest/userguide/orgs_integration_services.html#orgs_integration_service-linked-roles)
|
|
// in the AWS Organizations User Guide.
|
|
//
|
|
// * Enable all features final confirmation handshake: only a principal from
|
|
// the master account.
|
|
//
|
|
// For more information about invitations, see Inviting an AWS Account to Join
|
|
// Your Organization (http://docs.aws.amazon.com/organizations/latest/userguide/orgs_manage_accounts_invites.html)
|
|
// in the AWS Organizations User Guide. For more information about requests
|
|
// to enable all features in the organization, see Enabling All Features
|
|
// in Your Organization (http://docs.aws.amazon.com/organizations/latest/userguide/orgs_manage_org_support-all-features.html)
|
|
// in the AWS Organizations User Guide.
|
|
//
|
|
// After you accept a handshake, it continues to appear in the results of relevant
|
|
// APIs for only 30 days. After that it is deleted.
|
|
//
|
|
// Returns awserr.Error for service API and SDK errors. Use runtime type assertions
|
|
// with awserr.Error's Code and Message methods to get detailed information about
|
|
// the error.
|
|
//
|
|
// See the AWS API reference guide for AWS Organizations's
|
|
// API operation AcceptHandshake for usage and error information.
|
|
//
|
|
// Returned Error Codes:
|
|
// * ErrCodeAccessDeniedException "AccessDeniedException"
|
|
// You don't have permissions to perform the requested operation. The user or
|
|
// role that is making the request must have at least one IAM permissions policy
|
|
// attached that grants the required permissions. For more information, see
|
|
// Access Management (http://docs.aws.amazon.com/IAM/latest/UserGuide/access.html)
|
|
// in the IAM User Guide.
|
|
//
|
|
// * ErrCodeAWSOrganizationsNotInUseException "AWSOrganizationsNotInUseException"
|
|
// Your account is not a member of an organization. To make this request, you
|
|
// must use the credentials of an account that belongs to an organization.
|
|
//
|
|
// * ErrCodeHandshakeConstraintViolationException "HandshakeConstraintViolationException"
|
|
// The requested operation would violate the constraint identified in the reason
|
|
// code.
|
|
//
|
|
// Some of the reasons in the following list might not be applicable to this
|
|
// specific API or operation:
|
|
//
|
|
// * ACCOUNT_NUMBER_LIMIT_EXCEEDED: You attempted to exceed the limit on
|
|
// the number of accounts in an organization. Note: deleted and closed accounts
|
|
// still count toward your limit.
|
|
//
|
|
// If you get an exception that indicates that you exceeded your account limits
|
|
// for the organization or that you can"t add an account because your organization
|
|
// is still initializing, please contact AWS Customer Support (https://console.aws.amazon.com/support/home#/).
|
|
//
|
|
// * HANDSHAKE_RATE_LIMIT_EXCEEDED: You attempted to exceed the number of
|
|
// handshakes you can send in one day.
|
|
//
|
|
// * ALREADY_IN_AN_ORGANIZATION: The handshake request is invalid because
|
|
// the invited account is already a member of an organization.
|
|
//
|
|
// * ORGANIZATION_ALREADY_HAS_ALL_FEATURES: The handshake request is invalid
|
|
// because the organization has already enabled all features.
|
|
//
|
|
// * INVITE_DISABLED_DURING_ENABLE_ALL_FEATURES: You cannot issue new invitations
|
|
// to join an organization while it is in the process of enabling all features.
|
|
// You can resume inviting accounts after you finalize the process when all
|
|
// accounts have agreed to the change.
|
|
//
|
|
// * PAYMENT_INSTRUMENT_REQUIRED: You cannot complete the operation with
|
|
// an account that does not have a payment instrument, such as a credit card,
|
|
// associated with it.
|
|
//
|
|
// * ORGANIZATION_FROM_DIFFERENT_SELLER_OF_RECORD: The request failed because
|
|
// the account is from a different marketplace than the accounts in the organization.
|
|
// For example, accounts with India addresses must be associated with the
|
|
// AISPL marketplace. All accounts in an organization must be from the same
|
|
// marketplace.
|
|
//
|
|
// * ORGANIZATION_MEMBERSHIP_CHANGE_RATE_LIMIT_EXCEEDED: You attempted to
|
|
// change the membership of an account too quickly after its previous change.
|
|
//
|
|
// * ErrCodeHandshakeNotFoundException "HandshakeNotFoundException"
|
|
// We can't find a handshake with the HandshakeId that you specified.
|
|
//
|
|
// * ErrCodeInvalidHandshakeTransitionException "InvalidHandshakeTransitionException"
|
|
// You can't perform the operation on the handshake in its current state. For
|
|
// example, you can't cancel a handshake that was already accepted, or accept
|
|
// a handshake that was already declined.
|
|
//
|
|
// * ErrCodeHandshakeAlreadyInStateException "HandshakeAlreadyInStateException"
|
|
// The specified handshake is already in the requested state. For example, you
|
|
// can't accept a handshake that was already accepted.
|
|
//
|
|
// * ErrCodeInvalidInputException "InvalidInputException"
|
|
// The requested operation failed because you provided invalid values for one
|
|
// or more of the request parameters. This exception includes a reason that
|
|
// contains additional information about the violated limit:
|
|
//
|
|
// Some of the reasons in the following list might not be applicable to this
|
|
// specific API or operation:
|
|
//
|
|
// * IMMUTABLE_POLICY: You specified a policy that is managed by AWS and
|
|
// cannot be modified.
|
|
//
|
|
// * INPUT_REQUIRED: You must include a value for all required parameters.
|
|
//
|
|
// * INVALID_ENUM: You specified a value that is not valid for that parameter.
|
|
//
|
|
// * INVALID_FULL_NAME_TARGET: You specified a full name that contains invalid
|
|
// characters.
|
|
//
|
|
// * INVALID_LIST_MEMBER: You provided a list to a parameter that contains
|
|
// at least one invalid value.
|
|
//
|
|
// * INVALID_PARTY_TYPE_TARGET: You specified the wrong type of entity (account,
|
|
// organization, or email) as a party.
|
|
//
|
|
// * INVALID_PAGINATION_TOKEN: Get the value for the NextToken parameter
|
|
// from the response to a previous call of the operation.
|
|
//
|
|
// * INVALID_PATTERN: You provided a value that doesn't match the required
|
|
// pattern.
|
|
//
|
|
// * INVALID_PATTERN_TARGET_ID: You specified a policy target ID that doesn't
|
|
// match the required pattern.
|
|
//
|
|
// * INVALID_ROLE_NAME: You provided a role name that is not valid. A role
|
|
// name can’t begin with the reserved prefix 'AWSServiceRoleFor'.
|
|
//
|
|
// * INVALID_SYNTAX_ORGANIZATION_ARN: You specified an invalid ARN for the
|
|
// organization.
|
|
//
|
|
// * INVALID_SYNTAX_POLICY_ID: You specified an invalid policy ID.
|
|
//
|
|
// * MAX_FILTER_LIMIT_EXCEEDED: You can specify only one filter parameter
|
|
// for the operation.
|
|
//
|
|
// * MAX_LENGTH_EXCEEDED: You provided a string parameter that is longer
|
|
// than allowed.
|
|
//
|
|
// * MAX_VALUE_EXCEEDED: You provided a numeric parameter that has a larger
|
|
// value than allowed.
|
|
//
|
|
// * MIN_LENGTH_EXCEEDED: You provided a string parameter that is shorter
|
|
// than allowed.
|
|
//
|
|
// * MIN_VALUE_EXCEEDED: You provided a numeric parameter that has a smaller
|
|
// value than allowed.
|
|
//
|
|
// * MOVING_ACCOUNT_BETWEEN_DIFFERENT_ROOTS: You can move an account only
|
|
// between entities in the same root.
|
|
//
|
|
// * ErrCodeConcurrentModificationException "ConcurrentModificationException"
|
|
// The target of the operation is currently being modified by a different request.
|
|
// Try again later.
|
|
//
|
|
// * ErrCodeServiceException "ServiceException"
|
|
// AWS Organizations can't complete your request because of an internal service
|
|
// error. Try again later.
|
|
//
|
|
// * ErrCodeTooManyRequestsException "TooManyRequestsException"
|
|
// You've sent too many requests in too short a period of time. The limit helps
|
|
// protect against denial-of-service attacks. Try again later.
|
|
//
|
|
// * ErrCodeAccessDeniedForDependencyException "AccessDeniedForDependencyException"
|
|
// The operation you attempted requires you to have the iam:CreateServiceLinkedRole
|
|
// so that Organizations can create the required service-linked role. You do
|
|
// not have that permission.
|
|
//
|
|
// See also, https://docs.aws.amazon.com/goto/WebAPI/organizations-2016-11-28/AcceptHandshake
|
|
func (c *Organizations) AcceptHandshake(input *AcceptHandshakeInput) (*AcceptHandshakeOutput, error) {
|
|
req, out := c.AcceptHandshakeRequest(input)
|
|
return out, req.Send()
|
|
}
|
|
|
|
// AcceptHandshakeWithContext is the same as AcceptHandshake with the addition of
|
|
// the ability to pass a context and additional request options.
|
|
//
|
|
// See AcceptHandshake for details on how to use this API operation.
|
|
//
|
|
// The context must be non-nil and will be used for request cancellation. If
|
|
// the context is nil a panic will occur. In the future the SDK may create
|
|
// sub-contexts for http.Requests. See https://golang.org/pkg/context/
|
|
// for more information on using Contexts.
|
|
func (c *Organizations) AcceptHandshakeWithContext(ctx aws.Context, input *AcceptHandshakeInput, opts ...request.Option) (*AcceptHandshakeOutput, error) {
|
|
req, out := c.AcceptHandshakeRequest(input)
|
|
req.SetContext(ctx)
|
|
req.ApplyOptions(opts...)
|
|
return out, req.Send()
|
|
}
|
|
|
|
const opAttachPolicy = "AttachPolicy"
|
|
|
|
// AttachPolicyRequest generates a "aws/request.Request" representing the
|
|
// client's request for the AttachPolicy operation. The "output" return
|
|
// value will be populated with the request's response once the request completes
|
|
// successfuly.
|
|
//
|
|
// Use "Send" method on the returned Request to send the API call to the service.
|
|
// the "output" return value is not valid until after Send returns without error.
|
|
//
|
|
// See AttachPolicy for more information on using the AttachPolicy
|
|
// API call, and error handling.
|
|
//
|
|
// This method is useful when you want to inject custom logic or configuration
|
|
// into the SDK's request lifecycle. Such as custom headers, or retry logic.
|
|
//
|
|
//
|
|
// // Example sending a request using the AttachPolicyRequest method.
|
|
// req, resp := client.AttachPolicyRequest(params)
|
|
//
|
|
// err := req.Send()
|
|
// if err == nil { // resp is now filled
|
|
// fmt.Println(resp)
|
|
// }
|
|
//
|
|
// See also, https://docs.aws.amazon.com/goto/WebAPI/organizations-2016-11-28/AttachPolicy
|
|
func (c *Organizations) AttachPolicyRequest(input *AttachPolicyInput) (req *request.Request, output *AttachPolicyOutput) {
|
|
op := &request.Operation{
|
|
Name: opAttachPolicy,
|
|
HTTPMethod: "POST",
|
|
HTTPPath: "/",
|
|
}
|
|
|
|
if input == nil {
|
|
input = &AttachPolicyInput{}
|
|
}
|
|
|
|
output = &AttachPolicyOutput{}
|
|
req = c.newRequest(op, input, output)
|
|
req.Handlers.Unmarshal.Remove(jsonrpc.UnmarshalHandler)
|
|
req.Handlers.Unmarshal.PushBackNamed(protocol.UnmarshalDiscardBodyHandler)
|
|
return
|
|
}
|
|
|
|
// AttachPolicy API operation for AWS Organizations.
|
|
//
|
|
// Attaches a policy to a root, an organizational unit, or an individual account.
|
|
// How the policy affects accounts depends on the type of policy:
|
|
//
|
|
// * Service control policy (SCP) - An SCP specifies what permissions can
|
|
// be delegated to users in affected member accounts. The scope of influence
|
|
// for a policy depends on what you attach the policy to:
|
|
//
|
|
// If you attach an SCP to a root, it affects all accounts in the organization.
|
|
//
|
|
// If you attach an SCP to an OU, it affects all accounts in that OU and in
|
|
// any child OUs.
|
|
//
|
|
// If you attach the policy directly to an account, then it affects only that
|
|
// account.
|
|
//
|
|
// SCPs essentially are permission "filters". When you attach one SCP to a higher
|
|
// level root or OU, and you also attach a different SCP to a child OU or
|
|
// to an account, the child policy can further restrict only the permissions
|
|
// that pass through the parent filter and are available to the child. An
|
|
// SCP that is attached to a child cannot grant a permission that is not
|
|
// already granted by the parent. For example, imagine that the parent SCP
|
|
// allows permissions A, B, C, D, and E. The child SCP allows C, D, E, F,
|
|
// and G. The result is that the accounts affected by the child SCP are allowed
|
|
// to use only C, D, and E. They cannot use A or B because they were filtered
|
|
// out by the child OU. They also cannot use F and G because they were filtered
|
|
// out by the parent OU. They cannot be granted back by the child SCP; child
|
|
// SCPs can only filter the permissions they receive from the parent SCP.
|
|
//
|
|
// AWS Organizations attaches a default SCP named "FullAWSAccess to every root,
|
|
// OU, and account. This default SCP allows all services and actions, enabling
|
|
// any new child OU or account to inherit the permissions of the parent root
|
|
// or OU. If you detach the default policy, you must replace it with a policy
|
|
// that specifies the permissions that you want to allow in that OU or account.
|
|
//
|
|
// For more information about how Organizations policies permissions work, see
|
|
// Using Service Control Policies (http://docs.aws.amazon.com/organizations/latest/userguide/orgs_manage_policies_scp.html)
|
|
// in the AWS Organizations User Guide.
|
|
//
|
|
// This operation can be called only from the organization's master account.
|
|
//
|
|
// Returns awserr.Error for service API and SDK errors. Use runtime type assertions
|
|
// with awserr.Error's Code and Message methods to get detailed information about
|
|
// the error.
|
|
//
|
|
// See the AWS API reference guide for AWS Organizations's
|
|
// API operation AttachPolicy for usage and error information.
|
|
//
|
|
// Returned Error Codes:
|
|
// * ErrCodeAccessDeniedException "AccessDeniedException"
|
|
// You don't have permissions to perform the requested operation. The user or
|
|
// role that is making the request must have at least one IAM permissions policy
|
|
// attached that grants the required permissions. For more information, see
|
|
// Access Management (http://docs.aws.amazon.com/IAM/latest/UserGuide/access.html)
|
|
// in the IAM User Guide.
|
|
//
|
|
// * ErrCodeAWSOrganizationsNotInUseException "AWSOrganizationsNotInUseException"
|
|
// Your account is not a member of an organization. To make this request, you
|
|
// must use the credentials of an account that belongs to an organization.
|
|
//
|
|
// * ErrCodeConcurrentModificationException "ConcurrentModificationException"
|
|
// The target of the operation is currently being modified by a different request.
|
|
// Try again later.
|
|
//
|
|
// * ErrCodeConstraintViolationException "ConstraintViolationException"
|
|
// Performing this operation violates a minimum or maximum value limit. For
|
|
// example, attempting to removing the last SCP from an OU or root, inviting
|
|
// or creating too many accounts to the organization, or attaching too many
|
|
// policies to an account, OU, or root. This exception includes a reason that
|
|
// contains additional information about the violated limit:
|
|
//
|
|
// Some of the reasons in the following list might not be applicable to this
|
|
// specific API or operation:
|
|
//
|
|
// ACCOUNT_NUMBER_LIMIT_EXCEEDED: You attempted to exceed the limit on the number
|
|
// of accounts in an organization. If you need more accounts, contact AWS Support
|
|
// to request an increase in your limit.
|
|
//
|
|
// Or, The number of invitations that you tried to send would cause you to exceed
|
|
// the limit of accounts in your organization. Send fewer invitations, or contact
|
|
// AWS Support to request an increase in the number of accounts.
|
|
//
|
|
// Note: deleted and closed accounts still count toward your limit.
|
|
//
|
|
// If you get an exception that indicates that you exceeded your account limits
|
|
// for the organization or that you can"t add an account because your organization
|
|
// is still initializing, please contact AWS Customer Support (https://console.aws.amazon.com/support/home#/).
|
|
//
|
|
// * HANDSHAKE_RATE_LIMIT_EXCEEDED: You attempted to exceed the number of
|
|
// handshakes you can send in one day.
|
|
//
|
|
// * OU_NUMBER_LIMIT_EXCEEDED: You attempted to exceed the number of organizational
|
|
// units you can have in an organization.
|
|
//
|
|
// * OU_DEPTH_LIMIT_EXCEEDED: You attempted to create an organizational unit
|
|
// tree that is too many levels deep.
|
|
//
|
|
// * POLICY_NUMBER_LIMIT_EXCEEDED. You attempted to exceed the number of
|
|
// policies that you can have in an organization.
|
|
//
|
|
// * MAX_POLICY_TYPE_ATTACHMENT_LIMIT_EXCEEDED: You attempted to exceed the
|
|
// number of policies of a certain type that can be attached to an entity
|
|
// at one time.
|
|
//
|
|
// * MIN_POLICY_TYPE_ATTACHMENT_LIMIT_EXCEEDED: You attempted to detach a
|
|
// policy from an entity that would cause the entity to have fewer than the
|
|
// minimum number of policies of a certain type required.
|
|
//
|
|
// * ACCOUNT_CANNOT_LEAVE_WITHOUT_EULA: You attempted to remove an account
|
|
// from the organization that does not yet have enough information to exist
|
|
// as a stand-alone account. This account requires you to first agree to
|
|
// the AWS Customer Agreement. Follow the steps at To leave an organization
|
|
// when all required account information has not yet been provided (http://docs.aws.amazon.com/organizations/latest/userguide/orgs_manage_accounts_remove.html#leave-without-all-info)
|
|
// in the AWS Organizations User Guide.
|
|
//
|
|
// * ACCOUNT_CANNOT_LEAVE_WITHOUT_PHONE_VERIFICATION: You attempted to remove
|
|
// an account from the organization that does not yet have enough information
|
|
// to exist as a stand-alone account. This account requires you to first
|
|
// complete phone verification. Follow the steps at To leave an organization
|
|
// when all required account information has not yet been provided (http://docs.aws.amazon.com/organizations/latest/userguide/orgs_manage_accounts_remove.html#leave-without-all-info)
|
|
// in the AWS Organizations User Guide.
|
|
//
|
|
// * MASTER_ACCOUNT_PAYMENT_INSTRUMENT_REQUIRED: To create an organization
|
|
// with this account, you first must associate a payment instrument, such
|
|
// as a credit card, with the account. Follow the steps at To leave an organization
|
|
// when all required account information has not yet been provided (http://docs.aws.amazon.com/organizations/latest/userguide/orgs_manage_accounts_remove.html#leave-without-all-info)
|
|
// in the AWS Organizations User Guide.
|
|
//
|
|
// * MEMBER_ACCOUNT_PAYMENT_INSTRUMENT_REQUIRED: To complete this operation
|
|
// with this member account, you first must associate a payment instrument,
|
|
// such as a credit card, with the account. Follow the steps at To leave
|
|
// an organization when all required account information has not yet been
|
|
// provided (http://docs.aws.amazon.com/organizations/latest/userguide/orgs_manage_accounts_remove.html#leave-without-all-info)
|
|
// in the AWS Organizations User Guide.
|
|
//
|
|
// * ACCOUNT_CREATION_RATE_LIMIT_EXCEEDED: You attempted to exceed the number
|
|
// of accounts that you can create in one day.
|
|
//
|
|
// * MASTER_ACCOUNT_ADDRESS_DOES_NOT_MATCH_MARKETPLACE: To create an account
|
|
// in this organization, you first must migrate the organization's master
|
|
// account to the marketplace that corresponds to the master account's address.
|
|
// For example, accounts with India addresses must be associated with the
|
|
// AISPL marketplace. All accounts in an organization must be associated
|
|
// with the same marketplace.
|
|
//
|
|
// * MASTER_ACCOUNT_MISSING_CONTACT_INFO: To complete this operation, you
|
|
// must first provide contact a valid address and phone number for the master
|
|
// account. Then try the operation again.
|
|
//
|
|
// * ErrCodeDuplicatePolicyAttachmentException "DuplicatePolicyAttachmentException"
|
|
// The selected policy is already attached to the specified target.
|
|
//
|
|
// * ErrCodeInvalidInputException "InvalidInputException"
|
|
// The requested operation failed because you provided invalid values for one
|
|
// or more of the request parameters. This exception includes a reason that
|
|
// contains additional information about the violated limit:
|
|
//
|
|
// Some of the reasons in the following list might not be applicable to this
|
|
// specific API or operation:
|
|
//
|
|
// * IMMUTABLE_POLICY: You specified a policy that is managed by AWS and
|
|
// cannot be modified.
|
|
//
|
|
// * INPUT_REQUIRED: You must include a value for all required parameters.
|
|
//
|
|
// * INVALID_ENUM: You specified a value that is not valid for that parameter.
|
|
//
|
|
// * INVALID_FULL_NAME_TARGET: You specified a full name that contains invalid
|
|
// characters.
|
|
//
|
|
// * INVALID_LIST_MEMBER: You provided a list to a parameter that contains
|
|
// at least one invalid value.
|
|
//
|
|
// * INVALID_PARTY_TYPE_TARGET: You specified the wrong type of entity (account,
|
|
// organization, or email) as a party.
|
|
//
|
|
// * INVALID_PAGINATION_TOKEN: Get the value for the NextToken parameter
|
|
// from the response to a previous call of the operation.
|
|
//
|
|
// * INVALID_PATTERN: You provided a value that doesn't match the required
|
|
// pattern.
|
|
//
|
|
// * INVALID_PATTERN_TARGET_ID: You specified a policy target ID that doesn't
|
|
// match the required pattern.
|
|
//
|
|
// * INVALID_ROLE_NAME: You provided a role name that is not valid. A role
|
|
// name can’t begin with the reserved prefix 'AWSServiceRoleFor'.
|
|
//
|
|
// * INVALID_SYNTAX_ORGANIZATION_ARN: You specified an invalid ARN for the
|
|
// organization.
|
|
//
|
|
// * INVALID_SYNTAX_POLICY_ID: You specified an invalid policy ID.
|
|
//
|
|
// * MAX_FILTER_LIMIT_EXCEEDED: You can specify only one filter parameter
|
|
// for the operation.
|
|
//
|
|
// * MAX_LENGTH_EXCEEDED: You provided a string parameter that is longer
|
|
// than allowed.
|
|
//
|
|
// * MAX_VALUE_EXCEEDED: You provided a numeric parameter that has a larger
|
|
// value than allowed.
|
|
//
|
|
// * MIN_LENGTH_EXCEEDED: You provided a string parameter that is shorter
|
|
// than allowed.
|
|
//
|
|
// * MIN_VALUE_EXCEEDED: You provided a numeric parameter that has a smaller
|
|
// value than allowed.
|
|
//
|
|
// * MOVING_ACCOUNT_BETWEEN_DIFFERENT_ROOTS: You can move an account only
|
|
// between entities in the same root.
|
|
//
|
|
// * ErrCodePolicyNotFoundException "PolicyNotFoundException"
|
|
// We can't find a policy with the PolicyId that you specified.
|
|
//
|
|
// * ErrCodePolicyTypeNotEnabledException "PolicyTypeNotEnabledException"
|
|
// The specified policy type is not currently enabled in this root. You cannot
|
|
// attach policies of the specified type to entities in a root until you enable
|
|
// that type in the root. For more information, see Enabling All Features in
|
|
// Your Organization (http://docs.aws.amazon.com/organizations/latest/userguide/orgs_manage_org_support-all-features.html)
|
|
// in the AWS Organizations User Guide.
|
|
//
|
|
// * ErrCodeServiceException "ServiceException"
|
|
// AWS Organizations can't complete your request because of an internal service
|
|
// error. Try again later.
|
|
//
|
|
// * ErrCodeTargetNotFoundException "TargetNotFoundException"
|
|
// We can't find a root, OU, or account with the TargetId that you specified.
|
|
//
|
|
// * ErrCodeTooManyRequestsException "TooManyRequestsException"
|
|
// You've sent too many requests in too short a period of time. The limit helps
|
|
// protect against denial-of-service attacks. Try again later.
|
|
//
|
|
// See also, https://docs.aws.amazon.com/goto/WebAPI/organizations-2016-11-28/AttachPolicy
|
|
func (c *Organizations) AttachPolicy(input *AttachPolicyInput) (*AttachPolicyOutput, error) {
|
|
req, out := c.AttachPolicyRequest(input)
|
|
return out, req.Send()
|
|
}
|
|
|
|
// AttachPolicyWithContext is the same as AttachPolicy with the addition of
|
|
// the ability to pass a context and additional request options.
|
|
//
|
|
// See AttachPolicy for details on how to use this API operation.
|
|
//
|
|
// The context must be non-nil and will be used for request cancellation. If
|
|
// the context is nil a panic will occur. In the future the SDK may create
|
|
// sub-contexts for http.Requests. See https://golang.org/pkg/context/
|
|
// for more information on using Contexts.
|
|
func (c *Organizations) AttachPolicyWithContext(ctx aws.Context, input *AttachPolicyInput, opts ...request.Option) (*AttachPolicyOutput, error) {
|
|
req, out := c.AttachPolicyRequest(input)
|
|
req.SetContext(ctx)
|
|
req.ApplyOptions(opts...)
|
|
return out, req.Send()
|
|
}
|
|
|
|
const opCancelHandshake = "CancelHandshake"
|
|
|
|
// CancelHandshakeRequest generates a "aws/request.Request" representing the
|
|
// client's request for the CancelHandshake operation. The "output" return
|
|
// value will be populated with the request's response once the request completes
|
|
// successfuly.
|
|
//
|
|
// Use "Send" method on the returned Request to send the API call to the service.
|
|
// the "output" return value is not valid until after Send returns without error.
|
|
//
|
|
// See CancelHandshake for more information on using the CancelHandshake
|
|
// API call, and error handling.
|
|
//
|
|
// This method is useful when you want to inject custom logic or configuration
|
|
// into the SDK's request lifecycle. Such as custom headers, or retry logic.
|
|
//
|
|
//
|
|
// // Example sending a request using the CancelHandshakeRequest method.
|
|
// req, resp := client.CancelHandshakeRequest(params)
|
|
//
|
|
// err := req.Send()
|
|
// if err == nil { // resp is now filled
|
|
// fmt.Println(resp)
|
|
// }
|
|
//
|
|
// See also, https://docs.aws.amazon.com/goto/WebAPI/organizations-2016-11-28/CancelHandshake
|
|
func (c *Organizations) CancelHandshakeRequest(input *CancelHandshakeInput) (req *request.Request, output *CancelHandshakeOutput) {
|
|
op := &request.Operation{
|
|
Name: opCancelHandshake,
|
|
HTTPMethod: "POST",
|
|
HTTPPath: "/",
|
|
}
|
|
|
|
if input == nil {
|
|
input = &CancelHandshakeInput{}
|
|
}
|
|
|
|
output = &CancelHandshakeOutput{}
|
|
req = c.newRequest(op, input, output)
|
|
return
|
|
}
|
|
|
|
// CancelHandshake API operation for AWS Organizations.
|
|
//
|
|
// Cancels a handshake. Canceling a handshake sets the handshake state to CANCELED.
|
|
//
|
|
// This operation can be called only from the account that originated the handshake.
|
|
// The recipient of the handshake can't cancel it, but can use DeclineHandshake
|
|
// instead. After a handshake is canceled, the recipient can no longer respond
|
|
// to that handshake.
|
|
//
|
|
// After you cancel a handshake, it continues to appear in the results of relevant
|
|
// APIs for only 30 days. After that it is deleted.
|
|
//
|
|
// Returns awserr.Error for service API and SDK errors. Use runtime type assertions
|
|
// with awserr.Error's Code and Message methods to get detailed information about
|
|
// the error.
|
|
//
|
|
// See the AWS API reference guide for AWS Organizations's
|
|
// API operation CancelHandshake for usage and error information.
|
|
//
|
|
// Returned Error Codes:
|
|
// * ErrCodeAccessDeniedException "AccessDeniedException"
|
|
// You don't have permissions to perform the requested operation. The user or
|
|
// role that is making the request must have at least one IAM permissions policy
|
|
// attached that grants the required permissions. For more information, see
|
|
// Access Management (http://docs.aws.amazon.com/IAM/latest/UserGuide/access.html)
|
|
// in the IAM User Guide.
|
|
//
|
|
// * ErrCodeConcurrentModificationException "ConcurrentModificationException"
|
|
// The target of the operation is currently being modified by a different request.
|
|
// Try again later.
|
|
//
|
|
// * ErrCodeHandshakeNotFoundException "HandshakeNotFoundException"
|
|
// We can't find a handshake with the HandshakeId that you specified.
|
|
//
|
|
// * ErrCodeInvalidHandshakeTransitionException "InvalidHandshakeTransitionException"
|
|
// You can't perform the operation on the handshake in its current state. For
|
|
// example, you can't cancel a handshake that was already accepted, or accept
|
|
// a handshake that was already declined.
|
|
//
|
|
// * ErrCodeHandshakeAlreadyInStateException "HandshakeAlreadyInStateException"
|
|
// The specified handshake is already in the requested state. For example, you
|
|
// can't accept a handshake that was already accepted.
|
|
//
|
|
// * ErrCodeInvalidInputException "InvalidInputException"
|
|
// The requested operation failed because you provided invalid values for one
|
|
// or more of the request parameters. This exception includes a reason that
|
|
// contains additional information about the violated limit:
|
|
//
|
|
// Some of the reasons in the following list might not be applicable to this
|
|
// specific API or operation:
|
|
//
|
|
// * IMMUTABLE_POLICY: You specified a policy that is managed by AWS and
|
|
// cannot be modified.
|
|
//
|
|
// * INPUT_REQUIRED: You must include a value for all required parameters.
|
|
//
|
|
// * INVALID_ENUM: You specified a value that is not valid for that parameter.
|
|
//
|
|
// * INVALID_FULL_NAME_TARGET: You specified a full name that contains invalid
|
|
// characters.
|
|
//
|
|
// * INVALID_LIST_MEMBER: You provided a list to a parameter that contains
|
|
// at least one invalid value.
|
|
//
|
|
// * INVALID_PARTY_TYPE_TARGET: You specified the wrong type of entity (account,
|
|
// organization, or email) as a party.
|
|
//
|
|
// * INVALID_PAGINATION_TOKEN: Get the value for the NextToken parameter
|
|
// from the response to a previous call of the operation.
|
|
//
|
|
// * INVALID_PATTERN: You provided a value that doesn't match the required
|
|
// pattern.
|
|
//
|
|
// * INVALID_PATTERN_TARGET_ID: You specified a policy target ID that doesn't
|
|
// match the required pattern.
|
|
//
|
|
// * INVALID_ROLE_NAME: You provided a role name that is not valid. A role
|
|
// name can’t begin with the reserved prefix 'AWSServiceRoleFor'.
|
|
//
|
|
// * INVALID_SYNTAX_ORGANIZATION_ARN: You specified an invalid ARN for the
|
|
// organization.
|
|
//
|
|
// * INVALID_SYNTAX_POLICY_ID: You specified an invalid policy ID.
|
|
//
|
|
// * MAX_FILTER_LIMIT_EXCEEDED: You can specify only one filter parameter
|
|
// for the operation.
|
|
//
|
|
// * MAX_LENGTH_EXCEEDED: You provided a string parameter that is longer
|
|
// than allowed.
|
|
//
|
|
// * MAX_VALUE_EXCEEDED: You provided a numeric parameter that has a larger
|
|
// value than allowed.
|
|
//
|
|
// * MIN_LENGTH_EXCEEDED: You provided a string parameter that is shorter
|
|
// than allowed.
|
|
//
|
|
// * MIN_VALUE_EXCEEDED: You provided a numeric parameter that has a smaller
|
|
// value than allowed.
|
|
//
|
|
// * MOVING_ACCOUNT_BETWEEN_DIFFERENT_ROOTS: You can move an account only
|
|
// between entities in the same root.
|
|
//
|
|
// * ErrCodeServiceException "ServiceException"
|
|
// AWS Organizations can't complete your request because of an internal service
|
|
// error. Try again later.
|
|
//
|
|
// * ErrCodeTooManyRequestsException "TooManyRequestsException"
|
|
// You've sent too many requests in too short a period of time. The limit helps
|
|
// protect against denial-of-service attacks. Try again later.
|
|
//
|
|
// See also, https://docs.aws.amazon.com/goto/WebAPI/organizations-2016-11-28/CancelHandshake
|
|
func (c *Organizations) CancelHandshake(input *CancelHandshakeInput) (*CancelHandshakeOutput, error) {
|
|
req, out := c.CancelHandshakeRequest(input)
|
|
return out, req.Send()
|
|
}
|
|
|
|
// CancelHandshakeWithContext is the same as CancelHandshake with the addition of
|
|
// the ability to pass a context and additional request options.
|
|
//
|
|
// See CancelHandshake for details on how to use this API operation.
|
|
//
|
|
// The context must be non-nil and will be used for request cancellation. If
|
|
// the context is nil a panic will occur. In the future the SDK may create
|
|
// sub-contexts for http.Requests. See https://golang.org/pkg/context/
|
|
// for more information on using Contexts.
|
|
func (c *Organizations) CancelHandshakeWithContext(ctx aws.Context, input *CancelHandshakeInput, opts ...request.Option) (*CancelHandshakeOutput, error) {
|
|
req, out := c.CancelHandshakeRequest(input)
|
|
req.SetContext(ctx)
|
|
req.ApplyOptions(opts...)
|
|
return out, req.Send()
|
|
}
|
|
|
|
const opCreateAccount = "CreateAccount"
|
|
|
|
// CreateAccountRequest generates a "aws/request.Request" representing the
|
|
// client's request for the CreateAccount operation. The "output" return
|
|
// value will be populated with the request's response once the request completes
|
|
// successfuly.
|
|
//
|
|
// Use "Send" method on the returned Request to send the API call to the service.
|
|
// the "output" return value is not valid until after Send returns without error.
|
|
//
|
|
// See CreateAccount for more information on using the CreateAccount
|
|
// API call, and error handling.
|
|
//
|
|
// This method is useful when you want to inject custom logic or configuration
|
|
// into the SDK's request lifecycle. Such as custom headers, or retry logic.
|
|
//
|
|
//
|
|
// // Example sending a request using the CreateAccountRequest method.
|
|
// req, resp := client.CreateAccountRequest(params)
|
|
//
|
|
// err := req.Send()
|
|
// if err == nil { // resp is now filled
|
|
// fmt.Println(resp)
|
|
// }
|
|
//
|
|
// See also, https://docs.aws.amazon.com/goto/WebAPI/organizations-2016-11-28/CreateAccount
|
|
func (c *Organizations) CreateAccountRequest(input *CreateAccountInput) (req *request.Request, output *CreateAccountOutput) {
|
|
op := &request.Operation{
|
|
Name: opCreateAccount,
|
|
HTTPMethod: "POST",
|
|
HTTPPath: "/",
|
|
}
|
|
|
|
if input == nil {
|
|
input = &CreateAccountInput{}
|
|
}
|
|
|
|
output = &CreateAccountOutput{}
|
|
req = c.newRequest(op, input, output)
|
|
return
|
|
}
|
|
|
|
// CreateAccount API operation for AWS Organizations.
|
|
//
|
|
// Creates an AWS account that is automatically a member of the organization
|
|
// whose credentials made the request. This is an asynchronous request that
|
|
// AWS performs in the background. If you want to check the status of the request
|
|
// later, you need the OperationId response element from this operation to provide
|
|
// as a parameter to the DescribeCreateAccountStatus operation.
|
|
//
|
|
// The user who calls the API for an invitation to join must have the organizations:CreateAccount
|
|
// permission. If you enabled all features in the organization, then the user
|
|
// must also have the iam:CreateServiceLinkedRole permission so that Organizations
|
|
// can create the required service-linked role named OrgsServiceLinkedRoleName.
|
|
// For more information, see AWS Organizations and Service-Linked Roles (http://docs.aws.amazon.com/organizations/latest/userguide/orgs_integration_services.html#orgs_integration_service-linked-roles)
|
|
// in the AWS Organizations User Guide.
|
|
//
|
|
// The user in the master account who calls this API must also have the iam:CreateRole
|
|
// permission because AWS Organizations preconfigures the new member account
|
|
// with a role (named OrganizationAccountAccessRole by default) that grants
|
|
// users in the master account administrator permissions in the new member account.
|
|
// Principals in the master account can assume the role. AWS Organizations clones
|
|
// the company name and address information for the new account from the organization's
|
|
// master account.
|
|
//
|
|
// This operation can be called only from the organization's master account.
|
|
//
|
|
// For more information about creating accounts, see Creating an AWS Account
|
|
// in Your Organization (http://docs.aws.amazon.com/organizations/latest/userguide/orgs_manage_accounts_create.html)
|
|
// in the AWS Organizations User Guide.
|
|
//
|
|
// When you create an account in an organization using the AWS Organizations
|
|
// console, API, or CLI commands, the information required for the account to
|
|
// operate as a standalone account, such as a payment method and signing the
|
|
// End User Licence Agreement (EULA) is not automatically collected. If you
|
|
// must remove an account from your organization later, you can do so only after
|
|
// you provide the missing information. Follow the steps at To leave an organization
|
|
// when all required account information has not yet been provided (http://docs.aws.amazon.com/organizations/latest/userguide/orgs_manage_accounts_remove.html#leave-without-all-info)
|
|
// in the AWS Organizations User Guide.
|
|
//
|
|
// When you create a member account with this operation, you can choose whether
|
|
// to create the account with the IAM User and Role Access to Billing Information
|
|
// switch enabled. If you enable it, IAM users and roles that have appropriate
|
|
// permissions can view billing information for the account. If you disable
|
|
// this, then only the account root user can access billing information. For
|
|
// information about how to disable this for an account, see Granting Access
|
|
// to Your Billing Information and Tools (http://docs.aws.amazon.com/awsaccountbilling/latest/aboutv2/grantaccess.html).
|
|
//
|
|
// This operation can be called only from the organization's master account.
|
|
//
|
|
// If you get an exception that indicates that you exceeded your account limits
|
|
// for the organization or that you can"t add an account because your organization
|
|
// is still initializing, please contact AWS Customer Support (https://console.aws.amazon.com/support/home#/).
|
|
//
|
|
// Returns awserr.Error for service API and SDK errors. Use runtime type assertions
|
|
// with awserr.Error's Code and Message methods to get detailed information about
|
|
// the error.
|
|
//
|
|
// See the AWS API reference guide for AWS Organizations's
|
|
// API operation CreateAccount for usage and error information.
|
|
//
|
|
// Returned Error Codes:
|
|
// * ErrCodeAccessDeniedException "AccessDeniedException"
|
|
// You don't have permissions to perform the requested operation. The user or
|
|
// role that is making the request must have at least one IAM permissions policy
|
|
// attached that grants the required permissions. For more information, see
|
|
// Access Management (http://docs.aws.amazon.com/IAM/latest/UserGuide/access.html)
|
|
// in the IAM User Guide.
|
|
//
|
|
// * ErrCodeAWSOrganizationsNotInUseException "AWSOrganizationsNotInUseException"
|
|
// Your account is not a member of an organization. To make this request, you
|
|
// must use the credentials of an account that belongs to an organization.
|
|
//
|
|
// * ErrCodeConcurrentModificationException "ConcurrentModificationException"
|
|
// The target of the operation is currently being modified by a different request.
|
|
// Try again later.
|
|
//
|
|
// * ErrCodeConstraintViolationException "ConstraintViolationException"
|
|
// Performing this operation violates a minimum or maximum value limit. For
|
|
// example, attempting to removing the last SCP from an OU or root, inviting
|
|
// or creating too many accounts to the organization, or attaching too many
|
|
// policies to an account, OU, or root. This exception includes a reason that
|
|
// contains additional information about the violated limit:
|
|
//
|
|
// Some of the reasons in the following list might not be applicable to this
|
|
// specific API or operation:
|
|
//
|
|
// ACCOUNT_NUMBER_LIMIT_EXCEEDED: You attempted to exceed the limit on the number
|
|
// of accounts in an organization. If you need more accounts, contact AWS Support
|
|
// to request an increase in your limit.
|
|
//
|
|
// Or, The number of invitations that you tried to send would cause you to exceed
|
|
// the limit of accounts in your organization. Send fewer invitations, or contact
|
|
// AWS Support to request an increase in the number of accounts.
|
|
//
|
|
// Note: deleted and closed accounts still count toward your limit.
|
|
//
|
|
// If you get an exception that indicates that you exceeded your account limits
|
|
// for the organization or that you can"t add an account because your organization
|
|
// is still initializing, please contact AWS Customer Support (https://console.aws.amazon.com/support/home#/).
|
|
//
|
|
// * HANDSHAKE_RATE_LIMIT_EXCEEDED: You attempted to exceed the number of
|
|
// handshakes you can send in one day.
|
|
//
|
|
// * OU_NUMBER_LIMIT_EXCEEDED: You attempted to exceed the number of organizational
|
|
// units you can have in an organization.
|
|
//
|
|
// * OU_DEPTH_LIMIT_EXCEEDED: You attempted to create an organizational unit
|
|
// tree that is too many levels deep.
|
|
//
|
|
// * POLICY_NUMBER_LIMIT_EXCEEDED. You attempted to exceed the number of
|
|
// policies that you can have in an organization.
|
|
//
|
|
// * MAX_POLICY_TYPE_ATTACHMENT_LIMIT_EXCEEDED: You attempted to exceed the
|
|
// number of policies of a certain type that can be attached to an entity
|
|
// at one time.
|
|
//
|
|
// * MIN_POLICY_TYPE_ATTACHMENT_LIMIT_EXCEEDED: You attempted to detach a
|
|
// policy from an entity that would cause the entity to have fewer than the
|
|
// minimum number of policies of a certain type required.
|
|
//
|
|
// * ACCOUNT_CANNOT_LEAVE_WITHOUT_EULA: You attempted to remove an account
|
|
// from the organization that does not yet have enough information to exist
|
|
// as a stand-alone account. This account requires you to first agree to
|
|
// the AWS Customer Agreement. Follow the steps at To leave an organization
|
|
// when all required account information has not yet been provided (http://docs.aws.amazon.com/organizations/latest/userguide/orgs_manage_accounts_remove.html#leave-without-all-info)
|
|
// in the AWS Organizations User Guide.
|
|
//
|
|
// * ACCOUNT_CANNOT_LEAVE_WITHOUT_PHONE_VERIFICATION: You attempted to remove
|
|
// an account from the organization that does not yet have enough information
|
|
// to exist as a stand-alone account. This account requires you to first
|
|
// complete phone verification. Follow the steps at To leave an organization
|
|
// when all required account information has not yet been provided (http://docs.aws.amazon.com/organizations/latest/userguide/orgs_manage_accounts_remove.html#leave-without-all-info)
|
|
// in the AWS Organizations User Guide.
|
|
//
|
|
// * MASTER_ACCOUNT_PAYMENT_INSTRUMENT_REQUIRED: To create an organization
|
|
// with this account, you first must associate a payment instrument, such
|
|
// as a credit card, with the account. Follow the steps at To leave an organization
|
|
// when all required account information has not yet been provided (http://docs.aws.amazon.com/organizations/latest/userguide/orgs_manage_accounts_remove.html#leave-without-all-info)
|
|
// in the AWS Organizations User Guide.
|
|
//
|
|
// * MEMBER_ACCOUNT_PAYMENT_INSTRUMENT_REQUIRED: To complete this operation
|
|
// with this member account, you first must associate a payment instrument,
|
|
// such as a credit card, with the account. Follow the steps at To leave
|
|
// an organization when all required account information has not yet been
|
|
// provided (http://docs.aws.amazon.com/organizations/latest/userguide/orgs_manage_accounts_remove.html#leave-without-all-info)
|
|
// in the AWS Organizations User Guide.
|
|
//
|
|
// * ACCOUNT_CREATION_RATE_LIMIT_EXCEEDED: You attempted to exceed the number
|
|
// of accounts that you can create in one day.
|
|
//
|
|
// * MASTER_ACCOUNT_ADDRESS_DOES_NOT_MATCH_MARKETPLACE: To create an account
|
|
// in this organization, you first must migrate the organization's master
|
|
// account to the marketplace that corresponds to the master account's address.
|
|
// For example, accounts with India addresses must be associated with the
|
|
// AISPL marketplace. All accounts in an organization must be associated
|
|
// with the same marketplace.
|
|
//
|
|
// * MASTER_ACCOUNT_MISSING_CONTACT_INFO: To complete this operation, you
|
|
// must first provide contact a valid address and phone number for the master
|
|
// account. Then try the operation again.
|
|
//
|
|
// * ErrCodeInvalidInputException "InvalidInputException"
|
|
// The requested operation failed because you provided invalid values for one
|
|
// or more of the request parameters. This exception includes a reason that
|
|
// contains additional information about the violated limit:
|
|
//
|
|
// Some of the reasons in the following list might not be applicable to this
|
|
// specific API or operation:
|
|
//
|
|
// * IMMUTABLE_POLICY: You specified a policy that is managed by AWS and
|
|
// cannot be modified.
|
|
//
|
|
// * INPUT_REQUIRED: You must include a value for all required parameters.
|
|
//
|
|
// * INVALID_ENUM: You specified a value that is not valid for that parameter.
|
|
//
|
|
// * INVALID_FULL_NAME_TARGET: You specified a full name that contains invalid
|
|
// characters.
|
|
//
|
|
// * INVALID_LIST_MEMBER: You provided a list to a parameter that contains
|
|
// at least one invalid value.
|
|
//
|
|
// * INVALID_PARTY_TYPE_TARGET: You specified the wrong type of entity (account,
|
|
// organization, or email) as a party.
|
|
//
|
|
// * INVALID_PAGINATION_TOKEN: Get the value for the NextToken parameter
|
|
// from the response to a previous call of the operation.
|
|
//
|
|
// * INVALID_PATTERN: You provided a value that doesn't match the required
|
|
// pattern.
|
|
//
|
|
// * INVALID_PATTERN_TARGET_ID: You specified a policy target ID that doesn't
|
|
// match the required pattern.
|
|
//
|
|
// * INVALID_ROLE_NAME: You provided a role name that is not valid. A role
|
|
// name can’t begin with the reserved prefix 'AWSServiceRoleFor'.
|
|
//
|
|
// * INVALID_SYNTAX_ORGANIZATION_ARN: You specified an invalid ARN for the
|
|
// organization.
|
|
//
|
|
// * INVALID_SYNTAX_POLICY_ID: You specified an invalid policy ID.
|
|
//
|
|
// * MAX_FILTER_LIMIT_EXCEEDED: You can specify only one filter parameter
|
|
// for the operation.
|
|
//
|
|
// * MAX_LENGTH_EXCEEDED: You provided a string parameter that is longer
|
|
// than allowed.
|
|
//
|
|
// * MAX_VALUE_EXCEEDED: You provided a numeric parameter that has a larger
|
|
// value than allowed.
|
|
//
|
|
// * MIN_LENGTH_EXCEEDED: You provided a string parameter that is shorter
|
|
// than allowed.
|
|
//
|
|
// * MIN_VALUE_EXCEEDED: You provided a numeric parameter that has a smaller
|
|
// value than allowed.
|
|
//
|
|
// * MOVING_ACCOUNT_BETWEEN_DIFFERENT_ROOTS: You can move an account only
|
|
// between entities in the same root.
|
|
//
|
|
// * ErrCodeFinalizingOrganizationException "FinalizingOrganizationException"
|
|
// AWS Organizations could not finalize the creation of your organization. Try
|
|
// again later. If this persists, contact AWS customer support.
|
|
//
|
|
// * ErrCodeServiceException "ServiceException"
|
|
// AWS Organizations can't complete your request because of an internal service
|
|
// error. Try again later.
|
|
//
|
|
// * ErrCodeTooManyRequestsException "TooManyRequestsException"
|
|
// You've sent too many requests in too short a period of time. The limit helps
|
|
// protect against denial-of-service attacks. Try again later.
|
|
//
|
|
// See also, https://docs.aws.amazon.com/goto/WebAPI/organizations-2016-11-28/CreateAccount
|
|
func (c *Organizations) CreateAccount(input *CreateAccountInput) (*CreateAccountOutput, error) {
|
|
req, out := c.CreateAccountRequest(input)
|
|
return out, req.Send()
|
|
}
|
|
|
|
// CreateAccountWithContext is the same as CreateAccount with the addition of
|
|
// the ability to pass a context and additional request options.
|
|
//
|
|
// See CreateAccount for details on how to use this API operation.
|
|
//
|
|
// The context must be non-nil and will be used for request cancellation. If
|
|
// the context is nil a panic will occur. In the future the SDK may create
|
|
// sub-contexts for http.Requests. See https://golang.org/pkg/context/
|
|
// for more information on using Contexts.
|
|
func (c *Organizations) CreateAccountWithContext(ctx aws.Context, input *CreateAccountInput, opts ...request.Option) (*CreateAccountOutput, error) {
|
|
req, out := c.CreateAccountRequest(input)
|
|
req.SetContext(ctx)
|
|
req.ApplyOptions(opts...)
|
|
return out, req.Send()
|
|
}
|
|
|
|
const opCreateOrganization = "CreateOrganization"
|
|
|
|
// CreateOrganizationRequest generates a "aws/request.Request" representing the
|
|
// client's request for the CreateOrganization operation. The "output" return
|
|
// value will be populated with the request's response once the request completes
|
|
// successfuly.
|
|
//
|
|
// Use "Send" method on the returned Request to send the API call to the service.
|
|
// the "output" return value is not valid until after Send returns without error.
|
|
//
|
|
// See CreateOrganization for more information on using the CreateOrganization
|
|
// API call, and error handling.
|
|
//
|
|
// This method is useful when you want to inject custom logic or configuration
|
|
// into the SDK's request lifecycle. Such as custom headers, or retry logic.
|
|
//
|
|
//
|
|
// // Example sending a request using the CreateOrganizationRequest method.
|
|
// req, resp := client.CreateOrganizationRequest(params)
|
|
//
|
|
// err := req.Send()
|
|
// if err == nil { // resp is now filled
|
|
// fmt.Println(resp)
|
|
// }
|
|
//
|
|
// See also, https://docs.aws.amazon.com/goto/WebAPI/organizations-2016-11-28/CreateOrganization
|
|
func (c *Organizations) CreateOrganizationRequest(input *CreateOrganizationInput) (req *request.Request, output *CreateOrganizationOutput) {
|
|
op := &request.Operation{
|
|
Name: opCreateOrganization,
|
|
HTTPMethod: "POST",
|
|
HTTPPath: "/",
|
|
}
|
|
|
|
if input == nil {
|
|
input = &CreateOrganizationInput{}
|
|
}
|
|
|
|
output = &CreateOrganizationOutput{}
|
|
req = c.newRequest(op, input, output)
|
|
return
|
|
}
|
|
|
|
// CreateOrganization API operation for AWS Organizations.
|
|
//
|
|
// Creates an AWS organization. The account whose user is calling the CreateOrganization
|
|
// operation automatically becomes the master account (http://docs.aws.amazon.com/IAM/latest/UserGuide/orgs_getting-started_concepts.html#account)
|
|
// of the new organization.
|
|
//
|
|
// This operation must be called using credentials from the account that is
|
|
// to become the new organization's master account. The principal must also
|
|
// have the relevant IAM permissions.
|
|
//
|
|
// By default (or if you set the FeatureSet parameter to ALL), the new organization
|
|
// is created with all features enabled and service control policies automatically
|
|
// enabled in the root. If you instead choose to create the organization supporting
|
|
// only the consolidated billing features by setting the FeatureSet parameter
|
|
// to CONSOLIDATED_BILLING", then no policy types are enabled by default and
|
|
// you cannot use organization policies.
|
|
//
|
|
// Returns awserr.Error for service API and SDK errors. Use runtime type assertions
|
|
// with awserr.Error's Code and Message methods to get detailed information about
|
|
// the error.
|
|
//
|
|
// See the AWS API reference guide for AWS Organizations's
|
|
// API operation CreateOrganization for usage and error information.
|
|
//
|
|
// Returned Error Codes:
|
|
// * ErrCodeAccessDeniedException "AccessDeniedException"
|
|
// You don't have permissions to perform the requested operation. The user or
|
|
// role that is making the request must have at least one IAM permissions policy
|
|
// attached that grants the required permissions. For more information, see
|
|
// Access Management (http://docs.aws.amazon.com/IAM/latest/UserGuide/access.html)
|
|
// in the IAM User Guide.
|
|
//
|
|
// * ErrCodeAlreadyInOrganizationException "AlreadyInOrganizationException"
|
|
// This account is already a member of an organization. An account can belong
|
|
// to only one organization at a time.
|
|
//
|
|
// * ErrCodeConcurrentModificationException "ConcurrentModificationException"
|
|
// The target of the operation is currently being modified by a different request.
|
|
// Try again later.
|
|
//
|
|
// * ErrCodeConstraintViolationException "ConstraintViolationException"
|
|
// Performing this operation violates a minimum or maximum value limit. For
|
|
// example, attempting to removing the last SCP from an OU or root, inviting
|
|
// or creating too many accounts to the organization, or attaching too many
|
|
// policies to an account, OU, or root. This exception includes a reason that
|
|
// contains additional information about the violated limit:
|
|
//
|
|
// Some of the reasons in the following list might not be applicable to this
|
|
// specific API or operation:
|
|
//
|
|
// ACCOUNT_NUMBER_LIMIT_EXCEEDED: You attempted to exceed the limit on the number
|
|
// of accounts in an organization. If you need more accounts, contact AWS Support
|
|
// to request an increase in your limit.
|
|
//
|
|
// Or, The number of invitations that you tried to send would cause you to exceed
|
|
// the limit of accounts in your organization. Send fewer invitations, or contact
|
|
// AWS Support to request an increase in the number of accounts.
|
|
//
|
|
// Note: deleted and closed accounts still count toward your limit.
|
|
//
|
|
// If you get an exception that indicates that you exceeded your account limits
|
|
// for the organization or that you can"t add an account because your organization
|
|
// is still initializing, please contact AWS Customer Support (https://console.aws.amazon.com/support/home#/).
|
|
//
|
|
// * HANDSHAKE_RATE_LIMIT_EXCEEDED: You attempted to exceed the number of
|
|
// handshakes you can send in one day.
|
|
//
|
|
// * OU_NUMBER_LIMIT_EXCEEDED: You attempted to exceed the number of organizational
|
|
// units you can have in an organization.
|
|
//
|
|
// * OU_DEPTH_LIMIT_EXCEEDED: You attempted to create an organizational unit
|
|
// tree that is too many levels deep.
|
|
//
|
|
// * POLICY_NUMBER_LIMIT_EXCEEDED. You attempted to exceed the number of
|
|
// policies that you can have in an organization.
|
|
//
|
|
// * MAX_POLICY_TYPE_ATTACHMENT_LIMIT_EXCEEDED: You attempted to exceed the
|
|
// number of policies of a certain type that can be attached to an entity
|
|
// at one time.
|
|
//
|
|
// * MIN_POLICY_TYPE_ATTACHMENT_LIMIT_EXCEEDED: You attempted to detach a
|
|
// policy from an entity that would cause the entity to have fewer than the
|
|
// minimum number of policies of a certain type required.
|
|
//
|
|
// * ACCOUNT_CANNOT_LEAVE_WITHOUT_EULA: You attempted to remove an account
|
|
// from the organization that does not yet have enough information to exist
|
|
// as a stand-alone account. This account requires you to first agree to
|
|
// the AWS Customer Agreement. Follow the steps at To leave an organization
|
|
// when all required account information has not yet been provided (http://docs.aws.amazon.com/organizations/latest/userguide/orgs_manage_accounts_remove.html#leave-without-all-info)
|
|
// in the AWS Organizations User Guide.
|
|
//
|
|
// * ACCOUNT_CANNOT_LEAVE_WITHOUT_PHONE_VERIFICATION: You attempted to remove
|
|
// an account from the organization that does not yet have enough information
|
|
// to exist as a stand-alone account. This account requires you to first
|
|
// complete phone verification. Follow the steps at To leave an organization
|
|
// when all required account information has not yet been provided (http://docs.aws.amazon.com/organizations/latest/userguide/orgs_manage_accounts_remove.html#leave-without-all-info)
|
|
// in the AWS Organizations User Guide.
|
|
//
|
|
// * MASTER_ACCOUNT_PAYMENT_INSTRUMENT_REQUIRED: To create an organization
|
|
// with this account, you first must associate a payment instrument, such
|
|
// as a credit card, with the account. Follow the steps at To leave an organization
|
|
// when all required account information has not yet been provided (http://docs.aws.amazon.com/organizations/latest/userguide/orgs_manage_accounts_remove.html#leave-without-all-info)
|
|
// in the AWS Organizations User Guide.
|
|
//
|
|
// * MEMBER_ACCOUNT_PAYMENT_INSTRUMENT_REQUIRED: To complete this operation
|
|
// with this member account, you first must associate a payment instrument,
|
|
// such as a credit card, with the account. Follow the steps at To leave
|
|
// an organization when all required account information has not yet been
|
|
// provided (http://docs.aws.amazon.com/organizations/latest/userguide/orgs_manage_accounts_remove.html#leave-without-all-info)
|
|
// in the AWS Organizations User Guide.
|
|
//
|
|
// * ACCOUNT_CREATION_RATE_LIMIT_EXCEEDED: You attempted to exceed the number
|
|
// of accounts that you can create in one day.
|
|
//
|
|
// * MASTER_ACCOUNT_ADDRESS_DOES_NOT_MATCH_MARKETPLACE: To create an account
|
|
// in this organization, you first must migrate the organization's master
|
|
// account to the marketplace that corresponds to the master account's address.
|
|
// For example, accounts with India addresses must be associated with the
|
|
// AISPL marketplace. All accounts in an organization must be associated
|
|
// with the same marketplace.
|
|
//
|
|
// * MASTER_ACCOUNT_MISSING_CONTACT_INFO: To complete this operation, you
|
|
// must first provide contact a valid address and phone number for the master
|
|
// account. Then try the operation again.
|
|
//
|
|
// * ErrCodeInvalidInputException "InvalidInputException"
|
|
// The requested operation failed because you provided invalid values for one
|
|
// or more of the request parameters. This exception includes a reason that
|
|
// contains additional information about the violated limit:
|
|
//
|
|
// Some of the reasons in the following list might not be applicable to this
|
|
// specific API or operation:
|
|
//
|
|
// * IMMUTABLE_POLICY: You specified a policy that is managed by AWS and
|
|
// cannot be modified.
|
|
//
|
|
// * INPUT_REQUIRED: You must include a value for all required parameters.
|
|
//
|
|
// * INVALID_ENUM: You specified a value that is not valid for that parameter.
|
|
//
|
|
// * INVALID_FULL_NAME_TARGET: You specified a full name that contains invalid
|
|
// characters.
|
|
//
|
|
// * INVALID_LIST_MEMBER: You provided a list to a parameter that contains
|
|
// at least one invalid value.
|
|
//
|
|
// * INVALID_PARTY_TYPE_TARGET: You specified the wrong type of entity (account,
|
|
// organization, or email) as a party.
|
|
//
|
|
// * INVALID_PAGINATION_TOKEN: Get the value for the NextToken parameter
|
|
// from the response to a previous call of the operation.
|
|
//
|
|
// * INVALID_PATTERN: You provided a value that doesn't match the required
|
|
// pattern.
|
|
//
|
|
// * INVALID_PATTERN_TARGET_ID: You specified a policy target ID that doesn't
|
|
// match the required pattern.
|
|
//
|
|
// * INVALID_ROLE_NAME: You provided a role name that is not valid. A role
|
|
// name can’t begin with the reserved prefix 'AWSServiceRoleFor'.
|
|
//
|
|
// * INVALID_SYNTAX_ORGANIZATION_ARN: You specified an invalid ARN for the
|
|
// organization.
|
|
//
|
|
// * INVALID_SYNTAX_POLICY_ID: You specified an invalid policy ID.
|
|
//
|
|
// * MAX_FILTER_LIMIT_EXCEEDED: You can specify only one filter parameter
|
|
// for the operation.
|
|
//
|
|
// * MAX_LENGTH_EXCEEDED: You provided a string parameter that is longer
|
|
// than allowed.
|
|
//
|
|
// * MAX_VALUE_EXCEEDED: You provided a numeric parameter that has a larger
|
|
// value than allowed.
|
|
//
|
|
// * MIN_LENGTH_EXCEEDED: You provided a string parameter that is shorter
|
|
// than allowed.
|
|
//
|
|
// * MIN_VALUE_EXCEEDED: You provided a numeric parameter that has a smaller
|
|
// value than allowed.
|
|
//
|
|
// * MOVING_ACCOUNT_BETWEEN_DIFFERENT_ROOTS: You can move an account only
|
|
// between entities in the same root.
|
|
//
|
|
// * ErrCodeServiceException "ServiceException"
|
|
// AWS Organizations can't complete your request because of an internal service
|
|
// error. Try again later.
|
|
//
|
|
// * ErrCodeTooManyRequestsException "TooManyRequestsException"
|
|
// You've sent too many requests in too short a period of time. The limit helps
|
|
// protect against denial-of-service attacks. Try again later.
|
|
//
|
|
// * ErrCodeAccessDeniedForDependencyException "AccessDeniedForDependencyException"
|
|
// The operation you attempted requires you to have the iam:CreateServiceLinkedRole
|
|
// so that Organizations can create the required service-linked role. You do
|
|
// not have that permission.
|
|
//
|
|
// See also, https://docs.aws.amazon.com/goto/WebAPI/organizations-2016-11-28/CreateOrganization
|
|
func (c *Organizations) CreateOrganization(input *CreateOrganizationInput) (*CreateOrganizationOutput, error) {
|
|
req, out := c.CreateOrganizationRequest(input)
|
|
return out, req.Send()
|
|
}
|
|
|
|
// CreateOrganizationWithContext is the same as CreateOrganization with the addition of
|
|
// the ability to pass a context and additional request options.
|
|
//
|
|
// See CreateOrganization for details on how to use this API operation.
|
|
//
|
|
// The context must be non-nil and will be used for request cancellation. If
|
|
// the context is nil a panic will occur. In the future the SDK may create
|
|
// sub-contexts for http.Requests. See https://golang.org/pkg/context/
|
|
// for more information on using Contexts.
|
|
func (c *Organizations) CreateOrganizationWithContext(ctx aws.Context, input *CreateOrganizationInput, opts ...request.Option) (*CreateOrganizationOutput, error) {
|
|
req, out := c.CreateOrganizationRequest(input)
|
|
req.SetContext(ctx)
|
|
req.ApplyOptions(opts...)
|
|
return out, req.Send()
|
|
}
|
|
|
|
const opCreateOrganizationalUnit = "CreateOrganizationalUnit"
|
|
|
|
// CreateOrganizationalUnitRequest generates a "aws/request.Request" representing the
|
|
// client's request for the CreateOrganizationalUnit operation. The "output" return
|
|
// value will be populated with the request's response once the request completes
|
|
// successfuly.
|
|
//
|
|
// Use "Send" method on the returned Request to send the API call to the service.
|
|
// the "output" return value is not valid until after Send returns without error.
|
|
//
|
|
// See CreateOrganizationalUnit for more information on using the CreateOrganizationalUnit
|
|
// API call, and error handling.
|
|
//
|
|
// This method is useful when you want to inject custom logic or configuration
|
|
// into the SDK's request lifecycle. Such as custom headers, or retry logic.
|
|
//
|
|
//
|
|
// // Example sending a request using the CreateOrganizationalUnitRequest method.
|
|
// req, resp := client.CreateOrganizationalUnitRequest(params)
|
|
//
|
|
// err := req.Send()
|
|
// if err == nil { // resp is now filled
|
|
// fmt.Println(resp)
|
|
// }
|
|
//
|
|
// See also, https://docs.aws.amazon.com/goto/WebAPI/organizations-2016-11-28/CreateOrganizationalUnit
|
|
func (c *Organizations) CreateOrganizationalUnitRequest(input *CreateOrganizationalUnitInput) (req *request.Request, output *CreateOrganizationalUnitOutput) {
|
|
op := &request.Operation{
|
|
Name: opCreateOrganizationalUnit,
|
|
HTTPMethod: "POST",
|
|
HTTPPath: "/",
|
|
}
|
|
|
|
if input == nil {
|
|
input = &CreateOrganizationalUnitInput{}
|
|
}
|
|
|
|
output = &CreateOrganizationalUnitOutput{}
|
|
req = c.newRequest(op, input, output)
|
|
return
|
|
}
|
|
|
|
// CreateOrganizationalUnit API operation for AWS Organizations.
|
|
//
|
|
// Creates an organizational unit (OU) within a root or parent OU. An OU is
|
|
// a container for accounts that enables you to organize your accounts to apply
|
|
// policies according to your business requirements. The number of levels deep
|
|
// that you can nest OUs is dependent upon the policy types enabled for that
|
|
// root. For service control policies, the limit is five.
|
|
//
|
|
// For more information about OUs, see Managing Organizational Units (http://docs.aws.amazon.com/organizations/latest/userguide/orgs_manage_ous.html)
|
|
// in the AWS Organizations User Guide.
|
|
//
|
|
// This operation can be called only from the organization's master account.
|
|
//
|
|
// Returns awserr.Error for service API and SDK errors. Use runtime type assertions
|
|
// with awserr.Error's Code and Message methods to get detailed information about
|
|
// the error.
|
|
//
|
|
// See the AWS API reference guide for AWS Organizations's
|
|
// API operation CreateOrganizationalUnit for usage and error information.
|
|
//
|
|
// Returned Error Codes:
|
|
// * ErrCodeAccessDeniedException "AccessDeniedException"
|
|
// You don't have permissions to perform the requested operation. The user or
|
|
// role that is making the request must have at least one IAM permissions policy
|
|
// attached that grants the required permissions. For more information, see
|
|
// Access Management (http://docs.aws.amazon.com/IAM/latest/UserGuide/access.html)
|
|
// in the IAM User Guide.
|
|
//
|
|
// * ErrCodeAWSOrganizationsNotInUseException "AWSOrganizationsNotInUseException"
|
|
// Your account is not a member of an organization. To make this request, you
|
|
// must use the credentials of an account that belongs to an organization.
|
|
//
|
|
// * ErrCodeConcurrentModificationException "ConcurrentModificationException"
|
|
// The target of the operation is currently being modified by a different request.
|
|
// Try again later.
|
|
//
|
|
// * ErrCodeConstraintViolationException "ConstraintViolationException"
|
|
// Performing this operation violates a minimum or maximum value limit. For
|
|
// example, attempting to removing the last SCP from an OU or root, inviting
|
|
// or creating too many accounts to the organization, or attaching too many
|
|
// policies to an account, OU, or root. This exception includes a reason that
|
|
// contains additional information about the violated limit:
|
|
//
|
|
// Some of the reasons in the following list might not be applicable to this
|
|
// specific API or operation:
|
|
//
|
|
// ACCOUNT_NUMBER_LIMIT_EXCEEDED: You attempted to exceed the limit on the number
|
|
// of accounts in an organization. If you need more accounts, contact AWS Support
|
|
// to request an increase in your limit.
|
|
//
|
|
// Or, The number of invitations that you tried to send would cause you to exceed
|
|
// the limit of accounts in your organization. Send fewer invitations, or contact
|
|
// AWS Support to request an increase in the number of accounts.
|
|
//
|
|
// Note: deleted and closed accounts still count toward your limit.
|
|
//
|
|
// If you get an exception that indicates that you exceeded your account limits
|
|
// for the organization or that you can"t add an account because your organization
|
|
// is still initializing, please contact AWS Customer Support (https://console.aws.amazon.com/support/home#/).
|
|
//
|
|
// * HANDSHAKE_RATE_LIMIT_EXCEEDED: You attempted to exceed the number of
|
|
// handshakes you can send in one day.
|
|
//
|
|
// * OU_NUMBER_LIMIT_EXCEEDED: You attempted to exceed the number of organizational
|
|
// units you can have in an organization.
|
|
//
|
|
// * OU_DEPTH_LIMIT_EXCEEDED: You attempted to create an organizational unit
|
|
// tree that is too many levels deep.
|
|
//
|
|
// * POLICY_NUMBER_LIMIT_EXCEEDED. You attempted to exceed the number of
|
|
// policies that you can have in an organization.
|
|
//
|
|
// * MAX_POLICY_TYPE_ATTACHMENT_LIMIT_EXCEEDED: You attempted to exceed the
|
|
// number of policies of a certain type that can be attached to an entity
|
|
// at one time.
|
|
//
|
|
// * MIN_POLICY_TYPE_ATTACHMENT_LIMIT_EXCEEDED: You attempted to detach a
|
|
// policy from an entity that would cause the entity to have fewer than the
|
|
// minimum number of policies of a certain type required.
|
|
//
|
|
// * ACCOUNT_CANNOT_LEAVE_WITHOUT_EULA: You attempted to remove an account
|
|
// from the organization that does not yet have enough information to exist
|
|
// as a stand-alone account. This account requires you to first agree to
|
|
// the AWS Customer Agreement. Follow the steps at To leave an organization
|
|
// when all required account information has not yet been provided (http://docs.aws.amazon.com/organizations/latest/userguide/orgs_manage_accounts_remove.html#leave-without-all-info)
|
|
// in the AWS Organizations User Guide.
|
|
//
|
|
// * ACCOUNT_CANNOT_LEAVE_WITHOUT_PHONE_VERIFICATION: You attempted to remove
|
|
// an account from the organization that does not yet have enough information
|
|
// to exist as a stand-alone account. This account requires you to first
|
|
// complete phone verification. Follow the steps at To leave an organization
|
|
// when all required account information has not yet been provided (http://docs.aws.amazon.com/organizations/latest/userguide/orgs_manage_accounts_remove.html#leave-without-all-info)
|
|
// in the AWS Organizations User Guide.
|
|
//
|
|
// * MASTER_ACCOUNT_PAYMENT_INSTRUMENT_REQUIRED: To create an organization
|
|
// with this account, you first must associate a payment instrument, such
|
|
// as a credit card, with the account. Follow the steps at To leave an organization
|
|
// when all required account information has not yet been provided (http://docs.aws.amazon.com/organizations/latest/userguide/orgs_manage_accounts_remove.html#leave-without-all-info)
|
|
// in the AWS Organizations User Guide.
|
|
//
|
|
// * MEMBER_ACCOUNT_PAYMENT_INSTRUMENT_REQUIRED: To complete this operation
|
|
// with this member account, you first must associate a payment instrument,
|
|
// such as a credit card, with the account. Follow the steps at To leave
|
|
// an organization when all required account information has not yet been
|
|
// provided (http://docs.aws.amazon.com/organizations/latest/userguide/orgs_manage_accounts_remove.html#leave-without-all-info)
|
|
// in the AWS Organizations User Guide.
|
|
//
|
|
// * ACCOUNT_CREATION_RATE_LIMIT_EXCEEDED: You attempted to exceed the number
|
|
// of accounts that you can create in one day.
|
|
//
|
|
// * MASTER_ACCOUNT_ADDRESS_DOES_NOT_MATCH_MARKETPLACE: To create an account
|
|
// in this organization, you first must migrate the organization's master
|
|
// account to the marketplace that corresponds to the master account's address.
|
|
// For example, accounts with India addresses must be associated with the
|
|
// AISPL marketplace. All accounts in an organization must be associated
|
|
// with the same marketplace.
|
|
//
|
|
// * MASTER_ACCOUNT_MISSING_CONTACT_INFO: To complete this operation, you
|
|
// must first provide contact a valid address and phone number for the master
|
|
// account. Then try the operation again.
|
|
//
|
|
// * ErrCodeDuplicateOrganizationalUnitException "DuplicateOrganizationalUnitException"
|
|
// An organizational unit (OU) with the same name already exists.
|
|
//
|
|
// * ErrCodeInvalidInputException "InvalidInputException"
|
|
// The requested operation failed because you provided invalid values for one
|
|
// or more of the request parameters. This exception includes a reason that
|
|
// contains additional information about the violated limit:
|
|
//
|
|
// Some of the reasons in the following list might not be applicable to this
|
|
// specific API or operation:
|
|
//
|
|
// * IMMUTABLE_POLICY: You specified a policy that is managed by AWS and
|
|
// cannot be modified.
|
|
//
|
|
// * INPUT_REQUIRED: You must include a value for all required parameters.
|
|
//
|
|
// * INVALID_ENUM: You specified a value that is not valid for that parameter.
|
|
//
|
|
// * INVALID_FULL_NAME_TARGET: You specified a full name that contains invalid
|
|
// characters.
|
|
//
|
|
// * INVALID_LIST_MEMBER: You provided a list to a parameter that contains
|
|
// at least one invalid value.
|
|
//
|
|
// * INVALID_PARTY_TYPE_TARGET: You specified the wrong type of entity (account,
|
|
// organization, or email) as a party.
|
|
//
|
|
// * INVALID_PAGINATION_TOKEN: Get the value for the NextToken parameter
|
|
// from the response to a previous call of the operation.
|
|
//
|
|
// * INVALID_PATTERN: You provided a value that doesn't match the required
|
|
// pattern.
|
|
//
|
|
// * INVALID_PATTERN_TARGET_ID: You specified a policy target ID that doesn't
|
|
// match the required pattern.
|
|
//
|
|
// * INVALID_ROLE_NAME: You provided a role name that is not valid. A role
|
|
// name can’t begin with the reserved prefix 'AWSServiceRoleFor'.
|
|
//
|
|
// * INVALID_SYNTAX_ORGANIZATION_ARN: You specified an invalid ARN for the
|
|
// organization.
|
|
//
|
|
// * INVALID_SYNTAX_POLICY_ID: You specified an invalid policy ID.
|
|
//
|
|
// * MAX_FILTER_LIMIT_EXCEEDED: You can specify only one filter parameter
|
|
// for the operation.
|
|
//
|
|
// * MAX_LENGTH_EXCEEDED: You provided a string parameter that is longer
|
|
// than allowed.
|
|
//
|
|
// * MAX_VALUE_EXCEEDED: You provided a numeric parameter that has a larger
|
|
// value than allowed.
|
|
//
|
|
// * MIN_LENGTH_EXCEEDED: You provided a string parameter that is shorter
|
|
// than allowed.
|
|
//
|
|
// * MIN_VALUE_EXCEEDED: You provided a numeric parameter that has a smaller
|
|
// value than allowed.
|
|
//
|
|
// * MOVING_ACCOUNT_BETWEEN_DIFFERENT_ROOTS: You can move an account only
|
|
// between entities in the same root.
|
|
//
|
|
// * ErrCodeParentNotFoundException "ParentNotFoundException"
|
|
// We can't find a root or organizational unit (OU) with the ParentId that you
|
|
// specified.
|
|
//
|
|
// * ErrCodeServiceException "ServiceException"
|
|
// AWS Organizations can't complete your request because of an internal service
|
|
// error. Try again later.
|
|
//
|
|
// * ErrCodeTooManyRequestsException "TooManyRequestsException"
|
|
// You've sent too many requests in too short a period of time. The limit helps
|
|
// protect against denial-of-service attacks. Try again later.
|
|
//
|
|
// See also, https://docs.aws.amazon.com/goto/WebAPI/organizations-2016-11-28/CreateOrganizationalUnit
|
|
func (c *Organizations) CreateOrganizationalUnit(input *CreateOrganizationalUnitInput) (*CreateOrganizationalUnitOutput, error) {
|
|
req, out := c.CreateOrganizationalUnitRequest(input)
|
|
return out, req.Send()
|
|
}
|
|
|
|
// CreateOrganizationalUnitWithContext is the same as CreateOrganizationalUnit with the addition of
|
|
// the ability to pass a context and additional request options.
|
|
//
|
|
// See CreateOrganizationalUnit for details on how to use this API operation.
|
|
//
|
|
// The context must be non-nil and will be used for request cancellation. If
|
|
// the context is nil a panic will occur. In the future the SDK may create
|
|
// sub-contexts for http.Requests. See https://golang.org/pkg/context/
|
|
// for more information on using Contexts.
|
|
func (c *Organizations) CreateOrganizationalUnitWithContext(ctx aws.Context, input *CreateOrganizationalUnitInput, opts ...request.Option) (*CreateOrganizationalUnitOutput, error) {
|
|
req, out := c.CreateOrganizationalUnitRequest(input)
|
|
req.SetContext(ctx)
|
|
req.ApplyOptions(opts...)
|
|
return out, req.Send()
|
|
}
|
|
|
|
const opCreatePolicy = "CreatePolicy"
|
|
|
|
// CreatePolicyRequest generates a "aws/request.Request" representing the
|
|
// client's request for the CreatePolicy operation. The "output" return
|
|
// value will be populated with the request's response once the request completes
|
|
// successfuly.
|
|
//
|
|
// Use "Send" method on the returned Request to send the API call to the service.
|
|
// the "output" return value is not valid until after Send returns without error.
|
|
//
|
|
// See CreatePolicy for more information on using the CreatePolicy
|
|
// API call, and error handling.
|
|
//
|
|
// This method is useful when you want to inject custom logic or configuration
|
|
// into the SDK's request lifecycle. Such as custom headers, or retry logic.
|
|
//
|
|
//
|
|
// // Example sending a request using the CreatePolicyRequest method.
|
|
// req, resp := client.CreatePolicyRequest(params)
|
|
//
|
|
// err := req.Send()
|
|
// if err == nil { // resp is now filled
|
|
// fmt.Println(resp)
|
|
// }
|
|
//
|
|
// See also, https://docs.aws.amazon.com/goto/WebAPI/organizations-2016-11-28/CreatePolicy
|
|
func (c *Organizations) CreatePolicyRequest(input *CreatePolicyInput) (req *request.Request, output *CreatePolicyOutput) {
|
|
op := &request.Operation{
|
|
Name: opCreatePolicy,
|
|
HTTPMethod: "POST",
|
|
HTTPPath: "/",
|
|
}
|
|
|
|
if input == nil {
|
|
input = &CreatePolicyInput{}
|
|
}
|
|
|
|
output = &CreatePolicyOutput{}
|
|
req = c.newRequest(op, input, output)
|
|
return
|
|
}
|
|
|
|
// CreatePolicy API operation for AWS Organizations.
|
|
//
|
|
// Creates a policy of a specified type that you can attach to a root, an organizational
|
|
// unit (OU), or an individual AWS account.
|
|
//
|
|
// For more information about policies and their use, see Managing Organization
|
|
// Policies (http://docs.aws.amazon.com/organizations/latest/userguide/orgs_manage_policies.html).
|
|
//
|
|
// This operation can be called only from the organization's master account.
|
|
//
|
|
// Returns awserr.Error for service API and SDK errors. Use runtime type assertions
|
|
// with awserr.Error's Code and Message methods to get detailed information about
|
|
// the error.
|
|
//
|
|
// See the AWS API reference guide for AWS Organizations's
|
|
// API operation CreatePolicy for usage and error information.
|
|
//
|
|
// Returned Error Codes:
|
|
// * ErrCodeAccessDeniedException "AccessDeniedException"
|
|
// You don't have permissions to perform the requested operation. The user or
|
|
// role that is making the request must have at least one IAM permissions policy
|
|
// attached that grants the required permissions. For more information, see
|
|
// Access Management (http://docs.aws.amazon.com/IAM/latest/UserGuide/access.html)
|
|
// in the IAM User Guide.
|
|
//
|
|
// * ErrCodeAWSOrganizationsNotInUseException "AWSOrganizationsNotInUseException"
|
|
// Your account is not a member of an organization. To make this request, you
|
|
// must use the credentials of an account that belongs to an organization.
|
|
//
|
|
// * ErrCodeConcurrentModificationException "ConcurrentModificationException"
|
|
// The target of the operation is currently being modified by a different request.
|
|
// Try again later.
|
|
//
|
|
// * ErrCodeConstraintViolationException "ConstraintViolationException"
|
|
// Performing this operation violates a minimum or maximum value limit. For
|
|
// example, attempting to removing the last SCP from an OU or root, inviting
|
|
// or creating too many accounts to the organization, or attaching too many
|
|
// policies to an account, OU, or root. This exception includes a reason that
|
|
// contains additional information about the violated limit:
|
|
//
|
|
// Some of the reasons in the following list might not be applicable to this
|
|
// specific API or operation:
|
|
//
|
|
// ACCOUNT_NUMBER_LIMIT_EXCEEDED: You attempted to exceed the limit on the number
|
|
// of accounts in an organization. If you need more accounts, contact AWS Support
|
|
// to request an increase in your limit.
|
|
//
|
|
// Or, The number of invitations that you tried to send would cause you to exceed
|
|
// the limit of accounts in your organization. Send fewer invitations, or contact
|
|
// AWS Support to request an increase in the number of accounts.
|
|
//
|
|
// Note: deleted and closed accounts still count toward your limit.
|
|
//
|
|
// If you get an exception that indicates that you exceeded your account limits
|
|
// for the organization or that you can"t add an account because your organization
|
|
// is still initializing, please contact AWS Customer Support (https://console.aws.amazon.com/support/home#/).
|
|
//
|
|
// * HANDSHAKE_RATE_LIMIT_EXCEEDED: You attempted to exceed the number of
|
|
// handshakes you can send in one day.
|
|
//
|
|
// * OU_NUMBER_LIMIT_EXCEEDED: You attempted to exceed the number of organizational
|
|
// units you can have in an organization.
|
|
//
|
|
// * OU_DEPTH_LIMIT_EXCEEDED: You attempted to create an organizational unit
|
|
// tree that is too many levels deep.
|
|
//
|
|
// * POLICY_NUMBER_LIMIT_EXCEEDED. You attempted to exceed the number of
|
|
// policies that you can have in an organization.
|
|
//
|
|
// * MAX_POLICY_TYPE_ATTACHMENT_LIMIT_EXCEEDED: You attempted to exceed the
|
|
// number of policies of a certain type that can be attached to an entity
|
|
// at one time.
|
|
//
|
|
// * MIN_POLICY_TYPE_ATTACHMENT_LIMIT_EXCEEDED: You attempted to detach a
|
|
// policy from an entity that would cause the entity to have fewer than the
|
|
// minimum number of policies of a certain type required.
|
|
//
|
|
// * ACCOUNT_CANNOT_LEAVE_WITHOUT_EULA: You attempted to remove an account
|
|
// from the organization that does not yet have enough information to exist
|
|
// as a stand-alone account. This account requires you to first agree to
|
|
// the AWS Customer Agreement. Follow the steps at To leave an organization
|
|
// when all required account information has not yet been provided (http://docs.aws.amazon.com/organizations/latest/userguide/orgs_manage_accounts_remove.html#leave-without-all-info)
|
|
// in the AWS Organizations User Guide.
|
|
//
|
|
// * ACCOUNT_CANNOT_LEAVE_WITHOUT_PHONE_VERIFICATION: You attempted to remove
|
|
// an account from the organization that does not yet have enough information
|
|
// to exist as a stand-alone account. This account requires you to first
|
|
// complete phone verification. Follow the steps at To leave an organization
|
|
// when all required account information has not yet been provided (http://docs.aws.amazon.com/organizations/latest/userguide/orgs_manage_accounts_remove.html#leave-without-all-info)
|
|
// in the AWS Organizations User Guide.
|
|
//
|
|
// * MASTER_ACCOUNT_PAYMENT_INSTRUMENT_REQUIRED: To create an organization
|
|
// with this account, you first must associate a payment instrument, such
|
|
// as a credit card, with the account. Follow the steps at To leave an organization
|
|
// when all required account information has not yet been provided (http://docs.aws.amazon.com/organizations/latest/userguide/orgs_manage_accounts_remove.html#leave-without-all-info)
|
|
// in the AWS Organizations User Guide.
|
|
//
|
|
// * MEMBER_ACCOUNT_PAYMENT_INSTRUMENT_REQUIRED: To complete this operation
|
|
// with this member account, you first must associate a payment instrument,
|
|
// such as a credit card, with the account. Follow the steps at To leave
|
|
// an organization when all required account information has not yet been
|
|
// provided (http://docs.aws.amazon.com/organizations/latest/userguide/orgs_manage_accounts_remove.html#leave-without-all-info)
|
|
// in the AWS Organizations User Guide.
|
|
//
|
|
// * ACCOUNT_CREATION_RATE_LIMIT_EXCEEDED: You attempted to exceed the number
|
|
// of accounts that you can create in one day.
|
|
//
|
|
// * MASTER_ACCOUNT_ADDRESS_DOES_NOT_MATCH_MARKETPLACE: To create an account
|
|
// in this organization, you first must migrate the organization's master
|
|
// account to the marketplace that corresponds to the master account's address.
|
|
// For example, accounts with India addresses must be associated with the
|
|
// AISPL marketplace. All accounts in an organization must be associated
|
|
// with the same marketplace.
|
|
//
|
|
// * MASTER_ACCOUNT_MISSING_CONTACT_INFO: To complete this operation, you
|
|
// must first provide contact a valid address and phone number for the master
|
|
// account. Then try the operation again.
|
|
//
|
|
// * ErrCodeDuplicatePolicyException "DuplicatePolicyException"
|
|
// A policy with the same name already exists.
|
|
//
|
|
// * ErrCodeInvalidInputException "InvalidInputException"
|
|
// The requested operation failed because you provided invalid values for one
|
|
// or more of the request parameters. This exception includes a reason that
|
|
// contains additional information about the violated limit:
|
|
//
|
|
// Some of the reasons in the following list might not be applicable to this
|
|
// specific API or operation:
|
|
//
|
|
// * IMMUTABLE_POLICY: You specified a policy that is managed by AWS and
|
|
// cannot be modified.
|
|
//
|
|
// * INPUT_REQUIRED: You must include a value for all required parameters.
|
|
//
|
|
// * INVALID_ENUM: You specified a value that is not valid for that parameter.
|
|
//
|
|
// * INVALID_FULL_NAME_TARGET: You specified a full name that contains invalid
|
|
// characters.
|
|
//
|
|
// * INVALID_LIST_MEMBER: You provided a list to a parameter that contains
|
|
// at least one invalid value.
|
|
//
|
|
// * INVALID_PARTY_TYPE_TARGET: You specified the wrong type of entity (account,
|
|
// organization, or email) as a party.
|
|
//
|
|
// * INVALID_PAGINATION_TOKEN: Get the value for the NextToken parameter
|
|
// from the response to a previous call of the operation.
|
|
//
|
|
// * INVALID_PATTERN: You provided a value that doesn't match the required
|
|
// pattern.
|
|
//
|
|
// * INVALID_PATTERN_TARGET_ID: You specified a policy target ID that doesn't
|
|
// match the required pattern.
|
|
//
|
|
// * INVALID_ROLE_NAME: You provided a role name that is not valid. A role
|
|
// name can’t begin with the reserved prefix 'AWSServiceRoleFor'.
|
|
//
|
|
// * INVALID_SYNTAX_ORGANIZATION_ARN: You specified an invalid ARN for the
|
|
// organization.
|
|
//
|
|
// * INVALID_SYNTAX_POLICY_ID: You specified an invalid policy ID.
|
|
//
|
|
// * MAX_FILTER_LIMIT_EXCEEDED: You can specify only one filter parameter
|
|
// for the operation.
|
|
//
|
|
// * MAX_LENGTH_EXCEEDED: You provided a string parameter that is longer
|
|
// than allowed.
|
|
//
|
|
// * MAX_VALUE_EXCEEDED: You provided a numeric parameter that has a larger
|
|
// value than allowed.
|
|
//
|
|
// * MIN_LENGTH_EXCEEDED: You provided a string parameter that is shorter
|
|
// than allowed.
|
|
//
|
|
// * MIN_VALUE_EXCEEDED: You provided a numeric parameter that has a smaller
|
|
// value than allowed.
|
|
//
|
|
// * MOVING_ACCOUNT_BETWEEN_DIFFERENT_ROOTS: You can move an account only
|
|
// between entities in the same root.
|
|
//
|
|
// * ErrCodeMalformedPolicyDocumentException "MalformedPolicyDocumentException"
|
|
// The provided policy document does not meet the requirements of the specified
|
|
// policy type. For example, the syntax might be incorrect. For details about
|
|
// service control policy syntax, see Service Control Policy Syntax (http://docs.aws.amazon.com/organizations/latest/userguide/orgs_reference_scp-syntax.html)
|
|
// in the AWS Organizations User Guide.
|
|
//
|
|
// * ErrCodePolicyTypeNotAvailableForOrganizationException "PolicyTypeNotAvailableForOrganizationException"
|
|
// You can't use the specified policy type with the feature set currently enabled
|
|
// for this organization. For example, you can enable service control policies
|
|
// (SCPs) only after you enable all features in the organization. For more information,
|
|
// see Enabling and Disabling a Policy Type on a Root (http://docs.aws.amazon.com/organizations/latest/userguide/orgs_manage_policies.html#enable_policies_on_root)
|
|
// in the AWS Organizations User Guide.
|
|
//
|
|
// * ErrCodeServiceException "ServiceException"
|
|
// AWS Organizations can't complete your request because of an internal service
|
|
// error. Try again later.
|
|
//
|
|
// * ErrCodeTooManyRequestsException "TooManyRequestsException"
|
|
// You've sent too many requests in too short a period of time. The limit helps
|
|
// protect against denial-of-service attacks. Try again later.
|
|
//
|
|
// See also, https://docs.aws.amazon.com/goto/WebAPI/organizations-2016-11-28/CreatePolicy
|
|
func (c *Organizations) CreatePolicy(input *CreatePolicyInput) (*CreatePolicyOutput, error) {
|
|
req, out := c.CreatePolicyRequest(input)
|
|
return out, req.Send()
|
|
}
|
|
|
|
// CreatePolicyWithContext is the same as CreatePolicy with the addition of
|
|
// the ability to pass a context and additional request options.
|
|
//
|
|
// See CreatePolicy for details on how to use this API operation.
|
|
//
|
|
// The context must be non-nil and will be used for request cancellation. If
|
|
// the context is nil a panic will occur. In the future the SDK may create
|
|
// sub-contexts for http.Requests. See https://golang.org/pkg/context/
|
|
// for more information on using Contexts.
|
|
func (c *Organizations) CreatePolicyWithContext(ctx aws.Context, input *CreatePolicyInput, opts ...request.Option) (*CreatePolicyOutput, error) {
|
|
req, out := c.CreatePolicyRequest(input)
|
|
req.SetContext(ctx)
|
|
req.ApplyOptions(opts...)
|
|
return out, req.Send()
|
|
}
|
|
|
|
const opDeclineHandshake = "DeclineHandshake"
|
|
|
|
// DeclineHandshakeRequest generates a "aws/request.Request" representing the
|
|
// client's request for the DeclineHandshake operation. The "output" return
|
|
// value will be populated with the request's response once the request completes
|
|
// successfuly.
|
|
//
|
|
// Use "Send" method on the returned Request to send the API call to the service.
|
|
// the "output" return value is not valid until after Send returns without error.
|
|
//
|
|
// See DeclineHandshake for more information on using the DeclineHandshake
|
|
// API call, and error handling.
|
|
//
|
|
// This method is useful when you want to inject custom logic or configuration
|
|
// into the SDK's request lifecycle. Such as custom headers, or retry logic.
|
|
//
|
|
//
|
|
// // Example sending a request using the DeclineHandshakeRequest method.
|
|
// req, resp := client.DeclineHandshakeRequest(params)
|
|
//
|
|
// err := req.Send()
|
|
// if err == nil { // resp is now filled
|
|
// fmt.Println(resp)
|
|
// }
|
|
//
|
|
// See also, https://docs.aws.amazon.com/goto/WebAPI/organizations-2016-11-28/DeclineHandshake
|
|
func (c *Organizations) DeclineHandshakeRequest(input *DeclineHandshakeInput) (req *request.Request, output *DeclineHandshakeOutput) {
|
|
op := &request.Operation{
|
|
Name: opDeclineHandshake,
|
|
HTTPMethod: "POST",
|
|
HTTPPath: "/",
|
|
}
|
|
|
|
if input == nil {
|
|
input = &DeclineHandshakeInput{}
|
|
}
|
|
|
|
output = &DeclineHandshakeOutput{}
|
|
req = c.newRequest(op, input, output)
|
|
return
|
|
}
|
|
|
|
// DeclineHandshake API operation for AWS Organizations.
|
|
//
|
|
// Declines a handshake request. This sets the handshake state to DECLINED and
|
|
// effectively deactivates the request.
|
|
//
|
|
// This operation can be called only from the account that received the handshake.
|
|
// The originator of the handshake can use CancelHandshake instead. The originator
|
|
// can't reactivate a declined request, but can re-initiate the process with
|
|
// a new handshake request.
|
|
//
|
|
// After you decline a handshake, it continues to appear in the results of relevant
|
|
// APIs for only 30 days. After that it is deleted.
|
|
//
|
|
// Returns awserr.Error for service API and SDK errors. Use runtime type assertions
|
|
// with awserr.Error's Code and Message methods to get detailed information about
|
|
// the error.
|
|
//
|
|
// See the AWS API reference guide for AWS Organizations's
|
|
// API operation DeclineHandshake for usage and error information.
|
|
//
|
|
// Returned Error Codes:
|
|
// * ErrCodeAccessDeniedException "AccessDeniedException"
|
|
// You don't have permissions to perform the requested operation. The user or
|
|
// role that is making the request must have at least one IAM permissions policy
|
|
// attached that grants the required permissions. For more information, see
|
|
// Access Management (http://docs.aws.amazon.com/IAM/latest/UserGuide/access.html)
|
|
// in the IAM User Guide.
|
|
//
|
|
// * ErrCodeConcurrentModificationException "ConcurrentModificationException"
|
|
// The target of the operation is currently being modified by a different request.
|
|
// Try again later.
|
|
//
|
|
// * ErrCodeHandshakeNotFoundException "HandshakeNotFoundException"
|
|
// We can't find a handshake with the HandshakeId that you specified.
|
|
//
|
|
// * ErrCodeInvalidHandshakeTransitionException "InvalidHandshakeTransitionException"
|
|
// You can't perform the operation on the handshake in its current state. For
|
|
// example, you can't cancel a handshake that was already accepted, or accept
|
|
// a handshake that was already declined.
|
|
//
|
|
// * ErrCodeHandshakeAlreadyInStateException "HandshakeAlreadyInStateException"
|
|
// The specified handshake is already in the requested state. For example, you
|
|
// can't accept a handshake that was already accepted.
|
|
//
|
|
// * ErrCodeInvalidInputException "InvalidInputException"
|
|
// The requested operation failed because you provided invalid values for one
|
|
// or more of the request parameters. This exception includes a reason that
|
|
// contains additional information about the violated limit:
|
|
//
|
|
// Some of the reasons in the following list might not be applicable to this
|
|
// specific API or operation:
|
|
//
|
|
// * IMMUTABLE_POLICY: You specified a policy that is managed by AWS and
|
|
// cannot be modified.
|
|
//
|
|
// * INPUT_REQUIRED: You must include a value for all required parameters.
|
|
//
|
|
// * INVALID_ENUM: You specified a value that is not valid for that parameter.
|
|
//
|
|
// * INVALID_FULL_NAME_TARGET: You specified a full name that contains invalid
|
|
// characters.
|
|
//
|
|
// * INVALID_LIST_MEMBER: You provided a list to a parameter that contains
|
|
// at least one invalid value.
|
|
//
|
|
// * INVALID_PARTY_TYPE_TARGET: You specified the wrong type of entity (account,
|
|
// organization, or email) as a party.
|
|
//
|
|
// * INVALID_PAGINATION_TOKEN: Get the value for the NextToken parameter
|
|
// from the response to a previous call of the operation.
|
|
//
|
|
// * INVALID_PATTERN: You provided a value that doesn't match the required
|
|
// pattern.
|
|
//
|
|
// * INVALID_PATTERN_TARGET_ID: You specified a policy target ID that doesn't
|
|
// match the required pattern.
|
|
//
|
|
// * INVALID_ROLE_NAME: You provided a role name that is not valid. A role
|
|
// name can’t begin with the reserved prefix 'AWSServiceRoleFor'.
|
|
//
|
|
// * INVALID_SYNTAX_ORGANIZATION_ARN: You specified an invalid ARN for the
|
|
// organization.
|
|
//
|
|
// * INVALID_SYNTAX_POLICY_ID: You specified an invalid policy ID.
|
|
//
|
|
// * MAX_FILTER_LIMIT_EXCEEDED: You can specify only one filter parameter
|
|
// for the operation.
|
|
//
|
|
// * MAX_LENGTH_EXCEEDED: You provided a string parameter that is longer
|
|
// than allowed.
|
|
//
|
|
// * MAX_VALUE_EXCEEDED: You provided a numeric parameter that has a larger
|
|
// value than allowed.
|
|
//
|
|
// * MIN_LENGTH_EXCEEDED: You provided a string parameter that is shorter
|
|
// than allowed.
|
|
//
|
|
// * MIN_VALUE_EXCEEDED: You provided a numeric parameter that has a smaller
|
|
// value than allowed.
|
|
//
|
|
// * MOVING_ACCOUNT_BETWEEN_DIFFERENT_ROOTS: You can move an account only
|
|
// between entities in the same root.
|
|
//
|
|
// * ErrCodeServiceException "ServiceException"
|
|
// AWS Organizations can't complete your request because of an internal service
|
|
// error. Try again later.
|
|
//
|
|
// * ErrCodeTooManyRequestsException "TooManyRequestsException"
|
|
// You've sent too many requests in too short a period of time. The limit helps
|
|
// protect against denial-of-service attacks. Try again later.
|
|
//
|
|
// See also, https://docs.aws.amazon.com/goto/WebAPI/organizations-2016-11-28/DeclineHandshake
|
|
func (c *Organizations) DeclineHandshake(input *DeclineHandshakeInput) (*DeclineHandshakeOutput, error) {
|
|
req, out := c.DeclineHandshakeRequest(input)
|
|
return out, req.Send()
|
|
}
|
|
|
|
// DeclineHandshakeWithContext is the same as DeclineHandshake with the addition of
|
|
// the ability to pass a context and additional request options.
|
|
//
|
|
// See DeclineHandshake for details on how to use this API operation.
|
|
//
|
|
// The context must be non-nil and will be used for request cancellation. If
|
|
// the context is nil a panic will occur. In the future the SDK may create
|
|
// sub-contexts for http.Requests. See https://golang.org/pkg/context/
|
|
// for more information on using Contexts.
|
|
func (c *Organizations) DeclineHandshakeWithContext(ctx aws.Context, input *DeclineHandshakeInput, opts ...request.Option) (*DeclineHandshakeOutput, error) {
|
|
req, out := c.DeclineHandshakeRequest(input)
|
|
req.SetContext(ctx)
|
|
req.ApplyOptions(opts...)
|
|
return out, req.Send()
|
|
}
|
|
|
|
const opDeleteOrganization = "DeleteOrganization"
|
|
|
|
// DeleteOrganizationRequest generates a "aws/request.Request" representing the
|
|
// client's request for the DeleteOrganization operation. The "output" return
|
|
// value will be populated with the request's response once the request completes
|
|
// successfuly.
|
|
//
|
|
// Use "Send" method on the returned Request to send the API call to the service.
|
|
// the "output" return value is not valid until after Send returns without error.
|
|
//
|
|
// See DeleteOrganization for more information on using the DeleteOrganization
|
|
// API call, and error handling.
|
|
//
|
|
// This method is useful when you want to inject custom logic or configuration
|
|
// into the SDK's request lifecycle. Such as custom headers, or retry logic.
|
|
//
|
|
//
|
|
// // Example sending a request using the DeleteOrganizationRequest method.
|
|
// req, resp := client.DeleteOrganizationRequest(params)
|
|
//
|
|
// err := req.Send()
|
|
// if err == nil { // resp is now filled
|
|
// fmt.Println(resp)
|
|
// }
|
|
//
|
|
// See also, https://docs.aws.amazon.com/goto/WebAPI/organizations-2016-11-28/DeleteOrganization
|
|
func (c *Organizations) DeleteOrganizationRequest(input *DeleteOrganizationInput) (req *request.Request, output *DeleteOrganizationOutput) {
|
|
op := &request.Operation{
|
|
Name: opDeleteOrganization,
|
|
HTTPMethod: "POST",
|
|
HTTPPath: "/",
|
|
}
|
|
|
|
if input == nil {
|
|
input = &DeleteOrganizationInput{}
|
|
}
|
|
|
|
output = &DeleteOrganizationOutput{}
|
|
req = c.newRequest(op, input, output)
|
|
req.Handlers.Unmarshal.Remove(jsonrpc.UnmarshalHandler)
|
|
req.Handlers.Unmarshal.PushBackNamed(protocol.UnmarshalDiscardBodyHandler)
|
|
return
|
|
}
|
|
|
|
// DeleteOrganization API operation for AWS Organizations.
|
|
//
|
|
// Deletes the organization. You can delete an organization only by using credentials
|
|
// from the master account. The organization must be empty of member accounts,
|
|
// OUs, and policies.
|
|
//
|
|
// Returns awserr.Error for service API and SDK errors. Use runtime type assertions
|
|
// with awserr.Error's Code and Message methods to get detailed information about
|
|
// the error.
|
|
//
|
|
// See the AWS API reference guide for AWS Organizations's
|
|
// API operation DeleteOrganization for usage and error information.
|
|
//
|
|
// Returned Error Codes:
|
|
// * ErrCodeAccessDeniedException "AccessDeniedException"
|
|
// You don't have permissions to perform the requested operation. The user or
|
|
// role that is making the request must have at least one IAM permissions policy
|
|
// attached that grants the required permissions. For more information, see
|
|
// Access Management (http://docs.aws.amazon.com/IAM/latest/UserGuide/access.html)
|
|
// in the IAM User Guide.
|
|
//
|
|
// * ErrCodeAWSOrganizationsNotInUseException "AWSOrganizationsNotInUseException"
|
|
// Your account is not a member of an organization. To make this request, you
|
|
// must use the credentials of an account that belongs to an organization.
|
|
//
|
|
// * ErrCodeConcurrentModificationException "ConcurrentModificationException"
|
|
// The target of the operation is currently being modified by a different request.
|
|
// Try again later.
|
|
//
|
|
// * ErrCodeInvalidInputException "InvalidInputException"
|
|
// The requested operation failed because you provided invalid values for one
|
|
// or more of the request parameters. This exception includes a reason that
|
|
// contains additional information about the violated limit:
|
|
//
|
|
// Some of the reasons in the following list might not be applicable to this
|
|
// specific API or operation:
|
|
//
|
|
// * IMMUTABLE_POLICY: You specified a policy that is managed by AWS and
|
|
// cannot be modified.
|
|
//
|
|
// * INPUT_REQUIRED: You must include a value for all required parameters.
|
|
//
|
|
// * INVALID_ENUM: You specified a value that is not valid for that parameter.
|
|
//
|
|
// * INVALID_FULL_NAME_TARGET: You specified a full name that contains invalid
|
|
// characters.
|
|
//
|
|
// * INVALID_LIST_MEMBER: You provided a list to a parameter that contains
|
|
// at least one invalid value.
|
|
//
|
|
// * INVALID_PARTY_TYPE_TARGET: You specified the wrong type of entity (account,
|
|
// organization, or email) as a party.
|
|
//
|
|
// * INVALID_PAGINATION_TOKEN: Get the value for the NextToken parameter
|
|
// from the response to a previous call of the operation.
|
|
//
|
|
// * INVALID_PATTERN: You provided a value that doesn't match the required
|
|
// pattern.
|
|
//
|
|
// * INVALID_PATTERN_TARGET_ID: You specified a policy target ID that doesn't
|
|
// match the required pattern.
|
|
//
|
|
// * INVALID_ROLE_NAME: You provided a role name that is not valid. A role
|
|
// name can’t begin with the reserved prefix 'AWSServiceRoleFor'.
|
|
//
|
|
// * INVALID_SYNTAX_ORGANIZATION_ARN: You specified an invalid ARN for the
|
|
// organization.
|
|
//
|
|
// * INVALID_SYNTAX_POLICY_ID: You specified an invalid policy ID.
|
|
//
|
|
// * MAX_FILTER_LIMIT_EXCEEDED: You can specify only one filter parameter
|
|
// for the operation.
|
|
//
|
|
// * MAX_LENGTH_EXCEEDED: You provided a string parameter that is longer
|
|
// than allowed.
|
|
//
|
|
// * MAX_VALUE_EXCEEDED: You provided a numeric parameter that has a larger
|
|
// value than allowed.
|
|
//
|
|
// * MIN_LENGTH_EXCEEDED: You provided a string parameter that is shorter
|
|
// than allowed.
|
|
//
|
|
// * MIN_VALUE_EXCEEDED: You provided a numeric parameter that has a smaller
|
|
// value than allowed.
|
|
//
|
|
// * MOVING_ACCOUNT_BETWEEN_DIFFERENT_ROOTS: You can move an account only
|
|
// between entities in the same root.
|
|
//
|
|
// * ErrCodeOrganizationNotEmptyException "OrganizationNotEmptyException"
|
|
// The organization isn't empty. To delete an organization, you must first remove
|
|
// all accounts except the master account, delete all organizational units (OUs),
|
|
// and delete all policies.
|
|
//
|
|
// * ErrCodeServiceException "ServiceException"
|
|
// AWS Organizations can't complete your request because of an internal service
|
|
// error. Try again later.
|
|
//
|
|
// * ErrCodeTooManyRequestsException "TooManyRequestsException"
|
|
// You've sent too many requests in too short a period of time. The limit helps
|
|
// protect against denial-of-service attacks. Try again later.
|
|
//
|
|
// See also, https://docs.aws.amazon.com/goto/WebAPI/organizations-2016-11-28/DeleteOrganization
|
|
func (c *Organizations) DeleteOrganization(input *DeleteOrganizationInput) (*DeleteOrganizationOutput, error) {
|
|
req, out := c.DeleteOrganizationRequest(input)
|
|
return out, req.Send()
|
|
}
|
|
|
|
// DeleteOrganizationWithContext is the same as DeleteOrganization with the addition of
|
|
// the ability to pass a context and additional request options.
|
|
//
|
|
// See DeleteOrganization for details on how to use this API operation.
|
|
//
|
|
// The context must be non-nil and will be used for request cancellation. If
|
|
// the context is nil a panic will occur. In the future the SDK may create
|
|
// sub-contexts for http.Requests. See https://golang.org/pkg/context/
|
|
// for more information on using Contexts.
|
|
func (c *Organizations) DeleteOrganizationWithContext(ctx aws.Context, input *DeleteOrganizationInput, opts ...request.Option) (*DeleteOrganizationOutput, error) {
|
|
req, out := c.DeleteOrganizationRequest(input)
|
|
req.SetContext(ctx)
|
|
req.ApplyOptions(opts...)
|
|
return out, req.Send()
|
|
}
|
|
|
|
const opDeleteOrganizationalUnit = "DeleteOrganizationalUnit"
|
|
|
|
// DeleteOrganizationalUnitRequest generates a "aws/request.Request" representing the
|
|
// client's request for the DeleteOrganizationalUnit operation. The "output" return
|
|
// value will be populated with the request's response once the request completes
|
|
// successfuly.
|
|
//
|
|
// Use "Send" method on the returned Request to send the API call to the service.
|
|
// the "output" return value is not valid until after Send returns without error.
|
|
//
|
|
// See DeleteOrganizationalUnit for more information on using the DeleteOrganizationalUnit
|
|
// API call, and error handling.
|
|
//
|
|
// This method is useful when you want to inject custom logic or configuration
|
|
// into the SDK's request lifecycle. Such as custom headers, or retry logic.
|
|
//
|
|
//
|
|
// // Example sending a request using the DeleteOrganizationalUnitRequest method.
|
|
// req, resp := client.DeleteOrganizationalUnitRequest(params)
|
|
//
|
|
// err := req.Send()
|
|
// if err == nil { // resp is now filled
|
|
// fmt.Println(resp)
|
|
// }
|
|
//
|
|
// See also, https://docs.aws.amazon.com/goto/WebAPI/organizations-2016-11-28/DeleteOrganizationalUnit
|
|
func (c *Organizations) DeleteOrganizationalUnitRequest(input *DeleteOrganizationalUnitInput) (req *request.Request, output *DeleteOrganizationalUnitOutput) {
|
|
op := &request.Operation{
|
|
Name: opDeleteOrganizationalUnit,
|
|
HTTPMethod: "POST",
|
|
HTTPPath: "/",
|
|
}
|
|
|
|
if input == nil {
|
|
input = &DeleteOrganizationalUnitInput{}
|
|
}
|
|
|
|
output = &DeleteOrganizationalUnitOutput{}
|
|
req = c.newRequest(op, input, output)
|
|
req.Handlers.Unmarshal.Remove(jsonrpc.UnmarshalHandler)
|
|
req.Handlers.Unmarshal.PushBackNamed(protocol.UnmarshalDiscardBodyHandler)
|
|
return
|
|
}
|
|
|
|
// DeleteOrganizationalUnit API operation for AWS Organizations.
|
|
//
|
|
// Deletes an organizational unit from a root or another OU. You must first
|
|
// remove all accounts and child OUs from the OU that you want to delete.
|
|
//
|
|
// This operation can be called only from the organization's master account.
|
|
//
|
|
// Returns awserr.Error for service API and SDK errors. Use runtime type assertions
|
|
// with awserr.Error's Code and Message methods to get detailed information about
|
|
// the error.
|
|
//
|
|
// See the AWS API reference guide for AWS Organizations's
|
|
// API operation DeleteOrganizationalUnit for usage and error information.
|
|
//
|
|
// Returned Error Codes:
|
|
// * ErrCodeAccessDeniedException "AccessDeniedException"
|
|
// You don't have permissions to perform the requested operation. The user or
|
|
// role that is making the request must have at least one IAM permissions policy
|
|
// attached that grants the required permissions. For more information, see
|
|
// Access Management (http://docs.aws.amazon.com/IAM/latest/UserGuide/access.html)
|
|
// in the IAM User Guide.
|
|
//
|
|
// * ErrCodeAWSOrganizationsNotInUseException "AWSOrganizationsNotInUseException"
|
|
// Your account is not a member of an organization. To make this request, you
|
|
// must use the credentials of an account that belongs to an organization.
|
|
//
|
|
// * ErrCodeConcurrentModificationException "ConcurrentModificationException"
|
|
// The target of the operation is currently being modified by a different request.
|
|
// Try again later.
|
|
//
|
|
// * ErrCodeInvalidInputException "InvalidInputException"
|
|
// The requested operation failed because you provided invalid values for one
|
|
// or more of the request parameters. This exception includes a reason that
|
|
// contains additional information about the violated limit:
|
|
//
|
|
// Some of the reasons in the following list might not be applicable to this
|
|
// specific API or operation:
|
|
//
|
|
// * IMMUTABLE_POLICY: You specified a policy that is managed by AWS and
|
|
// cannot be modified.
|
|
//
|
|
// * INPUT_REQUIRED: You must include a value for all required parameters.
|
|
//
|
|
// * INVALID_ENUM: You specified a value that is not valid for that parameter.
|
|
//
|
|
// * INVALID_FULL_NAME_TARGET: You specified a full name that contains invalid
|
|
// characters.
|
|
//
|
|
// * INVALID_LIST_MEMBER: You provided a list to a parameter that contains
|
|
// at least one invalid value.
|
|
//
|
|
// * INVALID_PARTY_TYPE_TARGET: You specified the wrong type of entity (account,
|
|
// organization, or email) as a party.
|
|
//
|
|
// * INVALID_PAGINATION_TOKEN: Get the value for the NextToken parameter
|
|
// from the response to a previous call of the operation.
|
|
//
|
|
// * INVALID_PATTERN: You provided a value that doesn't match the required
|
|
// pattern.
|
|
//
|
|
// * INVALID_PATTERN_TARGET_ID: You specified a policy target ID that doesn't
|
|
// match the required pattern.
|
|
//
|
|
// * INVALID_ROLE_NAME: You provided a role name that is not valid. A role
|
|
// name can’t begin with the reserved prefix 'AWSServiceRoleFor'.
|
|
//
|
|
// * INVALID_SYNTAX_ORGANIZATION_ARN: You specified an invalid ARN for the
|
|
// organization.
|
|
//
|
|
// * INVALID_SYNTAX_POLICY_ID: You specified an invalid policy ID.
|
|
//
|
|
// * MAX_FILTER_LIMIT_EXCEEDED: You can specify only one filter parameter
|
|
// for the operation.
|
|
//
|
|
// * MAX_LENGTH_EXCEEDED: You provided a string parameter that is longer
|
|
// than allowed.
|
|
//
|
|
// * MAX_VALUE_EXCEEDED: You provided a numeric parameter that has a larger
|
|
// value than allowed.
|
|
//
|
|
// * MIN_LENGTH_EXCEEDED: You provided a string parameter that is shorter
|
|
// than allowed.
|
|
//
|
|
// * MIN_VALUE_EXCEEDED: You provided a numeric parameter that has a smaller
|
|
// value than allowed.
|
|
//
|
|
// * MOVING_ACCOUNT_BETWEEN_DIFFERENT_ROOTS: You can move an account only
|
|
// between entities in the same root.
|
|
//
|
|
// * ErrCodeOrganizationalUnitNotEmptyException "OrganizationalUnitNotEmptyException"
|
|
// The specified organizational unit (OU) is not empty. Move all accounts to
|
|
// another root or to other OUs, remove all child OUs, and then try the operation
|
|
// again.
|
|
//
|
|
// * ErrCodeOrganizationalUnitNotFoundException "OrganizationalUnitNotFoundException"
|
|
// We can't find an organizational unit (OU) with the OrganizationalUnitId that
|
|
// you specified.
|
|
//
|
|
// * ErrCodeServiceException "ServiceException"
|
|
// AWS Organizations can't complete your request because of an internal service
|
|
// error. Try again later.
|
|
//
|
|
// * ErrCodeTooManyRequestsException "TooManyRequestsException"
|
|
// You've sent too many requests in too short a period of time. The limit helps
|
|
// protect against denial-of-service attacks. Try again later.
|
|
//
|
|
// See also, https://docs.aws.amazon.com/goto/WebAPI/organizations-2016-11-28/DeleteOrganizationalUnit
|
|
func (c *Organizations) DeleteOrganizationalUnit(input *DeleteOrganizationalUnitInput) (*DeleteOrganizationalUnitOutput, error) {
|
|
req, out := c.DeleteOrganizationalUnitRequest(input)
|
|
return out, req.Send()
|
|
}
|
|
|
|
// DeleteOrganizationalUnitWithContext is the same as DeleteOrganizationalUnit with the addition of
|
|
// the ability to pass a context and additional request options.
|
|
//
|
|
// See DeleteOrganizationalUnit for details on how to use this API operation.
|
|
//
|
|
// The context must be non-nil and will be used for request cancellation. If
|
|
// the context is nil a panic will occur. In the future the SDK may create
|
|
// sub-contexts for http.Requests. See https://golang.org/pkg/context/
|
|
// for more information on using Contexts.
|
|
func (c *Organizations) DeleteOrganizationalUnitWithContext(ctx aws.Context, input *DeleteOrganizationalUnitInput, opts ...request.Option) (*DeleteOrganizationalUnitOutput, error) {
|
|
req, out := c.DeleteOrganizationalUnitRequest(input)
|
|
req.SetContext(ctx)
|
|
req.ApplyOptions(opts...)
|
|
return out, req.Send()
|
|
}
|
|
|
|
const opDeletePolicy = "DeletePolicy"
|
|
|
|
// DeletePolicyRequest generates a "aws/request.Request" representing the
|
|
// client's request for the DeletePolicy operation. The "output" return
|
|
// value will be populated with the request's response once the request completes
|
|
// successfuly.
|
|
//
|
|
// Use "Send" method on the returned Request to send the API call to the service.
|
|
// the "output" return value is not valid until after Send returns without error.
|
|
//
|
|
// See DeletePolicy for more information on using the DeletePolicy
|
|
// API call, and error handling.
|
|
//
|
|
// This method is useful when you want to inject custom logic or configuration
|
|
// into the SDK's request lifecycle. Such as custom headers, or retry logic.
|
|
//
|
|
//
|
|
// // Example sending a request using the DeletePolicyRequest method.
|
|
// req, resp := client.DeletePolicyRequest(params)
|
|
//
|
|
// err := req.Send()
|
|
// if err == nil { // resp is now filled
|
|
// fmt.Println(resp)
|
|
// }
|
|
//
|
|
// See also, https://docs.aws.amazon.com/goto/WebAPI/organizations-2016-11-28/DeletePolicy
|
|
func (c *Organizations) DeletePolicyRequest(input *DeletePolicyInput) (req *request.Request, output *DeletePolicyOutput) {
|
|
op := &request.Operation{
|
|
Name: opDeletePolicy,
|
|
HTTPMethod: "POST",
|
|
HTTPPath: "/",
|
|
}
|
|
|
|
if input == nil {
|
|
input = &DeletePolicyInput{}
|
|
}
|
|
|
|
output = &DeletePolicyOutput{}
|
|
req = c.newRequest(op, input, output)
|
|
req.Handlers.Unmarshal.Remove(jsonrpc.UnmarshalHandler)
|
|
req.Handlers.Unmarshal.PushBackNamed(protocol.UnmarshalDiscardBodyHandler)
|
|
return
|
|
}
|
|
|
|
// DeletePolicy API operation for AWS Organizations.
|
|
//
|
|
// Deletes the specified policy from your organization. Before you perform this
|
|
// operation, you must first detach the policy from all OUs, roots, and accounts.
|
|
//
|
|
// This operation can be called only from the organization's master account.
|
|
//
|
|
// Returns awserr.Error for service API and SDK errors. Use runtime type assertions
|
|
// with awserr.Error's Code and Message methods to get detailed information about
|
|
// the error.
|
|
//
|
|
// See the AWS API reference guide for AWS Organizations's
|
|
// API operation DeletePolicy for usage and error information.
|
|
//
|
|
// Returned Error Codes:
|
|
// * ErrCodeAccessDeniedException "AccessDeniedException"
|
|
// You don't have permissions to perform the requested operation. The user or
|
|
// role that is making the request must have at least one IAM permissions policy
|
|
// attached that grants the required permissions. For more information, see
|
|
// Access Management (http://docs.aws.amazon.com/IAM/latest/UserGuide/access.html)
|
|
// in the IAM User Guide.
|
|
//
|
|
// * ErrCodeAWSOrganizationsNotInUseException "AWSOrganizationsNotInUseException"
|
|
// Your account is not a member of an organization. To make this request, you
|
|
// must use the credentials of an account that belongs to an organization.
|
|
//
|
|
// * ErrCodeConcurrentModificationException "ConcurrentModificationException"
|
|
// The target of the operation is currently being modified by a different request.
|
|
// Try again later.
|
|
//
|
|
// * ErrCodeInvalidInputException "InvalidInputException"
|
|
// The requested operation failed because you provided invalid values for one
|
|
// or more of the request parameters. This exception includes a reason that
|
|
// contains additional information about the violated limit:
|
|
//
|
|
// Some of the reasons in the following list might not be applicable to this
|
|
// specific API or operation:
|
|
//
|
|
// * IMMUTABLE_POLICY: You specified a policy that is managed by AWS and
|
|
// cannot be modified.
|
|
//
|
|
// * INPUT_REQUIRED: You must include a value for all required parameters.
|
|
//
|
|
// * INVALID_ENUM: You specified a value that is not valid for that parameter.
|
|
//
|
|
// * INVALID_FULL_NAME_TARGET: You specified a full name that contains invalid
|
|
// characters.
|
|
//
|
|
// * INVALID_LIST_MEMBER: You provided a list to a parameter that contains
|
|
// at least one invalid value.
|
|
//
|
|
// * INVALID_PARTY_TYPE_TARGET: You specified the wrong type of entity (account,
|
|
// organization, or email) as a party.
|
|
//
|
|
// * INVALID_PAGINATION_TOKEN: Get the value for the NextToken parameter
|
|
// from the response to a previous call of the operation.
|
|
//
|
|
// * INVALID_PATTERN: You provided a value that doesn't match the required
|
|
// pattern.
|
|
//
|
|
// * INVALID_PATTERN_TARGET_ID: You specified a policy target ID that doesn't
|
|
// match the required pattern.
|
|
//
|
|
// * INVALID_ROLE_NAME: You provided a role name that is not valid. A role
|
|
// name can’t begin with the reserved prefix 'AWSServiceRoleFor'.
|
|
//
|
|
// * INVALID_SYNTAX_ORGANIZATION_ARN: You specified an invalid ARN for the
|
|
// organization.
|
|
//
|
|
// * INVALID_SYNTAX_POLICY_ID: You specified an invalid policy ID.
|
|
//
|
|
// * MAX_FILTER_LIMIT_EXCEEDED: You can specify only one filter parameter
|
|
// for the operation.
|
|
//
|
|
// * MAX_LENGTH_EXCEEDED: You provided a string parameter that is longer
|
|
// than allowed.
|
|
//
|
|
// * MAX_VALUE_EXCEEDED: You provided a numeric parameter that has a larger
|
|
// value than allowed.
|
|
//
|
|
// * MIN_LENGTH_EXCEEDED: You provided a string parameter that is shorter
|
|
// than allowed.
|
|
//
|
|
// * MIN_VALUE_EXCEEDED: You provided a numeric parameter that has a smaller
|
|
// value than allowed.
|
|
//
|
|
// * MOVING_ACCOUNT_BETWEEN_DIFFERENT_ROOTS: You can move an account only
|
|
// between entities in the same root.
|
|
//
|
|
// * ErrCodePolicyInUseException "PolicyInUseException"
|
|
// The policy is attached to one or more entities. You must detach it from all
|
|
// roots, organizational units (OUs), and accounts before performing this operation.
|
|
//
|
|
// * ErrCodePolicyNotFoundException "PolicyNotFoundException"
|
|
// We can't find a policy with the PolicyId that you specified.
|
|
//
|
|
// * ErrCodeServiceException "ServiceException"
|
|
// AWS Organizations can't complete your request because of an internal service
|
|
// error. Try again later.
|
|
//
|
|
// * ErrCodeTooManyRequestsException "TooManyRequestsException"
|
|
// You've sent too many requests in too short a period of time. The limit helps
|
|
// protect against denial-of-service attacks. Try again later.
|
|
//
|
|
// See also, https://docs.aws.amazon.com/goto/WebAPI/organizations-2016-11-28/DeletePolicy
|
|
func (c *Organizations) DeletePolicy(input *DeletePolicyInput) (*DeletePolicyOutput, error) {
|
|
req, out := c.DeletePolicyRequest(input)
|
|
return out, req.Send()
|
|
}
|
|
|
|
// DeletePolicyWithContext is the same as DeletePolicy with the addition of
|
|
// the ability to pass a context and additional request options.
|
|
//
|
|
// See DeletePolicy for details on how to use this API operation.
|
|
//
|
|
// The context must be non-nil and will be used for request cancellation. If
|
|
// the context is nil a panic will occur. In the future the SDK may create
|
|
// sub-contexts for http.Requests. See https://golang.org/pkg/context/
|
|
// for more information on using Contexts.
|
|
func (c *Organizations) DeletePolicyWithContext(ctx aws.Context, input *DeletePolicyInput, opts ...request.Option) (*DeletePolicyOutput, error) {
|
|
req, out := c.DeletePolicyRequest(input)
|
|
req.SetContext(ctx)
|
|
req.ApplyOptions(opts...)
|
|
return out, req.Send()
|
|
}
|
|
|
|
const opDescribeAccount = "DescribeAccount"
|
|
|
|
// DescribeAccountRequest generates a "aws/request.Request" representing the
|
|
// client's request for the DescribeAccount operation. The "output" return
|
|
// value will be populated with the request's response once the request completes
|
|
// successfuly.
|
|
//
|
|
// Use "Send" method on the returned Request to send the API call to the service.
|
|
// the "output" return value is not valid until after Send returns without error.
|
|
//
|
|
// See DescribeAccount for more information on using the DescribeAccount
|
|
// API call, and error handling.
|
|
//
|
|
// This method is useful when you want to inject custom logic or configuration
|
|
// into the SDK's request lifecycle. Such as custom headers, or retry logic.
|
|
//
|
|
//
|
|
// // Example sending a request using the DescribeAccountRequest method.
|
|
// req, resp := client.DescribeAccountRequest(params)
|
|
//
|
|
// err := req.Send()
|
|
// if err == nil { // resp is now filled
|
|
// fmt.Println(resp)
|
|
// }
|
|
//
|
|
// See also, https://docs.aws.amazon.com/goto/WebAPI/organizations-2016-11-28/DescribeAccount
|
|
func (c *Organizations) DescribeAccountRequest(input *DescribeAccountInput) (req *request.Request, output *DescribeAccountOutput) {
|
|
op := &request.Operation{
|
|
Name: opDescribeAccount,
|
|
HTTPMethod: "POST",
|
|
HTTPPath: "/",
|
|
}
|
|
|
|
if input == nil {
|
|
input = &DescribeAccountInput{}
|
|
}
|
|
|
|
output = &DescribeAccountOutput{}
|
|
req = c.newRequest(op, input, output)
|
|
return
|
|
}
|
|
|
|
// DescribeAccount API operation for AWS Organizations.
|
|
//
|
|
// Retrieves Organizations-related information about the specified account.
|
|
//
|
|
// This operation can be called only from the organization's master account.
|
|
//
|
|
// Returns awserr.Error for service API and SDK errors. Use runtime type assertions
|
|
// with awserr.Error's Code and Message methods to get detailed information about
|
|
// the error.
|
|
//
|
|
// See the AWS API reference guide for AWS Organizations's
|
|
// API operation DescribeAccount for usage and error information.
|
|
//
|
|
// Returned Error Codes:
|
|
// * ErrCodeAccessDeniedException "AccessDeniedException"
|
|
// You don't have permissions to perform the requested operation. The user or
|
|
// role that is making the request must have at least one IAM permissions policy
|
|
// attached that grants the required permissions. For more information, see
|
|
// Access Management (http://docs.aws.amazon.com/IAM/latest/UserGuide/access.html)
|
|
// in the IAM User Guide.
|
|
//
|
|
// * ErrCodeAccountNotFoundException "AccountNotFoundException"
|
|
// We can't find an AWS account with the AccountId that you specified, or the
|
|
// account whose credentials you used to make this request is not a member of
|
|
// an organization.
|
|
//
|
|
// * ErrCodeAWSOrganizationsNotInUseException "AWSOrganizationsNotInUseException"
|
|
// Your account is not a member of an organization. To make this request, you
|
|
// must use the credentials of an account that belongs to an organization.
|
|
//
|
|
// * ErrCodeInvalidInputException "InvalidInputException"
|
|
// The requested operation failed because you provided invalid values for one
|
|
// or more of the request parameters. This exception includes a reason that
|
|
// contains additional information about the violated limit:
|
|
//
|
|
// Some of the reasons in the following list might not be applicable to this
|
|
// specific API or operation:
|
|
//
|
|
// * IMMUTABLE_POLICY: You specified a policy that is managed by AWS and
|
|
// cannot be modified.
|
|
//
|
|
// * INPUT_REQUIRED: You must include a value for all required parameters.
|
|
//
|
|
// * INVALID_ENUM: You specified a value that is not valid for that parameter.
|
|
//
|
|
// * INVALID_FULL_NAME_TARGET: You specified a full name that contains invalid
|
|
// characters.
|
|
//
|
|
// * INVALID_LIST_MEMBER: You provided a list to a parameter that contains
|
|
// at least one invalid value.
|
|
//
|
|
// * INVALID_PARTY_TYPE_TARGET: You specified the wrong type of entity (account,
|
|
// organization, or email) as a party.
|
|
//
|
|
// * INVALID_PAGINATION_TOKEN: Get the value for the NextToken parameter
|
|
// from the response to a previous call of the operation.
|
|
//
|
|
// * INVALID_PATTERN: You provided a value that doesn't match the required
|
|
// pattern.
|
|
//
|
|
// * INVALID_PATTERN_TARGET_ID: You specified a policy target ID that doesn't
|
|
// match the required pattern.
|
|
//
|
|
// * INVALID_ROLE_NAME: You provided a role name that is not valid. A role
|
|
// name can’t begin with the reserved prefix 'AWSServiceRoleFor'.
|
|
//
|
|
// * INVALID_SYNTAX_ORGANIZATION_ARN: You specified an invalid ARN for the
|
|
// organization.
|
|
//
|
|
// * INVALID_SYNTAX_POLICY_ID: You specified an invalid policy ID.
|
|
//
|
|
// * MAX_FILTER_LIMIT_EXCEEDED: You can specify only one filter parameter
|
|
// for the operation.
|
|
//
|
|
// * MAX_LENGTH_EXCEEDED: You provided a string parameter that is longer
|
|
// than allowed.
|
|
//
|
|
// * MAX_VALUE_EXCEEDED: You provided a numeric parameter that has a larger
|
|
// value than allowed.
|
|
//
|
|
// * MIN_LENGTH_EXCEEDED: You provided a string parameter that is shorter
|
|
// than allowed.
|
|
//
|
|
// * MIN_VALUE_EXCEEDED: You provided a numeric parameter that has a smaller
|
|
// value than allowed.
|
|
//
|
|
// * MOVING_ACCOUNT_BETWEEN_DIFFERENT_ROOTS: You can move an account only
|
|
// between entities in the same root.
|
|
//
|
|
// * ErrCodeServiceException "ServiceException"
|
|
// AWS Organizations can't complete your request because of an internal service
|
|
// error. Try again later.
|
|
//
|
|
// * ErrCodeTooManyRequestsException "TooManyRequestsException"
|
|
// You've sent too many requests in too short a period of time. The limit helps
|
|
// protect against denial-of-service attacks. Try again later.
|
|
//
|
|
// See also, https://docs.aws.amazon.com/goto/WebAPI/organizations-2016-11-28/DescribeAccount
|
|
func (c *Organizations) DescribeAccount(input *DescribeAccountInput) (*DescribeAccountOutput, error) {
|
|
req, out := c.DescribeAccountRequest(input)
|
|
return out, req.Send()
|
|
}
|
|
|
|
// DescribeAccountWithContext is the same as DescribeAccount with the addition of
|
|
// the ability to pass a context and additional request options.
|
|
//
|
|
// See DescribeAccount for details on how to use this API operation.
|
|
//
|
|
// The context must be non-nil and will be used for request cancellation. If
|
|
// the context is nil a panic will occur. In the future the SDK may create
|
|
// sub-contexts for http.Requests. See https://golang.org/pkg/context/
|
|
// for more information on using Contexts.
|
|
func (c *Organizations) DescribeAccountWithContext(ctx aws.Context, input *DescribeAccountInput, opts ...request.Option) (*DescribeAccountOutput, error) {
|
|
req, out := c.DescribeAccountRequest(input)
|
|
req.SetContext(ctx)
|
|
req.ApplyOptions(opts...)
|
|
return out, req.Send()
|
|
}
|
|
|
|
const opDescribeCreateAccountStatus = "DescribeCreateAccountStatus"
|
|
|
|
// DescribeCreateAccountStatusRequest generates a "aws/request.Request" representing the
|
|
// client's request for the DescribeCreateAccountStatus operation. The "output" return
|
|
// value will be populated with the request's response once the request completes
|
|
// successfuly.
|
|
//
|
|
// Use "Send" method on the returned Request to send the API call to the service.
|
|
// the "output" return value is not valid until after Send returns without error.
|
|
//
|
|
// See DescribeCreateAccountStatus for more information on using the DescribeCreateAccountStatus
|
|
// API call, and error handling.
|
|
//
|
|
// This method is useful when you want to inject custom logic or configuration
|
|
// into the SDK's request lifecycle. Such as custom headers, or retry logic.
|
|
//
|
|
//
|
|
// // Example sending a request using the DescribeCreateAccountStatusRequest method.
|
|
// req, resp := client.DescribeCreateAccountStatusRequest(params)
|
|
//
|
|
// err := req.Send()
|
|
// if err == nil { // resp is now filled
|
|
// fmt.Println(resp)
|
|
// }
|
|
//
|
|
// See also, https://docs.aws.amazon.com/goto/WebAPI/organizations-2016-11-28/DescribeCreateAccountStatus
|
|
func (c *Organizations) DescribeCreateAccountStatusRequest(input *DescribeCreateAccountStatusInput) (req *request.Request, output *DescribeCreateAccountStatusOutput) {
|
|
op := &request.Operation{
|
|
Name: opDescribeCreateAccountStatus,
|
|
HTTPMethod: "POST",
|
|
HTTPPath: "/",
|
|
}
|
|
|
|
if input == nil {
|
|
input = &DescribeCreateAccountStatusInput{}
|
|
}
|
|
|
|
output = &DescribeCreateAccountStatusOutput{}
|
|
req = c.newRequest(op, input, output)
|
|
return
|
|
}
|
|
|
|
// DescribeCreateAccountStatus API operation for AWS Organizations.
|
|
//
|
|
// Retrieves the current status of an asynchronous request to create an account.
|
|
//
|
|
// This operation can be called only from the organization's master account.
|
|
//
|
|
// Returns awserr.Error for service API and SDK errors. Use runtime type assertions
|
|
// with awserr.Error's Code and Message methods to get detailed information about
|
|
// the error.
|
|
//
|
|
// See the AWS API reference guide for AWS Organizations's
|
|
// API operation DescribeCreateAccountStatus for usage and error information.
|
|
//
|
|
// Returned Error Codes:
|
|
// * ErrCodeAccessDeniedException "AccessDeniedException"
|
|
// You don't have permissions to perform the requested operation. The user or
|
|
// role that is making the request must have at least one IAM permissions policy
|
|
// attached that grants the required permissions. For more information, see
|
|
// Access Management (http://docs.aws.amazon.com/IAM/latest/UserGuide/access.html)
|
|
// in the IAM User Guide.
|
|
//
|
|
// * ErrCodeAWSOrganizationsNotInUseException "AWSOrganizationsNotInUseException"
|
|
// Your account is not a member of an organization. To make this request, you
|
|
// must use the credentials of an account that belongs to an organization.
|
|
//
|
|
// * ErrCodeCreateAccountStatusNotFoundException "CreateAccountStatusNotFoundException"
|
|
// We can't find an create account request with the CreateAccountRequestId that
|
|
// you specified.
|
|
//
|
|
// * ErrCodeInvalidInputException "InvalidInputException"
|
|
// The requested operation failed because you provided invalid values for one
|
|
// or more of the request parameters. This exception includes a reason that
|
|
// contains additional information about the violated limit:
|
|
//
|
|
// Some of the reasons in the following list might not be applicable to this
|
|
// specific API or operation:
|
|
//
|
|
// * IMMUTABLE_POLICY: You specified a policy that is managed by AWS and
|
|
// cannot be modified.
|
|
//
|
|
// * INPUT_REQUIRED: You must include a value for all required parameters.
|
|
//
|
|
// * INVALID_ENUM: You specified a value that is not valid for that parameter.
|
|
//
|
|
// * INVALID_FULL_NAME_TARGET: You specified a full name that contains invalid
|
|
// characters.
|
|
//
|
|
// * INVALID_LIST_MEMBER: You provided a list to a parameter that contains
|
|
// at least one invalid value.
|
|
//
|
|
// * INVALID_PARTY_TYPE_TARGET: You specified the wrong type of entity (account,
|
|
// organization, or email) as a party.
|
|
//
|
|
// * INVALID_PAGINATION_TOKEN: Get the value for the NextToken parameter
|
|
// from the response to a previous call of the operation.
|
|
//
|
|
// * INVALID_PATTERN: You provided a value that doesn't match the required
|
|
// pattern.
|
|
//
|
|
// * INVALID_PATTERN_TARGET_ID: You specified a policy target ID that doesn't
|
|
// match the required pattern.
|
|
//
|
|
// * INVALID_ROLE_NAME: You provided a role name that is not valid. A role
|
|
// name can’t begin with the reserved prefix 'AWSServiceRoleFor'.
|
|
//
|
|
// * INVALID_SYNTAX_ORGANIZATION_ARN: You specified an invalid ARN for the
|
|
// organization.
|
|
//
|
|
// * INVALID_SYNTAX_POLICY_ID: You specified an invalid policy ID.
|
|
//
|
|
// * MAX_FILTER_LIMIT_EXCEEDED: You can specify only one filter parameter
|
|
// for the operation.
|
|
//
|
|
// * MAX_LENGTH_EXCEEDED: You provided a string parameter that is longer
|
|
// than allowed.
|
|
//
|
|
// * MAX_VALUE_EXCEEDED: You provided a numeric parameter that has a larger
|
|
// value than allowed.
|
|
//
|
|
// * MIN_LENGTH_EXCEEDED: You provided a string parameter that is shorter
|
|
// than allowed.
|
|
//
|
|
// * MIN_VALUE_EXCEEDED: You provided a numeric parameter that has a smaller
|
|
// value than allowed.
|
|
//
|
|
// * MOVING_ACCOUNT_BETWEEN_DIFFERENT_ROOTS: You can move an account only
|
|
// between entities in the same root.
|
|
//
|
|
// * ErrCodeServiceException "ServiceException"
|
|
// AWS Organizations can't complete your request because of an internal service
|
|
// error. Try again later.
|
|
//
|
|
// * ErrCodeTooManyRequestsException "TooManyRequestsException"
|
|
// You've sent too many requests in too short a period of time. The limit helps
|
|
// protect against denial-of-service attacks. Try again later.
|
|
//
|
|
// See also, https://docs.aws.amazon.com/goto/WebAPI/organizations-2016-11-28/DescribeCreateAccountStatus
|
|
func (c *Organizations) DescribeCreateAccountStatus(input *DescribeCreateAccountStatusInput) (*DescribeCreateAccountStatusOutput, error) {
|
|
req, out := c.DescribeCreateAccountStatusRequest(input)
|
|
return out, req.Send()
|
|
}
|
|
|
|
// DescribeCreateAccountStatusWithContext is the same as DescribeCreateAccountStatus with the addition of
|
|
// the ability to pass a context and additional request options.
|
|
//
|
|
// See DescribeCreateAccountStatus for details on how to use this API operation.
|
|
//
|
|
// The context must be non-nil and will be used for request cancellation. If
|
|
// the context is nil a panic will occur. In the future the SDK may create
|
|
// sub-contexts for http.Requests. See https://golang.org/pkg/context/
|
|
// for more information on using Contexts.
|
|
func (c *Organizations) DescribeCreateAccountStatusWithContext(ctx aws.Context, input *DescribeCreateAccountStatusInput, opts ...request.Option) (*DescribeCreateAccountStatusOutput, error) {
|
|
req, out := c.DescribeCreateAccountStatusRequest(input)
|
|
req.SetContext(ctx)
|
|
req.ApplyOptions(opts...)
|
|
return out, req.Send()
|
|
}
|
|
|
|
const opDescribeHandshake = "DescribeHandshake"
|
|
|
|
// DescribeHandshakeRequest generates a "aws/request.Request" representing the
|
|
// client's request for the DescribeHandshake operation. The "output" return
|
|
// value will be populated with the request's response once the request completes
|
|
// successfuly.
|
|
//
|
|
// Use "Send" method on the returned Request to send the API call to the service.
|
|
// the "output" return value is not valid until after Send returns without error.
|
|
//
|
|
// See DescribeHandshake for more information on using the DescribeHandshake
|
|
// API call, and error handling.
|
|
//
|
|
// This method is useful when you want to inject custom logic or configuration
|
|
// into the SDK's request lifecycle. Such as custom headers, or retry logic.
|
|
//
|
|
//
|
|
// // Example sending a request using the DescribeHandshakeRequest method.
|
|
// req, resp := client.DescribeHandshakeRequest(params)
|
|
//
|
|
// err := req.Send()
|
|
// if err == nil { // resp is now filled
|
|
// fmt.Println(resp)
|
|
// }
|
|
//
|
|
// See also, https://docs.aws.amazon.com/goto/WebAPI/organizations-2016-11-28/DescribeHandshake
|
|
func (c *Organizations) DescribeHandshakeRequest(input *DescribeHandshakeInput) (req *request.Request, output *DescribeHandshakeOutput) {
|
|
op := &request.Operation{
|
|
Name: opDescribeHandshake,
|
|
HTTPMethod: "POST",
|
|
HTTPPath: "/",
|
|
}
|
|
|
|
if input == nil {
|
|
input = &DescribeHandshakeInput{}
|
|
}
|
|
|
|
output = &DescribeHandshakeOutput{}
|
|
req = c.newRequest(op, input, output)
|
|
return
|
|
}
|
|
|
|
// DescribeHandshake API operation for AWS Organizations.
|
|
//
|
|
// Retrieves information about a previously requested handshake. The handshake
|
|
// ID comes from the response to the original InviteAccountToOrganization operation
|
|
// that generated the handshake.
|
|
//
|
|
// You can access handshakes that are ACCEPTED, DECLINED, or CANCELED for only
|
|
// 30 days after they change to that state. They are then deleted and no longer
|
|
// accessible.
|
|
//
|
|
// This operation can be called from any account in the organization.
|
|
//
|
|
// Returns awserr.Error for service API and SDK errors. Use runtime type assertions
|
|
// with awserr.Error's Code and Message methods to get detailed information about
|
|
// the error.
|
|
//
|
|
// See the AWS API reference guide for AWS Organizations's
|
|
// API operation DescribeHandshake for usage and error information.
|
|
//
|
|
// Returned Error Codes:
|
|
// * ErrCodeAccessDeniedException "AccessDeniedException"
|
|
// You don't have permissions to perform the requested operation. The user or
|
|
// role that is making the request must have at least one IAM permissions policy
|
|
// attached that grants the required permissions. For more information, see
|
|
// Access Management (http://docs.aws.amazon.com/IAM/latest/UserGuide/access.html)
|
|
// in the IAM User Guide.
|
|
//
|
|
// * ErrCodeConcurrentModificationException "ConcurrentModificationException"
|
|
// The target of the operation is currently being modified by a different request.
|
|
// Try again later.
|
|
//
|
|
// * ErrCodeHandshakeNotFoundException "HandshakeNotFoundException"
|
|
// We can't find a handshake with the HandshakeId that you specified.
|
|
//
|
|
// * ErrCodeInvalidInputException "InvalidInputException"
|
|
// The requested operation failed because you provided invalid values for one
|
|
// or more of the request parameters. This exception includes a reason that
|
|
// contains additional information about the violated limit:
|
|
//
|
|
// Some of the reasons in the following list might not be applicable to this
|
|
// specific API or operation:
|
|
//
|
|
// * IMMUTABLE_POLICY: You specified a policy that is managed by AWS and
|
|
// cannot be modified.
|
|
//
|
|
// * INPUT_REQUIRED: You must include a value for all required parameters.
|
|
//
|
|
// * INVALID_ENUM: You specified a value that is not valid for that parameter.
|
|
//
|
|
// * INVALID_FULL_NAME_TARGET: You specified a full name that contains invalid
|
|
// characters.
|
|
//
|
|
// * INVALID_LIST_MEMBER: You provided a list to a parameter that contains
|
|
// at least one invalid value.
|
|
//
|
|
// * INVALID_PARTY_TYPE_TARGET: You specified the wrong type of entity (account,
|
|
// organization, or email) as a party.
|
|
//
|
|
// * INVALID_PAGINATION_TOKEN: Get the value for the NextToken parameter
|
|
// from the response to a previous call of the operation.
|
|
//
|
|
// * INVALID_PATTERN: You provided a value that doesn't match the required
|
|
// pattern.
|
|
//
|
|
// * INVALID_PATTERN_TARGET_ID: You specified a policy target ID that doesn't
|
|
// match the required pattern.
|
|
//
|
|
// * INVALID_ROLE_NAME: You provided a role name that is not valid. A role
|
|
// name can’t begin with the reserved prefix 'AWSServiceRoleFor'.
|
|
//
|
|
// * INVALID_SYNTAX_ORGANIZATION_ARN: You specified an invalid ARN for the
|
|
// organization.
|
|
//
|
|
// * INVALID_SYNTAX_POLICY_ID: You specified an invalid policy ID.
|
|
//
|
|
// * MAX_FILTER_LIMIT_EXCEEDED: You can specify only one filter parameter
|
|
// for the operation.
|
|
//
|
|
// * MAX_LENGTH_EXCEEDED: You provided a string parameter that is longer
|
|
// than allowed.
|
|
//
|
|
// * MAX_VALUE_EXCEEDED: You provided a numeric parameter that has a larger
|
|
// value than allowed.
|
|
//
|
|
// * MIN_LENGTH_EXCEEDED: You provided a string parameter that is shorter
|
|
// than allowed.
|
|
//
|
|
// * MIN_VALUE_EXCEEDED: You provided a numeric parameter that has a smaller
|
|
// value than allowed.
|
|
//
|
|
// * MOVING_ACCOUNT_BETWEEN_DIFFERENT_ROOTS: You can move an account only
|
|
// between entities in the same root.
|
|
//
|
|
// * ErrCodeServiceException "ServiceException"
|
|
// AWS Organizations can't complete your request because of an internal service
|
|
// error. Try again later.
|
|
//
|
|
// * ErrCodeTooManyRequestsException "TooManyRequestsException"
|
|
// You've sent too many requests in too short a period of time. The limit helps
|
|
// protect against denial-of-service attacks. Try again later.
|
|
//
|
|
// See also, https://docs.aws.amazon.com/goto/WebAPI/organizations-2016-11-28/DescribeHandshake
|
|
func (c *Organizations) DescribeHandshake(input *DescribeHandshakeInput) (*DescribeHandshakeOutput, error) {
|
|
req, out := c.DescribeHandshakeRequest(input)
|
|
return out, req.Send()
|
|
}
|
|
|
|
// DescribeHandshakeWithContext is the same as DescribeHandshake with the addition of
|
|
// the ability to pass a context and additional request options.
|
|
//
|
|
// See DescribeHandshake for details on how to use this API operation.
|
|
//
|
|
// The context must be non-nil and will be used for request cancellation. If
|
|
// the context is nil a panic will occur. In the future the SDK may create
|
|
// sub-contexts for http.Requests. See https://golang.org/pkg/context/
|
|
// for more information on using Contexts.
|
|
func (c *Organizations) DescribeHandshakeWithContext(ctx aws.Context, input *DescribeHandshakeInput, opts ...request.Option) (*DescribeHandshakeOutput, error) {
|
|
req, out := c.DescribeHandshakeRequest(input)
|
|
req.SetContext(ctx)
|
|
req.ApplyOptions(opts...)
|
|
return out, req.Send()
|
|
}
|
|
|
|
const opDescribeOrganization = "DescribeOrganization"
|
|
|
|
// DescribeOrganizationRequest generates a "aws/request.Request" representing the
|
|
// client's request for the DescribeOrganization operation. The "output" return
|
|
// value will be populated with the request's response once the request completes
|
|
// successfuly.
|
|
//
|
|
// Use "Send" method on the returned Request to send the API call to the service.
|
|
// the "output" return value is not valid until after Send returns without error.
|
|
//
|
|
// See DescribeOrganization for more information on using the DescribeOrganization
|
|
// API call, and error handling.
|
|
//
|
|
// This method is useful when you want to inject custom logic or configuration
|
|
// into the SDK's request lifecycle. Such as custom headers, or retry logic.
|
|
//
|
|
//
|
|
// // Example sending a request using the DescribeOrganizationRequest method.
|
|
// req, resp := client.DescribeOrganizationRequest(params)
|
|
//
|
|
// err := req.Send()
|
|
// if err == nil { // resp is now filled
|
|
// fmt.Println(resp)
|
|
// }
|
|
//
|
|
// See also, https://docs.aws.amazon.com/goto/WebAPI/organizations-2016-11-28/DescribeOrganization
|
|
func (c *Organizations) DescribeOrganizationRequest(input *DescribeOrganizationInput) (req *request.Request, output *DescribeOrganizationOutput) {
|
|
op := &request.Operation{
|
|
Name: opDescribeOrganization,
|
|
HTTPMethod: "POST",
|
|
HTTPPath: "/",
|
|
}
|
|
|
|
if input == nil {
|
|
input = &DescribeOrganizationInput{}
|
|
}
|
|
|
|
output = &DescribeOrganizationOutput{}
|
|
req = c.newRequest(op, input, output)
|
|
return
|
|
}
|
|
|
|
// DescribeOrganization API operation for AWS Organizations.
|
|
//
|
|
// Retrieves information about the organization that the user's account belongs
|
|
// to.
|
|
//
|
|
// This operation can be called from any account in the organization.
|
|
//
|
|
// Even if a policy type is shown as available in the organization, it can be
|
|
// disabled separately at the root level with DisablePolicyType. Use ListRoots
|
|
// to see the status of policy types for a specified root.
|
|
//
|
|
// Returns awserr.Error for service API and SDK errors. Use runtime type assertions
|
|
// with awserr.Error's Code and Message methods to get detailed information about
|
|
// the error.
|
|
//
|
|
// See the AWS API reference guide for AWS Organizations's
|
|
// API operation DescribeOrganization for usage and error information.
|
|
//
|
|
// Returned Error Codes:
|
|
// * ErrCodeAccessDeniedException "AccessDeniedException"
|
|
// You don't have permissions to perform the requested operation. The user or
|
|
// role that is making the request must have at least one IAM permissions policy
|
|
// attached that grants the required permissions. For more information, see
|
|
// Access Management (http://docs.aws.amazon.com/IAM/latest/UserGuide/access.html)
|
|
// in the IAM User Guide.
|
|
//
|
|
// * ErrCodeAWSOrganizationsNotInUseException "AWSOrganizationsNotInUseException"
|
|
// Your account is not a member of an organization. To make this request, you
|
|
// must use the credentials of an account that belongs to an organization.
|
|
//
|
|
// * ErrCodeConcurrentModificationException "ConcurrentModificationException"
|
|
// The target of the operation is currently being modified by a different request.
|
|
// Try again later.
|
|
//
|
|
// * ErrCodeServiceException "ServiceException"
|
|
// AWS Organizations can't complete your request because of an internal service
|
|
// error. Try again later.
|
|
//
|
|
// * ErrCodeTooManyRequestsException "TooManyRequestsException"
|
|
// You've sent too many requests in too short a period of time. The limit helps
|
|
// protect against denial-of-service attacks. Try again later.
|
|
//
|
|
// See also, https://docs.aws.amazon.com/goto/WebAPI/organizations-2016-11-28/DescribeOrganization
|
|
func (c *Organizations) DescribeOrganization(input *DescribeOrganizationInput) (*DescribeOrganizationOutput, error) {
|
|
req, out := c.DescribeOrganizationRequest(input)
|
|
return out, req.Send()
|
|
}
|
|
|
|
// DescribeOrganizationWithContext is the same as DescribeOrganization with the addition of
|
|
// the ability to pass a context and additional request options.
|
|
//
|
|
// See DescribeOrganization for details on how to use this API operation.
|
|
//
|
|
// The context must be non-nil and will be used for request cancellation. If
|
|
// the context is nil a panic will occur. In the future the SDK may create
|
|
// sub-contexts for http.Requests. See https://golang.org/pkg/context/
|
|
// for more information on using Contexts.
|
|
func (c *Organizations) DescribeOrganizationWithContext(ctx aws.Context, input *DescribeOrganizationInput, opts ...request.Option) (*DescribeOrganizationOutput, error) {
|
|
req, out := c.DescribeOrganizationRequest(input)
|
|
req.SetContext(ctx)
|
|
req.ApplyOptions(opts...)
|
|
return out, req.Send()
|
|
}
|
|
|
|
const opDescribeOrganizationalUnit = "DescribeOrganizationalUnit"
|
|
|
|
// DescribeOrganizationalUnitRequest generates a "aws/request.Request" representing the
|
|
// client's request for the DescribeOrganizationalUnit operation. The "output" return
|
|
// value will be populated with the request's response once the request completes
|
|
// successfuly.
|
|
//
|
|
// Use "Send" method on the returned Request to send the API call to the service.
|
|
// the "output" return value is not valid until after Send returns without error.
|
|
//
|
|
// See DescribeOrganizationalUnit for more information on using the DescribeOrganizationalUnit
|
|
// API call, and error handling.
|
|
//
|
|
// This method is useful when you want to inject custom logic or configuration
|
|
// into the SDK's request lifecycle. Such as custom headers, or retry logic.
|
|
//
|
|
//
|
|
// // Example sending a request using the DescribeOrganizationalUnitRequest method.
|
|
// req, resp := client.DescribeOrganizationalUnitRequest(params)
|
|
//
|
|
// err := req.Send()
|
|
// if err == nil { // resp is now filled
|
|
// fmt.Println(resp)
|
|
// }
|
|
//
|
|
// See also, https://docs.aws.amazon.com/goto/WebAPI/organizations-2016-11-28/DescribeOrganizationalUnit
|
|
func (c *Organizations) DescribeOrganizationalUnitRequest(input *DescribeOrganizationalUnitInput) (req *request.Request, output *DescribeOrganizationalUnitOutput) {
|
|
op := &request.Operation{
|
|
Name: opDescribeOrganizationalUnit,
|
|
HTTPMethod: "POST",
|
|
HTTPPath: "/",
|
|
}
|
|
|
|
if input == nil {
|
|
input = &DescribeOrganizationalUnitInput{}
|
|
}
|
|
|
|
output = &DescribeOrganizationalUnitOutput{}
|
|
req = c.newRequest(op, input, output)
|
|
return
|
|
}
|
|
|
|
// DescribeOrganizationalUnit API operation for AWS Organizations.
|
|
//
|
|
// Retrieves information about an organizational unit (OU).
|
|
//
|
|
// This operation can be called only from the organization's master account.
|
|
//
|
|
// Returns awserr.Error for service API and SDK errors. Use runtime type assertions
|
|
// with awserr.Error's Code and Message methods to get detailed information about
|
|
// the error.
|
|
//
|
|
// See the AWS API reference guide for AWS Organizations's
|
|
// API operation DescribeOrganizationalUnit for usage and error information.
|
|
//
|
|
// Returned Error Codes:
|
|
// * ErrCodeAccessDeniedException "AccessDeniedException"
|
|
// You don't have permissions to perform the requested operation. The user or
|
|
// role that is making the request must have at least one IAM permissions policy
|
|
// attached that grants the required permissions. For more information, see
|
|
// Access Management (http://docs.aws.amazon.com/IAM/latest/UserGuide/access.html)
|
|
// in the IAM User Guide.
|
|
//
|
|
// * ErrCodeAWSOrganizationsNotInUseException "AWSOrganizationsNotInUseException"
|
|
// Your account is not a member of an organization. To make this request, you
|
|
// must use the credentials of an account that belongs to an organization.
|
|
//
|
|
// * ErrCodeInvalidInputException "InvalidInputException"
|
|
// The requested operation failed because you provided invalid values for one
|
|
// or more of the request parameters. This exception includes a reason that
|
|
// contains additional information about the violated limit:
|
|
//
|
|
// Some of the reasons in the following list might not be applicable to this
|
|
// specific API or operation:
|
|
//
|
|
// * IMMUTABLE_POLICY: You specified a policy that is managed by AWS and
|
|
// cannot be modified.
|
|
//
|
|
// * INPUT_REQUIRED: You must include a value for all required parameters.
|
|
//
|
|
// * INVALID_ENUM: You specified a value that is not valid for that parameter.
|
|
//
|
|
// * INVALID_FULL_NAME_TARGET: You specified a full name that contains invalid
|
|
// characters.
|
|
//
|
|
// * INVALID_LIST_MEMBER: You provided a list to a parameter that contains
|
|
// at least one invalid value.
|
|
//
|
|
// * INVALID_PARTY_TYPE_TARGET: You specified the wrong type of entity (account,
|
|
// organization, or email) as a party.
|
|
//
|
|
// * INVALID_PAGINATION_TOKEN: Get the value for the NextToken parameter
|
|
// from the response to a previous call of the operation.
|
|
//
|
|
// * INVALID_PATTERN: You provided a value that doesn't match the required
|
|
// pattern.
|
|
//
|
|
// * INVALID_PATTERN_TARGET_ID: You specified a policy target ID that doesn't
|
|
// match the required pattern.
|
|
//
|
|
// * INVALID_ROLE_NAME: You provided a role name that is not valid. A role
|
|
// name can’t begin with the reserved prefix 'AWSServiceRoleFor'.
|
|
//
|
|
// * INVALID_SYNTAX_ORGANIZATION_ARN: You specified an invalid ARN for the
|
|
// organization.
|
|
//
|
|
// * INVALID_SYNTAX_POLICY_ID: You specified an invalid policy ID.
|
|
//
|
|
// * MAX_FILTER_LIMIT_EXCEEDED: You can specify only one filter parameter
|
|
// for the operation.
|
|
//
|
|
// * MAX_LENGTH_EXCEEDED: You provided a string parameter that is longer
|
|
// than allowed.
|
|
//
|
|
// * MAX_VALUE_EXCEEDED: You provided a numeric parameter that has a larger
|
|
// value than allowed.
|
|
//
|
|
// * MIN_LENGTH_EXCEEDED: You provided a string parameter that is shorter
|
|
// than allowed.
|
|
//
|
|
// * MIN_VALUE_EXCEEDED: You provided a numeric parameter that has a smaller
|
|
// value than allowed.
|
|
//
|
|
// * MOVING_ACCOUNT_BETWEEN_DIFFERENT_ROOTS: You can move an account only
|
|
// between entities in the same root.
|
|
//
|
|
// * ErrCodeOrganizationalUnitNotFoundException "OrganizationalUnitNotFoundException"
|
|
// We can't find an organizational unit (OU) with the OrganizationalUnitId that
|
|
// you specified.
|
|
//
|
|
// * ErrCodeServiceException "ServiceException"
|
|
// AWS Organizations can't complete your request because of an internal service
|
|
// error. Try again later.
|
|
//
|
|
// * ErrCodeTooManyRequestsException "TooManyRequestsException"
|
|
// You've sent too many requests in too short a period of time. The limit helps
|
|
// protect against denial-of-service attacks. Try again later.
|
|
//
|
|
// See also, https://docs.aws.amazon.com/goto/WebAPI/organizations-2016-11-28/DescribeOrganizationalUnit
|
|
func (c *Organizations) DescribeOrganizationalUnit(input *DescribeOrganizationalUnitInput) (*DescribeOrganizationalUnitOutput, error) {
|
|
req, out := c.DescribeOrganizationalUnitRequest(input)
|
|
return out, req.Send()
|
|
}
|
|
|
|
// DescribeOrganizationalUnitWithContext is the same as DescribeOrganizationalUnit with the addition of
|
|
// the ability to pass a context and additional request options.
|
|
//
|
|
// See DescribeOrganizationalUnit for details on how to use this API operation.
|
|
//
|
|
// The context must be non-nil and will be used for request cancellation. If
|
|
// the context is nil a panic will occur. In the future the SDK may create
|
|
// sub-contexts for http.Requests. See https://golang.org/pkg/context/
|
|
// for more information on using Contexts.
|
|
func (c *Organizations) DescribeOrganizationalUnitWithContext(ctx aws.Context, input *DescribeOrganizationalUnitInput, opts ...request.Option) (*DescribeOrganizationalUnitOutput, error) {
|
|
req, out := c.DescribeOrganizationalUnitRequest(input)
|
|
req.SetContext(ctx)
|
|
req.ApplyOptions(opts...)
|
|
return out, req.Send()
|
|
}
|
|
|
|
const opDescribePolicy = "DescribePolicy"
|
|
|
|
// DescribePolicyRequest generates a "aws/request.Request" representing the
|
|
// client's request for the DescribePolicy operation. The "output" return
|
|
// value will be populated with the request's response once the request completes
|
|
// successfuly.
|
|
//
|
|
// Use "Send" method on the returned Request to send the API call to the service.
|
|
// the "output" return value is not valid until after Send returns without error.
|
|
//
|
|
// See DescribePolicy for more information on using the DescribePolicy
|
|
// API call, and error handling.
|
|
//
|
|
// This method is useful when you want to inject custom logic or configuration
|
|
// into the SDK's request lifecycle. Such as custom headers, or retry logic.
|
|
//
|
|
//
|
|
// // Example sending a request using the DescribePolicyRequest method.
|
|
// req, resp := client.DescribePolicyRequest(params)
|
|
//
|
|
// err := req.Send()
|
|
// if err == nil { // resp is now filled
|
|
// fmt.Println(resp)
|
|
// }
|
|
//
|
|
// See also, https://docs.aws.amazon.com/goto/WebAPI/organizations-2016-11-28/DescribePolicy
|
|
func (c *Organizations) DescribePolicyRequest(input *DescribePolicyInput) (req *request.Request, output *DescribePolicyOutput) {
|
|
op := &request.Operation{
|
|
Name: opDescribePolicy,
|
|
HTTPMethod: "POST",
|
|
HTTPPath: "/",
|
|
}
|
|
|
|
if input == nil {
|
|
input = &DescribePolicyInput{}
|
|
}
|
|
|
|
output = &DescribePolicyOutput{}
|
|
req = c.newRequest(op, input, output)
|
|
return
|
|
}
|
|
|
|
// DescribePolicy API operation for AWS Organizations.
|
|
//
|
|
// Retrieves information about a policy.
|
|
//
|
|
// This operation can be called only from the organization's master account.
|
|
//
|
|
// Returns awserr.Error for service API and SDK errors. Use runtime type assertions
|
|
// with awserr.Error's Code and Message methods to get detailed information about
|
|
// the error.
|
|
//
|
|
// See the AWS API reference guide for AWS Organizations's
|
|
// API operation DescribePolicy for usage and error information.
|
|
//
|
|
// Returned Error Codes:
|
|
// * ErrCodeAccessDeniedException "AccessDeniedException"
|
|
// You don't have permissions to perform the requested operation. The user or
|
|
// role that is making the request must have at least one IAM permissions policy
|
|
// attached that grants the required permissions. For more information, see
|
|
// Access Management (http://docs.aws.amazon.com/IAM/latest/UserGuide/access.html)
|
|
// in the IAM User Guide.
|
|
//
|
|
// * ErrCodeAWSOrganizationsNotInUseException "AWSOrganizationsNotInUseException"
|
|
// Your account is not a member of an organization. To make this request, you
|
|
// must use the credentials of an account that belongs to an organization.
|
|
//
|
|
// * ErrCodeInvalidInputException "InvalidInputException"
|
|
// The requested operation failed because you provided invalid values for one
|
|
// or more of the request parameters. This exception includes a reason that
|
|
// contains additional information about the violated limit:
|
|
//
|
|
// Some of the reasons in the following list might not be applicable to this
|
|
// specific API or operation:
|
|
//
|
|
// * IMMUTABLE_POLICY: You specified a policy that is managed by AWS and
|
|
// cannot be modified.
|
|
//
|
|
// * INPUT_REQUIRED: You must include a value for all required parameters.
|
|
//
|
|
// * INVALID_ENUM: You specified a value that is not valid for that parameter.
|
|
//
|
|
// * INVALID_FULL_NAME_TARGET: You specified a full name that contains invalid
|
|
// characters.
|
|
//
|
|
// * INVALID_LIST_MEMBER: You provided a list to a parameter that contains
|
|
// at least one invalid value.
|
|
//
|
|
// * INVALID_PARTY_TYPE_TARGET: You specified the wrong type of entity (account,
|
|
// organization, or email) as a party.
|
|
//
|
|
// * INVALID_PAGINATION_TOKEN: Get the value for the NextToken parameter
|
|
// from the response to a previous call of the operation.
|
|
//
|
|
// * INVALID_PATTERN: You provided a value that doesn't match the required
|
|
// pattern.
|
|
//
|
|
// * INVALID_PATTERN_TARGET_ID: You specified a policy target ID that doesn't
|
|
// match the required pattern.
|
|
//
|
|
// * INVALID_ROLE_NAME: You provided a role name that is not valid. A role
|
|
// name can’t begin with the reserved prefix 'AWSServiceRoleFor'.
|
|
//
|
|
// * INVALID_SYNTAX_ORGANIZATION_ARN: You specified an invalid ARN for the
|
|
// organization.
|
|
//
|
|
// * INVALID_SYNTAX_POLICY_ID: You specified an invalid policy ID.
|
|
//
|
|
// * MAX_FILTER_LIMIT_EXCEEDED: You can specify only one filter parameter
|
|
// for the operation.
|
|
//
|
|
// * MAX_LENGTH_EXCEEDED: You provided a string parameter that is longer
|
|
// than allowed.
|
|
//
|
|
// * MAX_VALUE_EXCEEDED: You provided a numeric parameter that has a larger
|
|
// value than allowed.
|
|
//
|
|
// * MIN_LENGTH_EXCEEDED: You provided a string parameter that is shorter
|
|
// than allowed.
|
|
//
|
|
// * MIN_VALUE_EXCEEDED: You provided a numeric parameter that has a smaller
|
|
// value than allowed.
|
|
//
|
|
// * MOVING_ACCOUNT_BETWEEN_DIFFERENT_ROOTS: You can move an account only
|
|
// between entities in the same root.
|
|
//
|
|
// * ErrCodePolicyNotFoundException "PolicyNotFoundException"
|
|
// We can't find a policy with the PolicyId that you specified.
|
|
//
|
|
// * ErrCodeServiceException "ServiceException"
|
|
// AWS Organizations can't complete your request because of an internal service
|
|
// error. Try again later.
|
|
//
|
|
// * ErrCodeTooManyRequestsException "TooManyRequestsException"
|
|
// You've sent too many requests in too short a period of time. The limit helps
|
|
// protect against denial-of-service attacks. Try again later.
|
|
//
|
|
// See also, https://docs.aws.amazon.com/goto/WebAPI/organizations-2016-11-28/DescribePolicy
|
|
func (c *Organizations) DescribePolicy(input *DescribePolicyInput) (*DescribePolicyOutput, error) {
|
|
req, out := c.DescribePolicyRequest(input)
|
|
return out, req.Send()
|
|
}
|
|
|
|
// DescribePolicyWithContext is the same as DescribePolicy with the addition of
|
|
// the ability to pass a context and additional request options.
|
|
//
|
|
// See DescribePolicy for details on how to use this API operation.
|
|
//
|
|
// The context must be non-nil and will be used for request cancellation. If
|
|
// the context is nil a panic will occur. In the future the SDK may create
|
|
// sub-contexts for http.Requests. See https://golang.org/pkg/context/
|
|
// for more information on using Contexts.
|
|
func (c *Organizations) DescribePolicyWithContext(ctx aws.Context, input *DescribePolicyInput, opts ...request.Option) (*DescribePolicyOutput, error) {
|
|
req, out := c.DescribePolicyRequest(input)
|
|
req.SetContext(ctx)
|
|
req.ApplyOptions(opts...)
|
|
return out, req.Send()
|
|
}
|
|
|
|
const opDetachPolicy = "DetachPolicy"
|
|
|
|
// DetachPolicyRequest generates a "aws/request.Request" representing the
|
|
// client's request for the DetachPolicy operation. The "output" return
|
|
// value will be populated with the request's response once the request completes
|
|
// successfuly.
|
|
//
|
|
// Use "Send" method on the returned Request to send the API call to the service.
|
|
// the "output" return value is not valid until after Send returns without error.
|
|
//
|
|
// See DetachPolicy for more information on using the DetachPolicy
|
|
// API call, and error handling.
|
|
//
|
|
// This method is useful when you want to inject custom logic or configuration
|
|
// into the SDK's request lifecycle. Such as custom headers, or retry logic.
|
|
//
|
|
//
|
|
// // Example sending a request using the DetachPolicyRequest method.
|
|
// req, resp := client.DetachPolicyRequest(params)
|
|
//
|
|
// err := req.Send()
|
|
// if err == nil { // resp is now filled
|
|
// fmt.Println(resp)
|
|
// }
|
|
//
|
|
// See also, https://docs.aws.amazon.com/goto/WebAPI/organizations-2016-11-28/DetachPolicy
|
|
func (c *Organizations) DetachPolicyRequest(input *DetachPolicyInput) (req *request.Request, output *DetachPolicyOutput) {
|
|
op := &request.Operation{
|
|
Name: opDetachPolicy,
|
|
HTTPMethod: "POST",
|
|
HTTPPath: "/",
|
|
}
|
|
|
|
if input == nil {
|
|
input = &DetachPolicyInput{}
|
|
}
|
|
|
|
output = &DetachPolicyOutput{}
|
|
req = c.newRequest(op, input, output)
|
|
req.Handlers.Unmarshal.Remove(jsonrpc.UnmarshalHandler)
|
|
req.Handlers.Unmarshal.PushBackNamed(protocol.UnmarshalDiscardBodyHandler)
|
|
return
|
|
}
|
|
|
|
// DetachPolicy API operation for AWS Organizations.
|
|
//
|
|
// Detaches a policy from a target root, organizational unit, or account. If
|
|
// the policy being detached is a service control policy (SCP), the changes
|
|
// to permissions for IAM users and roles in affected accounts are immediate.
|
|
//
|
|
// Note: Every root, OU, and account must have at least one SCP attached. If
|
|
// you want to replace the default FullAWSAccess policy with one that limits
|
|
// the permissions that can be delegated, then you must attach the replacement
|
|
// policy before you can remove the default one. This is the authorization strategy
|
|
// of whitelisting (http://docs.aws.amazon.com/organizations/latest/userguide/orgs_manage_policies_about-scps.html#orgs_policies_whitelist).
|
|
// If you instead attach a second SCP and leave the FullAWSAccess SCP still
|
|
// attached, and specify "Effect": "Deny" in the second SCP to override the
|
|
// "Effect": "Allow" in the FullAWSAccess policy (or any other attached SCP),
|
|
// then you are using the authorization strategy of blacklisting (http://docs.aws.amazon.com/organizations/latest/userguide/orgs_manage_policies_about-scps.html#orgs_policies_blacklist).
|
|
//
|
|
// This operation can be called only from the organization's master account.
|
|
//
|
|
// Returns awserr.Error for service API and SDK errors. Use runtime type assertions
|
|
// with awserr.Error's Code and Message methods to get detailed information about
|
|
// the error.
|
|
//
|
|
// See the AWS API reference guide for AWS Organizations's
|
|
// API operation DetachPolicy for usage and error information.
|
|
//
|
|
// Returned Error Codes:
|
|
// * ErrCodeAccessDeniedException "AccessDeniedException"
|
|
// You don't have permissions to perform the requested operation. The user or
|
|
// role that is making the request must have at least one IAM permissions policy
|
|
// attached that grants the required permissions. For more information, see
|
|
// Access Management (http://docs.aws.amazon.com/IAM/latest/UserGuide/access.html)
|
|
// in the IAM User Guide.
|
|
//
|
|
// * ErrCodeAWSOrganizationsNotInUseException "AWSOrganizationsNotInUseException"
|
|
// Your account is not a member of an organization. To make this request, you
|
|
// must use the credentials of an account that belongs to an organization.
|
|
//
|
|
// * ErrCodeConcurrentModificationException "ConcurrentModificationException"
|
|
// The target of the operation is currently being modified by a different request.
|
|
// Try again later.
|
|
//
|
|
// * ErrCodeConstraintViolationException "ConstraintViolationException"
|
|
// Performing this operation violates a minimum or maximum value limit. For
|
|
// example, attempting to removing the last SCP from an OU or root, inviting
|
|
// or creating too many accounts to the organization, or attaching too many
|
|
// policies to an account, OU, or root. This exception includes a reason that
|
|
// contains additional information about the violated limit:
|
|
//
|
|
// Some of the reasons in the following list might not be applicable to this
|
|
// specific API or operation:
|
|
//
|
|
// ACCOUNT_NUMBER_LIMIT_EXCEEDED: You attempted to exceed the limit on the number
|
|
// of accounts in an organization. If you need more accounts, contact AWS Support
|
|
// to request an increase in your limit.
|
|
//
|
|
// Or, The number of invitations that you tried to send would cause you to exceed
|
|
// the limit of accounts in your organization. Send fewer invitations, or contact
|
|
// AWS Support to request an increase in the number of accounts.
|
|
//
|
|
// Note: deleted and closed accounts still count toward your limit.
|
|
//
|
|
// If you get an exception that indicates that you exceeded your account limits
|
|
// for the organization or that you can"t add an account because your organization
|
|
// is still initializing, please contact AWS Customer Support (https://console.aws.amazon.com/support/home#/).
|
|
//
|
|
// * HANDSHAKE_RATE_LIMIT_EXCEEDED: You attempted to exceed the number of
|
|
// handshakes you can send in one day.
|
|
//
|
|
// * OU_NUMBER_LIMIT_EXCEEDED: You attempted to exceed the number of organizational
|
|
// units you can have in an organization.
|
|
//
|
|
// * OU_DEPTH_LIMIT_EXCEEDED: You attempted to create an organizational unit
|
|
// tree that is too many levels deep.
|
|
//
|
|
// * POLICY_NUMBER_LIMIT_EXCEEDED. You attempted to exceed the number of
|
|
// policies that you can have in an organization.
|
|
//
|
|
// * MAX_POLICY_TYPE_ATTACHMENT_LIMIT_EXCEEDED: You attempted to exceed the
|
|
// number of policies of a certain type that can be attached to an entity
|
|
// at one time.
|
|
//
|
|
// * MIN_POLICY_TYPE_ATTACHMENT_LIMIT_EXCEEDED: You attempted to detach a
|
|
// policy from an entity that would cause the entity to have fewer than the
|
|
// minimum number of policies of a certain type required.
|
|
//
|
|
// * ACCOUNT_CANNOT_LEAVE_WITHOUT_EULA: You attempted to remove an account
|
|
// from the organization that does not yet have enough information to exist
|
|
// as a stand-alone account. This account requires you to first agree to
|
|
// the AWS Customer Agreement. Follow the steps at To leave an organization
|
|
// when all required account information has not yet been provided (http://docs.aws.amazon.com/organizations/latest/userguide/orgs_manage_accounts_remove.html#leave-without-all-info)
|
|
// in the AWS Organizations User Guide.
|
|
//
|
|
// * ACCOUNT_CANNOT_LEAVE_WITHOUT_PHONE_VERIFICATION: You attempted to remove
|
|
// an account from the organization that does not yet have enough information
|
|
// to exist as a stand-alone account. This account requires you to first
|
|
// complete phone verification. Follow the steps at To leave an organization
|
|
// when all required account information has not yet been provided (http://docs.aws.amazon.com/organizations/latest/userguide/orgs_manage_accounts_remove.html#leave-without-all-info)
|
|
// in the AWS Organizations User Guide.
|
|
//
|
|
// * MASTER_ACCOUNT_PAYMENT_INSTRUMENT_REQUIRED: To create an organization
|
|
// with this account, you first must associate a payment instrument, such
|
|
// as a credit card, with the account. Follow the steps at To leave an organization
|
|
// when all required account information has not yet been provided (http://docs.aws.amazon.com/organizations/latest/userguide/orgs_manage_accounts_remove.html#leave-without-all-info)
|
|
// in the AWS Organizations User Guide.
|
|
//
|
|
// * MEMBER_ACCOUNT_PAYMENT_INSTRUMENT_REQUIRED: To complete this operation
|
|
// with this member account, you first must associate a payment instrument,
|
|
// such as a credit card, with the account. Follow the steps at To leave
|
|
// an organization when all required account information has not yet been
|
|
// provided (http://docs.aws.amazon.com/organizations/latest/userguide/orgs_manage_accounts_remove.html#leave-without-all-info)
|
|
// in the AWS Organizations User Guide.
|
|
//
|
|
// * ACCOUNT_CREATION_RATE_LIMIT_EXCEEDED: You attempted to exceed the number
|
|
// of accounts that you can create in one day.
|
|
//
|
|
// * MASTER_ACCOUNT_ADDRESS_DOES_NOT_MATCH_MARKETPLACE: To create an account
|
|
// in this organization, you first must migrate the organization's master
|
|
// account to the marketplace that corresponds to the master account's address.
|
|
// For example, accounts with India addresses must be associated with the
|
|
// AISPL marketplace. All accounts in an organization must be associated
|
|
// with the same marketplace.
|
|
//
|
|
// * MASTER_ACCOUNT_MISSING_CONTACT_INFO: To complete this operation, you
|
|
// must first provide contact a valid address and phone number for the master
|
|
// account. Then try the operation again.
|
|
//
|
|
// * ErrCodeInvalidInputException "InvalidInputException"
|
|
// The requested operation failed because you provided invalid values for one
|
|
// or more of the request parameters. This exception includes a reason that
|
|
// contains additional information about the violated limit:
|
|
//
|
|
// Some of the reasons in the following list might not be applicable to this
|
|
// specific API or operation:
|
|
//
|
|
// * IMMUTABLE_POLICY: You specified a policy that is managed by AWS and
|
|
// cannot be modified.
|
|
//
|
|
// * INPUT_REQUIRED: You must include a value for all required parameters.
|
|
//
|
|
// * INVALID_ENUM: You specified a value that is not valid for that parameter.
|
|
//
|
|
// * INVALID_FULL_NAME_TARGET: You specified a full name that contains invalid
|
|
// characters.
|
|
//
|
|
// * INVALID_LIST_MEMBER: You provided a list to a parameter that contains
|
|
// at least one invalid value.
|
|
//
|
|
// * INVALID_PARTY_TYPE_TARGET: You specified the wrong type of entity (account,
|
|
// organization, or email) as a party.
|
|
//
|
|
// * INVALID_PAGINATION_TOKEN: Get the value for the NextToken parameter
|
|
// from the response to a previous call of the operation.
|
|
//
|
|
// * INVALID_PATTERN: You provided a value that doesn't match the required
|
|
// pattern.
|
|
//
|
|
// * INVALID_PATTERN_TARGET_ID: You specified a policy target ID that doesn't
|
|
// match the required pattern.
|
|
//
|
|
// * INVALID_ROLE_NAME: You provided a role name that is not valid. A role
|
|
// name can’t begin with the reserved prefix 'AWSServiceRoleFor'.
|
|
//
|
|
// * INVALID_SYNTAX_ORGANIZATION_ARN: You specified an invalid ARN for the
|
|
// organization.
|
|
//
|
|
// * INVALID_SYNTAX_POLICY_ID: You specified an invalid policy ID.
|
|
//
|
|
// * MAX_FILTER_LIMIT_EXCEEDED: You can specify only one filter parameter
|
|
// for the operation.
|
|
//
|
|
// * MAX_LENGTH_EXCEEDED: You provided a string parameter that is longer
|
|
// than allowed.
|
|
//
|
|
// * MAX_VALUE_EXCEEDED: You provided a numeric parameter that has a larger
|
|
// value than allowed.
|
|
//
|
|
// * MIN_LENGTH_EXCEEDED: You provided a string parameter that is shorter
|
|
// than allowed.
|
|
//
|
|
// * MIN_VALUE_EXCEEDED: You provided a numeric parameter that has a smaller
|
|
// value than allowed.
|
|
//
|
|
// * MOVING_ACCOUNT_BETWEEN_DIFFERENT_ROOTS: You can move an account only
|
|
// between entities in the same root.
|
|
//
|
|
// * ErrCodePolicyNotAttachedException "PolicyNotAttachedException"
|
|
// The policy isn't attached to the specified target in the specified root.
|
|
//
|
|
// * ErrCodePolicyNotFoundException "PolicyNotFoundException"
|
|
// We can't find a policy with the PolicyId that you specified.
|
|
//
|
|
// * ErrCodeServiceException "ServiceException"
|
|
// AWS Organizations can't complete your request because of an internal service
|
|
// error. Try again later.
|
|
//
|
|
// * ErrCodeTargetNotFoundException "TargetNotFoundException"
|
|
// We can't find a root, OU, or account with the TargetId that you specified.
|
|
//
|
|
// * ErrCodeTooManyRequestsException "TooManyRequestsException"
|
|
// You've sent too many requests in too short a period of time. The limit helps
|
|
// protect against denial-of-service attacks. Try again later.
|
|
//
|
|
// See also, https://docs.aws.amazon.com/goto/WebAPI/organizations-2016-11-28/DetachPolicy
|
|
func (c *Organizations) DetachPolicy(input *DetachPolicyInput) (*DetachPolicyOutput, error) {
|
|
req, out := c.DetachPolicyRequest(input)
|
|
return out, req.Send()
|
|
}
|
|
|
|
// DetachPolicyWithContext is the same as DetachPolicy with the addition of
|
|
// the ability to pass a context and additional request options.
|
|
//
|
|
// See DetachPolicy for details on how to use this API operation.
|
|
//
|
|
// The context must be non-nil and will be used for request cancellation. If
|
|
// the context is nil a panic will occur. In the future the SDK may create
|
|
// sub-contexts for http.Requests. See https://golang.org/pkg/context/
|
|
// for more information on using Contexts.
|
|
func (c *Organizations) DetachPolicyWithContext(ctx aws.Context, input *DetachPolicyInput, opts ...request.Option) (*DetachPolicyOutput, error) {
|
|
req, out := c.DetachPolicyRequest(input)
|
|
req.SetContext(ctx)
|
|
req.ApplyOptions(opts...)
|
|
return out, req.Send()
|
|
}
|
|
|
|
const opDisableAWSServiceAccess = "DisableAWSServiceAccess"
|
|
|
|
// DisableAWSServiceAccessRequest generates a "aws/request.Request" representing the
|
|
// client's request for the DisableAWSServiceAccess operation. The "output" return
|
|
// value will be populated with the request's response once the request completes
|
|
// successfuly.
|
|
//
|
|
// Use "Send" method on the returned Request to send the API call to the service.
|
|
// the "output" return value is not valid until after Send returns without error.
|
|
//
|
|
// See DisableAWSServiceAccess for more information on using the DisableAWSServiceAccess
|
|
// API call, and error handling.
|
|
//
|
|
// This method is useful when you want to inject custom logic or configuration
|
|
// into the SDK's request lifecycle. Such as custom headers, or retry logic.
|
|
//
|
|
//
|
|
// // Example sending a request using the DisableAWSServiceAccessRequest method.
|
|
// req, resp := client.DisableAWSServiceAccessRequest(params)
|
|
//
|
|
// err := req.Send()
|
|
// if err == nil { // resp is now filled
|
|
// fmt.Println(resp)
|
|
// }
|
|
//
|
|
// See also, https://docs.aws.amazon.com/goto/WebAPI/organizations-2016-11-28/DisableAWSServiceAccess
|
|
func (c *Organizations) DisableAWSServiceAccessRequest(input *DisableAWSServiceAccessInput) (req *request.Request, output *DisableAWSServiceAccessOutput) {
|
|
op := &request.Operation{
|
|
Name: opDisableAWSServiceAccess,
|
|
HTTPMethod: "POST",
|
|
HTTPPath: "/",
|
|
}
|
|
|
|
if input == nil {
|
|
input = &DisableAWSServiceAccessInput{}
|
|
}
|
|
|
|
output = &DisableAWSServiceAccessOutput{}
|
|
req = c.newRequest(op, input, output)
|
|
req.Handlers.Unmarshal.Remove(jsonrpc.UnmarshalHandler)
|
|
req.Handlers.Unmarshal.PushBackNamed(protocol.UnmarshalDiscardBodyHandler)
|
|
return
|
|
}
|
|
|
|
// DisableAWSServiceAccess API operation for AWS Organizations.
|
|
//
|
|
// Disables the integration of an AWS service (the service that is specified
|
|
// by ServicePrincipal) with AWS Organizations. When you disable integration,
|
|
// the specified service no longer can create a service-linked role (http://docs.aws.amazon.com/IAM/latest/UserGuide/using-service-linked-roles.html)
|
|
// in new accounts in your organization. This means the service can't perform
|
|
// operations on your behalf on any new accounts in your organization. The service
|
|
// can still perform operations in older accounts until the service completes
|
|
// its clean-up from AWS Organizations.
|
|
//
|
|
// We recommend that you disable integration between AWS Organizations and the
|
|
// specified AWS service by using the console or commands that are provided
|
|
// by the specified service. Doing so ensures that the other service is aware
|
|
// that it can clean up any resources that are required only for the integration.
|
|
// How the service cleans up its resources in the organization's accounts depends
|
|
// on that service. For more information, see the documentation for the other
|
|
// AWS service.
|
|
//
|
|
// After you perform the DisableAWSServiceAccessoperation, the specified service can no longer perform operations in your
|
|
// organization's accounts unless the operations are explicitly permitted by
|
|
// the IAM policies that are attached to your roles.
|
|
//
|
|
// For more information about integrating other services with AWS Organizations,
|
|
// including the list of services that work with Organizations, see Integrating
|
|
// AWS Organizations with Other AWS Services (http://docs.aws.amazon.com/organizations/latest/userguide/orgs_integrate_services.html)in the AWS Organizations User Guide
|
|
//
|
|
// Returns awserr.Error for service API and SDK errors. Use runtime type assertions
|
|
// with awserr.Error's Code and Message methods to get detailed information about
|
|
// the error.
|
|
//
|
|
// See the AWS API reference guide for AWS Organizations's
|
|
// API operation DisableAWSServiceAccess for usage and error information.
|
|
//
|
|
// Returned Error Codes:
|
|
// * ErrCodeAccessDeniedException "AccessDeniedException"
|
|
// You don't have permissions to perform the requested operation. The user or
|
|
// role that is making the request must have at least one IAM permissions policy
|
|
// attached that grants the required permissions. For more information, see
|
|
// Access Management (http://docs.aws.amazon.com/IAM/latest/UserGuide/access.html)
|
|
// in the IAM User Guide.
|
|
//
|
|
// * ErrCodeAWSOrganizationsNotInUseException "AWSOrganizationsNotInUseException"
|
|
// Your account is not a member of an organization. To make this request, you
|
|
// must use the credentials of an account that belongs to an organization.
|
|
//
|
|
// * ErrCodeConcurrentModificationException "ConcurrentModificationException"
|
|
// The target of the operation is currently being modified by a different request.
|
|
// Try again later.
|
|
//
|
|
// * ErrCodeConstraintViolationException "ConstraintViolationException"
|
|
// Performing this operation violates a minimum or maximum value limit. For
|
|
// example, attempting to removing the last SCP from an OU or root, inviting
|
|
// or creating too many accounts to the organization, or attaching too many
|
|
// policies to an account, OU, or root. This exception includes a reason that
|
|
// contains additional information about the violated limit:
|
|
//
|
|
// Some of the reasons in the following list might not be applicable to this
|
|
// specific API or operation:
|
|
//
|
|
// ACCOUNT_NUMBER_LIMIT_EXCEEDED: You attempted to exceed the limit on the number
|
|
// of accounts in an organization. If you need more accounts, contact AWS Support
|
|
// to request an increase in your limit.
|
|
//
|
|
// Or, The number of invitations that you tried to send would cause you to exceed
|
|
// the limit of accounts in your organization. Send fewer invitations, or contact
|
|
// AWS Support to request an increase in the number of accounts.
|
|
//
|
|
// Note: deleted and closed accounts still count toward your limit.
|
|
//
|
|
// If you get an exception that indicates that you exceeded your account limits
|
|
// for the organization or that you can"t add an account because your organization
|
|
// is still initializing, please contact AWS Customer Support (https://console.aws.amazon.com/support/home#/).
|
|
//
|
|
// * HANDSHAKE_RATE_LIMIT_EXCEEDED: You attempted to exceed the number of
|
|
// handshakes you can send in one day.
|
|
//
|
|
// * OU_NUMBER_LIMIT_EXCEEDED: You attempted to exceed the number of organizational
|
|
// units you can have in an organization.
|
|
//
|
|
// * OU_DEPTH_LIMIT_EXCEEDED: You attempted to create an organizational unit
|
|
// tree that is too many levels deep.
|
|
//
|
|
// * POLICY_NUMBER_LIMIT_EXCEEDED. You attempted to exceed the number of
|
|
// policies that you can have in an organization.
|
|
//
|
|
// * MAX_POLICY_TYPE_ATTACHMENT_LIMIT_EXCEEDED: You attempted to exceed the
|
|
// number of policies of a certain type that can be attached to an entity
|
|
// at one time.
|
|
//
|
|
// * MIN_POLICY_TYPE_ATTACHMENT_LIMIT_EXCEEDED: You attempted to detach a
|
|
// policy from an entity that would cause the entity to have fewer than the
|
|
// minimum number of policies of a certain type required.
|
|
//
|
|
// * ACCOUNT_CANNOT_LEAVE_WITHOUT_EULA: You attempted to remove an account
|
|
// from the organization that does not yet have enough information to exist
|
|
// as a stand-alone account. This account requires you to first agree to
|
|
// the AWS Customer Agreement. Follow the steps at To leave an organization
|
|
// when all required account information has not yet been provided (http://docs.aws.amazon.com/organizations/latest/userguide/orgs_manage_accounts_remove.html#leave-without-all-info)
|
|
// in the AWS Organizations User Guide.
|
|
//
|
|
// * ACCOUNT_CANNOT_LEAVE_WITHOUT_PHONE_VERIFICATION: You attempted to remove
|
|
// an account from the organization that does not yet have enough information
|
|
// to exist as a stand-alone account. This account requires you to first
|
|
// complete phone verification. Follow the steps at To leave an organization
|
|
// when all required account information has not yet been provided (http://docs.aws.amazon.com/organizations/latest/userguide/orgs_manage_accounts_remove.html#leave-without-all-info)
|
|
// in the AWS Organizations User Guide.
|
|
//
|
|
// * MASTER_ACCOUNT_PAYMENT_INSTRUMENT_REQUIRED: To create an organization
|
|
// with this account, you first must associate a payment instrument, such
|
|
// as a credit card, with the account. Follow the steps at To leave an organization
|
|
// when all required account information has not yet been provided (http://docs.aws.amazon.com/organizations/latest/userguide/orgs_manage_accounts_remove.html#leave-without-all-info)
|
|
// in the AWS Organizations User Guide.
|
|
//
|
|
// * MEMBER_ACCOUNT_PAYMENT_INSTRUMENT_REQUIRED: To complete this operation
|
|
// with this member account, you first must associate a payment instrument,
|
|
// such as a credit card, with the account. Follow the steps at To leave
|
|
// an organization when all required account information has not yet been
|
|
// provided (http://docs.aws.amazon.com/organizations/latest/userguide/orgs_manage_accounts_remove.html#leave-without-all-info)
|
|
// in the AWS Organizations User Guide.
|
|
//
|
|
// * ACCOUNT_CREATION_RATE_LIMIT_EXCEEDED: You attempted to exceed the number
|
|
// of accounts that you can create in one day.
|
|
//
|
|
// * MASTER_ACCOUNT_ADDRESS_DOES_NOT_MATCH_MARKETPLACE: To create an account
|
|
// in this organization, you first must migrate the organization's master
|
|
// account to the marketplace that corresponds to the master account's address.
|
|
// For example, accounts with India addresses must be associated with the
|
|
// AISPL marketplace. All accounts in an organization must be associated
|
|
// with the same marketplace.
|
|
//
|
|
// * MASTER_ACCOUNT_MISSING_CONTACT_INFO: To complete this operation, you
|
|
// must first provide contact a valid address and phone number for the master
|
|
// account. Then try the operation again.
|
|
//
|
|
// * ErrCodeInvalidInputException "InvalidInputException"
|
|
// The requested operation failed because you provided invalid values for one
|
|
// or more of the request parameters. This exception includes a reason that
|
|
// contains additional information about the violated limit:
|
|
//
|
|
// Some of the reasons in the following list might not be applicable to this
|
|
// specific API or operation:
|
|
//
|
|
// * IMMUTABLE_POLICY: You specified a policy that is managed by AWS and
|
|
// cannot be modified.
|
|
//
|
|
// * INPUT_REQUIRED: You must include a value for all required parameters.
|
|
//
|
|
// * INVALID_ENUM: You specified a value that is not valid for that parameter.
|
|
//
|
|
// * INVALID_FULL_NAME_TARGET: You specified a full name that contains invalid
|
|
// characters.
|
|
//
|
|
// * INVALID_LIST_MEMBER: You provided a list to a parameter that contains
|
|
// at least one invalid value.
|
|
//
|
|
// * INVALID_PARTY_TYPE_TARGET: You specified the wrong type of entity (account,
|
|
// organization, or email) as a party.
|
|
//
|
|
// * INVALID_PAGINATION_TOKEN: Get the value for the NextToken parameter
|
|
// from the response to a previous call of the operation.
|
|
//
|
|
// * INVALID_PATTERN: You provided a value that doesn't match the required
|
|
// pattern.
|
|
//
|
|
// * INVALID_PATTERN_TARGET_ID: You specified a policy target ID that doesn't
|
|
// match the required pattern.
|
|
//
|
|
// * INVALID_ROLE_NAME: You provided a role name that is not valid. A role
|
|
// name can’t begin with the reserved prefix 'AWSServiceRoleFor'.
|
|
//
|
|
// * INVALID_SYNTAX_ORGANIZATION_ARN: You specified an invalid ARN for the
|
|
// organization.
|
|
//
|
|
// * INVALID_SYNTAX_POLICY_ID: You specified an invalid policy ID.
|
|
//
|
|
// * MAX_FILTER_LIMIT_EXCEEDED: You can specify only one filter parameter
|
|
// for the operation.
|
|
//
|
|
// * MAX_LENGTH_EXCEEDED: You provided a string parameter that is longer
|
|
// than allowed.
|
|
//
|
|
// * MAX_VALUE_EXCEEDED: You provided a numeric parameter that has a larger
|
|
// value than allowed.
|
|
//
|
|
// * MIN_LENGTH_EXCEEDED: You provided a string parameter that is shorter
|
|
// than allowed.
|
|
//
|
|
// * MIN_VALUE_EXCEEDED: You provided a numeric parameter that has a smaller
|
|
// value than allowed.
|
|
//
|
|
// * MOVING_ACCOUNT_BETWEEN_DIFFERENT_ROOTS: You can move an account only
|
|
// between entities in the same root.
|
|
//
|
|
// * ErrCodeServiceException "ServiceException"
|
|
// AWS Organizations can't complete your request because of an internal service
|
|
// error. Try again later.
|
|
//
|
|
// * ErrCodeTooManyRequestsException "TooManyRequestsException"
|
|
// You've sent too many requests in too short a period of time. The limit helps
|
|
// protect against denial-of-service attacks. Try again later.
|
|
//
|
|
// See also, https://docs.aws.amazon.com/goto/WebAPI/organizations-2016-11-28/DisableAWSServiceAccess
|
|
func (c *Organizations) DisableAWSServiceAccess(input *DisableAWSServiceAccessInput) (*DisableAWSServiceAccessOutput, error) {
|
|
req, out := c.DisableAWSServiceAccessRequest(input)
|
|
return out, req.Send()
|
|
}
|
|
|
|
// DisableAWSServiceAccessWithContext is the same as DisableAWSServiceAccess with the addition of
|
|
// the ability to pass a context and additional request options.
|
|
//
|
|
// See DisableAWSServiceAccess for details on how to use this API operation.
|
|
//
|
|
// The context must be non-nil and will be used for request cancellation. If
|
|
// the context is nil a panic will occur. In the future the SDK may create
|
|
// sub-contexts for http.Requests. See https://golang.org/pkg/context/
|
|
// for more information on using Contexts.
|
|
func (c *Organizations) DisableAWSServiceAccessWithContext(ctx aws.Context, input *DisableAWSServiceAccessInput, opts ...request.Option) (*DisableAWSServiceAccessOutput, error) {
|
|
req, out := c.DisableAWSServiceAccessRequest(input)
|
|
req.SetContext(ctx)
|
|
req.ApplyOptions(opts...)
|
|
return out, req.Send()
|
|
}
|
|
|
|
const opDisablePolicyType = "DisablePolicyType"
|
|
|
|
// DisablePolicyTypeRequest generates a "aws/request.Request" representing the
|
|
// client's request for the DisablePolicyType operation. The "output" return
|
|
// value will be populated with the request's response once the request completes
|
|
// successfuly.
|
|
//
|
|
// Use "Send" method on the returned Request to send the API call to the service.
|
|
// the "output" return value is not valid until after Send returns without error.
|
|
//
|
|
// See DisablePolicyType for more information on using the DisablePolicyType
|
|
// API call, and error handling.
|
|
//
|
|
// This method is useful when you want to inject custom logic or configuration
|
|
// into the SDK's request lifecycle. Such as custom headers, or retry logic.
|
|
//
|
|
//
|
|
// // Example sending a request using the DisablePolicyTypeRequest method.
|
|
// req, resp := client.DisablePolicyTypeRequest(params)
|
|
//
|
|
// err := req.Send()
|
|
// if err == nil { // resp is now filled
|
|
// fmt.Println(resp)
|
|
// }
|
|
//
|
|
// See also, https://docs.aws.amazon.com/goto/WebAPI/organizations-2016-11-28/DisablePolicyType
|
|
func (c *Organizations) DisablePolicyTypeRequest(input *DisablePolicyTypeInput) (req *request.Request, output *DisablePolicyTypeOutput) {
|
|
op := &request.Operation{
|
|
Name: opDisablePolicyType,
|
|
HTTPMethod: "POST",
|
|
HTTPPath: "/",
|
|
}
|
|
|
|
if input == nil {
|
|
input = &DisablePolicyTypeInput{}
|
|
}
|
|
|
|
output = &DisablePolicyTypeOutput{}
|
|
req = c.newRequest(op, input, output)
|
|
return
|
|
}
|
|
|
|
// DisablePolicyType API operation for AWS Organizations.
|
|
//
|
|
// Disables an organizational control policy type in a root. A policy of a certain
|
|
// type can be attached to entities in a root only if that type is enabled in
|
|
// the root. After you perform this operation, you no longer can attach policies
|
|
// of the specified type to that root or to any OU or account in that root.
|
|
// You can undo this by using the EnablePolicyType operation.
|
|
//
|
|
// This operation can be called only from the organization's master account.
|
|
//
|
|
// If you disable a policy type for a root, it still shows as enabled for the
|
|
// organization if all features are enabled in that organization. Use ListRoots
|
|
// to see the status of policy types for a specified root. Use DescribeOrganization
|
|
// to see the status of policy types in the organization.
|
|
//
|
|
// Returns awserr.Error for service API and SDK errors. Use runtime type assertions
|
|
// with awserr.Error's Code and Message methods to get detailed information about
|
|
// the error.
|
|
//
|
|
// See the AWS API reference guide for AWS Organizations's
|
|
// API operation DisablePolicyType for usage and error information.
|
|
//
|
|
// Returned Error Codes:
|
|
// * ErrCodeAccessDeniedException "AccessDeniedException"
|
|
// You don't have permissions to perform the requested operation. The user or
|
|
// role that is making the request must have at least one IAM permissions policy
|
|
// attached that grants the required permissions. For more information, see
|
|
// Access Management (http://docs.aws.amazon.com/IAM/latest/UserGuide/access.html)
|
|
// in the IAM User Guide.
|
|
//
|
|
// * ErrCodeAWSOrganizationsNotInUseException "AWSOrganizationsNotInUseException"
|
|
// Your account is not a member of an organization. To make this request, you
|
|
// must use the credentials of an account that belongs to an organization.
|
|
//
|
|
// * ErrCodeConcurrentModificationException "ConcurrentModificationException"
|
|
// The target of the operation is currently being modified by a different request.
|
|
// Try again later.
|
|
//
|
|
// * ErrCodeConstraintViolationException "ConstraintViolationException"
|
|
// Performing this operation violates a minimum or maximum value limit. For
|
|
// example, attempting to removing the last SCP from an OU or root, inviting
|
|
// or creating too many accounts to the organization, or attaching too many
|
|
// policies to an account, OU, or root. This exception includes a reason that
|
|
// contains additional information about the violated limit:
|
|
//
|
|
// Some of the reasons in the following list might not be applicable to this
|
|
// specific API or operation:
|
|
//
|
|
// ACCOUNT_NUMBER_LIMIT_EXCEEDED: You attempted to exceed the limit on the number
|
|
// of accounts in an organization. If you need more accounts, contact AWS Support
|
|
// to request an increase in your limit.
|
|
//
|
|
// Or, The number of invitations that you tried to send would cause you to exceed
|
|
// the limit of accounts in your organization. Send fewer invitations, or contact
|
|
// AWS Support to request an increase in the number of accounts.
|
|
//
|
|
// Note: deleted and closed accounts still count toward your limit.
|
|
//
|
|
// If you get an exception that indicates that you exceeded your account limits
|
|
// for the organization or that you can"t add an account because your organization
|
|
// is still initializing, please contact AWS Customer Support (https://console.aws.amazon.com/support/home#/).
|
|
//
|
|
// * HANDSHAKE_RATE_LIMIT_EXCEEDED: You attempted to exceed the number of
|
|
// handshakes you can send in one day.
|
|
//
|
|
// * OU_NUMBER_LIMIT_EXCEEDED: You attempted to exceed the number of organizational
|
|
// units you can have in an organization.
|
|
//
|
|
// * OU_DEPTH_LIMIT_EXCEEDED: You attempted to create an organizational unit
|
|
// tree that is too many levels deep.
|
|
//
|
|
// * POLICY_NUMBER_LIMIT_EXCEEDED. You attempted to exceed the number of
|
|
// policies that you can have in an organization.
|
|
//
|
|
// * MAX_POLICY_TYPE_ATTACHMENT_LIMIT_EXCEEDED: You attempted to exceed the
|
|
// number of policies of a certain type that can be attached to an entity
|
|
// at one time.
|
|
//
|
|
// * MIN_POLICY_TYPE_ATTACHMENT_LIMIT_EXCEEDED: You attempted to detach a
|
|
// policy from an entity that would cause the entity to have fewer than the
|
|
// minimum number of policies of a certain type required.
|
|
//
|
|
// * ACCOUNT_CANNOT_LEAVE_WITHOUT_EULA: You attempted to remove an account
|
|
// from the organization that does not yet have enough information to exist
|
|
// as a stand-alone account. This account requires you to first agree to
|
|
// the AWS Customer Agreement. Follow the steps at To leave an organization
|
|
// when all required account information has not yet been provided (http://docs.aws.amazon.com/organizations/latest/userguide/orgs_manage_accounts_remove.html#leave-without-all-info)
|
|
// in the AWS Organizations User Guide.
|
|
//
|
|
// * ACCOUNT_CANNOT_LEAVE_WITHOUT_PHONE_VERIFICATION: You attempted to remove
|
|
// an account from the organization that does not yet have enough information
|
|
// to exist as a stand-alone account. This account requires you to first
|
|
// complete phone verification. Follow the steps at To leave an organization
|
|
// when all required account information has not yet been provided (http://docs.aws.amazon.com/organizations/latest/userguide/orgs_manage_accounts_remove.html#leave-without-all-info)
|
|
// in the AWS Organizations User Guide.
|
|
//
|
|
// * MASTER_ACCOUNT_PAYMENT_INSTRUMENT_REQUIRED: To create an organization
|
|
// with this account, you first must associate a payment instrument, such
|
|
// as a credit card, with the account. Follow the steps at To leave an organization
|
|
// when all required account information has not yet been provided (http://docs.aws.amazon.com/organizations/latest/userguide/orgs_manage_accounts_remove.html#leave-without-all-info)
|
|
// in the AWS Organizations User Guide.
|
|
//
|
|
// * MEMBER_ACCOUNT_PAYMENT_INSTRUMENT_REQUIRED: To complete this operation
|
|
// with this member account, you first must associate a payment instrument,
|
|
// such as a credit card, with the account. Follow the steps at To leave
|
|
// an organization when all required account information has not yet been
|
|
// provided (http://docs.aws.amazon.com/organizations/latest/userguide/orgs_manage_accounts_remove.html#leave-without-all-info)
|
|
// in the AWS Organizations User Guide.
|
|
//
|
|
// * ACCOUNT_CREATION_RATE_LIMIT_EXCEEDED: You attempted to exceed the number
|
|
// of accounts that you can create in one day.
|
|
//
|
|
// * MASTER_ACCOUNT_ADDRESS_DOES_NOT_MATCH_MARKETPLACE: To create an account
|
|
// in this organization, you first must migrate the organization's master
|
|
// account to the marketplace that corresponds to the master account's address.
|
|
// For example, accounts with India addresses must be associated with the
|
|
// AISPL marketplace. All accounts in an organization must be associated
|
|
// with the same marketplace.
|
|
//
|
|
// * MASTER_ACCOUNT_MISSING_CONTACT_INFO: To complete this operation, you
|
|
// must first provide contact a valid address and phone number for the master
|
|
// account. Then try the operation again.
|
|
//
|
|
// * ErrCodeInvalidInputException "InvalidInputException"
|
|
// The requested operation failed because you provided invalid values for one
|
|
// or more of the request parameters. This exception includes a reason that
|
|
// contains additional information about the violated limit:
|
|
//
|
|
// Some of the reasons in the following list might not be applicable to this
|
|
// specific API or operation:
|
|
//
|
|
// * IMMUTABLE_POLICY: You specified a policy that is managed by AWS and
|
|
// cannot be modified.
|
|
//
|
|
// * INPUT_REQUIRED: You must include a value for all required parameters.
|
|
//
|
|
// * INVALID_ENUM: You specified a value that is not valid for that parameter.
|
|
//
|
|
// * INVALID_FULL_NAME_TARGET: You specified a full name that contains invalid
|
|
// characters.
|
|
//
|
|
// * INVALID_LIST_MEMBER: You provided a list to a parameter that contains
|
|
// at least one invalid value.
|
|
//
|
|
// * INVALID_PARTY_TYPE_TARGET: You specified the wrong type of entity (account,
|
|
// organization, or email) as a party.
|
|
//
|
|
// * INVALID_PAGINATION_TOKEN: Get the value for the NextToken parameter
|
|
// from the response to a previous call of the operation.
|
|
//
|
|
// * INVALID_PATTERN: You provided a value that doesn't match the required
|
|
// pattern.
|
|
//
|
|
// * INVALID_PATTERN_TARGET_ID: You specified a policy target ID that doesn't
|
|
// match the required pattern.
|
|
//
|
|
// * INVALID_ROLE_NAME: You provided a role name that is not valid. A role
|
|
// name can’t begin with the reserved prefix 'AWSServiceRoleFor'.
|
|
//
|
|
// * INVALID_SYNTAX_ORGANIZATION_ARN: You specified an invalid ARN for the
|
|
// organization.
|
|
//
|
|
// * INVALID_SYNTAX_POLICY_ID: You specified an invalid policy ID.
|
|
//
|
|
// * MAX_FILTER_LIMIT_EXCEEDED: You can specify only one filter parameter
|
|
// for the operation.
|
|
//
|
|
// * MAX_LENGTH_EXCEEDED: You provided a string parameter that is longer
|
|
// than allowed.
|
|
//
|
|
// * MAX_VALUE_EXCEEDED: You provided a numeric parameter that has a larger
|
|
// value than allowed.
|
|
//
|
|
// * MIN_LENGTH_EXCEEDED: You provided a string parameter that is shorter
|
|
// than allowed.
|
|
//
|
|
// * MIN_VALUE_EXCEEDED: You provided a numeric parameter that has a smaller
|
|
// value than allowed.
|
|
//
|
|
// * MOVING_ACCOUNT_BETWEEN_DIFFERENT_ROOTS: You can move an account only
|
|
// between entities in the same root.
|
|
//
|
|
// * ErrCodePolicyTypeNotEnabledException "PolicyTypeNotEnabledException"
|
|
// The specified policy type is not currently enabled in this root. You cannot
|
|
// attach policies of the specified type to entities in a root until you enable
|
|
// that type in the root. For more information, see Enabling All Features in
|
|
// Your Organization (http://docs.aws.amazon.com/organizations/latest/userguide/orgs_manage_org_support-all-features.html)
|
|
// in the AWS Organizations User Guide.
|
|
//
|
|
// * ErrCodeRootNotFoundException "RootNotFoundException"
|
|
// We can't find a root with the RootId that you specified.
|
|
//
|
|
// * ErrCodeServiceException "ServiceException"
|
|
// AWS Organizations can't complete your request because of an internal service
|
|
// error. Try again later.
|
|
//
|
|
// * ErrCodeTooManyRequestsException "TooManyRequestsException"
|
|
// You've sent too many requests in too short a period of time. The limit helps
|
|
// protect against denial-of-service attacks. Try again later.
|
|
//
|
|
// See also, https://docs.aws.amazon.com/goto/WebAPI/organizations-2016-11-28/DisablePolicyType
|
|
func (c *Organizations) DisablePolicyType(input *DisablePolicyTypeInput) (*DisablePolicyTypeOutput, error) {
|
|
req, out := c.DisablePolicyTypeRequest(input)
|
|
return out, req.Send()
|
|
}
|
|
|
|
// DisablePolicyTypeWithContext is the same as DisablePolicyType with the addition of
|
|
// the ability to pass a context and additional request options.
|
|
//
|
|
// See DisablePolicyType for details on how to use this API operation.
|
|
//
|
|
// The context must be non-nil and will be used for request cancellation. If
|
|
// the context is nil a panic will occur. In the future the SDK may create
|
|
// sub-contexts for http.Requests. See https://golang.org/pkg/context/
|
|
// for more information on using Contexts.
|
|
func (c *Organizations) DisablePolicyTypeWithContext(ctx aws.Context, input *DisablePolicyTypeInput, opts ...request.Option) (*DisablePolicyTypeOutput, error) {
|
|
req, out := c.DisablePolicyTypeRequest(input)
|
|
req.SetContext(ctx)
|
|
req.ApplyOptions(opts...)
|
|
return out, req.Send()
|
|
}
|
|
|
|
const opEnableAWSServiceAccess = "EnableAWSServiceAccess"
|
|
|
|
// EnableAWSServiceAccessRequest generates a "aws/request.Request" representing the
|
|
// client's request for the EnableAWSServiceAccess operation. The "output" return
|
|
// value will be populated with the request's response once the request completes
|
|
// successfuly.
|
|
//
|
|
// Use "Send" method on the returned Request to send the API call to the service.
|
|
// the "output" return value is not valid until after Send returns without error.
|
|
//
|
|
// See EnableAWSServiceAccess for more information on using the EnableAWSServiceAccess
|
|
// API call, and error handling.
|
|
//
|
|
// This method is useful when you want to inject custom logic or configuration
|
|
// into the SDK's request lifecycle. Such as custom headers, or retry logic.
|
|
//
|
|
//
|
|
// // Example sending a request using the EnableAWSServiceAccessRequest method.
|
|
// req, resp := client.EnableAWSServiceAccessRequest(params)
|
|
//
|
|
// err := req.Send()
|
|
// if err == nil { // resp is now filled
|
|
// fmt.Println(resp)
|
|
// }
|
|
//
|
|
// See also, https://docs.aws.amazon.com/goto/WebAPI/organizations-2016-11-28/EnableAWSServiceAccess
|
|
func (c *Organizations) EnableAWSServiceAccessRequest(input *EnableAWSServiceAccessInput) (req *request.Request, output *EnableAWSServiceAccessOutput) {
|
|
op := &request.Operation{
|
|
Name: opEnableAWSServiceAccess,
|
|
HTTPMethod: "POST",
|
|
HTTPPath: "/",
|
|
}
|
|
|
|
if input == nil {
|
|
input = &EnableAWSServiceAccessInput{}
|
|
}
|
|
|
|
output = &EnableAWSServiceAccessOutput{}
|
|
req = c.newRequest(op, input, output)
|
|
req.Handlers.Unmarshal.Remove(jsonrpc.UnmarshalHandler)
|
|
req.Handlers.Unmarshal.PushBackNamed(protocol.UnmarshalDiscardBodyHandler)
|
|
return
|
|
}
|
|
|
|
// EnableAWSServiceAccess API operation for AWS Organizations.
|
|
//
|
|
// Enables the integration of an AWS service (the service that is specified
|
|
// by ServicePrincipal) with AWS Organizations. When you enable integration,
|
|
// you allow the specified service to create a service-linked role (http://docs.aws.amazon.com/IAM/latest/UserGuide/using-service-linked-roles.html)
|
|
// in all the accounts in your organization. This allows the service to perform
|
|
// operations on your behalf in your organization and its accounts.
|
|
//
|
|
// We recommend that you enable integration between AWS Organizations and the
|
|
// specified AWS service by using the console or commands that are provided
|
|
// by the specified service. Doing so ensures that the service is aware that
|
|
// it can create the resources that are required for the integration. How the
|
|
// service creates those resources in the organization's accounts depends on
|
|
// that service. For more information, see the documentation for the other AWS
|
|
// service.
|
|
//
|
|
// For more information about enabling services to integrate with AWS Organizations,
|
|
// see Integrating AWS Organizations with Other AWS Services (http://docs.aws.amazon.com/organizations/latest/userguide/orgs_integrate_services.html)
|
|
// in the AWS Organizations User Guide.
|
|
//
|
|
// This operation can be called only from the organization's master account
|
|
// and only if the organization has enabled all features (http://docs.aws.amazon.com/organizations/latest/userguide/orgs_manage_org_support-all-features.html).
|
|
//
|
|
// Returns awserr.Error for service API and SDK errors. Use runtime type assertions
|
|
// with awserr.Error's Code and Message methods to get detailed information about
|
|
// the error.
|
|
//
|
|
// See the AWS API reference guide for AWS Organizations's
|
|
// API operation EnableAWSServiceAccess for usage and error information.
|
|
//
|
|
// Returned Error Codes:
|
|
// * ErrCodeAccessDeniedException "AccessDeniedException"
|
|
// You don't have permissions to perform the requested operation. The user or
|
|
// role that is making the request must have at least one IAM permissions policy
|
|
// attached that grants the required permissions. For more information, see
|
|
// Access Management (http://docs.aws.amazon.com/IAM/latest/UserGuide/access.html)
|
|
// in the IAM User Guide.
|
|
//
|
|
// * ErrCodeAWSOrganizationsNotInUseException "AWSOrganizationsNotInUseException"
|
|
// Your account is not a member of an organization. To make this request, you
|
|
// must use the credentials of an account that belongs to an organization.
|
|
//
|
|
// * ErrCodeConcurrentModificationException "ConcurrentModificationException"
|
|
// The target of the operation is currently being modified by a different request.
|
|
// Try again later.
|
|
//
|
|
// * ErrCodeConstraintViolationException "ConstraintViolationException"
|
|
// Performing this operation violates a minimum or maximum value limit. For
|
|
// example, attempting to removing the last SCP from an OU or root, inviting
|
|
// or creating too many accounts to the organization, or attaching too many
|
|
// policies to an account, OU, or root. This exception includes a reason that
|
|
// contains additional information about the violated limit:
|
|
//
|
|
// Some of the reasons in the following list might not be applicable to this
|
|
// specific API or operation:
|
|
//
|
|
// ACCOUNT_NUMBER_LIMIT_EXCEEDED: You attempted to exceed the limit on the number
|
|
// of accounts in an organization. If you need more accounts, contact AWS Support
|
|
// to request an increase in your limit.
|
|
//
|
|
// Or, The number of invitations that you tried to send would cause you to exceed
|
|
// the limit of accounts in your organization. Send fewer invitations, or contact
|
|
// AWS Support to request an increase in the number of accounts.
|
|
//
|
|
// Note: deleted and closed accounts still count toward your limit.
|
|
//
|
|
// If you get an exception that indicates that you exceeded your account limits
|
|
// for the organization or that you can"t add an account because your organization
|
|
// is still initializing, please contact AWS Customer Support (https://console.aws.amazon.com/support/home#/).
|
|
//
|
|
// * HANDSHAKE_RATE_LIMIT_EXCEEDED: You attempted to exceed the number of
|
|
// handshakes you can send in one day.
|
|
//
|
|
// * OU_NUMBER_LIMIT_EXCEEDED: You attempted to exceed the number of organizational
|
|
// units you can have in an organization.
|
|
//
|
|
// * OU_DEPTH_LIMIT_EXCEEDED: You attempted to create an organizational unit
|
|
// tree that is too many levels deep.
|
|
//
|
|
// * POLICY_NUMBER_LIMIT_EXCEEDED. You attempted to exceed the number of
|
|
// policies that you can have in an organization.
|
|
//
|
|
// * MAX_POLICY_TYPE_ATTACHMENT_LIMIT_EXCEEDED: You attempted to exceed the
|
|
// number of policies of a certain type that can be attached to an entity
|
|
// at one time.
|
|
//
|
|
// * MIN_POLICY_TYPE_ATTACHMENT_LIMIT_EXCEEDED: You attempted to detach a
|
|
// policy from an entity that would cause the entity to have fewer than the
|
|
// minimum number of policies of a certain type required.
|
|
//
|
|
// * ACCOUNT_CANNOT_LEAVE_WITHOUT_EULA: You attempted to remove an account
|
|
// from the organization that does not yet have enough information to exist
|
|
// as a stand-alone account. This account requires you to first agree to
|
|
// the AWS Customer Agreement. Follow the steps at To leave an organization
|
|
// when all required account information has not yet been provided (http://docs.aws.amazon.com/organizations/latest/userguide/orgs_manage_accounts_remove.html#leave-without-all-info)
|
|
// in the AWS Organizations User Guide.
|
|
//
|
|
// * ACCOUNT_CANNOT_LEAVE_WITHOUT_PHONE_VERIFICATION: You attempted to remove
|
|
// an account from the organization that does not yet have enough information
|
|
// to exist as a stand-alone account. This account requires you to first
|
|
// complete phone verification. Follow the steps at To leave an organization
|
|
// when all required account information has not yet been provided (http://docs.aws.amazon.com/organizations/latest/userguide/orgs_manage_accounts_remove.html#leave-without-all-info)
|
|
// in the AWS Organizations User Guide.
|
|
//
|
|
// * MASTER_ACCOUNT_PAYMENT_INSTRUMENT_REQUIRED: To create an organization
|
|
// with this account, you first must associate a payment instrument, such
|
|
// as a credit card, with the account. Follow the steps at To leave an organization
|
|
// when all required account information has not yet been provided (http://docs.aws.amazon.com/organizations/latest/userguide/orgs_manage_accounts_remove.html#leave-without-all-info)
|
|
// in the AWS Organizations User Guide.
|
|
//
|
|
// * MEMBER_ACCOUNT_PAYMENT_INSTRUMENT_REQUIRED: To complete this operation
|
|
// with this member account, you first must associate a payment instrument,
|
|
// such as a credit card, with the account. Follow the steps at To leave
|
|
// an organization when all required account information has not yet been
|
|
// provided (http://docs.aws.amazon.com/organizations/latest/userguide/orgs_manage_accounts_remove.html#leave-without-all-info)
|
|
// in the AWS Organizations User Guide.
|
|
//
|
|
// * ACCOUNT_CREATION_RATE_LIMIT_EXCEEDED: You attempted to exceed the number
|
|
// of accounts that you can create in one day.
|
|
//
|
|
// * MASTER_ACCOUNT_ADDRESS_DOES_NOT_MATCH_MARKETPLACE: To create an account
|
|
// in this organization, you first must migrate the organization's master
|
|
// account to the marketplace that corresponds to the master account's address.
|
|
// For example, accounts with India addresses must be associated with the
|
|
// AISPL marketplace. All accounts in an organization must be associated
|
|
// with the same marketplace.
|
|
//
|
|
// * MASTER_ACCOUNT_MISSING_CONTACT_INFO: To complete this operation, you
|
|
// must first provide contact a valid address and phone number for the master
|
|
// account. Then try the operation again.
|
|
//
|
|
// * ErrCodeInvalidInputException "InvalidInputException"
|
|
// The requested operation failed because you provided invalid values for one
|
|
// or more of the request parameters. This exception includes a reason that
|
|
// contains additional information about the violated limit:
|
|
//
|
|
// Some of the reasons in the following list might not be applicable to this
|
|
// specific API or operation:
|
|
//
|
|
// * IMMUTABLE_POLICY: You specified a policy that is managed by AWS and
|
|
// cannot be modified.
|
|
//
|
|
// * INPUT_REQUIRED: You must include a value for all required parameters.
|
|
//
|
|
// * INVALID_ENUM: You specified a value that is not valid for that parameter.
|
|
//
|
|
// * INVALID_FULL_NAME_TARGET: You specified a full name that contains invalid
|
|
// characters.
|
|
//
|
|
// * INVALID_LIST_MEMBER: You provided a list to a parameter that contains
|
|
// at least one invalid value.
|
|
//
|
|
// * INVALID_PARTY_TYPE_TARGET: You specified the wrong type of entity (account,
|
|
// organization, or email) as a party.
|
|
//
|
|
// * INVALID_PAGINATION_TOKEN: Get the value for the NextToken parameter
|
|
// from the response to a previous call of the operation.
|
|
//
|
|
// * INVALID_PATTERN: You provided a value that doesn't match the required
|
|
// pattern.
|
|
//
|
|
// * INVALID_PATTERN_TARGET_ID: You specified a policy target ID that doesn't
|
|
// match the required pattern.
|
|
//
|
|
// * INVALID_ROLE_NAME: You provided a role name that is not valid. A role
|
|
// name can’t begin with the reserved prefix 'AWSServiceRoleFor'.
|
|
//
|
|
// * INVALID_SYNTAX_ORGANIZATION_ARN: You specified an invalid ARN for the
|
|
// organization.
|
|
//
|
|
// * INVALID_SYNTAX_POLICY_ID: You specified an invalid policy ID.
|
|
//
|
|
// * MAX_FILTER_LIMIT_EXCEEDED: You can specify only one filter parameter
|
|
// for the operation.
|
|
//
|
|
// * MAX_LENGTH_EXCEEDED: You provided a string parameter that is longer
|
|
// than allowed.
|
|
//
|
|
// * MAX_VALUE_EXCEEDED: You provided a numeric parameter that has a larger
|
|
// value than allowed.
|
|
//
|
|
// * MIN_LENGTH_EXCEEDED: You provided a string parameter that is shorter
|
|
// than allowed.
|
|
//
|
|
// * MIN_VALUE_EXCEEDED: You provided a numeric parameter that has a smaller
|
|
// value than allowed.
|
|
//
|
|
// * MOVING_ACCOUNT_BETWEEN_DIFFERENT_ROOTS: You can move an account only
|
|
// between entities in the same root.
|
|
//
|
|
// * ErrCodeServiceException "ServiceException"
|
|
// AWS Organizations can't complete your request because of an internal service
|
|
// error. Try again later.
|
|
//
|
|
// * ErrCodeTooManyRequestsException "TooManyRequestsException"
|
|
// You've sent too many requests in too short a period of time. The limit helps
|
|
// protect against denial-of-service attacks. Try again later.
|
|
//
|
|
// See also, https://docs.aws.amazon.com/goto/WebAPI/organizations-2016-11-28/EnableAWSServiceAccess
|
|
func (c *Organizations) EnableAWSServiceAccess(input *EnableAWSServiceAccessInput) (*EnableAWSServiceAccessOutput, error) {
|
|
req, out := c.EnableAWSServiceAccessRequest(input)
|
|
return out, req.Send()
|
|
}
|
|
|
|
// EnableAWSServiceAccessWithContext is the same as EnableAWSServiceAccess with the addition of
|
|
// the ability to pass a context and additional request options.
|
|
//
|
|
// See EnableAWSServiceAccess for details on how to use this API operation.
|
|
//
|
|
// The context must be non-nil and will be used for request cancellation. If
|
|
// the context is nil a panic will occur. In the future the SDK may create
|
|
// sub-contexts for http.Requests. See https://golang.org/pkg/context/
|
|
// for more information on using Contexts.
|
|
func (c *Organizations) EnableAWSServiceAccessWithContext(ctx aws.Context, input *EnableAWSServiceAccessInput, opts ...request.Option) (*EnableAWSServiceAccessOutput, error) {
|
|
req, out := c.EnableAWSServiceAccessRequest(input)
|
|
req.SetContext(ctx)
|
|
req.ApplyOptions(opts...)
|
|
return out, req.Send()
|
|
}
|
|
|
|
const opEnableAllFeatures = "EnableAllFeatures"
|
|
|
|
// EnableAllFeaturesRequest generates a "aws/request.Request" representing the
|
|
// client's request for the EnableAllFeatures operation. The "output" return
|
|
// value will be populated with the request's response once the request completes
|
|
// successfuly.
|
|
//
|
|
// Use "Send" method on the returned Request to send the API call to the service.
|
|
// the "output" return value is not valid until after Send returns without error.
|
|
//
|
|
// See EnableAllFeatures for more information on using the EnableAllFeatures
|
|
// API call, and error handling.
|
|
//
|
|
// This method is useful when you want to inject custom logic or configuration
|
|
// into the SDK's request lifecycle. Such as custom headers, or retry logic.
|
|
//
|
|
//
|
|
// // Example sending a request using the EnableAllFeaturesRequest method.
|
|
// req, resp := client.EnableAllFeaturesRequest(params)
|
|
//
|
|
// err := req.Send()
|
|
// if err == nil { // resp is now filled
|
|
// fmt.Println(resp)
|
|
// }
|
|
//
|
|
// See also, https://docs.aws.amazon.com/goto/WebAPI/organizations-2016-11-28/EnableAllFeatures
|
|
func (c *Organizations) EnableAllFeaturesRequest(input *EnableAllFeaturesInput) (req *request.Request, output *EnableAllFeaturesOutput) {
|
|
op := &request.Operation{
|
|
Name: opEnableAllFeatures,
|
|
HTTPMethod: "POST",
|
|
HTTPPath: "/",
|
|
}
|
|
|
|
if input == nil {
|
|
input = &EnableAllFeaturesInput{}
|
|
}
|
|
|
|
output = &EnableAllFeaturesOutput{}
|
|
req = c.newRequest(op, input, output)
|
|
return
|
|
}
|
|
|
|
// EnableAllFeatures API operation for AWS Organizations.
|
|
//
|
|
// Enables all features in an organization. This enables the use of organization
|
|
// policies that can restrict the services and actions that can be called in
|
|
// each account. Until you enable all features, you have access only to consolidated
|
|
// billing, and you can't use any of the advanced account administration features
|
|
// that AWS Organizations supports. For more information, see Enabling All Features
|
|
// in Your Organization (http://docs.aws.amazon.com/organizations/latest/userguide/orgs_manage_org_support-all-features.html)
|
|
// in the AWS Organizations User Guide.
|
|
//
|
|
// This operation is required only for organizations that were created explicitly
|
|
// with only the consolidated billing features enabled, or that were migrated
|
|
// from a Consolidated Billing account family to Organizations. Calling this
|
|
// operation sends a handshake to every invited account in the organization.
|
|
// The feature set change can be finalized and the additional features enabled
|
|
// only after all administrators in the invited accounts approve the change
|
|
// by accepting the handshake.
|
|
//
|
|
// After you enable all features, you can separately enable or disable individual
|
|
// policy types in a root using EnablePolicyType and DisablePolicyType. To see
|
|
// the status of policy types in a root, use ListRoots.
|
|
//
|
|
// After all invited member accounts accept the handshake, you finalize the
|
|
// feature set change by accepting the handshake that contains "Action": "ENABLE_ALL_FEATURES".
|
|
// This completes the change.
|
|
//
|
|
// After you enable all features in your organization, the master account in
|
|
// the organization can apply policies on all member accounts. These policies
|
|
// can restrict what users and even administrators in those accounts can do.
|
|
// The master account can apply policies that prevent accounts from leaving
|
|
// the organization. Ensure that your account administrators are aware of this.
|
|
//
|
|
// This operation can be called only from the organization's master account.
|
|
//
|
|
// Returns awserr.Error for service API and SDK errors. Use runtime type assertions
|
|
// with awserr.Error's Code and Message methods to get detailed information about
|
|
// the error.
|
|
//
|
|
// See the AWS API reference guide for AWS Organizations's
|
|
// API operation EnableAllFeatures for usage and error information.
|
|
//
|
|
// Returned Error Codes:
|
|
// * ErrCodeAccessDeniedException "AccessDeniedException"
|
|
// You don't have permissions to perform the requested operation. The user or
|
|
// role that is making the request must have at least one IAM permissions policy
|
|
// attached that grants the required permissions. For more information, see
|
|
// Access Management (http://docs.aws.amazon.com/IAM/latest/UserGuide/access.html)
|
|
// in the IAM User Guide.
|
|
//
|
|
// * ErrCodeAWSOrganizationsNotInUseException "AWSOrganizationsNotInUseException"
|
|
// Your account is not a member of an organization. To make this request, you
|
|
// must use the credentials of an account that belongs to an organization.
|
|
//
|
|
// * ErrCodeConcurrentModificationException "ConcurrentModificationException"
|
|
// The target of the operation is currently being modified by a different request.
|
|
// Try again later.
|
|
//
|
|
// * ErrCodeHandshakeConstraintViolationException "HandshakeConstraintViolationException"
|
|
// The requested operation would violate the constraint identified in the reason
|
|
// code.
|
|
//
|
|
// Some of the reasons in the following list might not be applicable to this
|
|
// specific API or operation:
|
|
//
|
|
// * ACCOUNT_NUMBER_LIMIT_EXCEEDED: You attempted to exceed the limit on
|
|
// the number of accounts in an organization. Note: deleted and closed accounts
|
|
// still count toward your limit.
|
|
//
|
|
// If you get an exception that indicates that you exceeded your account limits
|
|
// for the organization or that you can"t add an account because your organization
|
|
// is still initializing, please contact AWS Customer Support (https://console.aws.amazon.com/support/home#/).
|
|
//
|
|
// * HANDSHAKE_RATE_LIMIT_EXCEEDED: You attempted to exceed the number of
|
|
// handshakes you can send in one day.
|
|
//
|
|
// * ALREADY_IN_AN_ORGANIZATION: The handshake request is invalid because
|
|
// the invited account is already a member of an organization.
|
|
//
|
|
// * ORGANIZATION_ALREADY_HAS_ALL_FEATURES: The handshake request is invalid
|
|
// because the organization has already enabled all features.
|
|
//
|
|
// * INVITE_DISABLED_DURING_ENABLE_ALL_FEATURES: You cannot issue new invitations
|
|
// to join an organization while it is in the process of enabling all features.
|
|
// You can resume inviting accounts after you finalize the process when all
|
|
// accounts have agreed to the change.
|
|
//
|
|
// * PAYMENT_INSTRUMENT_REQUIRED: You cannot complete the operation with
|
|
// an account that does not have a payment instrument, such as a credit card,
|
|
// associated with it.
|
|
//
|
|
// * ORGANIZATION_FROM_DIFFERENT_SELLER_OF_RECORD: The request failed because
|
|
// the account is from a different marketplace than the accounts in the organization.
|
|
// For example, accounts with India addresses must be associated with the
|
|
// AISPL marketplace. All accounts in an organization must be from the same
|
|
// marketplace.
|
|
//
|
|
// * ORGANIZATION_MEMBERSHIP_CHANGE_RATE_LIMIT_EXCEEDED: You attempted to
|
|
// change the membership of an account too quickly after its previous change.
|
|
//
|
|
// * ErrCodeInvalidInputException "InvalidInputException"
|
|
// The requested operation failed because you provided invalid values for one
|
|
// or more of the request parameters. This exception includes a reason that
|
|
// contains additional information about the violated limit:
|
|
//
|
|
// Some of the reasons in the following list might not be applicable to this
|
|
// specific API or operation:
|
|
//
|
|
// * IMMUTABLE_POLICY: You specified a policy that is managed by AWS and
|
|
// cannot be modified.
|
|
//
|
|
// * INPUT_REQUIRED: You must include a value for all required parameters.
|
|
//
|
|
// * INVALID_ENUM: You specified a value that is not valid for that parameter.
|
|
//
|
|
// * INVALID_FULL_NAME_TARGET: You specified a full name that contains invalid
|
|
// characters.
|
|
//
|
|
// * INVALID_LIST_MEMBER: You provided a list to a parameter that contains
|
|
// at least one invalid value.
|
|
//
|
|
// * INVALID_PARTY_TYPE_TARGET: You specified the wrong type of entity (account,
|
|
// organization, or email) as a party.
|
|
//
|
|
// * INVALID_PAGINATION_TOKEN: Get the value for the NextToken parameter
|
|
// from the response to a previous call of the operation.
|
|
//
|
|
// * INVALID_PATTERN: You provided a value that doesn't match the required
|
|
// pattern.
|
|
//
|
|
// * INVALID_PATTERN_TARGET_ID: You specified a policy target ID that doesn't
|
|
// match the required pattern.
|
|
//
|
|
// * INVALID_ROLE_NAME: You provided a role name that is not valid. A role
|
|
// name can’t begin with the reserved prefix 'AWSServiceRoleFor'.
|
|
//
|
|
// * INVALID_SYNTAX_ORGANIZATION_ARN: You specified an invalid ARN for the
|
|
// organization.
|
|
//
|
|
// * INVALID_SYNTAX_POLICY_ID: You specified an invalid policy ID.
|
|
//
|
|
// * MAX_FILTER_LIMIT_EXCEEDED: You can specify only one filter parameter
|
|
// for the operation.
|
|
//
|
|
// * MAX_LENGTH_EXCEEDED: You provided a string parameter that is longer
|
|
// than allowed.
|
|
//
|
|
// * MAX_VALUE_EXCEEDED: You provided a numeric parameter that has a larger
|
|
// value than allowed.
|
|
//
|
|
// * MIN_LENGTH_EXCEEDED: You provided a string parameter that is shorter
|
|
// than allowed.
|
|
//
|
|
// * MIN_VALUE_EXCEEDED: You provided a numeric parameter that has a smaller
|
|
// value than allowed.
|
|
//
|
|
// * MOVING_ACCOUNT_BETWEEN_DIFFERENT_ROOTS: You can move an account only
|
|
// between entities in the same root.
|
|
//
|
|
// * ErrCodeServiceException "ServiceException"
|
|
// AWS Organizations can't complete your request because of an internal service
|
|
// error. Try again later.
|
|
//
|
|
// * ErrCodeTooManyRequestsException "TooManyRequestsException"
|
|
// You've sent too many requests in too short a period of time. The limit helps
|
|
// protect against denial-of-service attacks. Try again later.
|
|
//
|
|
// See also, https://docs.aws.amazon.com/goto/WebAPI/organizations-2016-11-28/EnableAllFeatures
|
|
func (c *Organizations) EnableAllFeatures(input *EnableAllFeaturesInput) (*EnableAllFeaturesOutput, error) {
|
|
req, out := c.EnableAllFeaturesRequest(input)
|
|
return out, req.Send()
|
|
}
|
|
|
|
// EnableAllFeaturesWithContext is the same as EnableAllFeatures with the addition of
|
|
// the ability to pass a context and additional request options.
|
|
//
|
|
// See EnableAllFeatures for details on how to use this API operation.
|
|
//
|
|
// The context must be non-nil and will be used for request cancellation. If
|
|
// the context is nil a panic will occur. In the future the SDK may create
|
|
// sub-contexts for http.Requests. See https://golang.org/pkg/context/
|
|
// for more information on using Contexts.
|
|
func (c *Organizations) EnableAllFeaturesWithContext(ctx aws.Context, input *EnableAllFeaturesInput, opts ...request.Option) (*EnableAllFeaturesOutput, error) {
|
|
req, out := c.EnableAllFeaturesRequest(input)
|
|
req.SetContext(ctx)
|
|
req.ApplyOptions(opts...)
|
|
return out, req.Send()
|
|
}
|
|
|
|
const opEnablePolicyType = "EnablePolicyType"
|
|
|
|
// EnablePolicyTypeRequest generates a "aws/request.Request" representing the
|
|
// client's request for the EnablePolicyType operation. The "output" return
|
|
// value will be populated with the request's response once the request completes
|
|
// successfuly.
|
|
//
|
|
// Use "Send" method on the returned Request to send the API call to the service.
|
|
// the "output" return value is not valid until after Send returns without error.
|
|
//
|
|
// See EnablePolicyType for more information on using the EnablePolicyType
|
|
// API call, and error handling.
|
|
//
|
|
// This method is useful when you want to inject custom logic or configuration
|
|
// into the SDK's request lifecycle. Such as custom headers, or retry logic.
|
|
//
|
|
//
|
|
// // Example sending a request using the EnablePolicyTypeRequest method.
|
|
// req, resp := client.EnablePolicyTypeRequest(params)
|
|
//
|
|
// err := req.Send()
|
|
// if err == nil { // resp is now filled
|
|
// fmt.Println(resp)
|
|
// }
|
|
//
|
|
// See also, https://docs.aws.amazon.com/goto/WebAPI/organizations-2016-11-28/EnablePolicyType
|
|
func (c *Organizations) EnablePolicyTypeRequest(input *EnablePolicyTypeInput) (req *request.Request, output *EnablePolicyTypeOutput) {
|
|
op := &request.Operation{
|
|
Name: opEnablePolicyType,
|
|
HTTPMethod: "POST",
|
|
HTTPPath: "/",
|
|
}
|
|
|
|
if input == nil {
|
|
input = &EnablePolicyTypeInput{}
|
|
}
|
|
|
|
output = &EnablePolicyTypeOutput{}
|
|
req = c.newRequest(op, input, output)
|
|
return
|
|
}
|
|
|
|
// EnablePolicyType API operation for AWS Organizations.
|
|
//
|
|
// Enables a policy type in a root. After you enable a policy type in a root,
|
|
// you can attach policies of that type to the root, any OU, or account in that
|
|
// root. You can undo this by using the DisablePolicyType operation.
|
|
//
|
|
// This operation can be called only from the organization's master account.
|
|
//
|
|
// You can enable a policy type in a root only if that policy type is available
|
|
// in the organization. Use DescribeOrganization to view the status of available
|
|
// policy types in the organization.
|
|
//
|
|
// To view the status of policy type in a root, use ListRoots.
|
|
//
|
|
// Returns awserr.Error for service API and SDK errors. Use runtime type assertions
|
|
// with awserr.Error's Code and Message methods to get detailed information about
|
|
// the error.
|
|
//
|
|
// See the AWS API reference guide for AWS Organizations's
|
|
// API operation EnablePolicyType for usage and error information.
|
|
//
|
|
// Returned Error Codes:
|
|
// * ErrCodeAccessDeniedException "AccessDeniedException"
|
|
// You don't have permissions to perform the requested operation. The user or
|
|
// role that is making the request must have at least one IAM permissions policy
|
|
// attached that grants the required permissions. For more information, see
|
|
// Access Management (http://docs.aws.amazon.com/IAM/latest/UserGuide/access.html)
|
|
// in the IAM User Guide.
|
|
//
|
|
// * ErrCodeAWSOrganizationsNotInUseException "AWSOrganizationsNotInUseException"
|
|
// Your account is not a member of an organization. To make this request, you
|
|
// must use the credentials of an account that belongs to an organization.
|
|
//
|
|
// * ErrCodeConcurrentModificationException "ConcurrentModificationException"
|
|
// The target of the operation is currently being modified by a different request.
|
|
// Try again later.
|
|
//
|
|
// * ErrCodeConstraintViolationException "ConstraintViolationException"
|
|
// Performing this operation violates a minimum or maximum value limit. For
|
|
// example, attempting to removing the last SCP from an OU or root, inviting
|
|
// or creating too many accounts to the organization, or attaching too many
|
|
// policies to an account, OU, or root. This exception includes a reason that
|
|
// contains additional information about the violated limit:
|
|
//
|
|
// Some of the reasons in the following list might not be applicable to this
|
|
// specific API or operation:
|
|
//
|
|
// ACCOUNT_NUMBER_LIMIT_EXCEEDED: You attempted to exceed the limit on the number
|
|
// of accounts in an organization. If you need more accounts, contact AWS Support
|
|
// to request an increase in your limit.
|
|
//
|
|
// Or, The number of invitations that you tried to send would cause you to exceed
|
|
// the limit of accounts in your organization. Send fewer invitations, or contact
|
|
// AWS Support to request an increase in the number of accounts.
|
|
//
|
|
// Note: deleted and closed accounts still count toward your limit.
|
|
//
|
|
// If you get an exception that indicates that you exceeded your account limits
|
|
// for the organization or that you can"t add an account because your organization
|
|
// is still initializing, please contact AWS Customer Support (https://console.aws.amazon.com/support/home#/).
|
|
//
|
|
// * HANDSHAKE_RATE_LIMIT_EXCEEDED: You attempted to exceed the number of
|
|
// handshakes you can send in one day.
|
|
//
|
|
// * OU_NUMBER_LIMIT_EXCEEDED: You attempted to exceed the number of organizational
|
|
// units you can have in an organization.
|
|
//
|
|
// * OU_DEPTH_LIMIT_EXCEEDED: You attempted to create an organizational unit
|
|
// tree that is too many levels deep.
|
|
//
|
|
// * POLICY_NUMBER_LIMIT_EXCEEDED. You attempted to exceed the number of
|
|
// policies that you can have in an organization.
|
|
//
|
|
// * MAX_POLICY_TYPE_ATTACHMENT_LIMIT_EXCEEDED: You attempted to exceed the
|
|
// number of policies of a certain type that can be attached to an entity
|
|
// at one time.
|
|
//
|
|
// * MIN_POLICY_TYPE_ATTACHMENT_LIMIT_EXCEEDED: You attempted to detach a
|
|
// policy from an entity that would cause the entity to have fewer than the
|
|
// minimum number of policies of a certain type required.
|
|
//
|
|
// * ACCOUNT_CANNOT_LEAVE_WITHOUT_EULA: You attempted to remove an account
|
|
// from the organization that does not yet have enough information to exist
|
|
// as a stand-alone account. This account requires you to first agree to
|
|
// the AWS Customer Agreement. Follow the steps at To leave an organization
|
|
// when all required account information has not yet been provided (http://docs.aws.amazon.com/organizations/latest/userguide/orgs_manage_accounts_remove.html#leave-without-all-info)
|
|
// in the AWS Organizations User Guide.
|
|
//
|
|
// * ACCOUNT_CANNOT_LEAVE_WITHOUT_PHONE_VERIFICATION: You attempted to remove
|
|
// an account from the organization that does not yet have enough information
|
|
// to exist as a stand-alone account. This account requires you to first
|
|
// complete phone verification. Follow the steps at To leave an organization
|
|
// when all required account information has not yet been provided (http://docs.aws.amazon.com/organizations/latest/userguide/orgs_manage_accounts_remove.html#leave-without-all-info)
|
|
// in the AWS Organizations User Guide.
|
|
//
|
|
// * MASTER_ACCOUNT_PAYMENT_INSTRUMENT_REQUIRED: To create an organization
|
|
// with this account, you first must associate a payment instrument, such
|
|
// as a credit card, with the account. Follow the steps at To leave an organization
|
|
// when all required account information has not yet been provided (http://docs.aws.amazon.com/organizations/latest/userguide/orgs_manage_accounts_remove.html#leave-without-all-info)
|
|
// in the AWS Organizations User Guide.
|
|
//
|
|
// * MEMBER_ACCOUNT_PAYMENT_INSTRUMENT_REQUIRED: To complete this operation
|
|
// with this member account, you first must associate a payment instrument,
|
|
// such as a credit card, with the account. Follow the steps at To leave
|
|
// an organization when all required account information has not yet been
|
|
// provided (http://docs.aws.amazon.com/organizations/latest/userguide/orgs_manage_accounts_remove.html#leave-without-all-info)
|
|
// in the AWS Organizations User Guide.
|
|
//
|
|
// * ACCOUNT_CREATION_RATE_LIMIT_EXCEEDED: You attempted to exceed the number
|
|
// of accounts that you can create in one day.
|
|
//
|
|
// * MASTER_ACCOUNT_ADDRESS_DOES_NOT_MATCH_MARKETPLACE: To create an account
|
|
// in this organization, you first must migrate the organization's master
|
|
// account to the marketplace that corresponds to the master account's address.
|
|
// For example, accounts with India addresses must be associated with the
|
|
// AISPL marketplace. All accounts in an organization must be associated
|
|
// with the same marketplace.
|
|
//
|
|
// * MASTER_ACCOUNT_MISSING_CONTACT_INFO: To complete this operation, you
|
|
// must first provide contact a valid address and phone number for the master
|
|
// account. Then try the operation again.
|
|
//
|
|
// * ErrCodeInvalidInputException "InvalidInputException"
|
|
// The requested operation failed because you provided invalid values for one
|
|
// or more of the request parameters. This exception includes a reason that
|
|
// contains additional information about the violated limit:
|
|
//
|
|
// Some of the reasons in the following list might not be applicable to this
|
|
// specific API or operation:
|
|
//
|
|
// * IMMUTABLE_POLICY: You specified a policy that is managed by AWS and
|
|
// cannot be modified.
|
|
//
|
|
// * INPUT_REQUIRED: You must include a value for all required parameters.
|
|
//
|
|
// * INVALID_ENUM: You specified a value that is not valid for that parameter.
|
|
//
|
|
// * INVALID_FULL_NAME_TARGET: You specified a full name that contains invalid
|
|
// characters.
|
|
//
|
|
// * INVALID_LIST_MEMBER: You provided a list to a parameter that contains
|
|
// at least one invalid value.
|
|
//
|
|
// * INVALID_PARTY_TYPE_TARGET: You specified the wrong type of entity (account,
|
|
// organization, or email) as a party.
|
|
//
|
|
// * INVALID_PAGINATION_TOKEN: Get the value for the NextToken parameter
|
|
// from the response to a previous call of the operation.
|
|
//
|
|
// * INVALID_PATTERN: You provided a value that doesn't match the required
|
|
// pattern.
|
|
//
|
|
// * INVALID_PATTERN_TARGET_ID: You specified a policy target ID that doesn't
|
|
// match the required pattern.
|
|
//
|
|
// * INVALID_ROLE_NAME: You provided a role name that is not valid. A role
|
|
// name can’t begin with the reserved prefix 'AWSServiceRoleFor'.
|
|
//
|
|
// * INVALID_SYNTAX_ORGANIZATION_ARN: You specified an invalid ARN for the
|
|
// organization.
|
|
//
|
|
// * INVALID_SYNTAX_POLICY_ID: You specified an invalid policy ID.
|
|
//
|
|
// * MAX_FILTER_LIMIT_EXCEEDED: You can specify only one filter parameter
|
|
// for the operation.
|
|
//
|
|
// * MAX_LENGTH_EXCEEDED: You provided a string parameter that is longer
|
|
// than allowed.
|
|
//
|
|
// * MAX_VALUE_EXCEEDED: You provided a numeric parameter that has a larger
|
|
// value than allowed.
|
|
//
|
|
// * MIN_LENGTH_EXCEEDED: You provided a string parameter that is shorter
|
|
// than allowed.
|
|
//
|
|
// * MIN_VALUE_EXCEEDED: You provided a numeric parameter that has a smaller
|
|
// value than allowed.
|
|
//
|
|
// * MOVING_ACCOUNT_BETWEEN_DIFFERENT_ROOTS: You can move an account only
|
|
// between entities in the same root.
|
|
//
|
|
// * ErrCodePolicyTypeAlreadyEnabledException "PolicyTypeAlreadyEnabledException"
|
|
// The specified policy type is already enabled in the specified root.
|
|
//
|
|
// * ErrCodeRootNotFoundException "RootNotFoundException"
|
|
// We can't find a root with the RootId that you specified.
|
|
//
|
|
// * ErrCodeServiceException "ServiceException"
|
|
// AWS Organizations can't complete your request because of an internal service
|
|
// error. Try again later.
|
|
//
|
|
// * ErrCodeTooManyRequestsException "TooManyRequestsException"
|
|
// You've sent too many requests in too short a period of time. The limit helps
|
|
// protect against denial-of-service attacks. Try again later.
|
|
//
|
|
// * ErrCodePolicyTypeNotAvailableForOrganizationException "PolicyTypeNotAvailableForOrganizationException"
|
|
// You can't use the specified policy type with the feature set currently enabled
|
|
// for this organization. For example, you can enable service control policies
|
|
// (SCPs) only after you enable all features in the organization. For more information,
|
|
// see Enabling and Disabling a Policy Type on a Root (http://docs.aws.amazon.com/organizations/latest/userguide/orgs_manage_policies.html#enable_policies_on_root)
|
|
// in the AWS Organizations User Guide.
|
|
//
|
|
// See also, https://docs.aws.amazon.com/goto/WebAPI/organizations-2016-11-28/EnablePolicyType
|
|
func (c *Organizations) EnablePolicyType(input *EnablePolicyTypeInput) (*EnablePolicyTypeOutput, error) {
|
|
req, out := c.EnablePolicyTypeRequest(input)
|
|
return out, req.Send()
|
|
}
|
|
|
|
// EnablePolicyTypeWithContext is the same as EnablePolicyType with the addition of
|
|
// the ability to pass a context and additional request options.
|
|
//
|
|
// See EnablePolicyType for details on how to use this API operation.
|
|
//
|
|
// The context must be non-nil and will be used for request cancellation. If
|
|
// the context is nil a panic will occur. In the future the SDK may create
|
|
// sub-contexts for http.Requests. See https://golang.org/pkg/context/
|
|
// for more information on using Contexts.
|
|
func (c *Organizations) EnablePolicyTypeWithContext(ctx aws.Context, input *EnablePolicyTypeInput, opts ...request.Option) (*EnablePolicyTypeOutput, error) {
|
|
req, out := c.EnablePolicyTypeRequest(input)
|
|
req.SetContext(ctx)
|
|
req.ApplyOptions(opts...)
|
|
return out, req.Send()
|
|
}
|
|
|
|
const opInviteAccountToOrganization = "InviteAccountToOrganization"
|
|
|
|
// InviteAccountToOrganizationRequest generates a "aws/request.Request" representing the
|
|
// client's request for the InviteAccountToOrganization operation. The "output" return
|
|
// value will be populated with the request's response once the request completes
|
|
// successfuly.
|
|
//
|
|
// Use "Send" method on the returned Request to send the API call to the service.
|
|
// the "output" return value is not valid until after Send returns without error.
|
|
//
|
|
// See InviteAccountToOrganization for more information on using the InviteAccountToOrganization
|
|
// API call, and error handling.
|
|
//
|
|
// This method is useful when you want to inject custom logic or configuration
|
|
// into the SDK's request lifecycle. Such as custom headers, or retry logic.
|
|
//
|
|
//
|
|
// // Example sending a request using the InviteAccountToOrganizationRequest method.
|
|
// req, resp := client.InviteAccountToOrganizationRequest(params)
|
|
//
|
|
// err := req.Send()
|
|
// if err == nil { // resp is now filled
|
|
// fmt.Println(resp)
|
|
// }
|
|
//
|
|
// See also, https://docs.aws.amazon.com/goto/WebAPI/organizations-2016-11-28/InviteAccountToOrganization
|
|
func (c *Organizations) InviteAccountToOrganizationRequest(input *InviteAccountToOrganizationInput) (req *request.Request, output *InviteAccountToOrganizationOutput) {
|
|
op := &request.Operation{
|
|
Name: opInviteAccountToOrganization,
|
|
HTTPMethod: "POST",
|
|
HTTPPath: "/",
|
|
}
|
|
|
|
if input == nil {
|
|
input = &InviteAccountToOrganizationInput{}
|
|
}
|
|
|
|
output = &InviteAccountToOrganizationOutput{}
|
|
req = c.newRequest(op, input, output)
|
|
return
|
|
}
|
|
|
|
// InviteAccountToOrganization API operation for AWS Organizations.
|
|
//
|
|
// Sends an invitation to another account to join your organization as a member
|
|
// account. Organizations sends email on your behalf to the email address that
|
|
// is associated with the other account's owner. The invitation is implemented
|
|
// as a Handshake whose details are in the response.
|
|
//
|
|
// You can invite AWS accounts only from the same seller as the master account.
|
|
// For example, if your organization's master account was created by Amazon
|
|
// Internet Services Pvt. Ltd (AISPL), an AWS seller in India, then you can
|
|
// only invite other AISPL accounts to your organization. You can't combine
|
|
// accounts from AISPL and AWS, or any other AWS seller. For more information,
|
|
// see Consolidated Billing in India (http://docs.aws.amazon.com/awsaccountbilling/latest/aboutv2/useconsolidatedbilliing-India.html).
|
|
//
|
|
// This operation can be called only from the organization's master account.
|
|
//
|
|
// If you get an exception that indicates that you exceeded your account limits
|
|
// for the organization or that you can"t add an account because your organization
|
|
// is still initializing, please contact AWS Customer Support (https://console.aws.amazon.com/support/home#/).
|
|
//
|
|
// Returns awserr.Error for service API and SDK errors. Use runtime type assertions
|
|
// with awserr.Error's Code and Message methods to get detailed information about
|
|
// the error.
|
|
//
|
|
// See the AWS API reference guide for AWS Organizations's
|
|
// API operation InviteAccountToOrganization for usage and error information.
|
|
//
|
|
// Returned Error Codes:
|
|
// * ErrCodeAccessDeniedException "AccessDeniedException"
|
|
// You don't have permissions to perform the requested operation. The user or
|
|
// role that is making the request must have at least one IAM permissions policy
|
|
// attached that grants the required permissions. For more information, see
|
|
// Access Management (http://docs.aws.amazon.com/IAM/latest/UserGuide/access.html)
|
|
// in the IAM User Guide.
|
|
//
|
|
// * ErrCodeAWSOrganizationsNotInUseException "AWSOrganizationsNotInUseException"
|
|
// Your account is not a member of an organization. To make this request, you
|
|
// must use the credentials of an account that belongs to an organization.
|
|
//
|
|
// * ErrCodeConcurrentModificationException "ConcurrentModificationException"
|
|
// The target of the operation is currently being modified by a different request.
|
|
// Try again later.
|
|
//
|
|
// * ErrCodeHandshakeConstraintViolationException "HandshakeConstraintViolationException"
|
|
// The requested operation would violate the constraint identified in the reason
|
|
// code.
|
|
//
|
|
// Some of the reasons in the following list might not be applicable to this
|
|
// specific API or operation:
|
|
//
|
|
// * ACCOUNT_NUMBER_LIMIT_EXCEEDED: You attempted to exceed the limit on
|
|
// the number of accounts in an organization. Note: deleted and closed accounts
|
|
// still count toward your limit.
|
|
//
|
|
// If you get an exception that indicates that you exceeded your account limits
|
|
// for the organization or that you can"t add an account because your organization
|
|
// is still initializing, please contact AWS Customer Support (https://console.aws.amazon.com/support/home#/).
|
|
//
|
|
// * HANDSHAKE_RATE_LIMIT_EXCEEDED: You attempted to exceed the number of
|
|
// handshakes you can send in one day.
|
|
//
|
|
// * ALREADY_IN_AN_ORGANIZATION: The handshake request is invalid because
|
|
// the invited account is already a member of an organization.
|
|
//
|
|
// * ORGANIZATION_ALREADY_HAS_ALL_FEATURES: The handshake request is invalid
|
|
// because the organization has already enabled all features.
|
|
//
|
|
// * INVITE_DISABLED_DURING_ENABLE_ALL_FEATURES: You cannot issue new invitations
|
|
// to join an organization while it is in the process of enabling all features.
|
|
// You can resume inviting accounts after you finalize the process when all
|
|
// accounts have agreed to the change.
|
|
//
|
|
// * PAYMENT_INSTRUMENT_REQUIRED: You cannot complete the operation with
|
|
// an account that does not have a payment instrument, such as a credit card,
|
|
// associated with it.
|
|
//
|
|
// * ORGANIZATION_FROM_DIFFERENT_SELLER_OF_RECORD: The request failed because
|
|
// the account is from a different marketplace than the accounts in the organization.
|
|
// For example, accounts with India addresses must be associated with the
|
|
// AISPL marketplace. All accounts in an organization must be from the same
|
|
// marketplace.
|
|
//
|
|
// * ORGANIZATION_MEMBERSHIP_CHANGE_RATE_LIMIT_EXCEEDED: You attempted to
|
|
// change the membership of an account too quickly after its previous change.
|
|
//
|
|
// * ErrCodeDuplicateHandshakeException "DuplicateHandshakeException"
|
|
// A handshake with the same action and target already exists. For example,
|
|
// if you invited an account to join your organization, the invited account
|
|
// might already have a pending invitation from this organization. If you intend
|
|
// to resend an invitation to an account, ensure that existing handshakes that
|
|
// might be considered duplicates are canceled or declined.
|
|
//
|
|
// * ErrCodeInvalidInputException "InvalidInputException"
|
|
// The requested operation failed because you provided invalid values for one
|
|
// or more of the request parameters. This exception includes a reason that
|
|
// contains additional information about the violated limit:
|
|
//
|
|
// Some of the reasons in the following list might not be applicable to this
|
|
// specific API or operation:
|
|
//
|
|
// * IMMUTABLE_POLICY: You specified a policy that is managed by AWS and
|
|
// cannot be modified.
|
|
//
|
|
// * INPUT_REQUIRED: You must include a value for all required parameters.
|
|
//
|
|
// * INVALID_ENUM: You specified a value that is not valid for that parameter.
|
|
//
|
|
// * INVALID_FULL_NAME_TARGET: You specified a full name that contains invalid
|
|
// characters.
|
|
//
|
|
// * INVALID_LIST_MEMBER: You provided a list to a parameter that contains
|
|
// at least one invalid value.
|
|
//
|
|
// * INVALID_PARTY_TYPE_TARGET: You specified the wrong type of entity (account,
|
|
// organization, or email) as a party.
|
|
//
|
|
// * INVALID_PAGINATION_TOKEN: Get the value for the NextToken parameter
|
|
// from the response to a previous call of the operation.
|
|
//
|
|
// * INVALID_PATTERN: You provided a value that doesn't match the required
|
|
// pattern.
|
|
//
|
|
// * INVALID_PATTERN_TARGET_ID: You specified a policy target ID that doesn't
|
|
// match the required pattern.
|
|
//
|
|
// * INVALID_ROLE_NAME: You provided a role name that is not valid. A role
|
|
// name can’t begin with the reserved prefix 'AWSServiceRoleFor'.
|
|
//
|
|
// * INVALID_SYNTAX_ORGANIZATION_ARN: You specified an invalid ARN for the
|
|
// organization.
|
|
//
|
|
// * INVALID_SYNTAX_POLICY_ID: You specified an invalid policy ID.
|
|
//
|
|
// * MAX_FILTER_LIMIT_EXCEEDED: You can specify only one filter parameter
|
|
// for the operation.
|
|
//
|
|
// * MAX_LENGTH_EXCEEDED: You provided a string parameter that is longer
|
|
// than allowed.
|
|
//
|
|
// * MAX_VALUE_EXCEEDED: You provided a numeric parameter that has a larger
|
|
// value than allowed.
|
|
//
|
|
// * MIN_LENGTH_EXCEEDED: You provided a string parameter that is shorter
|
|
// than allowed.
|
|
//
|
|
// * MIN_VALUE_EXCEEDED: You provided a numeric parameter that has a smaller
|
|
// value than allowed.
|
|
//
|
|
// * MOVING_ACCOUNT_BETWEEN_DIFFERENT_ROOTS: You can move an account only
|
|
// between entities in the same root.
|
|
//
|
|
// * ErrCodeFinalizingOrganizationException "FinalizingOrganizationException"
|
|
// AWS Organizations could not finalize the creation of your organization. Try
|
|
// again later. If this persists, contact AWS customer support.
|
|
//
|
|
// * ErrCodeServiceException "ServiceException"
|
|
// AWS Organizations can't complete your request because of an internal service
|
|
// error. Try again later.
|
|
//
|
|
// * ErrCodeTooManyRequestsException "TooManyRequestsException"
|
|
// You've sent too many requests in too short a period of time. The limit helps
|
|
// protect against denial-of-service attacks. Try again later.
|
|
//
|
|
// See also, https://docs.aws.amazon.com/goto/WebAPI/organizations-2016-11-28/InviteAccountToOrganization
|
|
func (c *Organizations) InviteAccountToOrganization(input *InviteAccountToOrganizationInput) (*InviteAccountToOrganizationOutput, error) {
|
|
req, out := c.InviteAccountToOrganizationRequest(input)
|
|
return out, req.Send()
|
|
}
|
|
|
|
// InviteAccountToOrganizationWithContext is the same as InviteAccountToOrganization with the addition of
|
|
// the ability to pass a context and additional request options.
|
|
//
|
|
// See InviteAccountToOrganization for details on how to use this API operation.
|
|
//
|
|
// The context must be non-nil and will be used for request cancellation. If
|
|
// the context is nil a panic will occur. In the future the SDK may create
|
|
// sub-contexts for http.Requests. See https://golang.org/pkg/context/
|
|
// for more information on using Contexts.
|
|
func (c *Organizations) InviteAccountToOrganizationWithContext(ctx aws.Context, input *InviteAccountToOrganizationInput, opts ...request.Option) (*InviteAccountToOrganizationOutput, error) {
|
|
req, out := c.InviteAccountToOrganizationRequest(input)
|
|
req.SetContext(ctx)
|
|
req.ApplyOptions(opts...)
|
|
return out, req.Send()
|
|
}
|
|
|
|
const opLeaveOrganization = "LeaveOrganization"
|
|
|
|
// LeaveOrganizationRequest generates a "aws/request.Request" representing the
|
|
// client's request for the LeaveOrganization operation. The "output" return
|
|
// value will be populated with the request's response once the request completes
|
|
// successfuly.
|
|
//
|
|
// Use "Send" method on the returned Request to send the API call to the service.
|
|
// the "output" return value is not valid until after Send returns without error.
|
|
//
|
|
// See LeaveOrganization for more information on using the LeaveOrganization
|
|
// API call, and error handling.
|
|
//
|
|
// This method is useful when you want to inject custom logic or configuration
|
|
// into the SDK's request lifecycle. Such as custom headers, or retry logic.
|
|
//
|
|
//
|
|
// // Example sending a request using the LeaveOrganizationRequest method.
|
|
// req, resp := client.LeaveOrganizationRequest(params)
|
|
//
|
|
// err := req.Send()
|
|
// if err == nil { // resp is now filled
|
|
// fmt.Println(resp)
|
|
// }
|
|
//
|
|
// See also, https://docs.aws.amazon.com/goto/WebAPI/organizations-2016-11-28/LeaveOrganization
|
|
func (c *Organizations) LeaveOrganizationRequest(input *LeaveOrganizationInput) (req *request.Request, output *LeaveOrganizationOutput) {
|
|
op := &request.Operation{
|
|
Name: opLeaveOrganization,
|
|
HTTPMethod: "POST",
|
|
HTTPPath: "/",
|
|
}
|
|
|
|
if input == nil {
|
|
input = &LeaveOrganizationInput{}
|
|
}
|
|
|
|
output = &LeaveOrganizationOutput{}
|
|
req = c.newRequest(op, input, output)
|
|
req.Handlers.Unmarshal.Remove(jsonrpc.UnmarshalHandler)
|
|
req.Handlers.Unmarshal.PushBackNamed(protocol.UnmarshalDiscardBodyHandler)
|
|
return
|
|
}
|
|
|
|
// LeaveOrganization API operation for AWS Organizations.
|
|
//
|
|
// Removes a member account from its parent organization. This version of the
|
|
// operation is performed by the account that wants to leave. To remove a member
|
|
// account as a user in the master account, use RemoveAccountFromOrganization
|
|
// instead.
|
|
//
|
|
// This operation can be called only from a member account in the organization.
|
|
//
|
|
// The master account in an organization with all features enabled can set service
|
|
// control policies (SCPs) that can restrict what administrators of member accounts
|
|
// can do, including preventing them from successfully calling LeaveOrganization
|
|
// and leaving the organization.
|
|
//
|
|
// You can leave an organization as a member account only if the account is
|
|
// configured with the information required to operate as a standalone account.
|
|
// When you create an account in an organization using the AWS Organizations
|
|
// console, API, or CLI commands, the information required of standalone accounts
|
|
// is not automatically collected. For each account that you want to make standalone,
|
|
// you must accept the End User License Agreement (EULA), choose a support plan,
|
|
// provide and verify the required contact information, and provide a current
|
|
// payment method. AWS uses the payment method to charge for any billable (not
|
|
// free tier) AWS activity that occurs while the account is not attached to
|
|
// an organization. Follow the steps at To leave an organization when all required
|
|
// account information has not yet been provided (http://docs.aws.amazon.com/organizations/latest/userguide/orgs_manage_accounts_remove.html#leave-without-all-info)
|
|
// in the AWS Organizations User Guide.
|
|
//
|
|
// You can leave an organization only after you enable IAM user access to billing
|
|
// in your account. For more information, see Activating Access to the Billing
|
|
// and Cost Management Console (http://docs.aws.amazon.com/awsaccountbilling/latest/aboutv2/grantaccess.html#ControllingAccessWebsite-Activate)
|
|
// in the AWS Billing and Cost Management User Guide.
|
|
//
|
|
// Returns awserr.Error for service API and SDK errors. Use runtime type assertions
|
|
// with awserr.Error's Code and Message methods to get detailed information about
|
|
// the error.
|
|
//
|
|
// See the AWS API reference guide for AWS Organizations's
|
|
// API operation LeaveOrganization for usage and error information.
|
|
//
|
|
// Returned Error Codes:
|
|
// * ErrCodeAccessDeniedException "AccessDeniedException"
|
|
// You don't have permissions to perform the requested operation. The user or
|
|
// role that is making the request must have at least one IAM permissions policy
|
|
// attached that grants the required permissions. For more information, see
|
|
// Access Management (http://docs.aws.amazon.com/IAM/latest/UserGuide/access.html)
|
|
// in the IAM User Guide.
|
|
//
|
|
// * ErrCodeAccountNotFoundException "AccountNotFoundException"
|
|
// We can't find an AWS account with the AccountId that you specified, or the
|
|
// account whose credentials you used to make this request is not a member of
|
|
// an organization.
|
|
//
|
|
// * ErrCodeAWSOrganizationsNotInUseException "AWSOrganizationsNotInUseException"
|
|
// Your account is not a member of an organization. To make this request, you
|
|
// must use the credentials of an account that belongs to an organization.
|
|
//
|
|
// * ErrCodeConcurrentModificationException "ConcurrentModificationException"
|
|
// The target of the operation is currently being modified by a different request.
|
|
// Try again later.
|
|
//
|
|
// * ErrCodeConstraintViolationException "ConstraintViolationException"
|
|
// Performing this operation violates a minimum or maximum value limit. For
|
|
// example, attempting to removing the last SCP from an OU or root, inviting
|
|
// or creating too many accounts to the organization, or attaching too many
|
|
// policies to an account, OU, or root. This exception includes a reason that
|
|
// contains additional information about the violated limit:
|
|
//
|
|
// Some of the reasons in the following list might not be applicable to this
|
|
// specific API or operation:
|
|
//
|
|
// ACCOUNT_NUMBER_LIMIT_EXCEEDED: You attempted to exceed the limit on the number
|
|
// of accounts in an organization. If you need more accounts, contact AWS Support
|
|
// to request an increase in your limit.
|
|
//
|
|
// Or, The number of invitations that you tried to send would cause you to exceed
|
|
// the limit of accounts in your organization. Send fewer invitations, or contact
|
|
// AWS Support to request an increase in the number of accounts.
|
|
//
|
|
// Note: deleted and closed accounts still count toward your limit.
|
|
//
|
|
// If you get an exception that indicates that you exceeded your account limits
|
|
// for the organization or that you can"t add an account because your organization
|
|
// is still initializing, please contact AWS Customer Support (https://console.aws.amazon.com/support/home#/).
|
|
//
|
|
// * HANDSHAKE_RATE_LIMIT_EXCEEDED: You attempted to exceed the number of
|
|
// handshakes you can send in one day.
|
|
//
|
|
// * OU_NUMBER_LIMIT_EXCEEDED: You attempted to exceed the number of organizational
|
|
// units you can have in an organization.
|
|
//
|
|
// * OU_DEPTH_LIMIT_EXCEEDED: You attempted to create an organizational unit
|
|
// tree that is too many levels deep.
|
|
//
|
|
// * POLICY_NUMBER_LIMIT_EXCEEDED. You attempted to exceed the number of
|
|
// policies that you can have in an organization.
|
|
//
|
|
// * MAX_POLICY_TYPE_ATTACHMENT_LIMIT_EXCEEDED: You attempted to exceed the
|
|
// number of policies of a certain type that can be attached to an entity
|
|
// at one time.
|
|
//
|
|
// * MIN_POLICY_TYPE_ATTACHMENT_LIMIT_EXCEEDED: You attempted to detach a
|
|
// policy from an entity that would cause the entity to have fewer than the
|
|
// minimum number of policies of a certain type required.
|
|
//
|
|
// * ACCOUNT_CANNOT_LEAVE_WITHOUT_EULA: You attempted to remove an account
|
|
// from the organization that does not yet have enough information to exist
|
|
// as a stand-alone account. This account requires you to first agree to
|
|
// the AWS Customer Agreement. Follow the steps at To leave an organization
|
|
// when all required account information has not yet been provided (http://docs.aws.amazon.com/organizations/latest/userguide/orgs_manage_accounts_remove.html#leave-without-all-info)
|
|
// in the AWS Organizations User Guide.
|
|
//
|
|
// * ACCOUNT_CANNOT_LEAVE_WITHOUT_PHONE_VERIFICATION: You attempted to remove
|
|
// an account from the organization that does not yet have enough information
|
|
// to exist as a stand-alone account. This account requires you to first
|
|
// complete phone verification. Follow the steps at To leave an organization
|
|
// when all required account information has not yet been provided (http://docs.aws.amazon.com/organizations/latest/userguide/orgs_manage_accounts_remove.html#leave-without-all-info)
|
|
// in the AWS Organizations User Guide.
|
|
//
|
|
// * MASTER_ACCOUNT_PAYMENT_INSTRUMENT_REQUIRED: To create an organization
|
|
// with this account, you first must associate a payment instrument, such
|
|
// as a credit card, with the account. Follow the steps at To leave an organization
|
|
// when all required account information has not yet been provided (http://docs.aws.amazon.com/organizations/latest/userguide/orgs_manage_accounts_remove.html#leave-without-all-info)
|
|
// in the AWS Organizations User Guide.
|
|
//
|
|
// * MEMBER_ACCOUNT_PAYMENT_INSTRUMENT_REQUIRED: To complete this operation
|
|
// with this member account, you first must associate a payment instrument,
|
|
// such as a credit card, with the account. Follow the steps at To leave
|
|
// an organization when all required account information has not yet been
|
|
// provided (http://docs.aws.amazon.com/organizations/latest/userguide/orgs_manage_accounts_remove.html#leave-without-all-info)
|
|
// in the AWS Organizations User Guide.
|
|
//
|
|
// * ACCOUNT_CREATION_RATE_LIMIT_EXCEEDED: You attempted to exceed the number
|
|
// of accounts that you can create in one day.
|
|
//
|
|
// * MASTER_ACCOUNT_ADDRESS_DOES_NOT_MATCH_MARKETPLACE: To create an account
|
|
// in this organization, you first must migrate the organization's master
|
|
// account to the marketplace that corresponds to the master account's address.
|
|
// For example, accounts with India addresses must be associated with the
|
|
// AISPL marketplace. All accounts in an organization must be associated
|
|
// with the same marketplace.
|
|
//
|
|
// * MASTER_ACCOUNT_MISSING_CONTACT_INFO: To complete this operation, you
|
|
// must first provide contact a valid address and phone number for the master
|
|
// account. Then try the operation again.
|
|
//
|
|
// * ErrCodeInvalidInputException "InvalidInputException"
|
|
// The requested operation failed because you provided invalid values for one
|
|
// or more of the request parameters. This exception includes a reason that
|
|
// contains additional information about the violated limit:
|
|
//
|
|
// Some of the reasons in the following list might not be applicable to this
|
|
// specific API or operation:
|
|
//
|
|
// * IMMUTABLE_POLICY: You specified a policy that is managed by AWS and
|
|
// cannot be modified.
|
|
//
|
|
// * INPUT_REQUIRED: You must include a value for all required parameters.
|
|
//
|
|
// * INVALID_ENUM: You specified a value that is not valid for that parameter.
|
|
//
|
|
// * INVALID_FULL_NAME_TARGET: You specified a full name that contains invalid
|
|
// characters.
|
|
//
|
|
// * INVALID_LIST_MEMBER: You provided a list to a parameter that contains
|
|
// at least one invalid value.
|
|
//
|
|
// * INVALID_PARTY_TYPE_TARGET: You specified the wrong type of entity (account,
|
|
// organization, or email) as a party.
|
|
//
|
|
// * INVALID_PAGINATION_TOKEN: Get the value for the NextToken parameter
|
|
// from the response to a previous call of the operation.
|
|
//
|
|
// * INVALID_PATTERN: You provided a value that doesn't match the required
|
|
// pattern.
|
|
//
|
|
// * INVALID_PATTERN_TARGET_ID: You specified a policy target ID that doesn't
|
|
// match the required pattern.
|
|
//
|
|
// * INVALID_ROLE_NAME: You provided a role name that is not valid. A role
|
|
// name can’t begin with the reserved prefix 'AWSServiceRoleFor'.
|
|
//
|
|
// * INVALID_SYNTAX_ORGANIZATION_ARN: You specified an invalid ARN for the
|
|
// organization.
|
|
//
|
|
// * INVALID_SYNTAX_POLICY_ID: You specified an invalid policy ID.
|
|
//
|
|
// * MAX_FILTER_LIMIT_EXCEEDED: You can specify only one filter parameter
|
|
// for the operation.
|
|
//
|
|
// * MAX_LENGTH_EXCEEDED: You provided a string parameter that is longer
|
|
// than allowed.
|
|
//
|
|
// * MAX_VALUE_EXCEEDED: You provided a numeric parameter that has a larger
|
|
// value than allowed.
|
|
//
|
|
// * MIN_LENGTH_EXCEEDED: You provided a string parameter that is shorter
|
|
// than allowed.
|
|
//
|
|
// * MIN_VALUE_EXCEEDED: You provided a numeric parameter that has a smaller
|
|
// value than allowed.
|
|
//
|
|
// * MOVING_ACCOUNT_BETWEEN_DIFFERENT_ROOTS: You can move an account only
|
|
// between entities in the same root.
|
|
//
|
|
// * ErrCodeMasterCannotLeaveOrganizationException "MasterCannotLeaveOrganizationException"
|
|
// You can't remove a master account from an organization. If you want the master
|
|
// account to become a member account in another organization, you must first
|
|
// delete the current organization of the master account.
|
|
//
|
|
// * ErrCodeServiceException "ServiceException"
|
|
// AWS Organizations can't complete your request because of an internal service
|
|
// error. Try again later.
|
|
//
|
|
// * ErrCodeTooManyRequestsException "TooManyRequestsException"
|
|
// You've sent too many requests in too short a period of time. The limit helps
|
|
// protect against denial-of-service attacks. Try again later.
|
|
//
|
|
// See also, https://docs.aws.amazon.com/goto/WebAPI/organizations-2016-11-28/LeaveOrganization
|
|
func (c *Organizations) LeaveOrganization(input *LeaveOrganizationInput) (*LeaveOrganizationOutput, error) {
|
|
req, out := c.LeaveOrganizationRequest(input)
|
|
return out, req.Send()
|
|
}
|
|
|
|
// LeaveOrganizationWithContext is the same as LeaveOrganization with the addition of
|
|
// the ability to pass a context and additional request options.
|
|
//
|
|
// See LeaveOrganization for details on how to use this API operation.
|
|
//
|
|
// The context must be non-nil and will be used for request cancellation. If
|
|
// the context is nil a panic will occur. In the future the SDK may create
|
|
// sub-contexts for http.Requests. See https://golang.org/pkg/context/
|
|
// for more information on using Contexts.
|
|
func (c *Organizations) LeaveOrganizationWithContext(ctx aws.Context, input *LeaveOrganizationInput, opts ...request.Option) (*LeaveOrganizationOutput, error) {
|
|
req, out := c.LeaveOrganizationRequest(input)
|
|
req.SetContext(ctx)
|
|
req.ApplyOptions(opts...)
|
|
return out, req.Send()
|
|
}
|
|
|
|
const opListAWSServiceAccessForOrganization = "ListAWSServiceAccessForOrganization"
|
|
|
|
// ListAWSServiceAccessForOrganizationRequest generates a "aws/request.Request" representing the
|
|
// client's request for the ListAWSServiceAccessForOrganization operation. The "output" return
|
|
// value will be populated with the request's response once the request completes
|
|
// successfuly.
|
|
//
|
|
// Use "Send" method on the returned Request to send the API call to the service.
|
|
// the "output" return value is not valid until after Send returns without error.
|
|
//
|
|
// See ListAWSServiceAccessForOrganization for more information on using the ListAWSServiceAccessForOrganization
|
|
// API call, and error handling.
|
|
//
|
|
// This method is useful when you want to inject custom logic or configuration
|
|
// into the SDK's request lifecycle. Such as custom headers, or retry logic.
|
|
//
|
|
//
|
|
// // Example sending a request using the ListAWSServiceAccessForOrganizationRequest method.
|
|
// req, resp := client.ListAWSServiceAccessForOrganizationRequest(params)
|
|
//
|
|
// err := req.Send()
|
|
// if err == nil { // resp is now filled
|
|
// fmt.Println(resp)
|
|
// }
|
|
//
|
|
// See also, https://docs.aws.amazon.com/goto/WebAPI/organizations-2016-11-28/ListAWSServiceAccessForOrganization
|
|
func (c *Organizations) ListAWSServiceAccessForOrganizationRequest(input *ListAWSServiceAccessForOrganizationInput) (req *request.Request, output *ListAWSServiceAccessForOrganizationOutput) {
|
|
op := &request.Operation{
|
|
Name: opListAWSServiceAccessForOrganization,
|
|
HTTPMethod: "POST",
|
|
HTTPPath: "/",
|
|
Paginator: &request.Paginator{
|
|
InputTokens: []string{"NextToken"},
|
|
OutputTokens: []string{"NextToken"},
|
|
LimitToken: "MaxResults",
|
|
TruncationToken: "",
|
|
},
|
|
}
|
|
|
|
if input == nil {
|
|
input = &ListAWSServiceAccessForOrganizationInput{}
|
|
}
|
|
|
|
output = &ListAWSServiceAccessForOrganizationOutput{}
|
|
req = c.newRequest(op, input, output)
|
|
return
|
|
}
|
|
|
|
// ListAWSServiceAccessForOrganization API operation for AWS Organizations.
|
|
//
|
|
// Returns a list of the AWS services that you enabled to integrate with your
|
|
// organization. After a service on this list creates the resources that it
|
|
// requires for the integration, it can perform operations on your organization
|
|
// and its accounts.
|
|
//
|
|
// For more information about integrating other services with AWS Organizations,
|
|
// including the list of services that currently work with Organizations, see
|
|
// Integrating AWS Organizations with Other AWS Services (http://docs.aws.amazon.com/organizations/latest/userguide/orgs_integrate_services.html)
|
|
// in the AWS Organizations User Guide.
|
|
//
|
|
// This operation can be called only from the organization's master account.
|
|
//
|
|
// Returns awserr.Error for service API and SDK errors. Use runtime type assertions
|
|
// with awserr.Error's Code and Message methods to get detailed information about
|
|
// the error.
|
|
//
|
|
// See the AWS API reference guide for AWS Organizations's
|
|
// API operation ListAWSServiceAccessForOrganization for usage and error information.
|
|
//
|
|
// Returned Error Codes:
|
|
// * ErrCodeAccessDeniedException "AccessDeniedException"
|
|
// You don't have permissions to perform the requested operation. The user or
|
|
// role that is making the request must have at least one IAM permissions policy
|
|
// attached that grants the required permissions. For more information, see
|
|
// Access Management (http://docs.aws.amazon.com/IAM/latest/UserGuide/access.html)
|
|
// in the IAM User Guide.
|
|
//
|
|
// * ErrCodeAWSOrganizationsNotInUseException "AWSOrganizationsNotInUseException"
|
|
// Your account is not a member of an organization. To make this request, you
|
|
// must use the credentials of an account that belongs to an organization.
|
|
//
|
|
// * ErrCodeConstraintViolationException "ConstraintViolationException"
|
|
// Performing this operation violates a minimum or maximum value limit. For
|
|
// example, attempting to removing the last SCP from an OU or root, inviting
|
|
// or creating too many accounts to the organization, or attaching too many
|
|
// policies to an account, OU, or root. This exception includes a reason that
|
|
// contains additional information about the violated limit:
|
|
//
|
|
// Some of the reasons in the following list might not be applicable to this
|
|
// specific API or operation:
|
|
//
|
|
// ACCOUNT_NUMBER_LIMIT_EXCEEDED: You attempted to exceed the limit on the number
|
|
// of accounts in an organization. If you need more accounts, contact AWS Support
|
|
// to request an increase in your limit.
|
|
//
|
|
// Or, The number of invitations that you tried to send would cause you to exceed
|
|
// the limit of accounts in your organization. Send fewer invitations, or contact
|
|
// AWS Support to request an increase in the number of accounts.
|
|
//
|
|
// Note: deleted and closed accounts still count toward your limit.
|
|
//
|
|
// If you get an exception that indicates that you exceeded your account limits
|
|
// for the organization or that you can"t add an account because your organization
|
|
// is still initializing, please contact AWS Customer Support (https://console.aws.amazon.com/support/home#/).
|
|
//
|
|
// * HANDSHAKE_RATE_LIMIT_EXCEEDED: You attempted to exceed the number of
|
|
// handshakes you can send in one day.
|
|
//
|
|
// * OU_NUMBER_LIMIT_EXCEEDED: You attempted to exceed the number of organizational
|
|
// units you can have in an organization.
|
|
//
|
|
// * OU_DEPTH_LIMIT_EXCEEDED: You attempted to create an organizational unit
|
|
// tree that is too many levels deep.
|
|
//
|
|
// * POLICY_NUMBER_LIMIT_EXCEEDED. You attempted to exceed the number of
|
|
// policies that you can have in an organization.
|
|
//
|
|
// * MAX_POLICY_TYPE_ATTACHMENT_LIMIT_EXCEEDED: You attempted to exceed the
|
|
// number of policies of a certain type that can be attached to an entity
|
|
// at one time.
|
|
//
|
|
// * MIN_POLICY_TYPE_ATTACHMENT_LIMIT_EXCEEDED: You attempted to detach a
|
|
// policy from an entity that would cause the entity to have fewer than the
|
|
// minimum number of policies of a certain type required.
|
|
//
|
|
// * ACCOUNT_CANNOT_LEAVE_WITHOUT_EULA: You attempted to remove an account
|
|
// from the organization that does not yet have enough information to exist
|
|
// as a stand-alone account. This account requires you to first agree to
|
|
// the AWS Customer Agreement. Follow the steps at To leave an organization
|
|
// when all required account information has not yet been provided (http://docs.aws.amazon.com/organizations/latest/userguide/orgs_manage_accounts_remove.html#leave-without-all-info)
|
|
// in the AWS Organizations User Guide.
|
|
//
|
|
// * ACCOUNT_CANNOT_LEAVE_WITHOUT_PHONE_VERIFICATION: You attempted to remove
|
|
// an account from the organization that does not yet have enough information
|
|
// to exist as a stand-alone account. This account requires you to first
|
|
// complete phone verification. Follow the steps at To leave an organization
|
|
// when all required account information has not yet been provided (http://docs.aws.amazon.com/organizations/latest/userguide/orgs_manage_accounts_remove.html#leave-without-all-info)
|
|
// in the AWS Organizations User Guide.
|
|
//
|
|
// * MASTER_ACCOUNT_PAYMENT_INSTRUMENT_REQUIRED: To create an organization
|
|
// with this account, you first must associate a payment instrument, such
|
|
// as a credit card, with the account. Follow the steps at To leave an organization
|
|
// when all required account information has not yet been provided (http://docs.aws.amazon.com/organizations/latest/userguide/orgs_manage_accounts_remove.html#leave-without-all-info)
|
|
// in the AWS Organizations User Guide.
|
|
//
|
|
// * MEMBER_ACCOUNT_PAYMENT_INSTRUMENT_REQUIRED: To complete this operation
|
|
// with this member account, you first must associate a payment instrument,
|
|
// such as a credit card, with the account. Follow the steps at To leave
|
|
// an organization when all required account information has not yet been
|
|
// provided (http://docs.aws.amazon.com/organizations/latest/userguide/orgs_manage_accounts_remove.html#leave-without-all-info)
|
|
// in the AWS Organizations User Guide.
|
|
//
|
|
// * ACCOUNT_CREATION_RATE_LIMIT_EXCEEDED: You attempted to exceed the number
|
|
// of accounts that you can create in one day.
|
|
//
|
|
// * MASTER_ACCOUNT_ADDRESS_DOES_NOT_MATCH_MARKETPLACE: To create an account
|
|
// in this organization, you first must migrate the organization's master
|
|
// account to the marketplace that corresponds to the master account's address.
|
|
// For example, accounts with India addresses must be associated with the
|
|
// AISPL marketplace. All accounts in an organization must be associated
|
|
// with the same marketplace.
|
|
//
|
|
// * MASTER_ACCOUNT_MISSING_CONTACT_INFO: To complete this operation, you
|
|
// must first provide contact a valid address and phone number for the master
|
|
// account. Then try the operation again.
|
|
//
|
|
// * ErrCodeInvalidInputException "InvalidInputException"
|
|
// The requested operation failed because you provided invalid values for one
|
|
// or more of the request parameters. This exception includes a reason that
|
|
// contains additional information about the violated limit:
|
|
//
|
|
// Some of the reasons in the following list might not be applicable to this
|
|
// specific API or operation:
|
|
//
|
|
// * IMMUTABLE_POLICY: You specified a policy that is managed by AWS and
|
|
// cannot be modified.
|
|
//
|
|
// * INPUT_REQUIRED: You must include a value for all required parameters.
|
|
//
|
|
// * INVALID_ENUM: You specified a value that is not valid for that parameter.
|
|
//
|
|
// * INVALID_FULL_NAME_TARGET: You specified a full name that contains invalid
|
|
// characters.
|
|
//
|
|
// * INVALID_LIST_MEMBER: You provided a list to a parameter that contains
|
|
// at least one invalid value.
|
|
//
|
|
// * INVALID_PARTY_TYPE_TARGET: You specified the wrong type of entity (account,
|
|
// organization, or email) as a party.
|
|
//
|
|
// * INVALID_PAGINATION_TOKEN: Get the value for the NextToken parameter
|
|
// from the response to a previous call of the operation.
|
|
//
|
|
// * INVALID_PATTERN: You provided a value that doesn't match the required
|
|
// pattern.
|
|
//
|
|
// * INVALID_PATTERN_TARGET_ID: You specified a policy target ID that doesn't
|
|
// match the required pattern.
|
|
//
|
|
// * INVALID_ROLE_NAME: You provided a role name that is not valid. A role
|
|
// name can’t begin with the reserved prefix 'AWSServiceRoleFor'.
|
|
//
|
|
// * INVALID_SYNTAX_ORGANIZATION_ARN: You specified an invalid ARN for the
|
|
// organization.
|
|
//
|
|
// * INVALID_SYNTAX_POLICY_ID: You specified an invalid policy ID.
|
|
//
|
|
// * MAX_FILTER_LIMIT_EXCEEDED: You can specify only one filter parameter
|
|
// for the operation.
|
|
//
|
|
// * MAX_LENGTH_EXCEEDED: You provided a string parameter that is longer
|
|
// than allowed.
|
|
//
|
|
// * MAX_VALUE_EXCEEDED: You provided a numeric parameter that has a larger
|
|
// value than allowed.
|
|
//
|
|
// * MIN_LENGTH_EXCEEDED: You provided a string parameter that is shorter
|
|
// than allowed.
|
|
//
|
|
// * MIN_VALUE_EXCEEDED: You provided a numeric parameter that has a smaller
|
|
// value than allowed.
|
|
//
|
|
// * MOVING_ACCOUNT_BETWEEN_DIFFERENT_ROOTS: You can move an account only
|
|
// between entities in the same root.
|
|
//
|
|
// * ErrCodeServiceException "ServiceException"
|
|
// AWS Organizations can't complete your request because of an internal service
|
|
// error. Try again later.
|
|
//
|
|
// * ErrCodeTooManyRequestsException "TooManyRequestsException"
|
|
// You've sent too many requests in too short a period of time. The limit helps
|
|
// protect against denial-of-service attacks. Try again later.
|
|
//
|
|
// See also, https://docs.aws.amazon.com/goto/WebAPI/organizations-2016-11-28/ListAWSServiceAccessForOrganization
|
|
func (c *Organizations) ListAWSServiceAccessForOrganization(input *ListAWSServiceAccessForOrganizationInput) (*ListAWSServiceAccessForOrganizationOutput, error) {
|
|
req, out := c.ListAWSServiceAccessForOrganizationRequest(input)
|
|
return out, req.Send()
|
|
}
|
|
|
|
// ListAWSServiceAccessForOrganizationWithContext is the same as ListAWSServiceAccessForOrganization with the addition of
|
|
// the ability to pass a context and additional request options.
|
|
//
|
|
// See ListAWSServiceAccessForOrganization for details on how to use this API operation.
|
|
//
|
|
// The context must be non-nil and will be used for request cancellation. If
|
|
// the context is nil a panic will occur. In the future the SDK may create
|
|
// sub-contexts for http.Requests. See https://golang.org/pkg/context/
|
|
// for more information on using Contexts.
|
|
func (c *Organizations) ListAWSServiceAccessForOrganizationWithContext(ctx aws.Context, input *ListAWSServiceAccessForOrganizationInput, opts ...request.Option) (*ListAWSServiceAccessForOrganizationOutput, error) {
|
|
req, out := c.ListAWSServiceAccessForOrganizationRequest(input)
|
|
req.SetContext(ctx)
|
|
req.ApplyOptions(opts...)
|
|
return out, req.Send()
|
|
}
|
|
|
|
// ListAWSServiceAccessForOrganizationPages iterates over the pages of a ListAWSServiceAccessForOrganization operation,
|
|
// calling the "fn" function with the response data for each page. To stop
|
|
// iterating, return false from the fn function.
|
|
//
|
|
// See ListAWSServiceAccessForOrganization method for more information on how to use this operation.
|
|
//
|
|
// Note: This operation can generate multiple requests to a service.
|
|
//
|
|
// // Example iterating over at most 3 pages of a ListAWSServiceAccessForOrganization operation.
|
|
// pageNum := 0
|
|
// err := client.ListAWSServiceAccessForOrganizationPages(params,
|
|
// func(page *ListAWSServiceAccessForOrganizationOutput, lastPage bool) bool {
|
|
// pageNum++
|
|
// fmt.Println(page)
|
|
// return pageNum <= 3
|
|
// })
|
|
//
|
|
func (c *Organizations) ListAWSServiceAccessForOrganizationPages(input *ListAWSServiceAccessForOrganizationInput, fn func(*ListAWSServiceAccessForOrganizationOutput, bool) bool) error {
|
|
return c.ListAWSServiceAccessForOrganizationPagesWithContext(aws.BackgroundContext(), input, fn)
|
|
}
|
|
|
|
// ListAWSServiceAccessForOrganizationPagesWithContext same as ListAWSServiceAccessForOrganizationPages except
|
|
// it takes a Context and allows setting request options on the pages.
|
|
//
|
|
// The context must be non-nil and will be used for request cancellation. If
|
|
// the context is nil a panic will occur. In the future the SDK may create
|
|
// sub-contexts for http.Requests. See https://golang.org/pkg/context/
|
|
// for more information on using Contexts.
|
|
func (c *Organizations) ListAWSServiceAccessForOrganizationPagesWithContext(ctx aws.Context, input *ListAWSServiceAccessForOrganizationInput, fn func(*ListAWSServiceAccessForOrganizationOutput, bool) bool, opts ...request.Option) error {
|
|
p := request.Pagination{
|
|
NewRequest: func() (*request.Request, error) {
|
|
var inCpy *ListAWSServiceAccessForOrganizationInput
|
|
if input != nil {
|
|
tmp := *input
|
|
inCpy = &tmp
|
|
}
|
|
req, _ := c.ListAWSServiceAccessForOrganizationRequest(inCpy)
|
|
req.SetContext(ctx)
|
|
req.ApplyOptions(opts...)
|
|
return req, nil
|
|
},
|
|
}
|
|
|
|
cont := true
|
|
for p.Next() && cont {
|
|
cont = fn(p.Page().(*ListAWSServiceAccessForOrganizationOutput), !p.HasNextPage())
|
|
}
|
|
return p.Err()
|
|
}
|
|
|
|
const opListAccounts = "ListAccounts"
|
|
|
|
// ListAccountsRequest generates a "aws/request.Request" representing the
|
|
// client's request for the ListAccounts operation. The "output" return
|
|
// value will be populated with the request's response once the request completes
|
|
// successfuly.
|
|
//
|
|
// Use "Send" method on the returned Request to send the API call to the service.
|
|
// the "output" return value is not valid until after Send returns without error.
|
|
//
|
|
// See ListAccounts for more information on using the ListAccounts
|
|
// API call, and error handling.
|
|
//
|
|
// This method is useful when you want to inject custom logic or configuration
|
|
// into the SDK's request lifecycle. Such as custom headers, or retry logic.
|
|
//
|
|
//
|
|
// // Example sending a request using the ListAccountsRequest method.
|
|
// req, resp := client.ListAccountsRequest(params)
|
|
//
|
|
// err := req.Send()
|
|
// if err == nil { // resp is now filled
|
|
// fmt.Println(resp)
|
|
// }
|
|
//
|
|
// See also, https://docs.aws.amazon.com/goto/WebAPI/organizations-2016-11-28/ListAccounts
|
|
func (c *Organizations) ListAccountsRequest(input *ListAccountsInput) (req *request.Request, output *ListAccountsOutput) {
|
|
op := &request.Operation{
|
|
Name: opListAccounts,
|
|
HTTPMethod: "POST",
|
|
HTTPPath: "/",
|
|
Paginator: &request.Paginator{
|
|
InputTokens: []string{"NextToken"},
|
|
OutputTokens: []string{"NextToken"},
|
|
LimitToken: "MaxResults",
|
|
TruncationToken: "",
|
|
},
|
|
}
|
|
|
|
if input == nil {
|
|
input = &ListAccountsInput{}
|
|
}
|
|
|
|
output = &ListAccountsOutput{}
|
|
req = c.newRequest(op, input, output)
|
|
return
|
|
}
|
|
|
|
// ListAccounts API operation for AWS Organizations.
|
|
//
|
|
// Lists all the accounts in the organization. To request only the accounts
|
|
// in a specified root or OU, use the ListAccountsForParent operation instead.
|
|
//
|
|
// Always check the NextToken response parameter for a null value when calling
|
|
// a List* operation. These operations can occasionally return an empty set
|
|
// of results even when there are more results available. The NextToken response
|
|
// parameter value is nullonly when there are no more results to display.
|
|
//
|
|
// This operation can be called only from the organization's master account.
|
|
//
|
|
// Returns awserr.Error for service API and SDK errors. Use runtime type assertions
|
|
// with awserr.Error's Code and Message methods to get detailed information about
|
|
// the error.
|
|
//
|
|
// See the AWS API reference guide for AWS Organizations's
|
|
// API operation ListAccounts for usage and error information.
|
|
//
|
|
// Returned Error Codes:
|
|
// * ErrCodeAccessDeniedException "AccessDeniedException"
|
|
// You don't have permissions to perform the requested operation. The user or
|
|
// role that is making the request must have at least one IAM permissions policy
|
|
// attached that grants the required permissions. For more information, see
|
|
// Access Management (http://docs.aws.amazon.com/IAM/latest/UserGuide/access.html)
|
|
// in the IAM User Guide.
|
|
//
|
|
// * ErrCodeAWSOrganizationsNotInUseException "AWSOrganizationsNotInUseException"
|
|
// Your account is not a member of an organization. To make this request, you
|
|
// must use the credentials of an account that belongs to an organization.
|
|
//
|
|
// * ErrCodeInvalidInputException "InvalidInputException"
|
|
// The requested operation failed because you provided invalid values for one
|
|
// or more of the request parameters. This exception includes a reason that
|
|
// contains additional information about the violated limit:
|
|
//
|
|
// Some of the reasons in the following list might not be applicable to this
|
|
// specific API or operation:
|
|
//
|
|
// * IMMUTABLE_POLICY: You specified a policy that is managed by AWS and
|
|
// cannot be modified.
|
|
//
|
|
// * INPUT_REQUIRED: You must include a value for all required parameters.
|
|
//
|
|
// * INVALID_ENUM: You specified a value that is not valid for that parameter.
|
|
//
|
|
// * INVALID_FULL_NAME_TARGET: You specified a full name that contains invalid
|
|
// characters.
|
|
//
|
|
// * INVALID_LIST_MEMBER: You provided a list to a parameter that contains
|
|
// at least one invalid value.
|
|
//
|
|
// * INVALID_PARTY_TYPE_TARGET: You specified the wrong type of entity (account,
|
|
// organization, or email) as a party.
|
|
//
|
|
// * INVALID_PAGINATION_TOKEN: Get the value for the NextToken parameter
|
|
// from the response to a previous call of the operation.
|
|
//
|
|
// * INVALID_PATTERN: You provided a value that doesn't match the required
|
|
// pattern.
|
|
//
|
|
// * INVALID_PATTERN_TARGET_ID: You specified a policy target ID that doesn't
|
|
// match the required pattern.
|
|
//
|
|
// * INVALID_ROLE_NAME: You provided a role name that is not valid. A role
|
|
// name can’t begin with the reserved prefix 'AWSServiceRoleFor'.
|
|
//
|
|
// * INVALID_SYNTAX_ORGANIZATION_ARN: You specified an invalid ARN for the
|
|
// organization.
|
|
//
|
|
// * INVALID_SYNTAX_POLICY_ID: You specified an invalid policy ID.
|
|
//
|
|
// * MAX_FILTER_LIMIT_EXCEEDED: You can specify only one filter parameter
|
|
// for the operation.
|
|
//
|
|
// * MAX_LENGTH_EXCEEDED: You provided a string parameter that is longer
|
|
// than allowed.
|
|
//
|
|
// * MAX_VALUE_EXCEEDED: You provided a numeric parameter that has a larger
|
|
// value than allowed.
|
|
//
|
|
// * MIN_LENGTH_EXCEEDED: You provided a string parameter that is shorter
|
|
// than allowed.
|
|
//
|
|
// * MIN_VALUE_EXCEEDED: You provided a numeric parameter that has a smaller
|
|
// value than allowed.
|
|
//
|
|
// * MOVING_ACCOUNT_BETWEEN_DIFFERENT_ROOTS: You can move an account only
|
|
// between entities in the same root.
|
|
//
|
|
// * ErrCodeServiceException "ServiceException"
|
|
// AWS Organizations can't complete your request because of an internal service
|
|
// error. Try again later.
|
|
//
|
|
// * ErrCodeTooManyRequestsException "TooManyRequestsException"
|
|
// You've sent too many requests in too short a period of time. The limit helps
|
|
// protect against denial-of-service attacks. Try again later.
|
|
//
|
|
// See also, https://docs.aws.amazon.com/goto/WebAPI/organizations-2016-11-28/ListAccounts
|
|
func (c *Organizations) ListAccounts(input *ListAccountsInput) (*ListAccountsOutput, error) {
|
|
req, out := c.ListAccountsRequest(input)
|
|
return out, req.Send()
|
|
}
|
|
|
|
// ListAccountsWithContext is the same as ListAccounts with the addition of
|
|
// the ability to pass a context and additional request options.
|
|
//
|
|
// See ListAccounts for details on how to use this API operation.
|
|
//
|
|
// The context must be non-nil and will be used for request cancellation. If
|
|
// the context is nil a panic will occur. In the future the SDK may create
|
|
// sub-contexts for http.Requests. See https://golang.org/pkg/context/
|
|
// for more information on using Contexts.
|
|
func (c *Organizations) ListAccountsWithContext(ctx aws.Context, input *ListAccountsInput, opts ...request.Option) (*ListAccountsOutput, error) {
|
|
req, out := c.ListAccountsRequest(input)
|
|
req.SetContext(ctx)
|
|
req.ApplyOptions(opts...)
|
|
return out, req.Send()
|
|
}
|
|
|
|
// ListAccountsPages iterates over the pages of a ListAccounts operation,
|
|
// calling the "fn" function with the response data for each page. To stop
|
|
// iterating, return false from the fn function.
|
|
//
|
|
// See ListAccounts method for more information on how to use this operation.
|
|
//
|
|
// Note: This operation can generate multiple requests to a service.
|
|
//
|
|
// // Example iterating over at most 3 pages of a ListAccounts operation.
|
|
// pageNum := 0
|
|
// err := client.ListAccountsPages(params,
|
|
// func(page *ListAccountsOutput, lastPage bool) bool {
|
|
// pageNum++
|
|
// fmt.Println(page)
|
|
// return pageNum <= 3
|
|
// })
|
|
//
|
|
func (c *Organizations) ListAccountsPages(input *ListAccountsInput, fn func(*ListAccountsOutput, bool) bool) error {
|
|
return c.ListAccountsPagesWithContext(aws.BackgroundContext(), input, fn)
|
|
}
|
|
|
|
// ListAccountsPagesWithContext same as ListAccountsPages except
|
|
// it takes a Context and allows setting request options on the pages.
|
|
//
|
|
// The context must be non-nil and will be used for request cancellation. If
|
|
// the context is nil a panic will occur. In the future the SDK may create
|
|
// sub-contexts for http.Requests. See https://golang.org/pkg/context/
|
|
// for more information on using Contexts.
|
|
func (c *Organizations) ListAccountsPagesWithContext(ctx aws.Context, input *ListAccountsInput, fn func(*ListAccountsOutput, bool) bool, opts ...request.Option) error {
|
|
p := request.Pagination{
|
|
NewRequest: func() (*request.Request, error) {
|
|
var inCpy *ListAccountsInput
|
|
if input != nil {
|
|
tmp := *input
|
|
inCpy = &tmp
|
|
}
|
|
req, _ := c.ListAccountsRequest(inCpy)
|
|
req.SetContext(ctx)
|
|
req.ApplyOptions(opts...)
|
|
return req, nil
|
|
},
|
|
}
|
|
|
|
cont := true
|
|
for p.Next() && cont {
|
|
cont = fn(p.Page().(*ListAccountsOutput), !p.HasNextPage())
|
|
}
|
|
return p.Err()
|
|
}
|
|
|
|
const opListAccountsForParent = "ListAccountsForParent"
|
|
|
|
// ListAccountsForParentRequest generates a "aws/request.Request" representing the
|
|
// client's request for the ListAccountsForParent operation. The "output" return
|
|
// value will be populated with the request's response once the request completes
|
|
// successfuly.
|
|
//
|
|
// Use "Send" method on the returned Request to send the API call to the service.
|
|
// the "output" return value is not valid until after Send returns without error.
|
|
//
|
|
// See ListAccountsForParent for more information on using the ListAccountsForParent
|
|
// API call, and error handling.
|
|
//
|
|
// This method is useful when you want to inject custom logic or configuration
|
|
// into the SDK's request lifecycle. Such as custom headers, or retry logic.
|
|
//
|
|
//
|
|
// // Example sending a request using the ListAccountsForParentRequest method.
|
|
// req, resp := client.ListAccountsForParentRequest(params)
|
|
//
|
|
// err := req.Send()
|
|
// if err == nil { // resp is now filled
|
|
// fmt.Println(resp)
|
|
// }
|
|
//
|
|
// See also, https://docs.aws.amazon.com/goto/WebAPI/organizations-2016-11-28/ListAccountsForParent
|
|
func (c *Organizations) ListAccountsForParentRequest(input *ListAccountsForParentInput) (req *request.Request, output *ListAccountsForParentOutput) {
|
|
op := &request.Operation{
|
|
Name: opListAccountsForParent,
|
|
HTTPMethod: "POST",
|
|
HTTPPath: "/",
|
|
Paginator: &request.Paginator{
|
|
InputTokens: []string{"NextToken"},
|
|
OutputTokens: []string{"NextToken"},
|
|
LimitToken: "MaxResults",
|
|
TruncationToken: "",
|
|
},
|
|
}
|
|
|
|
if input == nil {
|
|
input = &ListAccountsForParentInput{}
|
|
}
|
|
|
|
output = &ListAccountsForParentOutput{}
|
|
req = c.newRequest(op, input, output)
|
|
return
|
|
}
|
|
|
|
// ListAccountsForParent API operation for AWS Organizations.
|
|
//
|
|
// Lists the accounts in an organization that are contained by the specified
|
|
// target root or organizational unit (OU). If you specify the root, you get
|
|
// a list of all the accounts that are not in any OU. If you specify an OU,
|
|
// you get a list of all the accounts in only that OU, and not in any child
|
|
// OUs. To get a list of all accounts in the organization, use the ListAccounts
|
|
// operation.
|
|
//
|
|
// Always check the NextToken response parameter for a null value when calling
|
|
// a List* operation. These operations can occasionally return an empty set
|
|
// of results even when there are more results available. The NextToken response
|
|
// parameter value is nullonly when there are no more results to display.
|
|
//
|
|
// This operation can be called only from the organization's master account.
|
|
//
|
|
// Returns awserr.Error for service API and SDK errors. Use runtime type assertions
|
|
// with awserr.Error's Code and Message methods to get detailed information about
|
|
// the error.
|
|
//
|
|
// See the AWS API reference guide for AWS Organizations's
|
|
// API operation ListAccountsForParent for usage and error information.
|
|
//
|
|
// Returned Error Codes:
|
|
// * ErrCodeAccessDeniedException "AccessDeniedException"
|
|
// You don't have permissions to perform the requested operation. The user or
|
|
// role that is making the request must have at least one IAM permissions policy
|
|
// attached that grants the required permissions. For more information, see
|
|
// Access Management (http://docs.aws.amazon.com/IAM/latest/UserGuide/access.html)
|
|
// in the IAM User Guide.
|
|
//
|
|
// * ErrCodeAWSOrganizationsNotInUseException "AWSOrganizationsNotInUseException"
|
|
// Your account is not a member of an organization. To make this request, you
|
|
// must use the credentials of an account that belongs to an organization.
|
|
//
|
|
// * ErrCodeInvalidInputException "InvalidInputException"
|
|
// The requested operation failed because you provided invalid values for one
|
|
// or more of the request parameters. This exception includes a reason that
|
|
// contains additional information about the violated limit:
|
|
//
|
|
// Some of the reasons in the following list might not be applicable to this
|
|
// specific API or operation:
|
|
//
|
|
// * IMMUTABLE_POLICY: You specified a policy that is managed by AWS and
|
|
// cannot be modified.
|
|
//
|
|
// * INPUT_REQUIRED: You must include a value for all required parameters.
|
|
//
|
|
// * INVALID_ENUM: You specified a value that is not valid for that parameter.
|
|
//
|
|
// * INVALID_FULL_NAME_TARGET: You specified a full name that contains invalid
|
|
// characters.
|
|
//
|
|
// * INVALID_LIST_MEMBER: You provided a list to a parameter that contains
|
|
// at least one invalid value.
|
|
//
|
|
// * INVALID_PARTY_TYPE_TARGET: You specified the wrong type of entity (account,
|
|
// organization, or email) as a party.
|
|
//
|
|
// * INVALID_PAGINATION_TOKEN: Get the value for the NextToken parameter
|
|
// from the response to a previous call of the operation.
|
|
//
|
|
// * INVALID_PATTERN: You provided a value that doesn't match the required
|
|
// pattern.
|
|
//
|
|
// * INVALID_PATTERN_TARGET_ID: You specified a policy target ID that doesn't
|
|
// match the required pattern.
|
|
//
|
|
// * INVALID_ROLE_NAME: You provided a role name that is not valid. A role
|
|
// name can’t begin with the reserved prefix 'AWSServiceRoleFor'.
|
|
//
|
|
// * INVALID_SYNTAX_ORGANIZATION_ARN: You specified an invalid ARN for the
|
|
// organization.
|
|
//
|
|
// * INVALID_SYNTAX_POLICY_ID: You specified an invalid policy ID.
|
|
//
|
|
// * MAX_FILTER_LIMIT_EXCEEDED: You can specify only one filter parameter
|
|
// for the operation.
|
|
//
|
|
// * MAX_LENGTH_EXCEEDED: You provided a string parameter that is longer
|
|
// than allowed.
|
|
//
|
|
// * MAX_VALUE_EXCEEDED: You provided a numeric parameter that has a larger
|
|
// value than allowed.
|
|
//
|
|
// * MIN_LENGTH_EXCEEDED: You provided a string parameter that is shorter
|
|
// than allowed.
|
|
//
|
|
// * MIN_VALUE_EXCEEDED: You provided a numeric parameter that has a smaller
|
|
// value than allowed.
|
|
//
|
|
// * MOVING_ACCOUNT_BETWEEN_DIFFERENT_ROOTS: You can move an account only
|
|
// between entities in the same root.
|
|
//
|
|
// * ErrCodeParentNotFoundException "ParentNotFoundException"
|
|
// We can't find a root or organizational unit (OU) with the ParentId that you
|
|
// specified.
|
|
//
|
|
// * ErrCodeServiceException "ServiceException"
|
|
// AWS Organizations can't complete your request because of an internal service
|
|
// error. Try again later.
|
|
//
|
|
// * ErrCodeTooManyRequestsException "TooManyRequestsException"
|
|
// You've sent too many requests in too short a period of time. The limit helps
|
|
// protect against denial-of-service attacks. Try again later.
|
|
//
|
|
// See also, https://docs.aws.amazon.com/goto/WebAPI/organizations-2016-11-28/ListAccountsForParent
|
|
func (c *Organizations) ListAccountsForParent(input *ListAccountsForParentInput) (*ListAccountsForParentOutput, error) {
|
|
req, out := c.ListAccountsForParentRequest(input)
|
|
return out, req.Send()
|
|
}
|
|
|
|
// ListAccountsForParentWithContext is the same as ListAccountsForParent with the addition of
|
|
// the ability to pass a context and additional request options.
|
|
//
|
|
// See ListAccountsForParent for details on how to use this API operation.
|
|
//
|
|
// The context must be non-nil and will be used for request cancellation. If
|
|
// the context is nil a panic will occur. In the future the SDK may create
|
|
// sub-contexts for http.Requests. See https://golang.org/pkg/context/
|
|
// for more information on using Contexts.
|
|
func (c *Organizations) ListAccountsForParentWithContext(ctx aws.Context, input *ListAccountsForParentInput, opts ...request.Option) (*ListAccountsForParentOutput, error) {
|
|
req, out := c.ListAccountsForParentRequest(input)
|
|
req.SetContext(ctx)
|
|
req.ApplyOptions(opts...)
|
|
return out, req.Send()
|
|
}
|
|
|
|
// ListAccountsForParentPages iterates over the pages of a ListAccountsForParent operation,
|
|
// calling the "fn" function with the response data for each page. To stop
|
|
// iterating, return false from the fn function.
|
|
//
|
|
// See ListAccountsForParent method for more information on how to use this operation.
|
|
//
|
|
// Note: This operation can generate multiple requests to a service.
|
|
//
|
|
// // Example iterating over at most 3 pages of a ListAccountsForParent operation.
|
|
// pageNum := 0
|
|
// err := client.ListAccountsForParentPages(params,
|
|
// func(page *ListAccountsForParentOutput, lastPage bool) bool {
|
|
// pageNum++
|
|
// fmt.Println(page)
|
|
// return pageNum <= 3
|
|
// })
|
|
//
|
|
func (c *Organizations) ListAccountsForParentPages(input *ListAccountsForParentInput, fn func(*ListAccountsForParentOutput, bool) bool) error {
|
|
return c.ListAccountsForParentPagesWithContext(aws.BackgroundContext(), input, fn)
|
|
}
|
|
|
|
// ListAccountsForParentPagesWithContext same as ListAccountsForParentPages except
|
|
// it takes a Context and allows setting request options on the pages.
|
|
//
|
|
// The context must be non-nil and will be used for request cancellation. If
|
|
// the context is nil a panic will occur. In the future the SDK may create
|
|
// sub-contexts for http.Requests. See https://golang.org/pkg/context/
|
|
// for more information on using Contexts.
|
|
func (c *Organizations) ListAccountsForParentPagesWithContext(ctx aws.Context, input *ListAccountsForParentInput, fn func(*ListAccountsForParentOutput, bool) bool, opts ...request.Option) error {
|
|
p := request.Pagination{
|
|
NewRequest: func() (*request.Request, error) {
|
|
var inCpy *ListAccountsForParentInput
|
|
if input != nil {
|
|
tmp := *input
|
|
inCpy = &tmp
|
|
}
|
|
req, _ := c.ListAccountsForParentRequest(inCpy)
|
|
req.SetContext(ctx)
|
|
req.ApplyOptions(opts...)
|
|
return req, nil
|
|
},
|
|
}
|
|
|
|
cont := true
|
|
for p.Next() && cont {
|
|
cont = fn(p.Page().(*ListAccountsForParentOutput), !p.HasNextPage())
|
|
}
|
|
return p.Err()
|
|
}
|
|
|
|
const opListChildren = "ListChildren"
|
|
|
|
// ListChildrenRequest generates a "aws/request.Request" representing the
|
|
// client's request for the ListChildren operation. The "output" return
|
|
// value will be populated with the request's response once the request completes
|
|
// successfuly.
|
|
//
|
|
// Use "Send" method on the returned Request to send the API call to the service.
|
|
// the "output" return value is not valid until after Send returns without error.
|
|
//
|
|
// See ListChildren for more information on using the ListChildren
|
|
// API call, and error handling.
|
|
//
|
|
// This method is useful when you want to inject custom logic or configuration
|
|
// into the SDK's request lifecycle. Such as custom headers, or retry logic.
|
|
//
|
|
//
|
|
// // Example sending a request using the ListChildrenRequest method.
|
|
// req, resp := client.ListChildrenRequest(params)
|
|
//
|
|
// err := req.Send()
|
|
// if err == nil { // resp is now filled
|
|
// fmt.Println(resp)
|
|
// }
|
|
//
|
|
// See also, https://docs.aws.amazon.com/goto/WebAPI/organizations-2016-11-28/ListChildren
|
|
func (c *Organizations) ListChildrenRequest(input *ListChildrenInput) (req *request.Request, output *ListChildrenOutput) {
|
|
op := &request.Operation{
|
|
Name: opListChildren,
|
|
HTTPMethod: "POST",
|
|
HTTPPath: "/",
|
|
Paginator: &request.Paginator{
|
|
InputTokens: []string{"NextToken"},
|
|
OutputTokens: []string{"NextToken"},
|
|
LimitToken: "MaxResults",
|
|
TruncationToken: "",
|
|
},
|
|
}
|
|
|
|
if input == nil {
|
|
input = &ListChildrenInput{}
|
|
}
|
|
|
|
output = &ListChildrenOutput{}
|
|
req = c.newRequest(op, input, output)
|
|
return
|
|
}
|
|
|
|
// ListChildren API operation for AWS Organizations.
|
|
//
|
|
// Lists all of the OUs or accounts that are contained in the specified parent
|
|
// OU or root. This operation, along with ListParents enables you to traverse
|
|
// the tree structure that makes up this root.
|
|
//
|
|
// Always check the NextToken response parameter for a null value when calling
|
|
// a List* operation. These operations can occasionally return an empty set
|
|
// of results even when there are more results available. The NextToken response
|
|
// parameter value is nullonly when there are no more results to display.
|
|
//
|
|
// This operation can be called only from the organization's master account.
|
|
//
|
|
// Returns awserr.Error for service API and SDK errors. Use runtime type assertions
|
|
// with awserr.Error's Code and Message methods to get detailed information about
|
|
// the error.
|
|
//
|
|
// See the AWS API reference guide for AWS Organizations's
|
|
// API operation ListChildren for usage and error information.
|
|
//
|
|
// Returned Error Codes:
|
|
// * ErrCodeAccessDeniedException "AccessDeniedException"
|
|
// You don't have permissions to perform the requested operation. The user or
|
|
// role that is making the request must have at least one IAM permissions policy
|
|
// attached that grants the required permissions. For more information, see
|
|
// Access Management (http://docs.aws.amazon.com/IAM/latest/UserGuide/access.html)
|
|
// in the IAM User Guide.
|
|
//
|
|
// * ErrCodeAWSOrganizationsNotInUseException "AWSOrganizationsNotInUseException"
|
|
// Your account is not a member of an organization. To make this request, you
|
|
// must use the credentials of an account that belongs to an organization.
|
|
//
|
|
// * ErrCodeInvalidInputException "InvalidInputException"
|
|
// The requested operation failed because you provided invalid values for one
|
|
// or more of the request parameters. This exception includes a reason that
|
|
// contains additional information about the violated limit:
|
|
//
|
|
// Some of the reasons in the following list might not be applicable to this
|
|
// specific API or operation:
|
|
//
|
|
// * IMMUTABLE_POLICY: You specified a policy that is managed by AWS and
|
|
// cannot be modified.
|
|
//
|
|
// * INPUT_REQUIRED: You must include a value for all required parameters.
|
|
//
|
|
// * INVALID_ENUM: You specified a value that is not valid for that parameter.
|
|
//
|
|
// * INVALID_FULL_NAME_TARGET: You specified a full name that contains invalid
|
|
// characters.
|
|
//
|
|
// * INVALID_LIST_MEMBER: You provided a list to a parameter that contains
|
|
// at least one invalid value.
|
|
//
|
|
// * INVALID_PARTY_TYPE_TARGET: You specified the wrong type of entity (account,
|
|
// organization, or email) as a party.
|
|
//
|
|
// * INVALID_PAGINATION_TOKEN: Get the value for the NextToken parameter
|
|
// from the response to a previous call of the operation.
|
|
//
|
|
// * INVALID_PATTERN: You provided a value that doesn't match the required
|
|
// pattern.
|
|
//
|
|
// * INVALID_PATTERN_TARGET_ID: You specified a policy target ID that doesn't
|
|
// match the required pattern.
|
|
//
|
|
// * INVALID_ROLE_NAME: You provided a role name that is not valid. A role
|
|
// name can’t begin with the reserved prefix 'AWSServiceRoleFor'.
|
|
//
|
|
// * INVALID_SYNTAX_ORGANIZATION_ARN: You specified an invalid ARN for the
|
|
// organization.
|
|
//
|
|
// * INVALID_SYNTAX_POLICY_ID: You specified an invalid policy ID.
|
|
//
|
|
// * MAX_FILTER_LIMIT_EXCEEDED: You can specify only one filter parameter
|
|
// for the operation.
|
|
//
|
|
// * MAX_LENGTH_EXCEEDED: You provided a string parameter that is longer
|
|
// than allowed.
|
|
//
|
|
// * MAX_VALUE_EXCEEDED: You provided a numeric parameter that has a larger
|
|
// value than allowed.
|
|
//
|
|
// * MIN_LENGTH_EXCEEDED: You provided a string parameter that is shorter
|
|
// than allowed.
|
|
//
|
|
// * MIN_VALUE_EXCEEDED: You provided a numeric parameter that has a smaller
|
|
// value than allowed.
|
|
//
|
|
// * MOVING_ACCOUNT_BETWEEN_DIFFERENT_ROOTS: You can move an account only
|
|
// between entities in the same root.
|
|
//
|
|
// * ErrCodeParentNotFoundException "ParentNotFoundException"
|
|
// We can't find a root or organizational unit (OU) with the ParentId that you
|
|
// specified.
|
|
//
|
|
// * ErrCodeServiceException "ServiceException"
|
|
// AWS Organizations can't complete your request because of an internal service
|
|
// error. Try again later.
|
|
//
|
|
// * ErrCodeTooManyRequestsException "TooManyRequestsException"
|
|
// You've sent too many requests in too short a period of time. The limit helps
|
|
// protect against denial-of-service attacks. Try again later.
|
|
//
|
|
// See also, https://docs.aws.amazon.com/goto/WebAPI/organizations-2016-11-28/ListChildren
|
|
func (c *Organizations) ListChildren(input *ListChildrenInput) (*ListChildrenOutput, error) {
|
|
req, out := c.ListChildrenRequest(input)
|
|
return out, req.Send()
|
|
}
|
|
|
|
// ListChildrenWithContext is the same as ListChildren with the addition of
|
|
// the ability to pass a context and additional request options.
|
|
//
|
|
// See ListChildren for details on how to use this API operation.
|
|
//
|
|
// The context must be non-nil and will be used for request cancellation. If
|
|
// the context is nil a panic will occur. In the future the SDK may create
|
|
// sub-contexts for http.Requests. See https://golang.org/pkg/context/
|
|
// for more information on using Contexts.
|
|
func (c *Organizations) ListChildrenWithContext(ctx aws.Context, input *ListChildrenInput, opts ...request.Option) (*ListChildrenOutput, error) {
|
|
req, out := c.ListChildrenRequest(input)
|
|
req.SetContext(ctx)
|
|
req.ApplyOptions(opts...)
|
|
return out, req.Send()
|
|
}
|
|
|
|
// ListChildrenPages iterates over the pages of a ListChildren operation,
|
|
// calling the "fn" function with the response data for each page. To stop
|
|
// iterating, return false from the fn function.
|
|
//
|
|
// See ListChildren method for more information on how to use this operation.
|
|
//
|
|
// Note: This operation can generate multiple requests to a service.
|
|
//
|
|
// // Example iterating over at most 3 pages of a ListChildren operation.
|
|
// pageNum := 0
|
|
// err := client.ListChildrenPages(params,
|
|
// func(page *ListChildrenOutput, lastPage bool) bool {
|
|
// pageNum++
|
|
// fmt.Println(page)
|
|
// return pageNum <= 3
|
|
// })
|
|
//
|
|
func (c *Organizations) ListChildrenPages(input *ListChildrenInput, fn func(*ListChildrenOutput, bool) bool) error {
|
|
return c.ListChildrenPagesWithContext(aws.BackgroundContext(), input, fn)
|
|
}
|
|
|
|
// ListChildrenPagesWithContext same as ListChildrenPages except
|
|
// it takes a Context and allows setting request options on the pages.
|
|
//
|
|
// The context must be non-nil and will be used for request cancellation. If
|
|
// the context is nil a panic will occur. In the future the SDK may create
|
|
// sub-contexts for http.Requests. See https://golang.org/pkg/context/
|
|
// for more information on using Contexts.
|
|
func (c *Organizations) ListChildrenPagesWithContext(ctx aws.Context, input *ListChildrenInput, fn func(*ListChildrenOutput, bool) bool, opts ...request.Option) error {
|
|
p := request.Pagination{
|
|
NewRequest: func() (*request.Request, error) {
|
|
var inCpy *ListChildrenInput
|
|
if input != nil {
|
|
tmp := *input
|
|
inCpy = &tmp
|
|
}
|
|
req, _ := c.ListChildrenRequest(inCpy)
|
|
req.SetContext(ctx)
|
|
req.ApplyOptions(opts...)
|
|
return req, nil
|
|
},
|
|
}
|
|
|
|
cont := true
|
|
for p.Next() && cont {
|
|
cont = fn(p.Page().(*ListChildrenOutput), !p.HasNextPage())
|
|
}
|
|
return p.Err()
|
|
}
|
|
|
|
const opListCreateAccountStatus = "ListCreateAccountStatus"
|
|
|
|
// ListCreateAccountStatusRequest generates a "aws/request.Request" representing the
|
|
// client's request for the ListCreateAccountStatus operation. The "output" return
|
|
// value will be populated with the request's response once the request completes
|
|
// successfuly.
|
|
//
|
|
// Use "Send" method on the returned Request to send the API call to the service.
|
|
// the "output" return value is not valid until after Send returns without error.
|
|
//
|
|
// See ListCreateAccountStatus for more information on using the ListCreateAccountStatus
|
|
// API call, and error handling.
|
|
//
|
|
// This method is useful when you want to inject custom logic or configuration
|
|
// into the SDK's request lifecycle. Such as custom headers, or retry logic.
|
|
//
|
|
//
|
|
// // Example sending a request using the ListCreateAccountStatusRequest method.
|
|
// req, resp := client.ListCreateAccountStatusRequest(params)
|
|
//
|
|
// err := req.Send()
|
|
// if err == nil { // resp is now filled
|
|
// fmt.Println(resp)
|
|
// }
|
|
//
|
|
// See also, https://docs.aws.amazon.com/goto/WebAPI/organizations-2016-11-28/ListCreateAccountStatus
|
|
func (c *Organizations) ListCreateAccountStatusRequest(input *ListCreateAccountStatusInput) (req *request.Request, output *ListCreateAccountStatusOutput) {
|
|
op := &request.Operation{
|
|
Name: opListCreateAccountStatus,
|
|
HTTPMethod: "POST",
|
|
HTTPPath: "/",
|
|
Paginator: &request.Paginator{
|
|
InputTokens: []string{"NextToken"},
|
|
OutputTokens: []string{"NextToken"},
|
|
LimitToken: "MaxResults",
|
|
TruncationToken: "",
|
|
},
|
|
}
|
|
|
|
if input == nil {
|
|
input = &ListCreateAccountStatusInput{}
|
|
}
|
|
|
|
output = &ListCreateAccountStatusOutput{}
|
|
req = c.newRequest(op, input, output)
|
|
return
|
|
}
|
|
|
|
// ListCreateAccountStatus API operation for AWS Organizations.
|
|
//
|
|
// Lists the account creation requests that match the specified status that
|
|
// is currently being tracked for the organization.
|
|
//
|
|
// Always check the NextToken response parameter for a null value when calling
|
|
// a List* operation. These operations can occasionally return an empty set
|
|
// of results even when there are more results available. The NextToken response
|
|
// parameter value is nullonly when there are no more results to display.
|
|
//
|
|
// This operation can be called only from the organization's master account.
|
|
//
|
|
// Returns awserr.Error for service API and SDK errors. Use runtime type assertions
|
|
// with awserr.Error's Code and Message methods to get detailed information about
|
|
// the error.
|
|
//
|
|
// See the AWS API reference guide for AWS Organizations's
|
|
// API operation ListCreateAccountStatus for usage and error information.
|
|
//
|
|
// Returned Error Codes:
|
|
// * ErrCodeAccessDeniedException "AccessDeniedException"
|
|
// You don't have permissions to perform the requested operation. The user or
|
|
// role that is making the request must have at least one IAM permissions policy
|
|
// attached that grants the required permissions. For more information, see
|
|
// Access Management (http://docs.aws.amazon.com/IAM/latest/UserGuide/access.html)
|
|
// in the IAM User Guide.
|
|
//
|
|
// * ErrCodeAWSOrganizationsNotInUseException "AWSOrganizationsNotInUseException"
|
|
// Your account is not a member of an organization. To make this request, you
|
|
// must use the credentials of an account that belongs to an organization.
|
|
//
|
|
// * ErrCodeInvalidInputException "InvalidInputException"
|
|
// The requested operation failed because you provided invalid values for one
|
|
// or more of the request parameters. This exception includes a reason that
|
|
// contains additional information about the violated limit:
|
|
//
|
|
// Some of the reasons in the following list might not be applicable to this
|
|
// specific API or operation:
|
|
//
|
|
// * IMMUTABLE_POLICY: You specified a policy that is managed by AWS and
|
|
// cannot be modified.
|
|
//
|
|
// * INPUT_REQUIRED: You must include a value for all required parameters.
|
|
//
|
|
// * INVALID_ENUM: You specified a value that is not valid for that parameter.
|
|
//
|
|
// * INVALID_FULL_NAME_TARGET: You specified a full name that contains invalid
|
|
// characters.
|
|
//
|
|
// * INVALID_LIST_MEMBER: You provided a list to a parameter that contains
|
|
// at least one invalid value.
|
|
//
|
|
// * INVALID_PARTY_TYPE_TARGET: You specified the wrong type of entity (account,
|
|
// organization, or email) as a party.
|
|
//
|
|
// * INVALID_PAGINATION_TOKEN: Get the value for the NextToken parameter
|
|
// from the response to a previous call of the operation.
|
|
//
|
|
// * INVALID_PATTERN: You provided a value that doesn't match the required
|
|
// pattern.
|
|
//
|
|
// * INVALID_PATTERN_TARGET_ID: You specified a policy target ID that doesn't
|
|
// match the required pattern.
|
|
//
|
|
// * INVALID_ROLE_NAME: You provided a role name that is not valid. A role
|
|
// name can’t begin with the reserved prefix 'AWSServiceRoleFor'.
|
|
//
|
|
// * INVALID_SYNTAX_ORGANIZATION_ARN: You specified an invalid ARN for the
|
|
// organization.
|
|
//
|
|
// * INVALID_SYNTAX_POLICY_ID: You specified an invalid policy ID.
|
|
//
|
|
// * MAX_FILTER_LIMIT_EXCEEDED: You can specify only one filter parameter
|
|
// for the operation.
|
|
//
|
|
// * MAX_LENGTH_EXCEEDED: You provided a string parameter that is longer
|
|
// than allowed.
|
|
//
|
|
// * MAX_VALUE_EXCEEDED: You provided a numeric parameter that has a larger
|
|
// value than allowed.
|
|
//
|
|
// * MIN_LENGTH_EXCEEDED: You provided a string parameter that is shorter
|
|
// than allowed.
|
|
//
|
|
// * MIN_VALUE_EXCEEDED: You provided a numeric parameter that has a smaller
|
|
// value than allowed.
|
|
//
|
|
// * MOVING_ACCOUNT_BETWEEN_DIFFERENT_ROOTS: You can move an account only
|
|
// between entities in the same root.
|
|
//
|
|
// * ErrCodeServiceException "ServiceException"
|
|
// AWS Organizations can't complete your request because of an internal service
|
|
// error. Try again later.
|
|
//
|
|
// * ErrCodeTooManyRequestsException "TooManyRequestsException"
|
|
// You've sent too many requests in too short a period of time. The limit helps
|
|
// protect against denial-of-service attacks. Try again later.
|
|
//
|
|
// See also, https://docs.aws.amazon.com/goto/WebAPI/organizations-2016-11-28/ListCreateAccountStatus
|
|
func (c *Organizations) ListCreateAccountStatus(input *ListCreateAccountStatusInput) (*ListCreateAccountStatusOutput, error) {
|
|
req, out := c.ListCreateAccountStatusRequest(input)
|
|
return out, req.Send()
|
|
}
|
|
|
|
// ListCreateAccountStatusWithContext is the same as ListCreateAccountStatus with the addition of
|
|
// the ability to pass a context and additional request options.
|
|
//
|
|
// See ListCreateAccountStatus for details on how to use this API operation.
|
|
//
|
|
// The context must be non-nil and will be used for request cancellation. If
|
|
// the context is nil a panic will occur. In the future the SDK may create
|
|
// sub-contexts for http.Requests. See https://golang.org/pkg/context/
|
|
// for more information on using Contexts.
|
|
func (c *Organizations) ListCreateAccountStatusWithContext(ctx aws.Context, input *ListCreateAccountStatusInput, opts ...request.Option) (*ListCreateAccountStatusOutput, error) {
|
|
req, out := c.ListCreateAccountStatusRequest(input)
|
|
req.SetContext(ctx)
|
|
req.ApplyOptions(opts...)
|
|
return out, req.Send()
|
|
}
|
|
|
|
// ListCreateAccountStatusPages iterates over the pages of a ListCreateAccountStatus operation,
|
|
// calling the "fn" function with the response data for each page. To stop
|
|
// iterating, return false from the fn function.
|
|
//
|
|
// See ListCreateAccountStatus method for more information on how to use this operation.
|
|
//
|
|
// Note: This operation can generate multiple requests to a service.
|
|
//
|
|
// // Example iterating over at most 3 pages of a ListCreateAccountStatus operation.
|
|
// pageNum := 0
|
|
// err := client.ListCreateAccountStatusPages(params,
|
|
// func(page *ListCreateAccountStatusOutput, lastPage bool) bool {
|
|
// pageNum++
|
|
// fmt.Println(page)
|
|
// return pageNum <= 3
|
|
// })
|
|
//
|
|
func (c *Organizations) ListCreateAccountStatusPages(input *ListCreateAccountStatusInput, fn func(*ListCreateAccountStatusOutput, bool) bool) error {
|
|
return c.ListCreateAccountStatusPagesWithContext(aws.BackgroundContext(), input, fn)
|
|
}
|
|
|
|
// ListCreateAccountStatusPagesWithContext same as ListCreateAccountStatusPages except
|
|
// it takes a Context and allows setting request options on the pages.
|
|
//
|
|
// The context must be non-nil and will be used for request cancellation. If
|
|
// the context is nil a panic will occur. In the future the SDK may create
|
|
// sub-contexts for http.Requests. See https://golang.org/pkg/context/
|
|
// for more information on using Contexts.
|
|
func (c *Organizations) ListCreateAccountStatusPagesWithContext(ctx aws.Context, input *ListCreateAccountStatusInput, fn func(*ListCreateAccountStatusOutput, bool) bool, opts ...request.Option) error {
|
|
p := request.Pagination{
|
|
NewRequest: func() (*request.Request, error) {
|
|
var inCpy *ListCreateAccountStatusInput
|
|
if input != nil {
|
|
tmp := *input
|
|
inCpy = &tmp
|
|
}
|
|
req, _ := c.ListCreateAccountStatusRequest(inCpy)
|
|
req.SetContext(ctx)
|
|
req.ApplyOptions(opts...)
|
|
return req, nil
|
|
},
|
|
}
|
|
|
|
cont := true
|
|
for p.Next() && cont {
|
|
cont = fn(p.Page().(*ListCreateAccountStatusOutput), !p.HasNextPage())
|
|
}
|
|
return p.Err()
|
|
}
|
|
|
|
const opListHandshakesForAccount = "ListHandshakesForAccount"
|
|
|
|
// ListHandshakesForAccountRequest generates a "aws/request.Request" representing the
|
|
// client's request for the ListHandshakesForAccount operation. The "output" return
|
|
// value will be populated with the request's response once the request completes
|
|
// successfuly.
|
|
//
|
|
// Use "Send" method on the returned Request to send the API call to the service.
|
|
// the "output" return value is not valid until after Send returns without error.
|
|
//
|
|
// See ListHandshakesForAccount for more information on using the ListHandshakesForAccount
|
|
// API call, and error handling.
|
|
//
|
|
// This method is useful when you want to inject custom logic or configuration
|
|
// into the SDK's request lifecycle. Such as custom headers, or retry logic.
|
|
//
|
|
//
|
|
// // Example sending a request using the ListHandshakesForAccountRequest method.
|
|
// req, resp := client.ListHandshakesForAccountRequest(params)
|
|
//
|
|
// err := req.Send()
|
|
// if err == nil { // resp is now filled
|
|
// fmt.Println(resp)
|
|
// }
|
|
//
|
|
// See also, https://docs.aws.amazon.com/goto/WebAPI/organizations-2016-11-28/ListHandshakesForAccount
|
|
func (c *Organizations) ListHandshakesForAccountRequest(input *ListHandshakesForAccountInput) (req *request.Request, output *ListHandshakesForAccountOutput) {
|
|
op := &request.Operation{
|
|
Name: opListHandshakesForAccount,
|
|
HTTPMethod: "POST",
|
|
HTTPPath: "/",
|
|
Paginator: &request.Paginator{
|
|
InputTokens: []string{"NextToken"},
|
|
OutputTokens: []string{"NextToken"},
|
|
LimitToken: "MaxResults",
|
|
TruncationToken: "",
|
|
},
|
|
}
|
|
|
|
if input == nil {
|
|
input = &ListHandshakesForAccountInput{}
|
|
}
|
|
|
|
output = &ListHandshakesForAccountOutput{}
|
|
req = c.newRequest(op, input, output)
|
|
return
|
|
}
|
|
|
|
// ListHandshakesForAccount API operation for AWS Organizations.
|
|
//
|
|
// Lists the current handshakes that are associated with the account of the
|
|
// requesting user.
|
|
//
|
|
// Handshakes that are ACCEPTED, DECLINED, or CANCELED appear in the results
|
|
// of this API for only 30 days after changing to that state. After that they
|
|
// are deleted and no longer accessible.
|
|
//
|
|
// Always check the NextToken response parameter for a null value when calling
|
|
// a List* operation. These operations can occasionally return an empty set
|
|
// of results even when there are more results available. The NextToken response
|
|
// parameter value is nullonly when there are no more results to display.
|
|
//
|
|
// This operation can be called from any account in the organization.
|
|
//
|
|
// Returns awserr.Error for service API and SDK errors. Use runtime type assertions
|
|
// with awserr.Error's Code and Message methods to get detailed information about
|
|
// the error.
|
|
//
|
|
// See the AWS API reference guide for AWS Organizations's
|
|
// API operation ListHandshakesForAccount for usage and error information.
|
|
//
|
|
// Returned Error Codes:
|
|
// * ErrCodeAccessDeniedException "AccessDeniedException"
|
|
// You don't have permissions to perform the requested operation. The user or
|
|
// role that is making the request must have at least one IAM permissions policy
|
|
// attached that grants the required permissions. For more information, see
|
|
// Access Management (http://docs.aws.amazon.com/IAM/latest/UserGuide/access.html)
|
|
// in the IAM User Guide.
|
|
//
|
|
// * ErrCodeConcurrentModificationException "ConcurrentModificationException"
|
|
// The target of the operation is currently being modified by a different request.
|
|
// Try again later.
|
|
//
|
|
// * ErrCodeInvalidInputException "InvalidInputException"
|
|
// The requested operation failed because you provided invalid values for one
|
|
// or more of the request parameters. This exception includes a reason that
|
|
// contains additional information about the violated limit:
|
|
//
|
|
// Some of the reasons in the following list might not be applicable to this
|
|
// specific API or operation:
|
|
//
|
|
// * IMMUTABLE_POLICY: You specified a policy that is managed by AWS and
|
|
// cannot be modified.
|
|
//
|
|
// * INPUT_REQUIRED: You must include a value for all required parameters.
|
|
//
|
|
// * INVALID_ENUM: You specified a value that is not valid for that parameter.
|
|
//
|
|
// * INVALID_FULL_NAME_TARGET: You specified a full name that contains invalid
|
|
// characters.
|
|
//
|
|
// * INVALID_LIST_MEMBER: You provided a list to a parameter that contains
|
|
// at least one invalid value.
|
|
//
|
|
// * INVALID_PARTY_TYPE_TARGET: You specified the wrong type of entity (account,
|
|
// organization, or email) as a party.
|
|
//
|
|
// * INVALID_PAGINATION_TOKEN: Get the value for the NextToken parameter
|
|
// from the response to a previous call of the operation.
|
|
//
|
|
// * INVALID_PATTERN: You provided a value that doesn't match the required
|
|
// pattern.
|
|
//
|
|
// * INVALID_PATTERN_TARGET_ID: You specified a policy target ID that doesn't
|
|
// match the required pattern.
|
|
//
|
|
// * INVALID_ROLE_NAME: You provided a role name that is not valid. A role
|
|
// name can’t begin with the reserved prefix 'AWSServiceRoleFor'.
|
|
//
|
|
// * INVALID_SYNTAX_ORGANIZATION_ARN: You specified an invalid ARN for the
|
|
// organization.
|
|
//
|
|
// * INVALID_SYNTAX_POLICY_ID: You specified an invalid policy ID.
|
|
//
|
|
// * MAX_FILTER_LIMIT_EXCEEDED: You can specify only one filter parameter
|
|
// for the operation.
|
|
//
|
|
// * MAX_LENGTH_EXCEEDED: You provided a string parameter that is longer
|
|
// than allowed.
|
|
//
|
|
// * MAX_VALUE_EXCEEDED: You provided a numeric parameter that has a larger
|
|
// value than allowed.
|
|
//
|
|
// * MIN_LENGTH_EXCEEDED: You provided a string parameter that is shorter
|
|
// than allowed.
|
|
//
|
|
// * MIN_VALUE_EXCEEDED: You provided a numeric parameter that has a smaller
|
|
// value than allowed.
|
|
//
|
|
// * MOVING_ACCOUNT_BETWEEN_DIFFERENT_ROOTS: You can move an account only
|
|
// between entities in the same root.
|
|
//
|
|
// * ErrCodeServiceException "ServiceException"
|
|
// AWS Organizations can't complete your request because of an internal service
|
|
// error. Try again later.
|
|
//
|
|
// * ErrCodeTooManyRequestsException "TooManyRequestsException"
|
|
// You've sent too many requests in too short a period of time. The limit helps
|
|
// protect against denial-of-service attacks. Try again later.
|
|
//
|
|
// See also, https://docs.aws.amazon.com/goto/WebAPI/organizations-2016-11-28/ListHandshakesForAccount
|
|
func (c *Organizations) ListHandshakesForAccount(input *ListHandshakesForAccountInput) (*ListHandshakesForAccountOutput, error) {
|
|
req, out := c.ListHandshakesForAccountRequest(input)
|
|
return out, req.Send()
|
|
}
|
|
|
|
// ListHandshakesForAccountWithContext is the same as ListHandshakesForAccount with the addition of
|
|
// the ability to pass a context and additional request options.
|
|
//
|
|
// See ListHandshakesForAccount for details on how to use this API operation.
|
|
//
|
|
// The context must be non-nil and will be used for request cancellation. If
|
|
// the context is nil a panic will occur. In the future the SDK may create
|
|
// sub-contexts for http.Requests. See https://golang.org/pkg/context/
|
|
// for more information on using Contexts.
|
|
func (c *Organizations) ListHandshakesForAccountWithContext(ctx aws.Context, input *ListHandshakesForAccountInput, opts ...request.Option) (*ListHandshakesForAccountOutput, error) {
|
|
req, out := c.ListHandshakesForAccountRequest(input)
|
|
req.SetContext(ctx)
|
|
req.ApplyOptions(opts...)
|
|
return out, req.Send()
|
|
}
|
|
|
|
// ListHandshakesForAccountPages iterates over the pages of a ListHandshakesForAccount operation,
|
|
// calling the "fn" function with the response data for each page. To stop
|
|
// iterating, return false from the fn function.
|
|
//
|
|
// See ListHandshakesForAccount method for more information on how to use this operation.
|
|
//
|
|
// Note: This operation can generate multiple requests to a service.
|
|
//
|
|
// // Example iterating over at most 3 pages of a ListHandshakesForAccount operation.
|
|
// pageNum := 0
|
|
// err := client.ListHandshakesForAccountPages(params,
|
|
// func(page *ListHandshakesForAccountOutput, lastPage bool) bool {
|
|
// pageNum++
|
|
// fmt.Println(page)
|
|
// return pageNum <= 3
|
|
// })
|
|
//
|
|
func (c *Organizations) ListHandshakesForAccountPages(input *ListHandshakesForAccountInput, fn func(*ListHandshakesForAccountOutput, bool) bool) error {
|
|
return c.ListHandshakesForAccountPagesWithContext(aws.BackgroundContext(), input, fn)
|
|
}
|
|
|
|
// ListHandshakesForAccountPagesWithContext same as ListHandshakesForAccountPages except
|
|
// it takes a Context and allows setting request options on the pages.
|
|
//
|
|
// The context must be non-nil and will be used for request cancellation. If
|
|
// the context is nil a panic will occur. In the future the SDK may create
|
|
// sub-contexts for http.Requests. See https://golang.org/pkg/context/
|
|
// for more information on using Contexts.
|
|
func (c *Organizations) ListHandshakesForAccountPagesWithContext(ctx aws.Context, input *ListHandshakesForAccountInput, fn func(*ListHandshakesForAccountOutput, bool) bool, opts ...request.Option) error {
|
|
p := request.Pagination{
|
|
NewRequest: func() (*request.Request, error) {
|
|
var inCpy *ListHandshakesForAccountInput
|
|
if input != nil {
|
|
tmp := *input
|
|
inCpy = &tmp
|
|
}
|
|
req, _ := c.ListHandshakesForAccountRequest(inCpy)
|
|
req.SetContext(ctx)
|
|
req.ApplyOptions(opts...)
|
|
return req, nil
|
|
},
|
|
}
|
|
|
|
cont := true
|
|
for p.Next() && cont {
|
|
cont = fn(p.Page().(*ListHandshakesForAccountOutput), !p.HasNextPage())
|
|
}
|
|
return p.Err()
|
|
}
|
|
|
|
const opListHandshakesForOrganization = "ListHandshakesForOrganization"
|
|
|
|
// ListHandshakesForOrganizationRequest generates a "aws/request.Request" representing the
|
|
// client's request for the ListHandshakesForOrganization operation. The "output" return
|
|
// value will be populated with the request's response once the request completes
|
|
// successfuly.
|
|
//
|
|
// Use "Send" method on the returned Request to send the API call to the service.
|
|
// the "output" return value is not valid until after Send returns without error.
|
|
//
|
|
// See ListHandshakesForOrganization for more information on using the ListHandshakesForOrganization
|
|
// API call, and error handling.
|
|
//
|
|
// This method is useful when you want to inject custom logic or configuration
|
|
// into the SDK's request lifecycle. Such as custom headers, or retry logic.
|
|
//
|
|
//
|
|
// // Example sending a request using the ListHandshakesForOrganizationRequest method.
|
|
// req, resp := client.ListHandshakesForOrganizationRequest(params)
|
|
//
|
|
// err := req.Send()
|
|
// if err == nil { // resp is now filled
|
|
// fmt.Println(resp)
|
|
// }
|
|
//
|
|
// See also, https://docs.aws.amazon.com/goto/WebAPI/organizations-2016-11-28/ListHandshakesForOrganization
|
|
func (c *Organizations) ListHandshakesForOrganizationRequest(input *ListHandshakesForOrganizationInput) (req *request.Request, output *ListHandshakesForOrganizationOutput) {
|
|
op := &request.Operation{
|
|
Name: opListHandshakesForOrganization,
|
|
HTTPMethod: "POST",
|
|
HTTPPath: "/",
|
|
Paginator: &request.Paginator{
|
|
InputTokens: []string{"NextToken"},
|
|
OutputTokens: []string{"NextToken"},
|
|
LimitToken: "MaxResults",
|
|
TruncationToken: "",
|
|
},
|
|
}
|
|
|
|
if input == nil {
|
|
input = &ListHandshakesForOrganizationInput{}
|
|
}
|
|
|
|
output = &ListHandshakesForOrganizationOutput{}
|
|
req = c.newRequest(op, input, output)
|
|
return
|
|
}
|
|
|
|
// ListHandshakesForOrganization API operation for AWS Organizations.
|
|
//
|
|
// Lists the handshakes that are associated with the organization that the requesting
|
|
// user is part of. The ListHandshakesForOrganization operation returns a list
|
|
// of handshake structures. Each structure contains details and status about
|
|
// a handshake.
|
|
//
|
|
// Handshakes that are ACCEPTED, DECLINED, or CANCELED appear in the results
|
|
// of this API for only 30 days after changing to that state. After that they
|
|
// are deleted and no longer accessible.
|
|
//
|
|
// Always check the NextToken response parameter for a null value when calling
|
|
// a List* operation. These operations can occasionally return an empty set
|
|
// of results even when there are more results available. The NextToken response
|
|
// parameter value is nullonly when there are no more results to display.
|
|
//
|
|
// This operation can be called only from the organization's master account.
|
|
//
|
|
// Returns awserr.Error for service API and SDK errors. Use runtime type assertions
|
|
// with awserr.Error's Code and Message methods to get detailed information about
|
|
// the error.
|
|
//
|
|
// See the AWS API reference guide for AWS Organizations's
|
|
// API operation ListHandshakesForOrganization for usage and error information.
|
|
//
|
|
// Returned Error Codes:
|
|
// * ErrCodeAccessDeniedException "AccessDeniedException"
|
|
// You don't have permissions to perform the requested operation. The user or
|
|
// role that is making the request must have at least one IAM permissions policy
|
|
// attached that grants the required permissions. For more information, see
|
|
// Access Management (http://docs.aws.amazon.com/IAM/latest/UserGuide/access.html)
|
|
// in the IAM User Guide.
|
|
//
|
|
// * ErrCodeAWSOrganizationsNotInUseException "AWSOrganizationsNotInUseException"
|
|
// Your account is not a member of an organization. To make this request, you
|
|
// must use the credentials of an account that belongs to an organization.
|
|
//
|
|
// * ErrCodeConcurrentModificationException "ConcurrentModificationException"
|
|
// The target of the operation is currently being modified by a different request.
|
|
// Try again later.
|
|
//
|
|
// * ErrCodeInvalidInputException "InvalidInputException"
|
|
// The requested operation failed because you provided invalid values for one
|
|
// or more of the request parameters. This exception includes a reason that
|
|
// contains additional information about the violated limit:
|
|
//
|
|
// Some of the reasons in the following list might not be applicable to this
|
|
// specific API or operation:
|
|
//
|
|
// * IMMUTABLE_POLICY: You specified a policy that is managed by AWS and
|
|
// cannot be modified.
|
|
//
|
|
// * INPUT_REQUIRED: You must include a value for all required parameters.
|
|
//
|
|
// * INVALID_ENUM: You specified a value that is not valid for that parameter.
|
|
//
|
|
// * INVALID_FULL_NAME_TARGET: You specified a full name that contains invalid
|
|
// characters.
|
|
//
|
|
// * INVALID_LIST_MEMBER: You provided a list to a parameter that contains
|
|
// at least one invalid value.
|
|
//
|
|
// * INVALID_PARTY_TYPE_TARGET: You specified the wrong type of entity (account,
|
|
// organization, or email) as a party.
|
|
//
|
|
// * INVALID_PAGINATION_TOKEN: Get the value for the NextToken parameter
|
|
// from the response to a previous call of the operation.
|
|
//
|
|
// * INVALID_PATTERN: You provided a value that doesn't match the required
|
|
// pattern.
|
|
//
|
|
// * INVALID_PATTERN_TARGET_ID: You specified a policy target ID that doesn't
|
|
// match the required pattern.
|
|
//
|
|
// * INVALID_ROLE_NAME: You provided a role name that is not valid. A role
|
|
// name can’t begin with the reserved prefix 'AWSServiceRoleFor'.
|
|
//
|
|
// * INVALID_SYNTAX_ORGANIZATION_ARN: You specified an invalid ARN for the
|
|
// organization.
|
|
//
|
|
// * INVALID_SYNTAX_POLICY_ID: You specified an invalid policy ID.
|
|
//
|
|
// * MAX_FILTER_LIMIT_EXCEEDED: You can specify only one filter parameter
|
|
// for the operation.
|
|
//
|
|
// * MAX_LENGTH_EXCEEDED: You provided a string parameter that is longer
|
|
// than allowed.
|
|
//
|
|
// * MAX_VALUE_EXCEEDED: You provided a numeric parameter that has a larger
|
|
// value than allowed.
|
|
//
|
|
// * MIN_LENGTH_EXCEEDED: You provided a string parameter that is shorter
|
|
// than allowed.
|
|
//
|
|
// * MIN_VALUE_EXCEEDED: You provided a numeric parameter that has a smaller
|
|
// value than allowed.
|
|
//
|
|
// * MOVING_ACCOUNT_BETWEEN_DIFFERENT_ROOTS: You can move an account only
|
|
// between entities in the same root.
|
|
//
|
|
// * ErrCodeServiceException "ServiceException"
|
|
// AWS Organizations can't complete your request because of an internal service
|
|
// error. Try again later.
|
|
//
|
|
// * ErrCodeTooManyRequestsException "TooManyRequestsException"
|
|
// You've sent too many requests in too short a period of time. The limit helps
|
|
// protect against denial-of-service attacks. Try again later.
|
|
//
|
|
// See also, https://docs.aws.amazon.com/goto/WebAPI/organizations-2016-11-28/ListHandshakesForOrganization
|
|
func (c *Organizations) ListHandshakesForOrganization(input *ListHandshakesForOrganizationInput) (*ListHandshakesForOrganizationOutput, error) {
|
|
req, out := c.ListHandshakesForOrganizationRequest(input)
|
|
return out, req.Send()
|
|
}
|
|
|
|
// ListHandshakesForOrganizationWithContext is the same as ListHandshakesForOrganization with the addition of
|
|
// the ability to pass a context and additional request options.
|
|
//
|
|
// See ListHandshakesForOrganization for details on how to use this API operation.
|
|
//
|
|
// The context must be non-nil and will be used for request cancellation. If
|
|
// the context is nil a panic will occur. In the future the SDK may create
|
|
// sub-contexts for http.Requests. See https://golang.org/pkg/context/
|
|
// for more information on using Contexts.
|
|
func (c *Organizations) ListHandshakesForOrganizationWithContext(ctx aws.Context, input *ListHandshakesForOrganizationInput, opts ...request.Option) (*ListHandshakesForOrganizationOutput, error) {
|
|
req, out := c.ListHandshakesForOrganizationRequest(input)
|
|
req.SetContext(ctx)
|
|
req.ApplyOptions(opts...)
|
|
return out, req.Send()
|
|
}
|
|
|
|
// ListHandshakesForOrganizationPages iterates over the pages of a ListHandshakesForOrganization operation,
|
|
// calling the "fn" function with the response data for each page. To stop
|
|
// iterating, return false from the fn function.
|
|
//
|
|
// See ListHandshakesForOrganization method for more information on how to use this operation.
|
|
//
|
|
// Note: This operation can generate multiple requests to a service.
|
|
//
|
|
// // Example iterating over at most 3 pages of a ListHandshakesForOrganization operation.
|
|
// pageNum := 0
|
|
// err := client.ListHandshakesForOrganizationPages(params,
|
|
// func(page *ListHandshakesForOrganizationOutput, lastPage bool) bool {
|
|
// pageNum++
|
|
// fmt.Println(page)
|
|
// return pageNum <= 3
|
|
// })
|
|
//
|
|
func (c *Organizations) ListHandshakesForOrganizationPages(input *ListHandshakesForOrganizationInput, fn func(*ListHandshakesForOrganizationOutput, bool) bool) error {
|
|
return c.ListHandshakesForOrganizationPagesWithContext(aws.BackgroundContext(), input, fn)
|
|
}
|
|
|
|
// ListHandshakesForOrganizationPagesWithContext same as ListHandshakesForOrganizationPages except
|
|
// it takes a Context and allows setting request options on the pages.
|
|
//
|
|
// The context must be non-nil and will be used for request cancellation. If
|
|
// the context is nil a panic will occur. In the future the SDK may create
|
|
// sub-contexts for http.Requests. See https://golang.org/pkg/context/
|
|
// for more information on using Contexts.
|
|
func (c *Organizations) ListHandshakesForOrganizationPagesWithContext(ctx aws.Context, input *ListHandshakesForOrganizationInput, fn func(*ListHandshakesForOrganizationOutput, bool) bool, opts ...request.Option) error {
|
|
p := request.Pagination{
|
|
NewRequest: func() (*request.Request, error) {
|
|
var inCpy *ListHandshakesForOrganizationInput
|
|
if input != nil {
|
|
tmp := *input
|
|
inCpy = &tmp
|
|
}
|
|
req, _ := c.ListHandshakesForOrganizationRequest(inCpy)
|
|
req.SetContext(ctx)
|
|
req.ApplyOptions(opts...)
|
|
return req, nil
|
|
},
|
|
}
|
|
|
|
cont := true
|
|
for p.Next() && cont {
|
|
cont = fn(p.Page().(*ListHandshakesForOrganizationOutput), !p.HasNextPage())
|
|
}
|
|
return p.Err()
|
|
}
|
|
|
|
const opListOrganizationalUnitsForParent = "ListOrganizationalUnitsForParent"
|
|
|
|
// ListOrganizationalUnitsForParentRequest generates a "aws/request.Request" representing the
|
|
// client's request for the ListOrganizationalUnitsForParent operation. The "output" return
|
|
// value will be populated with the request's response once the request completes
|
|
// successfuly.
|
|
//
|
|
// Use "Send" method on the returned Request to send the API call to the service.
|
|
// the "output" return value is not valid until after Send returns without error.
|
|
//
|
|
// See ListOrganizationalUnitsForParent for more information on using the ListOrganizationalUnitsForParent
|
|
// API call, and error handling.
|
|
//
|
|
// This method is useful when you want to inject custom logic or configuration
|
|
// into the SDK's request lifecycle. Such as custom headers, or retry logic.
|
|
//
|
|
//
|
|
// // Example sending a request using the ListOrganizationalUnitsForParentRequest method.
|
|
// req, resp := client.ListOrganizationalUnitsForParentRequest(params)
|
|
//
|
|
// err := req.Send()
|
|
// if err == nil { // resp is now filled
|
|
// fmt.Println(resp)
|
|
// }
|
|
//
|
|
// See also, https://docs.aws.amazon.com/goto/WebAPI/organizations-2016-11-28/ListOrganizationalUnitsForParent
|
|
func (c *Organizations) ListOrganizationalUnitsForParentRequest(input *ListOrganizationalUnitsForParentInput) (req *request.Request, output *ListOrganizationalUnitsForParentOutput) {
|
|
op := &request.Operation{
|
|
Name: opListOrganizationalUnitsForParent,
|
|
HTTPMethod: "POST",
|
|
HTTPPath: "/",
|
|
Paginator: &request.Paginator{
|
|
InputTokens: []string{"NextToken"},
|
|
OutputTokens: []string{"NextToken"},
|
|
LimitToken: "MaxResults",
|
|
TruncationToken: "",
|
|
},
|
|
}
|
|
|
|
if input == nil {
|
|
input = &ListOrganizationalUnitsForParentInput{}
|
|
}
|
|
|
|
output = &ListOrganizationalUnitsForParentOutput{}
|
|
req = c.newRequest(op, input, output)
|
|
return
|
|
}
|
|
|
|
// ListOrganizationalUnitsForParent API operation for AWS Organizations.
|
|
//
|
|
// Lists the organizational units (OUs) in a parent organizational unit or root.
|
|
//
|
|
// Always check the NextToken response parameter for a null value when calling
|
|
// a List* operation. These operations can occasionally return an empty set
|
|
// of results even when there are more results available. The NextToken response
|
|
// parameter value is nullonly when there are no more results to display.
|
|
//
|
|
// This operation can be called only from the organization's master account.
|
|
//
|
|
// Returns awserr.Error for service API and SDK errors. Use runtime type assertions
|
|
// with awserr.Error's Code and Message methods to get detailed information about
|
|
// the error.
|
|
//
|
|
// See the AWS API reference guide for AWS Organizations's
|
|
// API operation ListOrganizationalUnitsForParent for usage and error information.
|
|
//
|
|
// Returned Error Codes:
|
|
// * ErrCodeAccessDeniedException "AccessDeniedException"
|
|
// You don't have permissions to perform the requested operation. The user or
|
|
// role that is making the request must have at least one IAM permissions policy
|
|
// attached that grants the required permissions. For more information, see
|
|
// Access Management (http://docs.aws.amazon.com/IAM/latest/UserGuide/access.html)
|
|
// in the IAM User Guide.
|
|
//
|
|
// * ErrCodeAWSOrganizationsNotInUseException "AWSOrganizationsNotInUseException"
|
|
// Your account is not a member of an organization. To make this request, you
|
|
// must use the credentials of an account that belongs to an organization.
|
|
//
|
|
// * ErrCodeInvalidInputException "InvalidInputException"
|
|
// The requested operation failed because you provided invalid values for one
|
|
// or more of the request parameters. This exception includes a reason that
|
|
// contains additional information about the violated limit:
|
|
//
|
|
// Some of the reasons in the following list might not be applicable to this
|
|
// specific API or operation:
|
|
//
|
|
// * IMMUTABLE_POLICY: You specified a policy that is managed by AWS and
|
|
// cannot be modified.
|
|
//
|
|
// * INPUT_REQUIRED: You must include a value for all required parameters.
|
|
//
|
|
// * INVALID_ENUM: You specified a value that is not valid for that parameter.
|
|
//
|
|
// * INVALID_FULL_NAME_TARGET: You specified a full name that contains invalid
|
|
// characters.
|
|
//
|
|
// * INVALID_LIST_MEMBER: You provided a list to a parameter that contains
|
|
// at least one invalid value.
|
|
//
|
|
// * INVALID_PARTY_TYPE_TARGET: You specified the wrong type of entity (account,
|
|
// organization, or email) as a party.
|
|
//
|
|
// * INVALID_PAGINATION_TOKEN: Get the value for the NextToken parameter
|
|
// from the response to a previous call of the operation.
|
|
//
|
|
// * INVALID_PATTERN: You provided a value that doesn't match the required
|
|
// pattern.
|
|
//
|
|
// * INVALID_PATTERN_TARGET_ID: You specified a policy target ID that doesn't
|
|
// match the required pattern.
|
|
//
|
|
// * INVALID_ROLE_NAME: You provided a role name that is not valid. A role
|
|
// name can’t begin with the reserved prefix 'AWSServiceRoleFor'.
|
|
//
|
|
// * INVALID_SYNTAX_ORGANIZATION_ARN: You specified an invalid ARN for the
|
|
// organization.
|
|
//
|
|
// * INVALID_SYNTAX_POLICY_ID: You specified an invalid policy ID.
|
|
//
|
|
// * MAX_FILTER_LIMIT_EXCEEDED: You can specify only one filter parameter
|
|
// for the operation.
|
|
//
|
|
// * MAX_LENGTH_EXCEEDED: You provided a string parameter that is longer
|
|
// than allowed.
|
|
//
|
|
// * MAX_VALUE_EXCEEDED: You provided a numeric parameter that has a larger
|
|
// value than allowed.
|
|
//
|
|
// * MIN_LENGTH_EXCEEDED: You provided a string parameter that is shorter
|
|
// than allowed.
|
|
//
|
|
// * MIN_VALUE_EXCEEDED: You provided a numeric parameter that has a smaller
|
|
// value than allowed.
|
|
//
|
|
// * MOVING_ACCOUNT_BETWEEN_DIFFERENT_ROOTS: You can move an account only
|
|
// between entities in the same root.
|
|
//
|
|
// * ErrCodeParentNotFoundException "ParentNotFoundException"
|
|
// We can't find a root or organizational unit (OU) with the ParentId that you
|
|
// specified.
|
|
//
|
|
// * ErrCodeServiceException "ServiceException"
|
|
// AWS Organizations can't complete your request because of an internal service
|
|
// error. Try again later.
|
|
//
|
|
// * ErrCodeTooManyRequestsException "TooManyRequestsException"
|
|
// You've sent too many requests in too short a period of time. The limit helps
|
|
// protect against denial-of-service attacks. Try again later.
|
|
//
|
|
// See also, https://docs.aws.amazon.com/goto/WebAPI/organizations-2016-11-28/ListOrganizationalUnitsForParent
|
|
func (c *Organizations) ListOrganizationalUnitsForParent(input *ListOrganizationalUnitsForParentInput) (*ListOrganizationalUnitsForParentOutput, error) {
|
|
req, out := c.ListOrganizationalUnitsForParentRequest(input)
|
|
return out, req.Send()
|
|
}
|
|
|
|
// ListOrganizationalUnitsForParentWithContext is the same as ListOrganizationalUnitsForParent with the addition of
|
|
// the ability to pass a context and additional request options.
|
|
//
|
|
// See ListOrganizationalUnitsForParent for details on how to use this API operation.
|
|
//
|
|
// The context must be non-nil and will be used for request cancellation. If
|
|
// the context is nil a panic will occur. In the future the SDK may create
|
|
// sub-contexts for http.Requests. See https://golang.org/pkg/context/
|
|
// for more information on using Contexts.
|
|
func (c *Organizations) ListOrganizationalUnitsForParentWithContext(ctx aws.Context, input *ListOrganizationalUnitsForParentInput, opts ...request.Option) (*ListOrganizationalUnitsForParentOutput, error) {
|
|
req, out := c.ListOrganizationalUnitsForParentRequest(input)
|
|
req.SetContext(ctx)
|
|
req.ApplyOptions(opts...)
|
|
return out, req.Send()
|
|
}
|
|
|
|
// ListOrganizationalUnitsForParentPages iterates over the pages of a ListOrganizationalUnitsForParent operation,
|
|
// calling the "fn" function with the response data for each page. To stop
|
|
// iterating, return false from the fn function.
|
|
//
|
|
// See ListOrganizationalUnitsForParent method for more information on how to use this operation.
|
|
//
|
|
// Note: This operation can generate multiple requests to a service.
|
|
//
|
|
// // Example iterating over at most 3 pages of a ListOrganizationalUnitsForParent operation.
|
|
// pageNum := 0
|
|
// err := client.ListOrganizationalUnitsForParentPages(params,
|
|
// func(page *ListOrganizationalUnitsForParentOutput, lastPage bool) bool {
|
|
// pageNum++
|
|
// fmt.Println(page)
|
|
// return pageNum <= 3
|
|
// })
|
|
//
|
|
func (c *Organizations) ListOrganizationalUnitsForParentPages(input *ListOrganizationalUnitsForParentInput, fn func(*ListOrganizationalUnitsForParentOutput, bool) bool) error {
|
|
return c.ListOrganizationalUnitsForParentPagesWithContext(aws.BackgroundContext(), input, fn)
|
|
}
|
|
|
|
// ListOrganizationalUnitsForParentPagesWithContext same as ListOrganizationalUnitsForParentPages except
|
|
// it takes a Context and allows setting request options on the pages.
|
|
//
|
|
// The context must be non-nil and will be used for request cancellation. If
|
|
// the context is nil a panic will occur. In the future the SDK may create
|
|
// sub-contexts for http.Requests. See https://golang.org/pkg/context/
|
|
// for more information on using Contexts.
|
|
func (c *Organizations) ListOrganizationalUnitsForParentPagesWithContext(ctx aws.Context, input *ListOrganizationalUnitsForParentInput, fn func(*ListOrganizationalUnitsForParentOutput, bool) bool, opts ...request.Option) error {
|
|
p := request.Pagination{
|
|
NewRequest: func() (*request.Request, error) {
|
|
var inCpy *ListOrganizationalUnitsForParentInput
|
|
if input != nil {
|
|
tmp := *input
|
|
inCpy = &tmp
|
|
}
|
|
req, _ := c.ListOrganizationalUnitsForParentRequest(inCpy)
|
|
req.SetContext(ctx)
|
|
req.ApplyOptions(opts...)
|
|
return req, nil
|
|
},
|
|
}
|
|
|
|
cont := true
|
|
for p.Next() && cont {
|
|
cont = fn(p.Page().(*ListOrganizationalUnitsForParentOutput), !p.HasNextPage())
|
|
}
|
|
return p.Err()
|
|
}
|
|
|
|
const opListParents = "ListParents"
|
|
|
|
// ListParentsRequest generates a "aws/request.Request" representing the
|
|
// client's request for the ListParents operation. The "output" return
|
|
// value will be populated with the request's response once the request completes
|
|
// successfuly.
|
|
//
|
|
// Use "Send" method on the returned Request to send the API call to the service.
|
|
// the "output" return value is not valid until after Send returns without error.
|
|
//
|
|
// See ListParents for more information on using the ListParents
|
|
// API call, and error handling.
|
|
//
|
|
// This method is useful when you want to inject custom logic or configuration
|
|
// into the SDK's request lifecycle. Such as custom headers, or retry logic.
|
|
//
|
|
//
|
|
// // Example sending a request using the ListParentsRequest method.
|
|
// req, resp := client.ListParentsRequest(params)
|
|
//
|
|
// err := req.Send()
|
|
// if err == nil { // resp is now filled
|
|
// fmt.Println(resp)
|
|
// }
|
|
//
|
|
// See also, https://docs.aws.amazon.com/goto/WebAPI/organizations-2016-11-28/ListParents
|
|
func (c *Organizations) ListParentsRequest(input *ListParentsInput) (req *request.Request, output *ListParentsOutput) {
|
|
op := &request.Operation{
|
|
Name: opListParents,
|
|
HTTPMethod: "POST",
|
|
HTTPPath: "/",
|
|
Paginator: &request.Paginator{
|
|
InputTokens: []string{"NextToken"},
|
|
OutputTokens: []string{"NextToken"},
|
|
LimitToken: "MaxResults",
|
|
TruncationToken: "",
|
|
},
|
|
}
|
|
|
|
if input == nil {
|
|
input = &ListParentsInput{}
|
|
}
|
|
|
|
output = &ListParentsOutput{}
|
|
req = c.newRequest(op, input, output)
|
|
return
|
|
}
|
|
|
|
// ListParents API operation for AWS Organizations.
|
|
//
|
|
// Lists the root or organizational units (OUs) that serve as the immediate
|
|
// parent of the specified child OU or account. This operation, along with ListChildren
|
|
// enables you to traverse the tree structure that makes up this root.
|
|
//
|
|
// Always check the NextToken response parameter for a null value when calling
|
|
// a List* operation. These operations can occasionally return an empty set
|
|
// of results even when there are more results available. The NextToken response
|
|
// parameter value is nullonly when there are no more results to display.
|
|
//
|
|
// This operation can be called only from the organization's master account.
|
|
//
|
|
// In the current release, a child can have only a single parent.
|
|
//
|
|
// Returns awserr.Error for service API and SDK errors. Use runtime type assertions
|
|
// with awserr.Error's Code and Message methods to get detailed information about
|
|
// the error.
|
|
//
|
|
// See the AWS API reference guide for AWS Organizations's
|
|
// API operation ListParents for usage and error information.
|
|
//
|
|
// Returned Error Codes:
|
|
// * ErrCodeAccessDeniedException "AccessDeniedException"
|
|
// You don't have permissions to perform the requested operation. The user or
|
|
// role that is making the request must have at least one IAM permissions policy
|
|
// attached that grants the required permissions. For more information, see
|
|
// Access Management (http://docs.aws.amazon.com/IAM/latest/UserGuide/access.html)
|
|
// in the IAM User Guide.
|
|
//
|
|
// * ErrCodeAWSOrganizationsNotInUseException "AWSOrganizationsNotInUseException"
|
|
// Your account is not a member of an organization. To make this request, you
|
|
// must use the credentials of an account that belongs to an organization.
|
|
//
|
|
// * ErrCodeChildNotFoundException "ChildNotFoundException"
|
|
// We can't find an organizational unit (OU) or AWS account with the ChildId
|
|
// that you specified.
|
|
//
|
|
// * ErrCodeInvalidInputException "InvalidInputException"
|
|
// The requested operation failed because you provided invalid values for one
|
|
// or more of the request parameters. This exception includes a reason that
|
|
// contains additional information about the violated limit:
|
|
//
|
|
// Some of the reasons in the following list might not be applicable to this
|
|
// specific API or operation:
|
|
//
|
|
// * IMMUTABLE_POLICY: You specified a policy that is managed by AWS and
|
|
// cannot be modified.
|
|
//
|
|
// * INPUT_REQUIRED: You must include a value for all required parameters.
|
|
//
|
|
// * INVALID_ENUM: You specified a value that is not valid for that parameter.
|
|
//
|
|
// * INVALID_FULL_NAME_TARGET: You specified a full name that contains invalid
|
|
// characters.
|
|
//
|
|
// * INVALID_LIST_MEMBER: You provided a list to a parameter that contains
|
|
// at least one invalid value.
|
|
//
|
|
// * INVALID_PARTY_TYPE_TARGET: You specified the wrong type of entity (account,
|
|
// organization, or email) as a party.
|
|
//
|
|
// * INVALID_PAGINATION_TOKEN: Get the value for the NextToken parameter
|
|
// from the response to a previous call of the operation.
|
|
//
|
|
// * INVALID_PATTERN: You provided a value that doesn't match the required
|
|
// pattern.
|
|
//
|
|
// * INVALID_PATTERN_TARGET_ID: You specified a policy target ID that doesn't
|
|
// match the required pattern.
|
|
//
|
|
// * INVALID_ROLE_NAME: You provided a role name that is not valid. A role
|
|
// name can’t begin with the reserved prefix 'AWSServiceRoleFor'.
|
|
//
|
|
// * INVALID_SYNTAX_ORGANIZATION_ARN: You specified an invalid ARN for the
|
|
// organization.
|
|
//
|
|
// * INVALID_SYNTAX_POLICY_ID: You specified an invalid policy ID.
|
|
//
|
|
// * MAX_FILTER_LIMIT_EXCEEDED: You can specify only one filter parameter
|
|
// for the operation.
|
|
//
|
|
// * MAX_LENGTH_EXCEEDED: You provided a string parameter that is longer
|
|
// than allowed.
|
|
//
|
|
// * MAX_VALUE_EXCEEDED: You provided a numeric parameter that has a larger
|
|
// value than allowed.
|
|
//
|
|
// * MIN_LENGTH_EXCEEDED: You provided a string parameter that is shorter
|
|
// than allowed.
|
|
//
|
|
// * MIN_VALUE_EXCEEDED: You provided a numeric parameter that has a smaller
|
|
// value than allowed.
|
|
//
|
|
// * MOVING_ACCOUNT_BETWEEN_DIFFERENT_ROOTS: You can move an account only
|
|
// between entities in the same root.
|
|
//
|
|
// * ErrCodeServiceException "ServiceException"
|
|
// AWS Organizations can't complete your request because of an internal service
|
|
// error. Try again later.
|
|
//
|
|
// * ErrCodeTooManyRequestsException "TooManyRequestsException"
|
|
// You've sent too many requests in too short a period of time. The limit helps
|
|
// protect against denial-of-service attacks. Try again later.
|
|
//
|
|
// See also, https://docs.aws.amazon.com/goto/WebAPI/organizations-2016-11-28/ListParents
|
|
func (c *Organizations) ListParents(input *ListParentsInput) (*ListParentsOutput, error) {
|
|
req, out := c.ListParentsRequest(input)
|
|
return out, req.Send()
|
|
}
|
|
|
|
// ListParentsWithContext is the same as ListParents with the addition of
|
|
// the ability to pass a context and additional request options.
|
|
//
|
|
// See ListParents for details on how to use this API operation.
|
|
//
|
|
// The context must be non-nil and will be used for request cancellation. If
|
|
// the context is nil a panic will occur. In the future the SDK may create
|
|
// sub-contexts for http.Requests. See https://golang.org/pkg/context/
|
|
// for more information on using Contexts.
|
|
func (c *Organizations) ListParentsWithContext(ctx aws.Context, input *ListParentsInput, opts ...request.Option) (*ListParentsOutput, error) {
|
|
req, out := c.ListParentsRequest(input)
|
|
req.SetContext(ctx)
|
|
req.ApplyOptions(opts...)
|
|
return out, req.Send()
|
|
}
|
|
|
|
// ListParentsPages iterates over the pages of a ListParents operation,
|
|
// calling the "fn" function with the response data for each page. To stop
|
|
// iterating, return false from the fn function.
|
|
//
|
|
// See ListParents method for more information on how to use this operation.
|
|
//
|
|
// Note: This operation can generate multiple requests to a service.
|
|
//
|
|
// // Example iterating over at most 3 pages of a ListParents operation.
|
|
// pageNum := 0
|
|
// err := client.ListParentsPages(params,
|
|
// func(page *ListParentsOutput, lastPage bool) bool {
|
|
// pageNum++
|
|
// fmt.Println(page)
|
|
// return pageNum <= 3
|
|
// })
|
|
//
|
|
func (c *Organizations) ListParentsPages(input *ListParentsInput, fn func(*ListParentsOutput, bool) bool) error {
|
|
return c.ListParentsPagesWithContext(aws.BackgroundContext(), input, fn)
|
|
}
|
|
|
|
// ListParentsPagesWithContext same as ListParentsPages except
|
|
// it takes a Context and allows setting request options on the pages.
|
|
//
|
|
// The context must be non-nil and will be used for request cancellation. If
|
|
// the context is nil a panic will occur. In the future the SDK may create
|
|
// sub-contexts for http.Requests. See https://golang.org/pkg/context/
|
|
// for more information on using Contexts.
|
|
func (c *Organizations) ListParentsPagesWithContext(ctx aws.Context, input *ListParentsInput, fn func(*ListParentsOutput, bool) bool, opts ...request.Option) error {
|
|
p := request.Pagination{
|
|
NewRequest: func() (*request.Request, error) {
|
|
var inCpy *ListParentsInput
|
|
if input != nil {
|
|
tmp := *input
|
|
inCpy = &tmp
|
|
}
|
|
req, _ := c.ListParentsRequest(inCpy)
|
|
req.SetContext(ctx)
|
|
req.ApplyOptions(opts...)
|
|
return req, nil
|
|
},
|
|
}
|
|
|
|
cont := true
|
|
for p.Next() && cont {
|
|
cont = fn(p.Page().(*ListParentsOutput), !p.HasNextPage())
|
|
}
|
|
return p.Err()
|
|
}
|
|
|
|
const opListPolicies = "ListPolicies"
|
|
|
|
// ListPoliciesRequest generates a "aws/request.Request" representing the
|
|
// client's request for the ListPolicies operation. The "output" return
|
|
// value will be populated with the request's response once the request completes
|
|
// successfuly.
|
|
//
|
|
// Use "Send" method on the returned Request to send the API call to the service.
|
|
// the "output" return value is not valid until after Send returns without error.
|
|
//
|
|
// See ListPolicies for more information on using the ListPolicies
|
|
// API call, and error handling.
|
|
//
|
|
// This method is useful when you want to inject custom logic or configuration
|
|
// into the SDK's request lifecycle. Such as custom headers, or retry logic.
|
|
//
|
|
//
|
|
// // Example sending a request using the ListPoliciesRequest method.
|
|
// req, resp := client.ListPoliciesRequest(params)
|
|
//
|
|
// err := req.Send()
|
|
// if err == nil { // resp is now filled
|
|
// fmt.Println(resp)
|
|
// }
|
|
//
|
|
// See also, https://docs.aws.amazon.com/goto/WebAPI/organizations-2016-11-28/ListPolicies
|
|
func (c *Organizations) ListPoliciesRequest(input *ListPoliciesInput) (req *request.Request, output *ListPoliciesOutput) {
|
|
op := &request.Operation{
|
|
Name: opListPolicies,
|
|
HTTPMethod: "POST",
|
|
HTTPPath: "/",
|
|
Paginator: &request.Paginator{
|
|
InputTokens: []string{"NextToken"},
|
|
OutputTokens: []string{"NextToken"},
|
|
LimitToken: "MaxResults",
|
|
TruncationToken: "",
|
|
},
|
|
}
|
|
|
|
if input == nil {
|
|
input = &ListPoliciesInput{}
|
|
}
|
|
|
|
output = &ListPoliciesOutput{}
|
|
req = c.newRequest(op, input, output)
|
|
return
|
|
}
|
|
|
|
// ListPolicies API operation for AWS Organizations.
|
|
//
|
|
// Retrieves the list of all policies in an organization of a specified type.
|
|
//
|
|
// Always check the NextToken response parameter for a null value when calling
|
|
// a List* operation. These operations can occasionally return an empty set
|
|
// of results even when there are more results available. The NextToken response
|
|
// parameter value is nullonly when there are no more results to display.
|
|
//
|
|
// This operation can be called only from the organization's master account.
|
|
//
|
|
// Returns awserr.Error for service API and SDK errors. Use runtime type assertions
|
|
// with awserr.Error's Code and Message methods to get detailed information about
|
|
// the error.
|
|
//
|
|
// See the AWS API reference guide for AWS Organizations's
|
|
// API operation ListPolicies for usage and error information.
|
|
//
|
|
// Returned Error Codes:
|
|
// * ErrCodeAccessDeniedException "AccessDeniedException"
|
|
// You don't have permissions to perform the requested operation. The user or
|
|
// role that is making the request must have at least one IAM permissions policy
|
|
// attached that grants the required permissions. For more information, see
|
|
// Access Management (http://docs.aws.amazon.com/IAM/latest/UserGuide/access.html)
|
|
// in the IAM User Guide.
|
|
//
|
|
// * ErrCodeAWSOrganizationsNotInUseException "AWSOrganizationsNotInUseException"
|
|
// Your account is not a member of an organization. To make this request, you
|
|
// must use the credentials of an account that belongs to an organization.
|
|
//
|
|
// * ErrCodeInvalidInputException "InvalidInputException"
|
|
// The requested operation failed because you provided invalid values for one
|
|
// or more of the request parameters. This exception includes a reason that
|
|
// contains additional information about the violated limit:
|
|
//
|
|
// Some of the reasons in the following list might not be applicable to this
|
|
// specific API or operation:
|
|
//
|
|
// * IMMUTABLE_POLICY: You specified a policy that is managed by AWS and
|
|
// cannot be modified.
|
|
//
|
|
// * INPUT_REQUIRED: You must include a value for all required parameters.
|
|
//
|
|
// * INVALID_ENUM: You specified a value that is not valid for that parameter.
|
|
//
|
|
// * INVALID_FULL_NAME_TARGET: You specified a full name that contains invalid
|
|
// characters.
|
|
//
|
|
// * INVALID_LIST_MEMBER: You provided a list to a parameter that contains
|
|
// at least one invalid value.
|
|
//
|
|
// * INVALID_PARTY_TYPE_TARGET: You specified the wrong type of entity (account,
|
|
// organization, or email) as a party.
|
|
//
|
|
// * INVALID_PAGINATION_TOKEN: Get the value for the NextToken parameter
|
|
// from the response to a previous call of the operation.
|
|
//
|
|
// * INVALID_PATTERN: You provided a value that doesn't match the required
|
|
// pattern.
|
|
//
|
|
// * INVALID_PATTERN_TARGET_ID: You specified a policy target ID that doesn't
|
|
// match the required pattern.
|
|
//
|
|
// * INVALID_ROLE_NAME: You provided a role name that is not valid. A role
|
|
// name can’t begin with the reserved prefix 'AWSServiceRoleFor'.
|
|
//
|
|
// * INVALID_SYNTAX_ORGANIZATION_ARN: You specified an invalid ARN for the
|
|
// organization.
|
|
//
|
|
// * INVALID_SYNTAX_POLICY_ID: You specified an invalid policy ID.
|
|
//
|
|
// * MAX_FILTER_LIMIT_EXCEEDED: You can specify only one filter parameter
|
|
// for the operation.
|
|
//
|
|
// * MAX_LENGTH_EXCEEDED: You provided a string parameter that is longer
|
|
// than allowed.
|
|
//
|
|
// * MAX_VALUE_EXCEEDED: You provided a numeric parameter that has a larger
|
|
// value than allowed.
|
|
//
|
|
// * MIN_LENGTH_EXCEEDED: You provided a string parameter that is shorter
|
|
// than allowed.
|
|
//
|
|
// * MIN_VALUE_EXCEEDED: You provided a numeric parameter that has a smaller
|
|
// value than allowed.
|
|
//
|
|
// * MOVING_ACCOUNT_BETWEEN_DIFFERENT_ROOTS: You can move an account only
|
|
// between entities in the same root.
|
|
//
|
|
// * ErrCodeServiceException "ServiceException"
|
|
// AWS Organizations can't complete your request because of an internal service
|
|
// error. Try again later.
|
|
//
|
|
// * ErrCodeTooManyRequestsException "TooManyRequestsException"
|
|
// You've sent too many requests in too short a period of time. The limit helps
|
|
// protect against denial-of-service attacks. Try again later.
|
|
//
|
|
// See also, https://docs.aws.amazon.com/goto/WebAPI/organizations-2016-11-28/ListPolicies
|
|
func (c *Organizations) ListPolicies(input *ListPoliciesInput) (*ListPoliciesOutput, error) {
|
|
req, out := c.ListPoliciesRequest(input)
|
|
return out, req.Send()
|
|
}
|
|
|
|
// ListPoliciesWithContext is the same as ListPolicies with the addition of
|
|
// the ability to pass a context and additional request options.
|
|
//
|
|
// See ListPolicies for details on how to use this API operation.
|
|
//
|
|
// The context must be non-nil and will be used for request cancellation. If
|
|
// the context is nil a panic will occur. In the future the SDK may create
|
|
// sub-contexts for http.Requests. See https://golang.org/pkg/context/
|
|
// for more information on using Contexts.
|
|
func (c *Organizations) ListPoliciesWithContext(ctx aws.Context, input *ListPoliciesInput, opts ...request.Option) (*ListPoliciesOutput, error) {
|
|
req, out := c.ListPoliciesRequest(input)
|
|
req.SetContext(ctx)
|
|
req.ApplyOptions(opts...)
|
|
return out, req.Send()
|
|
}
|
|
|
|
// ListPoliciesPages iterates over the pages of a ListPolicies operation,
|
|
// calling the "fn" function with the response data for each page. To stop
|
|
// iterating, return false from the fn function.
|
|
//
|
|
// See ListPolicies method for more information on how to use this operation.
|
|
//
|
|
// Note: This operation can generate multiple requests to a service.
|
|
//
|
|
// // Example iterating over at most 3 pages of a ListPolicies operation.
|
|
// pageNum := 0
|
|
// err := client.ListPoliciesPages(params,
|
|
// func(page *ListPoliciesOutput, lastPage bool) bool {
|
|
// pageNum++
|
|
// fmt.Println(page)
|
|
// return pageNum <= 3
|
|
// })
|
|
//
|
|
func (c *Organizations) ListPoliciesPages(input *ListPoliciesInput, fn func(*ListPoliciesOutput, bool) bool) error {
|
|
return c.ListPoliciesPagesWithContext(aws.BackgroundContext(), input, fn)
|
|
}
|
|
|
|
// ListPoliciesPagesWithContext same as ListPoliciesPages except
|
|
// it takes a Context and allows setting request options on the pages.
|
|
//
|
|
// The context must be non-nil and will be used for request cancellation. If
|
|
// the context is nil a panic will occur. In the future the SDK may create
|
|
// sub-contexts for http.Requests. See https://golang.org/pkg/context/
|
|
// for more information on using Contexts.
|
|
func (c *Organizations) ListPoliciesPagesWithContext(ctx aws.Context, input *ListPoliciesInput, fn func(*ListPoliciesOutput, bool) bool, opts ...request.Option) error {
|
|
p := request.Pagination{
|
|
NewRequest: func() (*request.Request, error) {
|
|
var inCpy *ListPoliciesInput
|
|
if input != nil {
|
|
tmp := *input
|
|
inCpy = &tmp
|
|
}
|
|
req, _ := c.ListPoliciesRequest(inCpy)
|
|
req.SetContext(ctx)
|
|
req.ApplyOptions(opts...)
|
|
return req, nil
|
|
},
|
|
}
|
|
|
|
cont := true
|
|
for p.Next() && cont {
|
|
cont = fn(p.Page().(*ListPoliciesOutput), !p.HasNextPage())
|
|
}
|
|
return p.Err()
|
|
}
|
|
|
|
const opListPoliciesForTarget = "ListPoliciesForTarget"
|
|
|
|
// ListPoliciesForTargetRequest generates a "aws/request.Request" representing the
|
|
// client's request for the ListPoliciesForTarget operation. The "output" return
|
|
// value will be populated with the request's response once the request completes
|
|
// successfuly.
|
|
//
|
|
// Use "Send" method on the returned Request to send the API call to the service.
|
|
// the "output" return value is not valid until after Send returns without error.
|
|
//
|
|
// See ListPoliciesForTarget for more information on using the ListPoliciesForTarget
|
|
// API call, and error handling.
|
|
//
|
|
// This method is useful when you want to inject custom logic or configuration
|
|
// into the SDK's request lifecycle. Such as custom headers, or retry logic.
|
|
//
|
|
//
|
|
// // Example sending a request using the ListPoliciesForTargetRequest method.
|
|
// req, resp := client.ListPoliciesForTargetRequest(params)
|
|
//
|
|
// err := req.Send()
|
|
// if err == nil { // resp is now filled
|
|
// fmt.Println(resp)
|
|
// }
|
|
//
|
|
// See also, https://docs.aws.amazon.com/goto/WebAPI/organizations-2016-11-28/ListPoliciesForTarget
|
|
func (c *Organizations) ListPoliciesForTargetRequest(input *ListPoliciesForTargetInput) (req *request.Request, output *ListPoliciesForTargetOutput) {
|
|
op := &request.Operation{
|
|
Name: opListPoliciesForTarget,
|
|
HTTPMethod: "POST",
|
|
HTTPPath: "/",
|
|
Paginator: &request.Paginator{
|
|
InputTokens: []string{"NextToken"},
|
|
OutputTokens: []string{"NextToken"},
|
|
LimitToken: "MaxResults",
|
|
TruncationToken: "",
|
|
},
|
|
}
|
|
|
|
if input == nil {
|
|
input = &ListPoliciesForTargetInput{}
|
|
}
|
|
|
|
output = &ListPoliciesForTargetOutput{}
|
|
req = c.newRequest(op, input, output)
|
|
return
|
|
}
|
|
|
|
// ListPoliciesForTarget API operation for AWS Organizations.
|
|
//
|
|
// Lists the policies that are directly attached to the specified target root,
|
|
// organizational unit (OU), or account. You must specify the policy type that
|
|
// you want included in the returned list.
|
|
//
|
|
// Always check the NextToken response parameter for a null value when calling
|
|
// a List* operation. These operations can occasionally return an empty set
|
|
// of results even when there are more results available. The NextToken response
|
|
// parameter value is nullonly when there are no more results to display.
|
|
//
|
|
// This operation can be called only from the organization's master account.
|
|
//
|
|
// Returns awserr.Error for service API and SDK errors. Use runtime type assertions
|
|
// with awserr.Error's Code and Message methods to get detailed information about
|
|
// the error.
|
|
//
|
|
// See the AWS API reference guide for AWS Organizations's
|
|
// API operation ListPoliciesForTarget for usage and error information.
|
|
//
|
|
// Returned Error Codes:
|
|
// * ErrCodeAccessDeniedException "AccessDeniedException"
|
|
// You don't have permissions to perform the requested operation. The user or
|
|
// role that is making the request must have at least one IAM permissions policy
|
|
// attached that grants the required permissions. For more information, see
|
|
// Access Management (http://docs.aws.amazon.com/IAM/latest/UserGuide/access.html)
|
|
// in the IAM User Guide.
|
|
//
|
|
// * ErrCodeAWSOrganizationsNotInUseException "AWSOrganizationsNotInUseException"
|
|
// Your account is not a member of an organization. To make this request, you
|
|
// must use the credentials of an account that belongs to an organization.
|
|
//
|
|
// * ErrCodeInvalidInputException "InvalidInputException"
|
|
// The requested operation failed because you provided invalid values for one
|
|
// or more of the request parameters. This exception includes a reason that
|
|
// contains additional information about the violated limit:
|
|
//
|
|
// Some of the reasons in the following list might not be applicable to this
|
|
// specific API or operation:
|
|
//
|
|
// * IMMUTABLE_POLICY: You specified a policy that is managed by AWS and
|
|
// cannot be modified.
|
|
//
|
|
// * INPUT_REQUIRED: You must include a value for all required parameters.
|
|
//
|
|
// * INVALID_ENUM: You specified a value that is not valid for that parameter.
|
|
//
|
|
// * INVALID_FULL_NAME_TARGET: You specified a full name that contains invalid
|
|
// characters.
|
|
//
|
|
// * INVALID_LIST_MEMBER: You provided a list to a parameter that contains
|
|
// at least one invalid value.
|
|
//
|
|
// * INVALID_PARTY_TYPE_TARGET: You specified the wrong type of entity (account,
|
|
// organization, or email) as a party.
|
|
//
|
|
// * INVALID_PAGINATION_TOKEN: Get the value for the NextToken parameter
|
|
// from the response to a previous call of the operation.
|
|
//
|
|
// * INVALID_PATTERN: You provided a value that doesn't match the required
|
|
// pattern.
|
|
//
|
|
// * INVALID_PATTERN_TARGET_ID: You specified a policy target ID that doesn't
|
|
// match the required pattern.
|
|
//
|
|
// * INVALID_ROLE_NAME: You provided a role name that is not valid. A role
|
|
// name can’t begin with the reserved prefix 'AWSServiceRoleFor'.
|
|
//
|
|
// * INVALID_SYNTAX_ORGANIZATION_ARN: You specified an invalid ARN for the
|
|
// organization.
|
|
//
|
|
// * INVALID_SYNTAX_POLICY_ID: You specified an invalid policy ID.
|
|
//
|
|
// * MAX_FILTER_LIMIT_EXCEEDED: You can specify only one filter parameter
|
|
// for the operation.
|
|
//
|
|
// * MAX_LENGTH_EXCEEDED: You provided a string parameter that is longer
|
|
// than allowed.
|
|
//
|
|
// * MAX_VALUE_EXCEEDED: You provided a numeric parameter that has a larger
|
|
// value than allowed.
|
|
//
|
|
// * MIN_LENGTH_EXCEEDED: You provided a string parameter that is shorter
|
|
// than allowed.
|
|
//
|
|
// * MIN_VALUE_EXCEEDED: You provided a numeric parameter that has a smaller
|
|
// value than allowed.
|
|
//
|
|
// * MOVING_ACCOUNT_BETWEEN_DIFFERENT_ROOTS: You can move an account only
|
|
// between entities in the same root.
|
|
//
|
|
// * ErrCodeServiceException "ServiceException"
|
|
// AWS Organizations can't complete your request because of an internal service
|
|
// error. Try again later.
|
|
//
|
|
// * ErrCodeTargetNotFoundException "TargetNotFoundException"
|
|
// We can't find a root, OU, or account with the TargetId that you specified.
|
|
//
|
|
// * ErrCodeTooManyRequestsException "TooManyRequestsException"
|
|
// You've sent too many requests in too short a period of time. The limit helps
|
|
// protect against denial-of-service attacks. Try again later.
|
|
//
|
|
// See also, https://docs.aws.amazon.com/goto/WebAPI/organizations-2016-11-28/ListPoliciesForTarget
|
|
func (c *Organizations) ListPoliciesForTarget(input *ListPoliciesForTargetInput) (*ListPoliciesForTargetOutput, error) {
|
|
req, out := c.ListPoliciesForTargetRequest(input)
|
|
return out, req.Send()
|
|
}
|
|
|
|
// ListPoliciesForTargetWithContext is the same as ListPoliciesForTarget with the addition of
|
|
// the ability to pass a context and additional request options.
|
|
//
|
|
// See ListPoliciesForTarget for details on how to use this API operation.
|
|
//
|
|
// The context must be non-nil and will be used for request cancellation. If
|
|
// the context is nil a panic will occur. In the future the SDK may create
|
|
// sub-contexts for http.Requests. See https://golang.org/pkg/context/
|
|
// for more information on using Contexts.
|
|
func (c *Organizations) ListPoliciesForTargetWithContext(ctx aws.Context, input *ListPoliciesForTargetInput, opts ...request.Option) (*ListPoliciesForTargetOutput, error) {
|
|
req, out := c.ListPoliciesForTargetRequest(input)
|
|
req.SetContext(ctx)
|
|
req.ApplyOptions(opts...)
|
|
return out, req.Send()
|
|
}
|
|
|
|
// ListPoliciesForTargetPages iterates over the pages of a ListPoliciesForTarget operation,
|
|
// calling the "fn" function with the response data for each page. To stop
|
|
// iterating, return false from the fn function.
|
|
//
|
|
// See ListPoliciesForTarget method for more information on how to use this operation.
|
|
//
|
|
// Note: This operation can generate multiple requests to a service.
|
|
//
|
|
// // Example iterating over at most 3 pages of a ListPoliciesForTarget operation.
|
|
// pageNum := 0
|
|
// err := client.ListPoliciesForTargetPages(params,
|
|
// func(page *ListPoliciesForTargetOutput, lastPage bool) bool {
|
|
// pageNum++
|
|
// fmt.Println(page)
|
|
// return pageNum <= 3
|
|
// })
|
|
//
|
|
func (c *Organizations) ListPoliciesForTargetPages(input *ListPoliciesForTargetInput, fn func(*ListPoliciesForTargetOutput, bool) bool) error {
|
|
return c.ListPoliciesForTargetPagesWithContext(aws.BackgroundContext(), input, fn)
|
|
}
|
|
|
|
// ListPoliciesForTargetPagesWithContext same as ListPoliciesForTargetPages except
|
|
// it takes a Context and allows setting request options on the pages.
|
|
//
|
|
// The context must be non-nil and will be used for request cancellation. If
|
|
// the context is nil a panic will occur. In the future the SDK may create
|
|
// sub-contexts for http.Requests. See https://golang.org/pkg/context/
|
|
// for more information on using Contexts.
|
|
func (c *Organizations) ListPoliciesForTargetPagesWithContext(ctx aws.Context, input *ListPoliciesForTargetInput, fn func(*ListPoliciesForTargetOutput, bool) bool, opts ...request.Option) error {
|
|
p := request.Pagination{
|
|
NewRequest: func() (*request.Request, error) {
|
|
var inCpy *ListPoliciesForTargetInput
|
|
if input != nil {
|
|
tmp := *input
|
|
inCpy = &tmp
|
|
}
|
|
req, _ := c.ListPoliciesForTargetRequest(inCpy)
|
|
req.SetContext(ctx)
|
|
req.ApplyOptions(opts...)
|
|
return req, nil
|
|
},
|
|
}
|
|
|
|
cont := true
|
|
for p.Next() && cont {
|
|
cont = fn(p.Page().(*ListPoliciesForTargetOutput), !p.HasNextPage())
|
|
}
|
|
return p.Err()
|
|
}
|
|
|
|
const opListRoots = "ListRoots"
|
|
|
|
// ListRootsRequest generates a "aws/request.Request" representing the
|
|
// client's request for the ListRoots operation. The "output" return
|
|
// value will be populated with the request's response once the request completes
|
|
// successfuly.
|
|
//
|
|
// Use "Send" method on the returned Request to send the API call to the service.
|
|
// the "output" return value is not valid until after Send returns without error.
|
|
//
|
|
// See ListRoots for more information on using the ListRoots
|
|
// API call, and error handling.
|
|
//
|
|
// This method is useful when you want to inject custom logic or configuration
|
|
// into the SDK's request lifecycle. Such as custom headers, or retry logic.
|
|
//
|
|
//
|
|
// // Example sending a request using the ListRootsRequest method.
|
|
// req, resp := client.ListRootsRequest(params)
|
|
//
|
|
// err := req.Send()
|
|
// if err == nil { // resp is now filled
|
|
// fmt.Println(resp)
|
|
// }
|
|
//
|
|
// See also, https://docs.aws.amazon.com/goto/WebAPI/organizations-2016-11-28/ListRoots
|
|
func (c *Organizations) ListRootsRequest(input *ListRootsInput) (req *request.Request, output *ListRootsOutput) {
|
|
op := &request.Operation{
|
|
Name: opListRoots,
|
|
HTTPMethod: "POST",
|
|
HTTPPath: "/",
|
|
Paginator: &request.Paginator{
|
|
InputTokens: []string{"NextToken"},
|
|
OutputTokens: []string{"NextToken"},
|
|
LimitToken: "MaxResults",
|
|
TruncationToken: "",
|
|
},
|
|
}
|
|
|
|
if input == nil {
|
|
input = &ListRootsInput{}
|
|
}
|
|
|
|
output = &ListRootsOutput{}
|
|
req = c.newRequest(op, input, output)
|
|
return
|
|
}
|
|
|
|
// ListRoots API operation for AWS Organizations.
|
|
//
|
|
// Lists the roots that are defined in the current organization.
|
|
//
|
|
// Always check the NextToken response parameter for a null value when calling
|
|
// a List* operation. These operations can occasionally return an empty set
|
|
// of results even when there are more results available. The NextToken response
|
|
// parameter value is nullonly when there are no more results to display.
|
|
//
|
|
// This operation can be called only from the organization's master account.
|
|
//
|
|
// Policy types can be enabled and disabled in roots. This is distinct from
|
|
// whether they are available in the organization. When you enable all features,
|
|
// you make policy types available for use in that organization. Individual
|
|
// policy types can then be enabled and disabled in a root. To see the availability
|
|
// of a policy type in an organization, use DescribeOrganization.
|
|
//
|
|
// Returns awserr.Error for service API and SDK errors. Use runtime type assertions
|
|
// with awserr.Error's Code and Message methods to get detailed information about
|
|
// the error.
|
|
//
|
|
// See the AWS API reference guide for AWS Organizations's
|
|
// API operation ListRoots for usage and error information.
|
|
//
|
|
// Returned Error Codes:
|
|
// * ErrCodeAccessDeniedException "AccessDeniedException"
|
|
// You don't have permissions to perform the requested operation. The user or
|
|
// role that is making the request must have at least one IAM permissions policy
|
|
// attached that grants the required permissions. For more information, see
|
|
// Access Management (http://docs.aws.amazon.com/IAM/latest/UserGuide/access.html)
|
|
// in the IAM User Guide.
|
|
//
|
|
// * ErrCodeAWSOrganizationsNotInUseException "AWSOrganizationsNotInUseException"
|
|
// Your account is not a member of an organization. To make this request, you
|
|
// must use the credentials of an account that belongs to an organization.
|
|
//
|
|
// * ErrCodeInvalidInputException "InvalidInputException"
|
|
// The requested operation failed because you provided invalid values for one
|
|
// or more of the request parameters. This exception includes a reason that
|
|
// contains additional information about the violated limit:
|
|
//
|
|
// Some of the reasons in the following list might not be applicable to this
|
|
// specific API or operation:
|
|
//
|
|
// * IMMUTABLE_POLICY: You specified a policy that is managed by AWS and
|
|
// cannot be modified.
|
|
//
|
|
// * INPUT_REQUIRED: You must include a value for all required parameters.
|
|
//
|
|
// * INVALID_ENUM: You specified a value that is not valid for that parameter.
|
|
//
|
|
// * INVALID_FULL_NAME_TARGET: You specified a full name that contains invalid
|
|
// characters.
|
|
//
|
|
// * INVALID_LIST_MEMBER: You provided a list to a parameter that contains
|
|
// at least one invalid value.
|
|
//
|
|
// * INVALID_PARTY_TYPE_TARGET: You specified the wrong type of entity (account,
|
|
// organization, or email) as a party.
|
|
//
|
|
// * INVALID_PAGINATION_TOKEN: Get the value for the NextToken parameter
|
|
// from the response to a previous call of the operation.
|
|
//
|
|
// * INVALID_PATTERN: You provided a value that doesn't match the required
|
|
// pattern.
|
|
//
|
|
// * INVALID_PATTERN_TARGET_ID: You specified a policy target ID that doesn't
|
|
// match the required pattern.
|
|
//
|
|
// * INVALID_ROLE_NAME: You provided a role name that is not valid. A role
|
|
// name can’t begin with the reserved prefix 'AWSServiceRoleFor'.
|
|
//
|
|
// * INVALID_SYNTAX_ORGANIZATION_ARN: You specified an invalid ARN for the
|
|
// organization.
|
|
//
|
|
// * INVALID_SYNTAX_POLICY_ID: You specified an invalid policy ID.
|
|
//
|
|
// * MAX_FILTER_LIMIT_EXCEEDED: You can specify only one filter parameter
|
|
// for the operation.
|
|
//
|
|
// * MAX_LENGTH_EXCEEDED: You provided a string parameter that is longer
|
|
// than allowed.
|
|
//
|
|
// * MAX_VALUE_EXCEEDED: You provided a numeric parameter that has a larger
|
|
// value than allowed.
|
|
//
|
|
// * MIN_LENGTH_EXCEEDED: You provided a string parameter that is shorter
|
|
// than allowed.
|
|
//
|
|
// * MIN_VALUE_EXCEEDED: You provided a numeric parameter that has a smaller
|
|
// value than allowed.
|
|
//
|
|
// * MOVING_ACCOUNT_BETWEEN_DIFFERENT_ROOTS: You can move an account only
|
|
// between entities in the same root.
|
|
//
|
|
// * ErrCodeServiceException "ServiceException"
|
|
// AWS Organizations can't complete your request because of an internal service
|
|
// error. Try again later.
|
|
//
|
|
// * ErrCodeTooManyRequestsException "TooManyRequestsException"
|
|
// You've sent too many requests in too short a period of time. The limit helps
|
|
// protect against denial-of-service attacks. Try again later.
|
|
//
|
|
// See also, https://docs.aws.amazon.com/goto/WebAPI/organizations-2016-11-28/ListRoots
|
|
func (c *Organizations) ListRoots(input *ListRootsInput) (*ListRootsOutput, error) {
|
|
req, out := c.ListRootsRequest(input)
|
|
return out, req.Send()
|
|
}
|
|
|
|
// ListRootsWithContext is the same as ListRoots with the addition of
|
|
// the ability to pass a context and additional request options.
|
|
//
|
|
// See ListRoots for details on how to use this API operation.
|
|
//
|
|
// The context must be non-nil and will be used for request cancellation. If
|
|
// the context is nil a panic will occur. In the future the SDK may create
|
|
// sub-contexts for http.Requests. See https://golang.org/pkg/context/
|
|
// for more information on using Contexts.
|
|
func (c *Organizations) ListRootsWithContext(ctx aws.Context, input *ListRootsInput, opts ...request.Option) (*ListRootsOutput, error) {
|
|
req, out := c.ListRootsRequest(input)
|
|
req.SetContext(ctx)
|
|
req.ApplyOptions(opts...)
|
|
return out, req.Send()
|
|
}
|
|
|
|
// ListRootsPages iterates over the pages of a ListRoots operation,
|
|
// calling the "fn" function with the response data for each page. To stop
|
|
// iterating, return false from the fn function.
|
|
//
|
|
// See ListRoots method for more information on how to use this operation.
|
|
//
|
|
// Note: This operation can generate multiple requests to a service.
|
|
//
|
|
// // Example iterating over at most 3 pages of a ListRoots operation.
|
|
// pageNum := 0
|
|
// err := client.ListRootsPages(params,
|
|
// func(page *ListRootsOutput, lastPage bool) bool {
|
|
// pageNum++
|
|
// fmt.Println(page)
|
|
// return pageNum <= 3
|
|
// })
|
|
//
|
|
func (c *Organizations) ListRootsPages(input *ListRootsInput, fn func(*ListRootsOutput, bool) bool) error {
|
|
return c.ListRootsPagesWithContext(aws.BackgroundContext(), input, fn)
|
|
}
|
|
|
|
// ListRootsPagesWithContext same as ListRootsPages except
|
|
// it takes a Context and allows setting request options on the pages.
|
|
//
|
|
// The context must be non-nil and will be used for request cancellation. If
|
|
// the context is nil a panic will occur. In the future the SDK may create
|
|
// sub-contexts for http.Requests. See https://golang.org/pkg/context/
|
|
// for more information on using Contexts.
|
|
func (c *Organizations) ListRootsPagesWithContext(ctx aws.Context, input *ListRootsInput, fn func(*ListRootsOutput, bool) bool, opts ...request.Option) error {
|
|
p := request.Pagination{
|
|
NewRequest: func() (*request.Request, error) {
|
|
var inCpy *ListRootsInput
|
|
if input != nil {
|
|
tmp := *input
|
|
inCpy = &tmp
|
|
}
|
|
req, _ := c.ListRootsRequest(inCpy)
|
|
req.SetContext(ctx)
|
|
req.ApplyOptions(opts...)
|
|
return req, nil
|
|
},
|
|
}
|
|
|
|
cont := true
|
|
for p.Next() && cont {
|
|
cont = fn(p.Page().(*ListRootsOutput), !p.HasNextPage())
|
|
}
|
|
return p.Err()
|
|
}
|
|
|
|
const opListTargetsForPolicy = "ListTargetsForPolicy"
|
|
|
|
// ListTargetsForPolicyRequest generates a "aws/request.Request" representing the
|
|
// client's request for the ListTargetsForPolicy operation. The "output" return
|
|
// value will be populated with the request's response once the request completes
|
|
// successfuly.
|
|
//
|
|
// Use "Send" method on the returned Request to send the API call to the service.
|
|
// the "output" return value is not valid until after Send returns without error.
|
|
//
|
|
// See ListTargetsForPolicy for more information on using the ListTargetsForPolicy
|
|
// API call, and error handling.
|
|
//
|
|
// This method is useful when you want to inject custom logic or configuration
|
|
// into the SDK's request lifecycle. Such as custom headers, or retry logic.
|
|
//
|
|
//
|
|
// // Example sending a request using the ListTargetsForPolicyRequest method.
|
|
// req, resp := client.ListTargetsForPolicyRequest(params)
|
|
//
|
|
// err := req.Send()
|
|
// if err == nil { // resp is now filled
|
|
// fmt.Println(resp)
|
|
// }
|
|
//
|
|
// See also, https://docs.aws.amazon.com/goto/WebAPI/organizations-2016-11-28/ListTargetsForPolicy
|
|
func (c *Organizations) ListTargetsForPolicyRequest(input *ListTargetsForPolicyInput) (req *request.Request, output *ListTargetsForPolicyOutput) {
|
|
op := &request.Operation{
|
|
Name: opListTargetsForPolicy,
|
|
HTTPMethod: "POST",
|
|
HTTPPath: "/",
|
|
Paginator: &request.Paginator{
|
|
InputTokens: []string{"NextToken"},
|
|
OutputTokens: []string{"NextToken"},
|
|
LimitToken: "MaxResults",
|
|
TruncationToken: "",
|
|
},
|
|
}
|
|
|
|
if input == nil {
|
|
input = &ListTargetsForPolicyInput{}
|
|
}
|
|
|
|
output = &ListTargetsForPolicyOutput{}
|
|
req = c.newRequest(op, input, output)
|
|
return
|
|
}
|
|
|
|
// ListTargetsForPolicy API operation for AWS Organizations.
|
|
//
|
|
// Lists all the roots, OUs, and accounts to which the specified policy is attached.
|
|
//
|
|
// Always check the NextToken response parameter for a null value when calling
|
|
// a List* operation. These operations can occasionally return an empty set
|
|
// of results even when there are more results available. The NextToken response
|
|
// parameter value is nullonly when there are no more results to display.
|
|
//
|
|
// This operation can be called only from the organization's master account.
|
|
//
|
|
// Returns awserr.Error for service API and SDK errors. Use runtime type assertions
|
|
// with awserr.Error's Code and Message methods to get detailed information about
|
|
// the error.
|
|
//
|
|
// See the AWS API reference guide for AWS Organizations's
|
|
// API operation ListTargetsForPolicy for usage and error information.
|
|
//
|
|
// Returned Error Codes:
|
|
// * ErrCodeAccessDeniedException "AccessDeniedException"
|
|
// You don't have permissions to perform the requested operation. The user or
|
|
// role that is making the request must have at least one IAM permissions policy
|
|
// attached that grants the required permissions. For more information, see
|
|
// Access Management (http://docs.aws.amazon.com/IAM/latest/UserGuide/access.html)
|
|
// in the IAM User Guide.
|
|
//
|
|
// * ErrCodeAWSOrganizationsNotInUseException "AWSOrganizationsNotInUseException"
|
|
// Your account is not a member of an organization. To make this request, you
|
|
// must use the credentials of an account that belongs to an organization.
|
|
//
|
|
// * ErrCodeInvalidInputException "InvalidInputException"
|
|
// The requested operation failed because you provided invalid values for one
|
|
// or more of the request parameters. This exception includes a reason that
|
|
// contains additional information about the violated limit:
|
|
//
|
|
// Some of the reasons in the following list might not be applicable to this
|
|
// specific API or operation:
|
|
//
|
|
// * IMMUTABLE_POLICY: You specified a policy that is managed by AWS and
|
|
// cannot be modified.
|
|
//
|
|
// * INPUT_REQUIRED: You must include a value for all required parameters.
|
|
//
|
|
// * INVALID_ENUM: You specified a value that is not valid for that parameter.
|
|
//
|
|
// * INVALID_FULL_NAME_TARGET: You specified a full name that contains invalid
|
|
// characters.
|
|
//
|
|
// * INVALID_LIST_MEMBER: You provided a list to a parameter that contains
|
|
// at least one invalid value.
|
|
//
|
|
// * INVALID_PARTY_TYPE_TARGET: You specified the wrong type of entity (account,
|
|
// organization, or email) as a party.
|
|
//
|
|
// * INVALID_PAGINATION_TOKEN: Get the value for the NextToken parameter
|
|
// from the response to a previous call of the operation.
|
|
//
|
|
// * INVALID_PATTERN: You provided a value that doesn't match the required
|
|
// pattern.
|
|
//
|
|
// * INVALID_PATTERN_TARGET_ID: You specified a policy target ID that doesn't
|
|
// match the required pattern.
|
|
//
|
|
// * INVALID_ROLE_NAME: You provided a role name that is not valid. A role
|
|
// name can’t begin with the reserved prefix 'AWSServiceRoleFor'.
|
|
//
|
|
// * INVALID_SYNTAX_ORGANIZATION_ARN: You specified an invalid ARN for the
|
|
// organization.
|
|
//
|
|
// * INVALID_SYNTAX_POLICY_ID: You specified an invalid policy ID.
|
|
//
|
|
// * MAX_FILTER_LIMIT_EXCEEDED: You can specify only one filter parameter
|
|
// for the operation.
|
|
//
|
|
// * MAX_LENGTH_EXCEEDED: You provided a string parameter that is longer
|
|
// than allowed.
|
|
//
|
|
// * MAX_VALUE_EXCEEDED: You provided a numeric parameter that has a larger
|
|
// value than allowed.
|
|
//
|
|
// * MIN_LENGTH_EXCEEDED: You provided a string parameter that is shorter
|
|
// than allowed.
|
|
//
|
|
// * MIN_VALUE_EXCEEDED: You provided a numeric parameter that has a smaller
|
|
// value than allowed.
|
|
//
|
|
// * MOVING_ACCOUNT_BETWEEN_DIFFERENT_ROOTS: You can move an account only
|
|
// between entities in the same root.
|
|
//
|
|
// * ErrCodePolicyNotFoundException "PolicyNotFoundException"
|
|
// We can't find a policy with the PolicyId that you specified.
|
|
//
|
|
// * ErrCodeServiceException "ServiceException"
|
|
// AWS Organizations can't complete your request because of an internal service
|
|
// error. Try again later.
|
|
//
|
|
// * ErrCodeTooManyRequestsException "TooManyRequestsException"
|
|
// You've sent too many requests in too short a period of time. The limit helps
|
|
// protect against denial-of-service attacks. Try again later.
|
|
//
|
|
// See also, https://docs.aws.amazon.com/goto/WebAPI/organizations-2016-11-28/ListTargetsForPolicy
|
|
func (c *Organizations) ListTargetsForPolicy(input *ListTargetsForPolicyInput) (*ListTargetsForPolicyOutput, error) {
|
|
req, out := c.ListTargetsForPolicyRequest(input)
|
|
return out, req.Send()
|
|
}
|
|
|
|
// ListTargetsForPolicyWithContext is the same as ListTargetsForPolicy with the addition of
|
|
// the ability to pass a context and additional request options.
|
|
//
|
|
// See ListTargetsForPolicy for details on how to use this API operation.
|
|
//
|
|
// The context must be non-nil and will be used for request cancellation. If
|
|
// the context is nil a panic will occur. In the future the SDK may create
|
|
// sub-contexts for http.Requests. See https://golang.org/pkg/context/
|
|
// for more information on using Contexts.
|
|
func (c *Organizations) ListTargetsForPolicyWithContext(ctx aws.Context, input *ListTargetsForPolicyInput, opts ...request.Option) (*ListTargetsForPolicyOutput, error) {
|
|
req, out := c.ListTargetsForPolicyRequest(input)
|
|
req.SetContext(ctx)
|
|
req.ApplyOptions(opts...)
|
|
return out, req.Send()
|
|
}
|
|
|
|
// ListTargetsForPolicyPages iterates over the pages of a ListTargetsForPolicy operation,
|
|
// calling the "fn" function with the response data for each page. To stop
|
|
// iterating, return false from the fn function.
|
|
//
|
|
// See ListTargetsForPolicy method for more information on how to use this operation.
|
|
//
|
|
// Note: This operation can generate multiple requests to a service.
|
|
//
|
|
// // Example iterating over at most 3 pages of a ListTargetsForPolicy operation.
|
|
// pageNum := 0
|
|
// err := client.ListTargetsForPolicyPages(params,
|
|
// func(page *ListTargetsForPolicyOutput, lastPage bool) bool {
|
|
// pageNum++
|
|
// fmt.Println(page)
|
|
// return pageNum <= 3
|
|
// })
|
|
//
|
|
func (c *Organizations) ListTargetsForPolicyPages(input *ListTargetsForPolicyInput, fn func(*ListTargetsForPolicyOutput, bool) bool) error {
|
|
return c.ListTargetsForPolicyPagesWithContext(aws.BackgroundContext(), input, fn)
|
|
}
|
|
|
|
// ListTargetsForPolicyPagesWithContext same as ListTargetsForPolicyPages except
|
|
// it takes a Context and allows setting request options on the pages.
|
|
//
|
|
// The context must be non-nil and will be used for request cancellation. If
|
|
// the context is nil a panic will occur. In the future the SDK may create
|
|
// sub-contexts for http.Requests. See https://golang.org/pkg/context/
|
|
// for more information on using Contexts.
|
|
func (c *Organizations) ListTargetsForPolicyPagesWithContext(ctx aws.Context, input *ListTargetsForPolicyInput, fn func(*ListTargetsForPolicyOutput, bool) bool, opts ...request.Option) error {
|
|
p := request.Pagination{
|
|
NewRequest: func() (*request.Request, error) {
|
|
var inCpy *ListTargetsForPolicyInput
|
|
if input != nil {
|
|
tmp := *input
|
|
inCpy = &tmp
|
|
}
|
|
req, _ := c.ListTargetsForPolicyRequest(inCpy)
|
|
req.SetContext(ctx)
|
|
req.ApplyOptions(opts...)
|
|
return req, nil
|
|
},
|
|
}
|
|
|
|
cont := true
|
|
for p.Next() && cont {
|
|
cont = fn(p.Page().(*ListTargetsForPolicyOutput), !p.HasNextPage())
|
|
}
|
|
return p.Err()
|
|
}
|
|
|
|
const opMoveAccount = "MoveAccount"
|
|
|
|
// MoveAccountRequest generates a "aws/request.Request" representing the
|
|
// client's request for the MoveAccount operation. The "output" return
|
|
// value will be populated with the request's response once the request completes
|
|
// successfuly.
|
|
//
|
|
// Use "Send" method on the returned Request to send the API call to the service.
|
|
// the "output" return value is not valid until after Send returns without error.
|
|
//
|
|
// See MoveAccount for more information on using the MoveAccount
|
|
// API call, and error handling.
|
|
//
|
|
// This method is useful when you want to inject custom logic or configuration
|
|
// into the SDK's request lifecycle. Such as custom headers, or retry logic.
|
|
//
|
|
//
|
|
// // Example sending a request using the MoveAccountRequest method.
|
|
// req, resp := client.MoveAccountRequest(params)
|
|
//
|
|
// err := req.Send()
|
|
// if err == nil { // resp is now filled
|
|
// fmt.Println(resp)
|
|
// }
|
|
//
|
|
// See also, https://docs.aws.amazon.com/goto/WebAPI/organizations-2016-11-28/MoveAccount
|
|
func (c *Organizations) MoveAccountRequest(input *MoveAccountInput) (req *request.Request, output *MoveAccountOutput) {
|
|
op := &request.Operation{
|
|
Name: opMoveAccount,
|
|
HTTPMethod: "POST",
|
|
HTTPPath: "/",
|
|
}
|
|
|
|
if input == nil {
|
|
input = &MoveAccountInput{}
|
|
}
|
|
|
|
output = &MoveAccountOutput{}
|
|
req = c.newRequest(op, input, output)
|
|
req.Handlers.Unmarshal.Remove(jsonrpc.UnmarshalHandler)
|
|
req.Handlers.Unmarshal.PushBackNamed(protocol.UnmarshalDiscardBodyHandler)
|
|
return
|
|
}
|
|
|
|
// MoveAccount API operation for AWS Organizations.
|
|
//
|
|
// Moves an account from its current source parent root or OU to the specified
|
|
// destination parent root or OU.
|
|
//
|
|
// This operation can be called only from the organization's master account.
|
|
//
|
|
// Returns awserr.Error for service API and SDK errors. Use runtime type assertions
|
|
// with awserr.Error's Code and Message methods to get detailed information about
|
|
// the error.
|
|
//
|
|
// See the AWS API reference guide for AWS Organizations's
|
|
// API operation MoveAccount for usage and error information.
|
|
//
|
|
// Returned Error Codes:
|
|
// * ErrCodeAccessDeniedException "AccessDeniedException"
|
|
// You don't have permissions to perform the requested operation. The user or
|
|
// role that is making the request must have at least one IAM permissions policy
|
|
// attached that grants the required permissions. For more information, see
|
|
// Access Management (http://docs.aws.amazon.com/IAM/latest/UserGuide/access.html)
|
|
// in the IAM User Guide.
|
|
//
|
|
// * ErrCodeInvalidInputException "InvalidInputException"
|
|
// The requested operation failed because you provided invalid values for one
|
|
// or more of the request parameters. This exception includes a reason that
|
|
// contains additional information about the violated limit:
|
|
//
|
|
// Some of the reasons in the following list might not be applicable to this
|
|
// specific API or operation:
|
|
//
|
|
// * IMMUTABLE_POLICY: You specified a policy that is managed by AWS and
|
|
// cannot be modified.
|
|
//
|
|
// * INPUT_REQUIRED: You must include a value for all required parameters.
|
|
//
|
|
// * INVALID_ENUM: You specified a value that is not valid for that parameter.
|
|
//
|
|
// * INVALID_FULL_NAME_TARGET: You specified a full name that contains invalid
|
|
// characters.
|
|
//
|
|
// * INVALID_LIST_MEMBER: You provided a list to a parameter that contains
|
|
// at least one invalid value.
|
|
//
|
|
// * INVALID_PARTY_TYPE_TARGET: You specified the wrong type of entity (account,
|
|
// organization, or email) as a party.
|
|
//
|
|
// * INVALID_PAGINATION_TOKEN: Get the value for the NextToken parameter
|
|
// from the response to a previous call of the operation.
|
|
//
|
|
// * INVALID_PATTERN: You provided a value that doesn't match the required
|
|
// pattern.
|
|
//
|
|
// * INVALID_PATTERN_TARGET_ID: You specified a policy target ID that doesn't
|
|
// match the required pattern.
|
|
//
|
|
// * INVALID_ROLE_NAME: You provided a role name that is not valid. A role
|
|
// name can’t begin with the reserved prefix 'AWSServiceRoleFor'.
|
|
//
|
|
// * INVALID_SYNTAX_ORGANIZATION_ARN: You specified an invalid ARN for the
|
|
// organization.
|
|
//
|
|
// * INVALID_SYNTAX_POLICY_ID: You specified an invalid policy ID.
|
|
//
|
|
// * MAX_FILTER_LIMIT_EXCEEDED: You can specify only one filter parameter
|
|
// for the operation.
|
|
//
|
|
// * MAX_LENGTH_EXCEEDED: You provided a string parameter that is longer
|
|
// than allowed.
|
|
//
|
|
// * MAX_VALUE_EXCEEDED: You provided a numeric parameter that has a larger
|
|
// value than allowed.
|
|
//
|
|
// * MIN_LENGTH_EXCEEDED: You provided a string parameter that is shorter
|
|
// than allowed.
|
|
//
|
|
// * MIN_VALUE_EXCEEDED: You provided a numeric parameter that has a smaller
|
|
// value than allowed.
|
|
//
|
|
// * MOVING_ACCOUNT_BETWEEN_DIFFERENT_ROOTS: You can move an account only
|
|
// between entities in the same root.
|
|
//
|
|
// * ErrCodeSourceParentNotFoundException "SourceParentNotFoundException"
|
|
// We can't find a source root or OU with the ParentId that you specified.
|
|
//
|
|
// * ErrCodeDestinationParentNotFoundException "DestinationParentNotFoundException"
|
|
// We can't find the destination container (a root or OU) with the ParentId
|
|
// that you specified.
|
|
//
|
|
// * ErrCodeDuplicateAccountException "DuplicateAccountException"
|
|
// That account is already present in the specified destination.
|
|
//
|
|
// * ErrCodeAccountNotFoundException "AccountNotFoundException"
|
|
// We can't find an AWS account with the AccountId that you specified, or the
|
|
// account whose credentials you used to make this request is not a member of
|
|
// an organization.
|
|
//
|
|
// * ErrCodeTooManyRequestsException "TooManyRequestsException"
|
|
// You've sent too many requests in too short a period of time. The limit helps
|
|
// protect against denial-of-service attacks. Try again later.
|
|
//
|
|
// * ErrCodeConcurrentModificationException "ConcurrentModificationException"
|
|
// The target of the operation is currently being modified by a different request.
|
|
// Try again later.
|
|
//
|
|
// * ErrCodeAWSOrganizationsNotInUseException "AWSOrganizationsNotInUseException"
|
|
// Your account is not a member of an organization. To make this request, you
|
|
// must use the credentials of an account that belongs to an organization.
|
|
//
|
|
// * ErrCodeServiceException "ServiceException"
|
|
// AWS Organizations can't complete your request because of an internal service
|
|
// error. Try again later.
|
|
//
|
|
// See also, https://docs.aws.amazon.com/goto/WebAPI/organizations-2016-11-28/MoveAccount
|
|
func (c *Organizations) MoveAccount(input *MoveAccountInput) (*MoveAccountOutput, error) {
|
|
req, out := c.MoveAccountRequest(input)
|
|
return out, req.Send()
|
|
}
|
|
|
|
// MoveAccountWithContext is the same as MoveAccount with the addition of
|
|
// the ability to pass a context and additional request options.
|
|
//
|
|
// See MoveAccount for details on how to use this API operation.
|
|
//
|
|
// The context must be non-nil and will be used for request cancellation. If
|
|
// the context is nil a panic will occur. In the future the SDK may create
|
|
// sub-contexts for http.Requests. See https://golang.org/pkg/context/
|
|
// for more information on using Contexts.
|
|
func (c *Organizations) MoveAccountWithContext(ctx aws.Context, input *MoveAccountInput, opts ...request.Option) (*MoveAccountOutput, error) {
|
|
req, out := c.MoveAccountRequest(input)
|
|
req.SetContext(ctx)
|
|
req.ApplyOptions(opts...)
|
|
return out, req.Send()
|
|
}
|
|
|
|
const opRemoveAccountFromOrganization = "RemoveAccountFromOrganization"
|
|
|
|
// RemoveAccountFromOrganizationRequest generates a "aws/request.Request" representing the
|
|
// client's request for the RemoveAccountFromOrganization operation. The "output" return
|
|
// value will be populated with the request's response once the request completes
|
|
// successfuly.
|
|
//
|
|
// Use "Send" method on the returned Request to send the API call to the service.
|
|
// the "output" return value is not valid until after Send returns without error.
|
|
//
|
|
// See RemoveAccountFromOrganization for more information on using the RemoveAccountFromOrganization
|
|
// API call, and error handling.
|
|
//
|
|
// This method is useful when you want to inject custom logic or configuration
|
|
// into the SDK's request lifecycle. Such as custom headers, or retry logic.
|
|
//
|
|
//
|
|
// // Example sending a request using the RemoveAccountFromOrganizationRequest method.
|
|
// req, resp := client.RemoveAccountFromOrganizationRequest(params)
|
|
//
|
|
// err := req.Send()
|
|
// if err == nil { // resp is now filled
|
|
// fmt.Println(resp)
|
|
// }
|
|
//
|
|
// See also, https://docs.aws.amazon.com/goto/WebAPI/organizations-2016-11-28/RemoveAccountFromOrganization
|
|
func (c *Organizations) RemoveAccountFromOrganizationRequest(input *RemoveAccountFromOrganizationInput) (req *request.Request, output *RemoveAccountFromOrganizationOutput) {
|
|
op := &request.Operation{
|
|
Name: opRemoveAccountFromOrganization,
|
|
HTTPMethod: "POST",
|
|
HTTPPath: "/",
|
|
}
|
|
|
|
if input == nil {
|
|
input = &RemoveAccountFromOrganizationInput{}
|
|
}
|
|
|
|
output = &RemoveAccountFromOrganizationOutput{}
|
|
req = c.newRequest(op, input, output)
|
|
req.Handlers.Unmarshal.Remove(jsonrpc.UnmarshalHandler)
|
|
req.Handlers.Unmarshal.PushBackNamed(protocol.UnmarshalDiscardBodyHandler)
|
|
return
|
|
}
|
|
|
|
// RemoveAccountFromOrganization API operation for AWS Organizations.
|
|
//
|
|
// Removes the specified account from the organization.
|
|
//
|
|
// The removed account becomes a stand-alone account that is not a member of
|
|
// any organization. It is no longer subject to any policies and is responsible
|
|
// for its own bill payments. The organization's master account is no longer
|
|
// charged for any expenses accrued by the member account after it is removed
|
|
// from the organization.
|
|
//
|
|
// This operation can be called only from the organization's master account.
|
|
// Member accounts can remove themselves with LeaveOrganization instead.
|
|
//
|
|
// You can remove an account from your organization only if the account is configured
|
|
// with the information required to operate as a standalone account. When you
|
|
// create an account in an organization using the AWS Organizations console,
|
|
// API, or CLI commands, the information required of standalone accounts is
|
|
// not automatically collected. For an account that you want to make standalone,
|
|
// you must accept the End User License Agreement (EULA), choose a support plan,
|
|
// provide and verify the required contact information, and provide a current
|
|
// payment method. AWS uses the payment method to charge for any billable (not
|
|
// free tier) AWS activity that occurs while the account is not attached to
|
|
// an organization. To remove an account that does not yet have this information,
|
|
// you must sign in as the member account and follow the steps at To leave
|
|
// an organization when all required account information has not yet been provided
|
|
// (http://docs.aws.amazon.com/organizations/latest/userguide/orgs_manage_accounts_remove.html#leave-without-all-info)
|
|
// in the AWS Organizations User Guide.
|
|
//
|
|
// You can remove a member account only after you enable IAM user access to
|
|
// billing in the member account. For more information, see Activating Access
|
|
// to the Billing and Cost Management Console (http://docs.aws.amazon.com/awsaccountbilling/latest/aboutv2/grantaccess.html#ControllingAccessWebsite-Activate)
|
|
// in the AWS Billing and Cost Management User Guide.
|
|
//
|
|
// Returns awserr.Error for service API and SDK errors. Use runtime type assertions
|
|
// with awserr.Error's Code and Message methods to get detailed information about
|
|
// the error.
|
|
//
|
|
// See the AWS API reference guide for AWS Organizations's
|
|
// API operation RemoveAccountFromOrganization for usage and error information.
|
|
//
|
|
// Returned Error Codes:
|
|
// * ErrCodeAccessDeniedException "AccessDeniedException"
|
|
// You don't have permissions to perform the requested operation. The user or
|
|
// role that is making the request must have at least one IAM permissions policy
|
|
// attached that grants the required permissions. For more information, see
|
|
// Access Management (http://docs.aws.amazon.com/IAM/latest/UserGuide/access.html)
|
|
// in the IAM User Guide.
|
|
//
|
|
// * ErrCodeAccountNotFoundException "AccountNotFoundException"
|
|
// We can't find an AWS account with the AccountId that you specified, or the
|
|
// account whose credentials you used to make this request is not a member of
|
|
// an organization.
|
|
//
|
|
// * ErrCodeAWSOrganizationsNotInUseException "AWSOrganizationsNotInUseException"
|
|
// Your account is not a member of an organization. To make this request, you
|
|
// must use the credentials of an account that belongs to an organization.
|
|
//
|
|
// * ErrCodeConcurrentModificationException "ConcurrentModificationException"
|
|
// The target of the operation is currently being modified by a different request.
|
|
// Try again later.
|
|
//
|
|
// * ErrCodeConstraintViolationException "ConstraintViolationException"
|
|
// Performing this operation violates a minimum or maximum value limit. For
|
|
// example, attempting to removing the last SCP from an OU or root, inviting
|
|
// or creating too many accounts to the organization, or attaching too many
|
|
// policies to an account, OU, or root. This exception includes a reason that
|
|
// contains additional information about the violated limit:
|
|
//
|
|
// Some of the reasons in the following list might not be applicable to this
|
|
// specific API or operation:
|
|
//
|
|
// ACCOUNT_NUMBER_LIMIT_EXCEEDED: You attempted to exceed the limit on the number
|
|
// of accounts in an organization. If you need more accounts, contact AWS Support
|
|
// to request an increase in your limit.
|
|
//
|
|
// Or, The number of invitations that you tried to send would cause you to exceed
|
|
// the limit of accounts in your organization. Send fewer invitations, or contact
|
|
// AWS Support to request an increase in the number of accounts.
|
|
//
|
|
// Note: deleted and closed accounts still count toward your limit.
|
|
//
|
|
// If you get an exception that indicates that you exceeded your account limits
|
|
// for the organization or that you can"t add an account because your organization
|
|
// is still initializing, please contact AWS Customer Support (https://console.aws.amazon.com/support/home#/).
|
|
//
|
|
// * HANDSHAKE_RATE_LIMIT_EXCEEDED: You attempted to exceed the number of
|
|
// handshakes you can send in one day.
|
|
//
|
|
// * OU_NUMBER_LIMIT_EXCEEDED: You attempted to exceed the number of organizational
|
|
// units you can have in an organization.
|
|
//
|
|
// * OU_DEPTH_LIMIT_EXCEEDED: You attempted to create an organizational unit
|
|
// tree that is too many levels deep.
|
|
//
|
|
// * POLICY_NUMBER_LIMIT_EXCEEDED. You attempted to exceed the number of
|
|
// policies that you can have in an organization.
|
|
//
|
|
// * MAX_POLICY_TYPE_ATTACHMENT_LIMIT_EXCEEDED: You attempted to exceed the
|
|
// number of policies of a certain type that can be attached to an entity
|
|
// at one time.
|
|
//
|
|
// * MIN_POLICY_TYPE_ATTACHMENT_LIMIT_EXCEEDED: You attempted to detach a
|
|
// policy from an entity that would cause the entity to have fewer than the
|
|
// minimum number of policies of a certain type required.
|
|
//
|
|
// * ACCOUNT_CANNOT_LEAVE_WITHOUT_EULA: You attempted to remove an account
|
|
// from the organization that does not yet have enough information to exist
|
|
// as a stand-alone account. This account requires you to first agree to
|
|
// the AWS Customer Agreement. Follow the steps at To leave an organization
|
|
// when all required account information has not yet been provided (http://docs.aws.amazon.com/organizations/latest/userguide/orgs_manage_accounts_remove.html#leave-without-all-info)
|
|
// in the AWS Organizations User Guide.
|
|
//
|
|
// * ACCOUNT_CANNOT_LEAVE_WITHOUT_PHONE_VERIFICATION: You attempted to remove
|
|
// an account from the organization that does not yet have enough information
|
|
// to exist as a stand-alone account. This account requires you to first
|
|
// complete phone verification. Follow the steps at To leave an organization
|
|
// when all required account information has not yet been provided (http://docs.aws.amazon.com/organizations/latest/userguide/orgs_manage_accounts_remove.html#leave-without-all-info)
|
|
// in the AWS Organizations User Guide.
|
|
//
|
|
// * MASTER_ACCOUNT_PAYMENT_INSTRUMENT_REQUIRED: To create an organization
|
|
// with this account, you first must associate a payment instrument, such
|
|
// as a credit card, with the account. Follow the steps at To leave an organization
|
|
// when all required account information has not yet been provided (http://docs.aws.amazon.com/organizations/latest/userguide/orgs_manage_accounts_remove.html#leave-without-all-info)
|
|
// in the AWS Organizations User Guide.
|
|
//
|
|
// * MEMBER_ACCOUNT_PAYMENT_INSTRUMENT_REQUIRED: To complete this operation
|
|
// with this member account, you first must associate a payment instrument,
|
|
// such as a credit card, with the account. Follow the steps at To leave
|
|
// an organization when all required account information has not yet been
|
|
// provided (http://docs.aws.amazon.com/organizations/latest/userguide/orgs_manage_accounts_remove.html#leave-without-all-info)
|
|
// in the AWS Organizations User Guide.
|
|
//
|
|
// * ACCOUNT_CREATION_RATE_LIMIT_EXCEEDED: You attempted to exceed the number
|
|
// of accounts that you can create in one day.
|
|
//
|
|
// * MASTER_ACCOUNT_ADDRESS_DOES_NOT_MATCH_MARKETPLACE: To create an account
|
|
// in this organization, you first must migrate the organization's master
|
|
// account to the marketplace that corresponds to the master account's address.
|
|
// For example, accounts with India addresses must be associated with the
|
|
// AISPL marketplace. All accounts in an organization must be associated
|
|
// with the same marketplace.
|
|
//
|
|
// * MASTER_ACCOUNT_MISSING_CONTACT_INFO: To complete this operation, you
|
|
// must first provide contact a valid address and phone number for the master
|
|
// account. Then try the operation again.
|
|
//
|
|
// * ErrCodeInvalidInputException "InvalidInputException"
|
|
// The requested operation failed because you provided invalid values for one
|
|
// or more of the request parameters. This exception includes a reason that
|
|
// contains additional information about the violated limit:
|
|
//
|
|
// Some of the reasons in the following list might not be applicable to this
|
|
// specific API or operation:
|
|
//
|
|
// * IMMUTABLE_POLICY: You specified a policy that is managed by AWS and
|
|
// cannot be modified.
|
|
//
|
|
// * INPUT_REQUIRED: You must include a value for all required parameters.
|
|
//
|
|
// * INVALID_ENUM: You specified a value that is not valid for that parameter.
|
|
//
|
|
// * INVALID_FULL_NAME_TARGET: You specified a full name that contains invalid
|
|
// characters.
|
|
//
|
|
// * INVALID_LIST_MEMBER: You provided a list to a parameter that contains
|
|
// at least one invalid value.
|
|
//
|
|
// * INVALID_PARTY_TYPE_TARGET: You specified the wrong type of entity (account,
|
|
// organization, or email) as a party.
|
|
//
|
|
// * INVALID_PAGINATION_TOKEN: Get the value for the NextToken parameter
|
|
// from the response to a previous call of the operation.
|
|
//
|
|
// * INVALID_PATTERN: You provided a value that doesn't match the required
|
|
// pattern.
|
|
//
|
|
// * INVALID_PATTERN_TARGET_ID: You specified a policy target ID that doesn't
|
|
// match the required pattern.
|
|
//
|
|
// * INVALID_ROLE_NAME: You provided a role name that is not valid. A role
|
|
// name can’t begin with the reserved prefix 'AWSServiceRoleFor'.
|
|
//
|
|
// * INVALID_SYNTAX_ORGANIZATION_ARN: You specified an invalid ARN for the
|
|
// organization.
|
|
//
|
|
// * INVALID_SYNTAX_POLICY_ID: You specified an invalid policy ID.
|
|
//
|
|
// * MAX_FILTER_LIMIT_EXCEEDED: You can specify only one filter parameter
|
|
// for the operation.
|
|
//
|
|
// * MAX_LENGTH_EXCEEDED: You provided a string parameter that is longer
|
|
// than allowed.
|
|
//
|
|
// * MAX_VALUE_EXCEEDED: You provided a numeric parameter that has a larger
|
|
// value than allowed.
|
|
//
|
|
// * MIN_LENGTH_EXCEEDED: You provided a string parameter that is shorter
|
|
// than allowed.
|
|
//
|
|
// * MIN_VALUE_EXCEEDED: You provided a numeric parameter that has a smaller
|
|
// value than allowed.
|
|
//
|
|
// * MOVING_ACCOUNT_BETWEEN_DIFFERENT_ROOTS: You can move an account only
|
|
// between entities in the same root.
|
|
//
|
|
// * ErrCodeMasterCannotLeaveOrganizationException "MasterCannotLeaveOrganizationException"
|
|
// You can't remove a master account from an organization. If you want the master
|
|
// account to become a member account in another organization, you must first
|
|
// delete the current organization of the master account.
|
|
//
|
|
// * ErrCodeServiceException "ServiceException"
|
|
// AWS Organizations can't complete your request because of an internal service
|
|
// error. Try again later.
|
|
//
|
|
// * ErrCodeTooManyRequestsException "TooManyRequestsException"
|
|
// You've sent too many requests in too short a period of time. The limit helps
|
|
// protect against denial-of-service attacks. Try again later.
|
|
//
|
|
// See also, https://docs.aws.amazon.com/goto/WebAPI/organizations-2016-11-28/RemoveAccountFromOrganization
|
|
func (c *Organizations) RemoveAccountFromOrganization(input *RemoveAccountFromOrganizationInput) (*RemoveAccountFromOrganizationOutput, error) {
|
|
req, out := c.RemoveAccountFromOrganizationRequest(input)
|
|
return out, req.Send()
|
|
}
|
|
|
|
// RemoveAccountFromOrganizationWithContext is the same as RemoveAccountFromOrganization with the addition of
|
|
// the ability to pass a context and additional request options.
|
|
//
|
|
// See RemoveAccountFromOrganization for details on how to use this API operation.
|
|
//
|
|
// The context must be non-nil and will be used for request cancellation. If
|
|
// the context is nil a panic will occur. In the future the SDK may create
|
|
// sub-contexts for http.Requests. See https://golang.org/pkg/context/
|
|
// for more information on using Contexts.
|
|
func (c *Organizations) RemoveAccountFromOrganizationWithContext(ctx aws.Context, input *RemoveAccountFromOrganizationInput, opts ...request.Option) (*RemoveAccountFromOrganizationOutput, error) {
|
|
req, out := c.RemoveAccountFromOrganizationRequest(input)
|
|
req.SetContext(ctx)
|
|
req.ApplyOptions(opts...)
|
|
return out, req.Send()
|
|
}
|
|
|
|
const opUpdateOrganizationalUnit = "UpdateOrganizationalUnit"
|
|
|
|
// UpdateOrganizationalUnitRequest generates a "aws/request.Request" representing the
|
|
// client's request for the UpdateOrganizationalUnit operation. The "output" return
|
|
// value will be populated with the request's response once the request completes
|
|
// successfuly.
|
|
//
|
|
// Use "Send" method on the returned Request to send the API call to the service.
|
|
// the "output" return value is not valid until after Send returns without error.
|
|
//
|
|
// See UpdateOrganizationalUnit for more information on using the UpdateOrganizationalUnit
|
|
// API call, and error handling.
|
|
//
|
|
// This method is useful when you want to inject custom logic or configuration
|
|
// into the SDK's request lifecycle. Such as custom headers, or retry logic.
|
|
//
|
|
//
|
|
// // Example sending a request using the UpdateOrganizationalUnitRequest method.
|
|
// req, resp := client.UpdateOrganizationalUnitRequest(params)
|
|
//
|
|
// err := req.Send()
|
|
// if err == nil { // resp is now filled
|
|
// fmt.Println(resp)
|
|
// }
|
|
//
|
|
// See also, https://docs.aws.amazon.com/goto/WebAPI/organizations-2016-11-28/UpdateOrganizationalUnit
|
|
func (c *Organizations) UpdateOrganizationalUnitRequest(input *UpdateOrganizationalUnitInput) (req *request.Request, output *UpdateOrganizationalUnitOutput) {
|
|
op := &request.Operation{
|
|
Name: opUpdateOrganizationalUnit,
|
|
HTTPMethod: "POST",
|
|
HTTPPath: "/",
|
|
}
|
|
|
|
if input == nil {
|
|
input = &UpdateOrganizationalUnitInput{}
|
|
}
|
|
|
|
output = &UpdateOrganizationalUnitOutput{}
|
|
req = c.newRequest(op, input, output)
|
|
return
|
|
}
|
|
|
|
// UpdateOrganizationalUnit API operation for AWS Organizations.
|
|
//
|
|
// Renames the specified organizational unit (OU). The ID and ARN do not change.
|
|
// The child OUs and accounts remain in place, and any attached policies of
|
|
// the OU remain attached.
|
|
//
|
|
// This operation can be called only from the organization's master account.
|
|
//
|
|
// Returns awserr.Error for service API and SDK errors. Use runtime type assertions
|
|
// with awserr.Error's Code and Message methods to get detailed information about
|
|
// the error.
|
|
//
|
|
// See the AWS API reference guide for AWS Organizations's
|
|
// API operation UpdateOrganizationalUnit for usage and error information.
|
|
//
|
|
// Returned Error Codes:
|
|
// * ErrCodeAccessDeniedException "AccessDeniedException"
|
|
// You don't have permissions to perform the requested operation. The user or
|
|
// role that is making the request must have at least one IAM permissions policy
|
|
// attached that grants the required permissions. For more information, see
|
|
// Access Management (http://docs.aws.amazon.com/IAM/latest/UserGuide/access.html)
|
|
// in the IAM User Guide.
|
|
//
|
|
// * ErrCodeAWSOrganizationsNotInUseException "AWSOrganizationsNotInUseException"
|
|
// Your account is not a member of an organization. To make this request, you
|
|
// must use the credentials of an account that belongs to an organization.
|
|
//
|
|
// * ErrCodeConcurrentModificationException "ConcurrentModificationException"
|
|
// The target of the operation is currently being modified by a different request.
|
|
// Try again later.
|
|
//
|
|
// * ErrCodeDuplicateOrganizationalUnitException "DuplicateOrganizationalUnitException"
|
|
// An organizational unit (OU) with the same name already exists.
|
|
//
|
|
// * ErrCodeInvalidInputException "InvalidInputException"
|
|
// The requested operation failed because you provided invalid values for one
|
|
// or more of the request parameters. This exception includes a reason that
|
|
// contains additional information about the violated limit:
|
|
//
|
|
// Some of the reasons in the following list might not be applicable to this
|
|
// specific API or operation:
|
|
//
|
|
// * IMMUTABLE_POLICY: You specified a policy that is managed by AWS and
|
|
// cannot be modified.
|
|
//
|
|
// * INPUT_REQUIRED: You must include a value for all required parameters.
|
|
//
|
|
// * INVALID_ENUM: You specified a value that is not valid for that parameter.
|
|
//
|
|
// * INVALID_FULL_NAME_TARGET: You specified a full name that contains invalid
|
|
// characters.
|
|
//
|
|
// * INVALID_LIST_MEMBER: You provided a list to a parameter that contains
|
|
// at least one invalid value.
|
|
//
|
|
// * INVALID_PARTY_TYPE_TARGET: You specified the wrong type of entity (account,
|
|
// organization, or email) as a party.
|
|
//
|
|
// * INVALID_PAGINATION_TOKEN: Get the value for the NextToken parameter
|
|
// from the response to a previous call of the operation.
|
|
//
|
|
// * INVALID_PATTERN: You provided a value that doesn't match the required
|
|
// pattern.
|
|
//
|
|
// * INVALID_PATTERN_TARGET_ID: You specified a policy target ID that doesn't
|
|
// match the required pattern.
|
|
//
|
|
// * INVALID_ROLE_NAME: You provided a role name that is not valid. A role
|
|
// name can’t begin with the reserved prefix 'AWSServiceRoleFor'.
|
|
//
|
|
// * INVALID_SYNTAX_ORGANIZATION_ARN: You specified an invalid ARN for the
|
|
// organization.
|
|
//
|
|
// * INVALID_SYNTAX_POLICY_ID: You specified an invalid policy ID.
|
|
//
|
|
// * MAX_FILTER_LIMIT_EXCEEDED: You can specify only one filter parameter
|
|
// for the operation.
|
|
//
|
|
// * MAX_LENGTH_EXCEEDED: You provided a string parameter that is longer
|
|
// than allowed.
|
|
//
|
|
// * MAX_VALUE_EXCEEDED: You provided a numeric parameter that has a larger
|
|
// value than allowed.
|
|
//
|
|
// * MIN_LENGTH_EXCEEDED: You provided a string parameter that is shorter
|
|
// than allowed.
|
|
//
|
|
// * MIN_VALUE_EXCEEDED: You provided a numeric parameter that has a smaller
|
|
// value than allowed.
|
|
//
|
|
// * MOVING_ACCOUNT_BETWEEN_DIFFERENT_ROOTS: You can move an account only
|
|
// between entities in the same root.
|
|
//
|
|
// * ErrCodeOrganizationalUnitNotFoundException "OrganizationalUnitNotFoundException"
|
|
// We can't find an organizational unit (OU) with the OrganizationalUnitId that
|
|
// you specified.
|
|
//
|
|
// * ErrCodeServiceException "ServiceException"
|
|
// AWS Organizations can't complete your request because of an internal service
|
|
// error. Try again later.
|
|
//
|
|
// * ErrCodeTooManyRequestsException "TooManyRequestsException"
|
|
// You've sent too many requests in too short a period of time. The limit helps
|
|
// protect against denial-of-service attacks. Try again later.
|
|
//
|
|
// See also, https://docs.aws.amazon.com/goto/WebAPI/organizations-2016-11-28/UpdateOrganizationalUnit
|
|
func (c *Organizations) UpdateOrganizationalUnit(input *UpdateOrganizationalUnitInput) (*UpdateOrganizationalUnitOutput, error) {
|
|
req, out := c.UpdateOrganizationalUnitRequest(input)
|
|
return out, req.Send()
|
|
}
|
|
|
|
// UpdateOrganizationalUnitWithContext is the same as UpdateOrganizationalUnit with the addition of
|
|
// the ability to pass a context and additional request options.
|
|
//
|
|
// See UpdateOrganizationalUnit for details on how to use this API operation.
|
|
//
|
|
// The context must be non-nil and will be used for request cancellation. If
|
|
// the context is nil a panic will occur. In the future the SDK may create
|
|
// sub-contexts for http.Requests. See https://golang.org/pkg/context/
|
|
// for more information on using Contexts.
|
|
func (c *Organizations) UpdateOrganizationalUnitWithContext(ctx aws.Context, input *UpdateOrganizationalUnitInput, opts ...request.Option) (*UpdateOrganizationalUnitOutput, error) {
|
|
req, out := c.UpdateOrganizationalUnitRequest(input)
|
|
req.SetContext(ctx)
|
|
req.ApplyOptions(opts...)
|
|
return out, req.Send()
|
|
}
|
|
|
|
const opUpdatePolicy = "UpdatePolicy"
|
|
|
|
// UpdatePolicyRequest generates a "aws/request.Request" representing the
|
|
// client's request for the UpdatePolicy operation. The "output" return
|
|
// value will be populated with the request's response once the request completes
|
|
// successfuly.
|
|
//
|
|
// Use "Send" method on the returned Request to send the API call to the service.
|
|
// the "output" return value is not valid until after Send returns without error.
|
|
//
|
|
// See UpdatePolicy for more information on using the UpdatePolicy
|
|
// API call, and error handling.
|
|
//
|
|
// This method is useful when you want to inject custom logic or configuration
|
|
// into the SDK's request lifecycle. Such as custom headers, or retry logic.
|
|
//
|
|
//
|
|
// // Example sending a request using the UpdatePolicyRequest method.
|
|
// req, resp := client.UpdatePolicyRequest(params)
|
|
//
|
|
// err := req.Send()
|
|
// if err == nil { // resp is now filled
|
|
// fmt.Println(resp)
|
|
// }
|
|
//
|
|
// See also, https://docs.aws.amazon.com/goto/WebAPI/organizations-2016-11-28/UpdatePolicy
|
|
func (c *Organizations) UpdatePolicyRequest(input *UpdatePolicyInput) (req *request.Request, output *UpdatePolicyOutput) {
|
|
op := &request.Operation{
|
|
Name: opUpdatePolicy,
|
|
HTTPMethod: "POST",
|
|
HTTPPath: "/",
|
|
}
|
|
|
|
if input == nil {
|
|
input = &UpdatePolicyInput{}
|
|
}
|
|
|
|
output = &UpdatePolicyOutput{}
|
|
req = c.newRequest(op, input, output)
|
|
return
|
|
}
|
|
|
|
// UpdatePolicy API operation for AWS Organizations.
|
|
//
|
|
// Updates an existing policy with a new name, description, or content. If any
|
|
// parameter is not supplied, that value remains unchanged. Note that you cannot
|
|
// change a policy's type.
|
|
//
|
|
// This operation can be called only from the organization's master account.
|
|
//
|
|
// Returns awserr.Error for service API and SDK errors. Use runtime type assertions
|
|
// with awserr.Error's Code and Message methods to get detailed information about
|
|
// the error.
|
|
//
|
|
// See the AWS API reference guide for AWS Organizations's
|
|
// API operation UpdatePolicy for usage and error information.
|
|
//
|
|
// Returned Error Codes:
|
|
// * ErrCodeAccessDeniedException "AccessDeniedException"
|
|
// You don't have permissions to perform the requested operation. The user or
|
|
// role that is making the request must have at least one IAM permissions policy
|
|
// attached that grants the required permissions. For more information, see
|
|
// Access Management (http://docs.aws.amazon.com/IAM/latest/UserGuide/access.html)
|
|
// in the IAM User Guide.
|
|
//
|
|
// * ErrCodeAWSOrganizationsNotInUseException "AWSOrganizationsNotInUseException"
|
|
// Your account is not a member of an organization. To make this request, you
|
|
// must use the credentials of an account that belongs to an organization.
|
|
//
|
|
// * ErrCodeConcurrentModificationException "ConcurrentModificationException"
|
|
// The target of the operation is currently being modified by a different request.
|
|
// Try again later.
|
|
//
|
|
// * ErrCodeConstraintViolationException "ConstraintViolationException"
|
|
// Performing this operation violates a minimum or maximum value limit. For
|
|
// example, attempting to removing the last SCP from an OU or root, inviting
|
|
// or creating too many accounts to the organization, or attaching too many
|
|
// policies to an account, OU, or root. This exception includes a reason that
|
|
// contains additional information about the violated limit:
|
|
//
|
|
// Some of the reasons in the following list might not be applicable to this
|
|
// specific API or operation:
|
|
//
|
|
// ACCOUNT_NUMBER_LIMIT_EXCEEDED: You attempted to exceed the limit on the number
|
|
// of accounts in an organization. If you need more accounts, contact AWS Support
|
|
// to request an increase in your limit.
|
|
//
|
|
// Or, The number of invitations that you tried to send would cause you to exceed
|
|
// the limit of accounts in your organization. Send fewer invitations, or contact
|
|
// AWS Support to request an increase in the number of accounts.
|
|
//
|
|
// Note: deleted and closed accounts still count toward your limit.
|
|
//
|
|
// If you get an exception that indicates that you exceeded your account limits
|
|
// for the organization or that you can"t add an account because your organization
|
|
// is still initializing, please contact AWS Customer Support (https://console.aws.amazon.com/support/home#/).
|
|
//
|
|
// * HANDSHAKE_RATE_LIMIT_EXCEEDED: You attempted to exceed the number of
|
|
// handshakes you can send in one day.
|
|
//
|
|
// * OU_NUMBER_LIMIT_EXCEEDED: You attempted to exceed the number of organizational
|
|
// units you can have in an organization.
|
|
//
|
|
// * OU_DEPTH_LIMIT_EXCEEDED: You attempted to create an organizational unit
|
|
// tree that is too many levels deep.
|
|
//
|
|
// * POLICY_NUMBER_LIMIT_EXCEEDED. You attempted to exceed the number of
|
|
// policies that you can have in an organization.
|
|
//
|
|
// * MAX_POLICY_TYPE_ATTACHMENT_LIMIT_EXCEEDED: You attempted to exceed the
|
|
// number of policies of a certain type that can be attached to an entity
|
|
// at one time.
|
|
//
|
|
// * MIN_POLICY_TYPE_ATTACHMENT_LIMIT_EXCEEDED: You attempted to detach a
|
|
// policy from an entity that would cause the entity to have fewer than the
|
|
// minimum number of policies of a certain type required.
|
|
//
|
|
// * ACCOUNT_CANNOT_LEAVE_WITHOUT_EULA: You attempted to remove an account
|
|
// from the organization that does not yet have enough information to exist
|
|
// as a stand-alone account. This account requires you to first agree to
|
|
// the AWS Customer Agreement. Follow the steps at To leave an organization
|
|
// when all required account information has not yet been provided (http://docs.aws.amazon.com/organizations/latest/userguide/orgs_manage_accounts_remove.html#leave-without-all-info)
|
|
// in the AWS Organizations User Guide.
|
|
//
|
|
// * ACCOUNT_CANNOT_LEAVE_WITHOUT_PHONE_VERIFICATION: You attempted to remove
|
|
// an account from the organization that does not yet have enough information
|
|
// to exist as a stand-alone account. This account requires you to first
|
|
// complete phone verification. Follow the steps at To leave an organization
|
|
// when all required account information has not yet been provided (http://docs.aws.amazon.com/organizations/latest/userguide/orgs_manage_accounts_remove.html#leave-without-all-info)
|
|
// in the AWS Organizations User Guide.
|
|
//
|
|
// * MASTER_ACCOUNT_PAYMENT_INSTRUMENT_REQUIRED: To create an organization
|
|
// with this account, you first must associate a payment instrument, such
|
|
// as a credit card, with the account. Follow the steps at To leave an organization
|
|
// when all required account information has not yet been provided (http://docs.aws.amazon.com/organizations/latest/userguide/orgs_manage_accounts_remove.html#leave-without-all-info)
|
|
// in the AWS Organizations User Guide.
|
|
//
|
|
// * MEMBER_ACCOUNT_PAYMENT_INSTRUMENT_REQUIRED: To complete this operation
|
|
// with this member account, you first must associate a payment instrument,
|
|
// such as a credit card, with the account. Follow the steps at To leave
|
|
// an organization when all required account information has not yet been
|
|
// provided (http://docs.aws.amazon.com/organizations/latest/userguide/orgs_manage_accounts_remove.html#leave-without-all-info)
|
|
// in the AWS Organizations User Guide.
|
|
//
|
|
// * ACCOUNT_CREATION_RATE_LIMIT_EXCEEDED: You attempted to exceed the number
|
|
// of accounts that you can create in one day.
|
|
//
|
|
// * MASTER_ACCOUNT_ADDRESS_DOES_NOT_MATCH_MARKETPLACE: To create an account
|
|
// in this organization, you first must migrate the organization's master
|
|
// account to the marketplace that corresponds to the master account's address.
|
|
// For example, accounts with India addresses must be associated with the
|
|
// AISPL marketplace. All accounts in an organization must be associated
|
|
// with the same marketplace.
|
|
//
|
|
// * MASTER_ACCOUNT_MISSING_CONTACT_INFO: To complete this operation, you
|
|
// must first provide contact a valid address and phone number for the master
|
|
// account. Then try the operation again.
|
|
//
|
|
// * ErrCodeDuplicatePolicyException "DuplicatePolicyException"
|
|
// A policy with the same name already exists.
|
|
//
|
|
// * ErrCodeInvalidInputException "InvalidInputException"
|
|
// The requested operation failed because you provided invalid values for one
|
|
// or more of the request parameters. This exception includes a reason that
|
|
// contains additional information about the violated limit:
|
|
//
|
|
// Some of the reasons in the following list might not be applicable to this
|
|
// specific API or operation:
|
|
//
|
|
// * IMMUTABLE_POLICY: You specified a policy that is managed by AWS and
|
|
// cannot be modified.
|
|
//
|
|
// * INPUT_REQUIRED: You must include a value for all required parameters.
|
|
//
|
|
// * INVALID_ENUM: You specified a value that is not valid for that parameter.
|
|
//
|
|
// * INVALID_FULL_NAME_TARGET: You specified a full name that contains invalid
|
|
// characters.
|
|
//
|
|
// * INVALID_LIST_MEMBER: You provided a list to a parameter that contains
|
|
// at least one invalid value.
|
|
//
|
|
// * INVALID_PARTY_TYPE_TARGET: You specified the wrong type of entity (account,
|
|
// organization, or email) as a party.
|
|
//
|
|
// * INVALID_PAGINATION_TOKEN: Get the value for the NextToken parameter
|
|
// from the response to a previous call of the operation.
|
|
//
|
|
// * INVALID_PATTERN: You provided a value that doesn't match the required
|
|
// pattern.
|
|
//
|
|
// * INVALID_PATTERN_TARGET_ID: You specified a policy target ID that doesn't
|
|
// match the required pattern.
|
|
//
|
|
// * INVALID_ROLE_NAME: You provided a role name that is not valid. A role
|
|
// name can’t begin with the reserved prefix 'AWSServiceRoleFor'.
|
|
//
|
|
// * INVALID_SYNTAX_ORGANIZATION_ARN: You specified an invalid ARN for the
|
|
// organization.
|
|
//
|
|
// * INVALID_SYNTAX_POLICY_ID: You specified an invalid policy ID.
|
|
//
|
|
// * MAX_FILTER_LIMIT_EXCEEDED: You can specify only one filter parameter
|
|
// for the operation.
|
|
//
|
|
// * MAX_LENGTH_EXCEEDED: You provided a string parameter that is longer
|
|
// than allowed.
|
|
//
|
|
// * MAX_VALUE_EXCEEDED: You provided a numeric parameter that has a larger
|
|
// value than allowed.
|
|
//
|
|
// * MIN_LENGTH_EXCEEDED: You provided a string parameter that is shorter
|
|
// than allowed.
|
|
//
|
|
// * MIN_VALUE_EXCEEDED: You provided a numeric parameter that has a smaller
|
|
// value than allowed.
|
|
//
|
|
// * MOVING_ACCOUNT_BETWEEN_DIFFERENT_ROOTS: You can move an account only
|
|
// between entities in the same root.
|
|
//
|
|
// * ErrCodeMalformedPolicyDocumentException "MalformedPolicyDocumentException"
|
|
// The provided policy document does not meet the requirements of the specified
|
|
// policy type. For example, the syntax might be incorrect. For details about
|
|
// service control policy syntax, see Service Control Policy Syntax (http://docs.aws.amazon.com/organizations/latest/userguide/orgs_reference_scp-syntax.html)
|
|
// in the AWS Organizations User Guide.
|
|
//
|
|
// * ErrCodePolicyNotFoundException "PolicyNotFoundException"
|
|
// We can't find a policy with the PolicyId that you specified.
|
|
//
|
|
// * ErrCodeServiceException "ServiceException"
|
|
// AWS Organizations can't complete your request because of an internal service
|
|
// error. Try again later.
|
|
//
|
|
// * ErrCodeTooManyRequestsException "TooManyRequestsException"
|
|
// You've sent too many requests in too short a period of time. The limit helps
|
|
// protect against denial-of-service attacks. Try again later.
|
|
//
|
|
// See also, https://docs.aws.amazon.com/goto/WebAPI/organizations-2016-11-28/UpdatePolicy
|
|
func (c *Organizations) UpdatePolicy(input *UpdatePolicyInput) (*UpdatePolicyOutput, error) {
|
|
req, out := c.UpdatePolicyRequest(input)
|
|
return out, req.Send()
|
|
}
|
|
|
|
// UpdatePolicyWithContext is the same as UpdatePolicy with the addition of
|
|
// the ability to pass a context and additional request options.
|
|
//
|
|
// See UpdatePolicy for details on how to use this API operation.
|
|
//
|
|
// The context must be non-nil and will be used for request cancellation. If
|
|
// the context is nil a panic will occur. In the future the SDK may create
|
|
// sub-contexts for http.Requests. See https://golang.org/pkg/context/
|
|
// for more information on using Contexts.
|
|
func (c *Organizations) UpdatePolicyWithContext(ctx aws.Context, input *UpdatePolicyInput, opts ...request.Option) (*UpdatePolicyOutput, error) {
|
|
req, out := c.UpdatePolicyRequest(input)
|
|
req.SetContext(ctx)
|
|
req.ApplyOptions(opts...)
|
|
return out, req.Send()
|
|
}
|
|
|
|
type AcceptHandshakeInput struct {
|
|
_ struct{} `type:"structure"`
|
|
|
|
// The unique identifier (ID) of the handshake that you want to accept.
|
|
//
|
|
// The regex pattern (http://wikipedia.org/wiki/regex) for handshake ID string
|
|
// requires "h-" followed by from 8 to 32 lower-case letters or digits.
|
|
//
|
|
// HandshakeId is a required field
|
|
HandshakeId *string `type:"string" required:"true"`
|
|
}
|
|
|
|
// String returns the string representation
|
|
func (s AcceptHandshakeInput) String() string {
|
|
return awsutil.Prettify(s)
|
|
}
|
|
|
|
// GoString returns the string representation
|
|
func (s AcceptHandshakeInput) GoString() string {
|
|
return s.String()
|
|
}
|
|
|
|
// Validate inspects the fields of the type to determine if they are valid.
|
|
func (s *AcceptHandshakeInput) Validate() error {
|
|
invalidParams := request.ErrInvalidParams{Context: "AcceptHandshakeInput"}
|
|
if s.HandshakeId == nil {
|
|
invalidParams.Add(request.NewErrParamRequired("HandshakeId"))
|
|
}
|
|
|
|
if invalidParams.Len() > 0 {
|
|
return invalidParams
|
|
}
|
|
return nil
|
|
}
|
|
|
|
// SetHandshakeId sets the HandshakeId field's value.
|
|
func (s *AcceptHandshakeInput) SetHandshakeId(v string) *AcceptHandshakeInput {
|
|
s.HandshakeId = &v
|
|
return s
|
|
}
|
|
|
|
type AcceptHandshakeOutput struct {
|
|
_ struct{} `type:"structure"`
|
|
|
|
// A structure that contains details about the accepted handshake.
|
|
Handshake *Handshake `type:"structure"`
|
|
}
|
|
|
|
// String returns the string representation
|
|
func (s AcceptHandshakeOutput) String() string {
|
|
return awsutil.Prettify(s)
|
|
}
|
|
|
|
// GoString returns the string representation
|
|
func (s AcceptHandshakeOutput) GoString() string {
|
|
return s.String()
|
|
}
|
|
|
|
// SetHandshake sets the Handshake field's value.
|
|
func (s *AcceptHandshakeOutput) SetHandshake(v *Handshake) *AcceptHandshakeOutput {
|
|
s.Handshake = v
|
|
return s
|
|
}
|
|
|
|
// Contains information about an AWS account that is a member of an organization.
|
|
type Account struct {
|
|
_ struct{} `type:"structure"`
|
|
|
|
// The Amazon Resource Name (ARN) of the account.
|
|
//
|
|
// For more information about ARNs in Organizations, see ARN Formats Supported
|
|
// by Organizations (http://docs.aws.amazon.com/organizations/latest/userguide/orgs_permissions.html#orgs-permissions-arns)
|
|
// in the AWS Organizations User Guide.
|
|
Arn *string `type:"string"`
|
|
|
|
// The email address associated with the AWS account.
|
|
//
|
|
// The regex pattern (http://wikipedia.org/wiki/regex) for this parameter is
|
|
// a string of characters that represents a standard Internet email address.
|
|
Email *string `min:"6" type:"string"`
|
|
|
|
// The unique identifier (ID) of the account.
|
|
//
|
|
// The regex pattern (http://wikipedia.org/wiki/regex) for an account ID string
|
|
// requires exactly 12 digits.
|
|
Id *string `type:"string"`
|
|
|
|
// The method by which the account joined the organization.
|
|
JoinedMethod *string `type:"string" enum:"AccountJoinedMethod"`
|
|
|
|
// The date the account became a part of the organization.
|
|
JoinedTimestamp *time.Time `type:"timestamp" timestampFormat:"unix"`
|
|
|
|
// The friendly name of the account.
|
|
//
|
|
// The regex pattern (http://wikipedia.org/wiki/regex) that is used to validate
|
|
// this parameter is a string of any of the characters in the ASCII character
|
|
// range.
|
|
Name *string `min:"1" type:"string"`
|
|
|
|
// The status of the account in the organization.
|
|
Status *string `type:"string" enum:"AccountStatus"`
|
|
}
|
|
|
|
// String returns the string representation
|
|
func (s Account) String() string {
|
|
return awsutil.Prettify(s)
|
|
}
|
|
|
|
// GoString returns the string representation
|
|
func (s Account) GoString() string {
|
|
return s.String()
|
|
}
|
|
|
|
// SetArn sets the Arn field's value.
|
|
func (s *Account) SetArn(v string) *Account {
|
|
s.Arn = &v
|
|
return s
|
|
}
|
|
|
|
// SetEmail sets the Email field's value.
|
|
func (s *Account) SetEmail(v string) *Account {
|
|
s.Email = &v
|
|
return s
|
|
}
|
|
|
|
// SetId sets the Id field's value.
|
|
func (s *Account) SetId(v string) *Account {
|
|
s.Id = &v
|
|
return s
|
|
}
|
|
|
|
// SetJoinedMethod sets the JoinedMethod field's value.
|
|
func (s *Account) SetJoinedMethod(v string) *Account {
|
|
s.JoinedMethod = &v
|
|
return s
|
|
}
|
|
|
|
// SetJoinedTimestamp sets the JoinedTimestamp field's value.
|
|
func (s *Account) SetJoinedTimestamp(v time.Time) *Account {
|
|
s.JoinedTimestamp = &v
|
|
return s
|
|
}
|
|
|
|
// SetName sets the Name field's value.
|
|
func (s *Account) SetName(v string) *Account {
|
|
s.Name = &v
|
|
return s
|
|
}
|
|
|
|
// SetStatus sets the Status field's value.
|
|
func (s *Account) SetStatus(v string) *Account {
|
|
s.Status = &v
|
|
return s
|
|
}
|
|
|
|
type AttachPolicyInput struct {
|
|
_ struct{} `type:"structure"`
|
|
|
|
// The unique identifier (ID) of the policy that you want to attach to the target.
|
|
// You can get the ID for the policy by calling the ListPolicies operation.
|
|
//
|
|
// The regex pattern (http://wikipedia.org/wiki/regex) for a policy ID string
|
|
// requires "p-" followed by from 8 to 128 lower-case letters or digits.
|
|
//
|
|
// PolicyId is a required field
|
|
PolicyId *string `type:"string" required:"true"`
|
|
|
|
// The unique identifier (ID) of the root, OU, or account that you want to attach
|
|
// the policy to. You can get the ID by calling the ListRoots, ListOrganizationalUnitsForParent,
|
|
// or ListAccounts operations.
|
|
//
|
|
// The regex pattern (http://wikipedia.org/wiki/regex) for a target ID string
|
|
// requires one of the following:
|
|
//
|
|
// * Root: a string that begins with "r-" followed by from 4 to 32 lower-case
|
|
// letters or digits.
|
|
//
|
|
// * Account: a string that consists of exactly 12 digits.
|
|
//
|
|
// * Organizational unit (OU): a string that begins with "ou-" followed by
|
|
// from 4 to 32 lower-case letters or digits (the ID of the root that the
|
|
// OU is in) followed by a second "-" dash and from 8 to 32 additional lower-case
|
|
// letters or digits.
|
|
//
|
|
// TargetId is a required field
|
|
TargetId *string `type:"string" required:"true"`
|
|
}
|
|
|
|
// String returns the string representation
|
|
func (s AttachPolicyInput) String() string {
|
|
return awsutil.Prettify(s)
|
|
}
|
|
|
|
// GoString returns the string representation
|
|
func (s AttachPolicyInput) GoString() string {
|
|
return s.String()
|
|
}
|
|
|
|
// Validate inspects the fields of the type to determine if they are valid.
|
|
func (s *AttachPolicyInput) Validate() error {
|
|
invalidParams := request.ErrInvalidParams{Context: "AttachPolicyInput"}
|
|
if s.PolicyId == nil {
|
|
invalidParams.Add(request.NewErrParamRequired("PolicyId"))
|
|
}
|
|
if s.TargetId == nil {
|
|
invalidParams.Add(request.NewErrParamRequired("TargetId"))
|
|
}
|
|
|
|
if invalidParams.Len() > 0 {
|
|
return invalidParams
|
|
}
|
|
return nil
|
|
}
|
|
|
|
// SetPolicyId sets the PolicyId field's value.
|
|
func (s *AttachPolicyInput) SetPolicyId(v string) *AttachPolicyInput {
|
|
s.PolicyId = &v
|
|
return s
|
|
}
|
|
|
|
// SetTargetId sets the TargetId field's value.
|
|
func (s *AttachPolicyInput) SetTargetId(v string) *AttachPolicyInput {
|
|
s.TargetId = &v
|
|
return s
|
|
}
|
|
|
|
type AttachPolicyOutput struct {
|
|
_ struct{} `type:"structure"`
|
|
}
|
|
|
|
// String returns the string representation
|
|
func (s AttachPolicyOutput) String() string {
|
|
return awsutil.Prettify(s)
|
|
}
|
|
|
|
// GoString returns the string representation
|
|
func (s AttachPolicyOutput) GoString() string {
|
|
return s.String()
|
|
}
|
|
|
|
type CancelHandshakeInput struct {
|
|
_ struct{} `type:"structure"`
|
|
|
|
// The unique identifier (ID) of the handshake that you want to cancel. You
|
|
// can get the ID from the ListHandshakesForOrganization operation.
|
|
//
|
|
// The regex pattern (http://wikipedia.org/wiki/regex) for handshake ID string
|
|
// requires "h-" followed by from 8 to 32 lower-case letters or digits.
|
|
//
|
|
// HandshakeId is a required field
|
|
HandshakeId *string `type:"string" required:"true"`
|
|
}
|
|
|
|
// String returns the string representation
|
|
func (s CancelHandshakeInput) String() string {
|
|
return awsutil.Prettify(s)
|
|
}
|
|
|
|
// GoString returns the string representation
|
|
func (s CancelHandshakeInput) GoString() string {
|
|
return s.String()
|
|
}
|
|
|
|
// Validate inspects the fields of the type to determine if they are valid.
|
|
func (s *CancelHandshakeInput) Validate() error {
|
|
invalidParams := request.ErrInvalidParams{Context: "CancelHandshakeInput"}
|
|
if s.HandshakeId == nil {
|
|
invalidParams.Add(request.NewErrParamRequired("HandshakeId"))
|
|
}
|
|
|
|
if invalidParams.Len() > 0 {
|
|
return invalidParams
|
|
}
|
|
return nil
|
|
}
|
|
|
|
// SetHandshakeId sets the HandshakeId field's value.
|
|
func (s *CancelHandshakeInput) SetHandshakeId(v string) *CancelHandshakeInput {
|
|
s.HandshakeId = &v
|
|
return s
|
|
}
|
|
|
|
type CancelHandshakeOutput struct {
|
|
_ struct{} `type:"structure"`
|
|
|
|
// A structure that contains details about the handshake that you canceled.
|
|
Handshake *Handshake `type:"structure"`
|
|
}
|
|
|
|
// String returns the string representation
|
|
func (s CancelHandshakeOutput) String() string {
|
|
return awsutil.Prettify(s)
|
|
}
|
|
|
|
// GoString returns the string representation
|
|
func (s CancelHandshakeOutput) GoString() string {
|
|
return s.String()
|
|
}
|
|
|
|
// SetHandshake sets the Handshake field's value.
|
|
func (s *CancelHandshakeOutput) SetHandshake(v *Handshake) *CancelHandshakeOutput {
|
|
s.Handshake = v
|
|
return s
|
|
}
|
|
|
|
// Contains a list of child entities, either OUs or accounts.
|
|
type Child struct {
|
|
_ struct{} `type:"structure"`
|
|
|
|
// The unique identifier (ID) of this child entity.
|
|
//
|
|
// The regex pattern (http://wikipedia.org/wiki/regex) for a child ID string
|
|
// requires one of the following:
|
|
//
|
|
// * Account: a string that consists of exactly 12 digits.
|
|
//
|
|
// * Organizational unit (OU): a string that begins with "ou-" followed by
|
|
// from 4 to 32 lower-case letters or digits (the ID of the root that contains
|
|
// the OU) followed by a second "-" dash and from 8 to 32 additional lower-case
|
|
// letters or digits.
|
|
Id *string `type:"string"`
|
|
|
|
// The type of this child entity.
|
|
Type *string `type:"string" enum:"ChildType"`
|
|
}
|
|
|
|
// String returns the string representation
|
|
func (s Child) String() string {
|
|
return awsutil.Prettify(s)
|
|
}
|
|
|
|
// GoString returns the string representation
|
|
func (s Child) GoString() string {
|
|
return s.String()
|
|
}
|
|
|
|
// SetId sets the Id field's value.
|
|
func (s *Child) SetId(v string) *Child {
|
|
s.Id = &v
|
|
return s
|
|
}
|
|
|
|
// SetType sets the Type field's value.
|
|
func (s *Child) SetType(v string) *Child {
|
|
s.Type = &v
|
|
return s
|
|
}
|
|
|
|
type CreateAccountInput struct {
|
|
_ struct{} `type:"structure"`
|
|
|
|
// The friendly name of the member account.
|
|
//
|
|
// AccountName is a required field
|
|
AccountName *string `min:"1" type:"string" required:"true"`
|
|
|
|
// The email address of the owner to assign to the new member account. This
|
|
// email address must not already be associated with another AWS account. You
|
|
// must use a valid email address to complete account creation. You cannot access
|
|
// the root user of the account or remove an account that was created with an
|
|
// invalid email address.
|
|
//
|
|
// Email is a required field
|
|
Email *string `min:"6" type:"string" required:"true"`
|
|
|
|
// If set to ALLOW, the new account enables IAM users to access account billing
|
|
// information if they have the required permissions. If set to DENY, then only
|
|
// the root user of the new account can access account billing information.
|
|
// For more information, see Activating Access to the Billing and Cost Management
|
|
// Console (http://docs.aws.amazon.com/awsaccountbilling/latest/aboutv2/grantaccess.html#ControllingAccessWebsite-Activate)
|
|
// in the AWS Billing and Cost Management User Guide.
|
|
//
|
|
// If you do not specify this parameter, the value defaults to ALLOW, and IAM
|
|
// users and roles with the required permissions can access billing information
|
|
// for the new account.
|
|
IamUserAccessToBilling *string `type:"string" enum:"IAMUserAccessToBilling"`
|
|
|
|
// (Optional)
|
|
//
|
|
// The name of an IAM role that Organizations automatically preconfigures in
|
|
// the new member account. This role trusts the master account, allowing users
|
|
// in the master account to assume the role, as permitted by the master account
|
|
// administrator. The role has administrator permissions in the new member account.
|
|
//
|
|
// If you do not specify this parameter, the role name defaults to OrganizationAccountAccessRole.
|
|
//
|
|
// For more information about how to use this role to access the member account,
|
|
// see Accessing and Administering the Member Accounts in Your Organization
|
|
// (http://docs.aws.amazon.com/organizations/latest/userguide/orgs_manage_accounts_access.html#orgs_manage_accounts_create-cross-account-role)
|
|
// in the AWS Organizations User Guide, and steps 2 and 3 in Tutorial: Delegate
|
|
// Access Across AWS Accounts Using IAM Roles (http://docs.aws.amazon.com/IAM/latest/UserGuide/tutorial_cross-account-with-roles.html)
|
|
// in the IAM User Guide.
|
|
//
|
|
// The regex pattern (http://wikipedia.org/wiki/regex) that is used to validate
|
|
// this parameter is a string of characters that can consist of uppercase letters,
|
|
// lowercase letters, digits with no spaces, and any of the following characters:
|
|
// =,.@-
|
|
RoleName *string `type:"string"`
|
|
}
|
|
|
|
// String returns the string representation
|
|
func (s CreateAccountInput) String() string {
|
|
return awsutil.Prettify(s)
|
|
}
|
|
|
|
// GoString returns the string representation
|
|
func (s CreateAccountInput) GoString() string {
|
|
return s.String()
|
|
}
|
|
|
|
// Validate inspects the fields of the type to determine if they are valid.
|
|
func (s *CreateAccountInput) Validate() error {
|
|
invalidParams := request.ErrInvalidParams{Context: "CreateAccountInput"}
|
|
if s.AccountName == nil {
|
|
invalidParams.Add(request.NewErrParamRequired("AccountName"))
|
|
}
|
|
if s.AccountName != nil && len(*s.AccountName) < 1 {
|
|
invalidParams.Add(request.NewErrParamMinLen("AccountName", 1))
|
|
}
|
|
if s.Email == nil {
|
|
invalidParams.Add(request.NewErrParamRequired("Email"))
|
|
}
|
|
if s.Email != nil && len(*s.Email) < 6 {
|
|
invalidParams.Add(request.NewErrParamMinLen("Email", 6))
|
|
}
|
|
|
|
if invalidParams.Len() > 0 {
|
|
return invalidParams
|
|
}
|
|
return nil
|
|
}
|
|
|
|
// SetAccountName sets the AccountName field's value.
|
|
func (s *CreateAccountInput) SetAccountName(v string) *CreateAccountInput {
|
|
s.AccountName = &v
|
|
return s
|
|
}
|
|
|
|
// SetEmail sets the Email field's value.
|
|
func (s *CreateAccountInput) SetEmail(v string) *CreateAccountInput {
|
|
s.Email = &v
|
|
return s
|
|
}
|
|
|
|
// SetIamUserAccessToBilling sets the IamUserAccessToBilling field's value.
|
|
func (s *CreateAccountInput) SetIamUserAccessToBilling(v string) *CreateAccountInput {
|
|
s.IamUserAccessToBilling = &v
|
|
return s
|
|
}
|
|
|
|
// SetRoleName sets the RoleName field's value.
|
|
func (s *CreateAccountInput) SetRoleName(v string) *CreateAccountInput {
|
|
s.RoleName = &v
|
|
return s
|
|
}
|
|
|
|
type CreateAccountOutput struct {
|
|
_ struct{} `type:"structure"`
|
|
|
|
// A structure that contains details about the request to create an account.
|
|
// This response structure might not be fully populated when you first receive
|
|
// it because account creation is an asynchronous process. You can pass the
|
|
// returned CreateAccountStatus ID as a parameter to DescribeCreateAccountStatus
|
|
// to get status about the progress of the request at later times.
|
|
CreateAccountStatus *CreateAccountStatus `type:"structure"`
|
|
}
|
|
|
|
// String returns the string representation
|
|
func (s CreateAccountOutput) String() string {
|
|
return awsutil.Prettify(s)
|
|
}
|
|
|
|
// GoString returns the string representation
|
|
func (s CreateAccountOutput) GoString() string {
|
|
return s.String()
|
|
}
|
|
|
|
// SetCreateAccountStatus sets the CreateAccountStatus field's value.
|
|
func (s *CreateAccountOutput) SetCreateAccountStatus(v *CreateAccountStatus) *CreateAccountOutput {
|
|
s.CreateAccountStatus = v
|
|
return s
|
|
}
|
|
|
|
// Contains the status about a CreateAccount request to create an AWS account
|
|
// in an organization.
|
|
type CreateAccountStatus struct {
|
|
_ struct{} `type:"structure"`
|
|
|
|
// If the account was created successfully, the unique identifier (ID) of the
|
|
// new account.
|
|
//
|
|
// The regex pattern (http://wikipedia.org/wiki/regex) for an account ID string
|
|
// requires exactly 12 digits.
|
|
AccountId *string `type:"string"`
|
|
|
|
// The account name given to the account when it was created.
|
|
AccountName *string `min:"1" type:"string"`
|
|
|
|
// The date and time that the account was created and the request completed.
|
|
CompletedTimestamp *time.Time `type:"timestamp" timestampFormat:"unix"`
|
|
|
|
// If the request failed, a description of the reason for the failure.
|
|
//
|
|
// * ACCOUNT_LIMIT_EXCEEDED: The account could not be created because you
|
|
// have reached the limit on the number of accounts in your organization.
|
|
//
|
|
// * EMAIL_ALREADY_EXISTS: The account could not be created because another
|
|
// AWS account with that email address already exists.
|
|
//
|
|
// * INVALID_ADDRESS: The account could not be created because the address
|
|
// you provided is not valid.
|
|
//
|
|
// * INVALID_EMAIL: The account could not be created because the email address
|
|
// you provided is not valid.
|
|
//
|
|
// * INTERNAL_FAILURE: The account could not be created because of an internal
|
|
// failure. Try again later. If the problem persists, contact Customer Support.
|
|
FailureReason *string `type:"string" enum:"CreateAccountFailureReason"`
|
|
|
|
// The unique identifier (ID) that references this request. You get this value
|
|
// from the response of the initial CreateAccount request to create the account.
|
|
//
|
|
// The regex pattern (http://wikipedia.org/wiki/regex) for an create account
|
|
// request ID string requires "car-" followed by from 8 to 32 lower-case letters
|
|
// or digits.
|
|
Id *string `type:"string"`
|
|
|
|
// The date and time that the request was made for the account creation.
|
|
RequestedTimestamp *time.Time `type:"timestamp" timestampFormat:"unix"`
|
|
|
|
// The status of the request.
|
|
State *string `type:"string" enum:"CreateAccountState"`
|
|
}
|
|
|
|
// String returns the string representation
|
|
func (s CreateAccountStatus) String() string {
|
|
return awsutil.Prettify(s)
|
|
}
|
|
|
|
// GoString returns the string representation
|
|
func (s CreateAccountStatus) GoString() string {
|
|
return s.String()
|
|
}
|
|
|
|
// SetAccountId sets the AccountId field's value.
|
|
func (s *CreateAccountStatus) SetAccountId(v string) *CreateAccountStatus {
|
|
s.AccountId = &v
|
|
return s
|
|
}
|
|
|
|
// SetAccountName sets the AccountName field's value.
|
|
func (s *CreateAccountStatus) SetAccountName(v string) *CreateAccountStatus {
|
|
s.AccountName = &v
|
|
return s
|
|
}
|
|
|
|
// SetCompletedTimestamp sets the CompletedTimestamp field's value.
|
|
func (s *CreateAccountStatus) SetCompletedTimestamp(v time.Time) *CreateAccountStatus {
|
|
s.CompletedTimestamp = &v
|
|
return s
|
|
}
|
|
|
|
// SetFailureReason sets the FailureReason field's value.
|
|
func (s *CreateAccountStatus) SetFailureReason(v string) *CreateAccountStatus {
|
|
s.FailureReason = &v
|
|
return s
|
|
}
|
|
|
|
// SetId sets the Id field's value.
|
|
func (s *CreateAccountStatus) SetId(v string) *CreateAccountStatus {
|
|
s.Id = &v
|
|
return s
|
|
}
|
|
|
|
// SetRequestedTimestamp sets the RequestedTimestamp field's value.
|
|
func (s *CreateAccountStatus) SetRequestedTimestamp(v time.Time) *CreateAccountStatus {
|
|
s.RequestedTimestamp = &v
|
|
return s
|
|
}
|
|
|
|
// SetState sets the State field's value.
|
|
func (s *CreateAccountStatus) SetState(v string) *CreateAccountStatus {
|
|
s.State = &v
|
|
return s
|
|
}
|
|
|
|
type CreateOrganizationInput struct {
|
|
_ struct{} `type:"structure"`
|
|
|
|
// Specifies the feature set supported by the new organization. Each feature
|
|
// set supports different levels of functionality.
|
|
//
|
|
// * CONSOLIDATED_BILLING: All member accounts have their bills consolidated
|
|
// to and paid by the master account. For more information, see Consolidated
|
|
// Billing (http://docs.aws.amazon.com/organizations/latest/userguide/orgs_getting-started_concepts.html#feature-set-cb-only)
|
|
// in the AWS Organizations User Guide.
|
|
//
|
|
// * ALL: In addition to all the features supported by the consolidated billing
|
|
// feature set, the master account can also apply any type of policy to any
|
|
// member account in the organization. For more information, see All features
|
|
// (http://docs.aws.amazon.com/organizations/latest/userguide/orgs_getting-started_concepts.html#feature-set-all)
|
|
// in the AWS Organizations User Guide.
|
|
FeatureSet *string `type:"string" enum:"OrganizationFeatureSet"`
|
|
}
|
|
|
|
// String returns the string representation
|
|
func (s CreateOrganizationInput) String() string {
|
|
return awsutil.Prettify(s)
|
|
}
|
|
|
|
// GoString returns the string representation
|
|
func (s CreateOrganizationInput) GoString() string {
|
|
return s.String()
|
|
}
|
|
|
|
// SetFeatureSet sets the FeatureSet field's value.
|
|
func (s *CreateOrganizationInput) SetFeatureSet(v string) *CreateOrganizationInput {
|
|
s.FeatureSet = &v
|
|
return s
|
|
}
|
|
|
|
type CreateOrganizationOutput struct {
|
|
_ struct{} `type:"structure"`
|
|
|
|
// A structure that contains details about the newly created organization.
|
|
Organization *Organization `type:"structure"`
|
|
}
|
|
|
|
// String returns the string representation
|
|
func (s CreateOrganizationOutput) String() string {
|
|
return awsutil.Prettify(s)
|
|
}
|
|
|
|
// GoString returns the string representation
|
|
func (s CreateOrganizationOutput) GoString() string {
|
|
return s.String()
|
|
}
|
|
|
|
// SetOrganization sets the Organization field's value.
|
|
func (s *CreateOrganizationOutput) SetOrganization(v *Organization) *CreateOrganizationOutput {
|
|
s.Organization = v
|
|
return s
|
|
}
|
|
|
|
type CreateOrganizationalUnitInput struct {
|
|
_ struct{} `type:"structure"`
|
|
|
|
// The friendly name to assign to the new OU.
|
|
//
|
|
// Name is a required field
|
|
Name *string `min:"1" type:"string" required:"true"`
|
|
|
|
// The unique identifier (ID) of the parent root or OU in which you want to
|
|
// create the new OU.
|
|
//
|
|
// The regex pattern (http://wikipedia.org/wiki/regex) for a parent ID string
|
|
// requires one of the following:
|
|
//
|
|
// * Root: a string that begins with "r-" followed by from 4 to 32 lower-case
|
|
// letters or digits.
|
|
//
|
|
// * Organizational unit (OU): a string that begins with "ou-" followed by
|
|
// from 4 to 32 lower-case letters or digits (the ID of the root that the
|
|
// OU is in) followed by a second "-" dash and from 8 to 32 additional lower-case
|
|
// letters or digits.
|
|
//
|
|
// ParentId is a required field
|
|
ParentId *string `type:"string" required:"true"`
|
|
}
|
|
|
|
// String returns the string representation
|
|
func (s CreateOrganizationalUnitInput) String() string {
|
|
return awsutil.Prettify(s)
|
|
}
|
|
|
|
// GoString returns the string representation
|
|
func (s CreateOrganizationalUnitInput) GoString() string {
|
|
return s.String()
|
|
}
|
|
|
|
// Validate inspects the fields of the type to determine if they are valid.
|
|
func (s *CreateOrganizationalUnitInput) Validate() error {
|
|
invalidParams := request.ErrInvalidParams{Context: "CreateOrganizationalUnitInput"}
|
|
if s.Name == nil {
|
|
invalidParams.Add(request.NewErrParamRequired("Name"))
|
|
}
|
|
if s.Name != nil && len(*s.Name) < 1 {
|
|
invalidParams.Add(request.NewErrParamMinLen("Name", 1))
|
|
}
|
|
if s.ParentId == nil {
|
|
invalidParams.Add(request.NewErrParamRequired("ParentId"))
|
|
}
|
|
|
|
if invalidParams.Len() > 0 {
|
|
return invalidParams
|
|
}
|
|
return nil
|
|
}
|
|
|
|
// SetName sets the Name field's value.
|
|
func (s *CreateOrganizationalUnitInput) SetName(v string) *CreateOrganizationalUnitInput {
|
|
s.Name = &v
|
|
return s
|
|
}
|
|
|
|
// SetParentId sets the ParentId field's value.
|
|
func (s *CreateOrganizationalUnitInput) SetParentId(v string) *CreateOrganizationalUnitInput {
|
|
s.ParentId = &v
|
|
return s
|
|
}
|
|
|
|
type CreateOrganizationalUnitOutput struct {
|
|
_ struct{} `type:"structure"`
|
|
|
|
// A structure that contains details about the newly created OU.
|
|
OrganizationalUnit *OrganizationalUnit `type:"structure"`
|
|
}
|
|
|
|
// String returns the string representation
|
|
func (s CreateOrganizationalUnitOutput) String() string {
|
|
return awsutil.Prettify(s)
|
|
}
|
|
|
|
// GoString returns the string representation
|
|
func (s CreateOrganizationalUnitOutput) GoString() string {
|
|
return s.String()
|
|
}
|
|
|
|
// SetOrganizationalUnit sets the OrganizationalUnit field's value.
|
|
func (s *CreateOrganizationalUnitOutput) SetOrganizationalUnit(v *OrganizationalUnit) *CreateOrganizationalUnitOutput {
|
|
s.OrganizationalUnit = v
|
|
return s
|
|
}
|
|
|
|
type CreatePolicyInput struct {
|
|
_ struct{} `type:"structure"`
|
|
|
|
// The policy content to add to the new policy. For example, if you create a
|
|
// service control policy (http://docs.aws.amazon.com/organizations/latest/userguide/orgs_manage_policies_scp.html)
|
|
// (SCP), this string must be JSON text that specifies the permissions that
|
|
// admins in attached accounts can delegate to their users, groups, and roles.
|
|
// For more information about the SCP syntax, see Service Control Policy Syntax
|
|
// (http://docs.aws.amazon.com/organizations/latest/userguide/orgs_reference_scp-syntax.html)
|
|
// in the AWS Organizations User Guide.
|
|
//
|
|
// Content is a required field
|
|
Content *string `min:"1" type:"string" required:"true"`
|
|
|
|
// An optional description to assign to the policy.
|
|
//
|
|
// Description is a required field
|
|
Description *string `type:"string" required:"true"`
|
|
|
|
// The friendly name to assign to the policy.
|
|
//
|
|
// The regex pattern (http://wikipedia.org/wiki/regex) that is used to validate
|
|
// this parameter is a string of any of the characters in the ASCII character
|
|
// range.
|
|
//
|
|
// Name is a required field
|
|
Name *string `min:"1" type:"string" required:"true"`
|
|
|
|
// The type of policy to create.
|
|
//
|
|
// In the current release, the only type of policy that you can create is a
|
|
// service control policy (SCP).
|
|
//
|
|
// Type is a required field
|
|
Type *string `type:"string" required:"true" enum:"PolicyType"`
|
|
}
|
|
|
|
// String returns the string representation
|
|
func (s CreatePolicyInput) String() string {
|
|
return awsutil.Prettify(s)
|
|
}
|
|
|
|
// GoString returns the string representation
|
|
func (s CreatePolicyInput) GoString() string {
|
|
return s.String()
|
|
}
|
|
|
|
// Validate inspects the fields of the type to determine if they are valid.
|
|
func (s *CreatePolicyInput) Validate() error {
|
|
invalidParams := request.ErrInvalidParams{Context: "CreatePolicyInput"}
|
|
if s.Content == nil {
|
|
invalidParams.Add(request.NewErrParamRequired("Content"))
|
|
}
|
|
if s.Content != nil && len(*s.Content) < 1 {
|
|
invalidParams.Add(request.NewErrParamMinLen("Content", 1))
|
|
}
|
|
if s.Description == nil {
|
|
invalidParams.Add(request.NewErrParamRequired("Description"))
|
|
}
|
|
if s.Name == nil {
|
|
invalidParams.Add(request.NewErrParamRequired("Name"))
|
|
}
|
|
if s.Name != nil && len(*s.Name) < 1 {
|
|
invalidParams.Add(request.NewErrParamMinLen("Name", 1))
|
|
}
|
|
if s.Type == nil {
|
|
invalidParams.Add(request.NewErrParamRequired("Type"))
|
|
}
|
|
|
|
if invalidParams.Len() > 0 {
|
|
return invalidParams
|
|
}
|
|
return nil
|
|
}
|
|
|
|
// SetContent sets the Content field's value.
|
|
func (s *CreatePolicyInput) SetContent(v string) *CreatePolicyInput {
|
|
s.Content = &v
|
|
return s
|
|
}
|
|
|
|
// SetDescription sets the Description field's value.
|
|
func (s *CreatePolicyInput) SetDescription(v string) *CreatePolicyInput {
|
|
s.Description = &v
|
|
return s
|
|
}
|
|
|
|
// SetName sets the Name field's value.
|
|
func (s *CreatePolicyInput) SetName(v string) *CreatePolicyInput {
|
|
s.Name = &v
|
|
return s
|
|
}
|
|
|
|
// SetType sets the Type field's value.
|
|
func (s *CreatePolicyInput) SetType(v string) *CreatePolicyInput {
|
|
s.Type = &v
|
|
return s
|
|
}
|
|
|
|
type CreatePolicyOutput struct {
|
|
_ struct{} `type:"structure"`
|
|
|
|
// A structure that contains details about the newly created policy.
|
|
Policy *Policy `type:"structure"`
|
|
}
|
|
|
|
// String returns the string representation
|
|
func (s CreatePolicyOutput) String() string {
|
|
return awsutil.Prettify(s)
|
|
}
|
|
|
|
// GoString returns the string representation
|
|
func (s CreatePolicyOutput) GoString() string {
|
|
return s.String()
|
|
}
|
|
|
|
// SetPolicy sets the Policy field's value.
|
|
func (s *CreatePolicyOutput) SetPolicy(v *Policy) *CreatePolicyOutput {
|
|
s.Policy = v
|
|
return s
|
|
}
|
|
|
|
type DeclineHandshakeInput struct {
|
|
_ struct{} `type:"structure"`
|
|
|
|
// The unique identifier (ID) of the handshake that you want to decline. You
|
|
// can get the ID from the ListHandshakesForAccount operation.
|
|
//
|
|
// The regex pattern (http://wikipedia.org/wiki/regex) for handshake ID string
|
|
// requires "h-" followed by from 8 to 32 lower-case letters or digits.
|
|
//
|
|
// HandshakeId is a required field
|
|
HandshakeId *string `type:"string" required:"true"`
|
|
}
|
|
|
|
// String returns the string representation
|
|
func (s DeclineHandshakeInput) String() string {
|
|
return awsutil.Prettify(s)
|
|
}
|
|
|
|
// GoString returns the string representation
|
|
func (s DeclineHandshakeInput) GoString() string {
|
|
return s.String()
|
|
}
|
|
|
|
// Validate inspects the fields of the type to determine if they are valid.
|
|
func (s *DeclineHandshakeInput) Validate() error {
|
|
invalidParams := request.ErrInvalidParams{Context: "DeclineHandshakeInput"}
|
|
if s.HandshakeId == nil {
|
|
invalidParams.Add(request.NewErrParamRequired("HandshakeId"))
|
|
}
|
|
|
|
if invalidParams.Len() > 0 {
|
|
return invalidParams
|
|
}
|
|
return nil
|
|
}
|
|
|
|
// SetHandshakeId sets the HandshakeId field's value.
|
|
func (s *DeclineHandshakeInput) SetHandshakeId(v string) *DeclineHandshakeInput {
|
|
s.HandshakeId = &v
|
|
return s
|
|
}
|
|
|
|
type DeclineHandshakeOutput struct {
|
|
_ struct{} `type:"structure"`
|
|
|
|
// A structure that contains details about the declined handshake. The state
|
|
// is updated to show the value DECLINED.
|
|
Handshake *Handshake `type:"structure"`
|
|
}
|
|
|
|
// String returns the string representation
|
|
func (s DeclineHandshakeOutput) String() string {
|
|
return awsutil.Prettify(s)
|
|
}
|
|
|
|
// GoString returns the string representation
|
|
func (s DeclineHandshakeOutput) GoString() string {
|
|
return s.String()
|
|
}
|
|
|
|
// SetHandshake sets the Handshake field's value.
|
|
func (s *DeclineHandshakeOutput) SetHandshake(v *Handshake) *DeclineHandshakeOutput {
|
|
s.Handshake = v
|
|
return s
|
|
}
|
|
|
|
type DeleteOrganizationInput struct {
|
|
_ struct{} `type:"structure"`
|
|
}
|
|
|
|
// String returns the string representation
|
|
func (s DeleteOrganizationInput) String() string {
|
|
return awsutil.Prettify(s)
|
|
}
|
|
|
|
// GoString returns the string representation
|
|
func (s DeleteOrganizationInput) GoString() string {
|
|
return s.String()
|
|
}
|
|
|
|
type DeleteOrganizationOutput struct {
|
|
_ struct{} `type:"structure"`
|
|
}
|
|
|
|
// String returns the string representation
|
|
func (s DeleteOrganizationOutput) String() string {
|
|
return awsutil.Prettify(s)
|
|
}
|
|
|
|
// GoString returns the string representation
|
|
func (s DeleteOrganizationOutput) GoString() string {
|
|
return s.String()
|
|
}
|
|
|
|
type DeleteOrganizationalUnitInput struct {
|
|
_ struct{} `type:"structure"`
|
|
|
|
// The unique identifier (ID) of the organizational unit that you want to delete.
|
|
// You can get the ID from the ListOrganizationalUnitsForParent operation.
|
|
//
|
|
// The regex pattern (http://wikipedia.org/wiki/regex) for an organizational
|
|
// unit ID string requires "ou-" followed by from 4 to 32 lower-case letters
|
|
// or digits (the ID of the root that contains the OU) followed by a second
|
|
// "-" dash and from 8 to 32 additional lower-case letters or digits.
|
|
//
|
|
// OrganizationalUnitId is a required field
|
|
OrganizationalUnitId *string `type:"string" required:"true"`
|
|
}
|
|
|
|
// String returns the string representation
|
|
func (s DeleteOrganizationalUnitInput) String() string {
|
|
return awsutil.Prettify(s)
|
|
}
|
|
|
|
// GoString returns the string representation
|
|
func (s DeleteOrganizationalUnitInput) GoString() string {
|
|
return s.String()
|
|
}
|
|
|
|
// Validate inspects the fields of the type to determine if they are valid.
|
|
func (s *DeleteOrganizationalUnitInput) Validate() error {
|
|
invalidParams := request.ErrInvalidParams{Context: "DeleteOrganizationalUnitInput"}
|
|
if s.OrganizationalUnitId == nil {
|
|
invalidParams.Add(request.NewErrParamRequired("OrganizationalUnitId"))
|
|
}
|
|
|
|
if invalidParams.Len() > 0 {
|
|
return invalidParams
|
|
}
|
|
return nil
|
|
}
|
|
|
|
// SetOrganizationalUnitId sets the OrganizationalUnitId field's value.
|
|
func (s *DeleteOrganizationalUnitInput) SetOrganizationalUnitId(v string) *DeleteOrganizationalUnitInput {
|
|
s.OrganizationalUnitId = &v
|
|
return s
|
|
}
|
|
|
|
type DeleteOrganizationalUnitOutput struct {
|
|
_ struct{} `type:"structure"`
|
|
}
|
|
|
|
// String returns the string representation
|
|
func (s DeleteOrganizationalUnitOutput) String() string {
|
|
return awsutil.Prettify(s)
|
|
}
|
|
|
|
// GoString returns the string representation
|
|
func (s DeleteOrganizationalUnitOutput) GoString() string {
|
|
return s.String()
|
|
}
|
|
|
|
type DeletePolicyInput struct {
|
|
_ struct{} `type:"structure"`
|
|
|
|
// The unique identifier (ID) of the policy that you want to delete. You can
|
|
// get the ID from the ListPolicies or ListPoliciesForTarget operations.
|
|
//
|
|
// The regex pattern (http://wikipedia.org/wiki/regex) for a policy ID string
|
|
// requires "p-" followed by from 8 to 128 lower-case letters or digits.
|
|
//
|
|
// PolicyId is a required field
|
|
PolicyId *string `type:"string" required:"true"`
|
|
}
|
|
|
|
// String returns the string representation
|
|
func (s DeletePolicyInput) String() string {
|
|
return awsutil.Prettify(s)
|
|
}
|
|
|
|
// GoString returns the string representation
|
|
func (s DeletePolicyInput) GoString() string {
|
|
return s.String()
|
|
}
|
|
|
|
// Validate inspects the fields of the type to determine if they are valid.
|
|
func (s *DeletePolicyInput) Validate() error {
|
|
invalidParams := request.ErrInvalidParams{Context: "DeletePolicyInput"}
|
|
if s.PolicyId == nil {
|
|
invalidParams.Add(request.NewErrParamRequired("PolicyId"))
|
|
}
|
|
|
|
if invalidParams.Len() > 0 {
|
|
return invalidParams
|
|
}
|
|
return nil
|
|
}
|
|
|
|
// SetPolicyId sets the PolicyId field's value.
|
|
func (s *DeletePolicyInput) SetPolicyId(v string) *DeletePolicyInput {
|
|
s.PolicyId = &v
|
|
return s
|
|
}
|
|
|
|
type DeletePolicyOutput struct {
|
|
_ struct{} `type:"structure"`
|
|
}
|
|
|
|
// String returns the string representation
|
|
func (s DeletePolicyOutput) String() string {
|
|
return awsutil.Prettify(s)
|
|
}
|
|
|
|
// GoString returns the string representation
|
|
func (s DeletePolicyOutput) GoString() string {
|
|
return s.String()
|
|
}
|
|
|
|
type DescribeAccountInput struct {
|
|
_ struct{} `type:"structure"`
|
|
|
|
// The unique identifier (ID) of the AWS account that you want information about.
|
|
// You can get the ID from the ListAccounts or ListAccountsForParent operations.
|
|
//
|
|
// The regex pattern (http://wikipedia.org/wiki/regex) for an account ID string
|
|
// requires exactly 12 digits.
|
|
//
|
|
// AccountId is a required field
|
|
AccountId *string `type:"string" required:"true"`
|
|
}
|
|
|
|
// String returns the string representation
|
|
func (s DescribeAccountInput) String() string {
|
|
return awsutil.Prettify(s)
|
|
}
|
|
|
|
// GoString returns the string representation
|
|
func (s DescribeAccountInput) GoString() string {
|
|
return s.String()
|
|
}
|
|
|
|
// Validate inspects the fields of the type to determine if they are valid.
|
|
func (s *DescribeAccountInput) Validate() error {
|
|
invalidParams := request.ErrInvalidParams{Context: "DescribeAccountInput"}
|
|
if s.AccountId == nil {
|
|
invalidParams.Add(request.NewErrParamRequired("AccountId"))
|
|
}
|
|
|
|
if invalidParams.Len() > 0 {
|
|
return invalidParams
|
|
}
|
|
return nil
|
|
}
|
|
|
|
// SetAccountId sets the AccountId field's value.
|
|
func (s *DescribeAccountInput) SetAccountId(v string) *DescribeAccountInput {
|
|
s.AccountId = &v
|
|
return s
|
|
}
|
|
|
|
type DescribeAccountOutput struct {
|
|
_ struct{} `type:"structure"`
|
|
|
|
// A structure that contains information about the requested account.
|
|
Account *Account `type:"structure"`
|
|
}
|
|
|
|
// String returns the string representation
|
|
func (s DescribeAccountOutput) String() string {
|
|
return awsutil.Prettify(s)
|
|
}
|
|
|
|
// GoString returns the string representation
|
|
func (s DescribeAccountOutput) GoString() string {
|
|
return s.String()
|
|
}
|
|
|
|
// SetAccount sets the Account field's value.
|
|
func (s *DescribeAccountOutput) SetAccount(v *Account) *DescribeAccountOutput {
|
|
s.Account = v
|
|
return s
|
|
}
|
|
|
|
type DescribeCreateAccountStatusInput struct {
|
|
_ struct{} `type:"structure"`
|
|
|
|
// Specifies the operationId that uniquely identifies the request. You can get
|
|
// the ID from the response to an earlier CreateAccount request, or from the
|
|
// ListCreateAccountStatus operation.
|
|
//
|
|
// The regex pattern (http://wikipedia.org/wiki/regex) for an create account
|
|
// request ID string requires "car-" followed by from 8 to 32 lower-case letters
|
|
// or digits.
|
|
//
|
|
// CreateAccountRequestId is a required field
|
|
CreateAccountRequestId *string `type:"string" required:"true"`
|
|
}
|
|
|
|
// String returns the string representation
|
|
func (s DescribeCreateAccountStatusInput) String() string {
|
|
return awsutil.Prettify(s)
|
|
}
|
|
|
|
// GoString returns the string representation
|
|
func (s DescribeCreateAccountStatusInput) GoString() string {
|
|
return s.String()
|
|
}
|
|
|
|
// Validate inspects the fields of the type to determine if they are valid.
|
|
func (s *DescribeCreateAccountStatusInput) Validate() error {
|
|
invalidParams := request.ErrInvalidParams{Context: "DescribeCreateAccountStatusInput"}
|
|
if s.CreateAccountRequestId == nil {
|
|
invalidParams.Add(request.NewErrParamRequired("CreateAccountRequestId"))
|
|
}
|
|
|
|
if invalidParams.Len() > 0 {
|
|
return invalidParams
|
|
}
|
|
return nil
|
|
}
|
|
|
|
// SetCreateAccountRequestId sets the CreateAccountRequestId field's value.
|
|
func (s *DescribeCreateAccountStatusInput) SetCreateAccountRequestId(v string) *DescribeCreateAccountStatusInput {
|
|
s.CreateAccountRequestId = &v
|
|
return s
|
|
}
|
|
|
|
type DescribeCreateAccountStatusOutput struct {
|
|
_ struct{} `type:"structure"`
|
|
|
|
// A structure that contains the current status of an account creation request.
|
|
CreateAccountStatus *CreateAccountStatus `type:"structure"`
|
|
}
|
|
|
|
// String returns the string representation
|
|
func (s DescribeCreateAccountStatusOutput) String() string {
|
|
return awsutil.Prettify(s)
|
|
}
|
|
|
|
// GoString returns the string representation
|
|
func (s DescribeCreateAccountStatusOutput) GoString() string {
|
|
return s.String()
|
|
}
|
|
|
|
// SetCreateAccountStatus sets the CreateAccountStatus field's value.
|
|
func (s *DescribeCreateAccountStatusOutput) SetCreateAccountStatus(v *CreateAccountStatus) *DescribeCreateAccountStatusOutput {
|
|
s.CreateAccountStatus = v
|
|
return s
|
|
}
|
|
|
|
type DescribeHandshakeInput struct {
|
|
_ struct{} `type:"structure"`
|
|
|
|
// The unique identifier (ID) of the handshake that you want information about.
|
|
// You can get the ID from the original call to InviteAccountToOrganization,
|
|
// or from a call to ListHandshakesForAccount or ListHandshakesForOrganization.
|
|
//
|
|
// The regex pattern (http://wikipedia.org/wiki/regex) for handshake ID string
|
|
// requires "h-" followed by from 8 to 32 lower-case letters or digits.
|
|
//
|
|
// HandshakeId is a required field
|
|
HandshakeId *string `type:"string" required:"true"`
|
|
}
|
|
|
|
// String returns the string representation
|
|
func (s DescribeHandshakeInput) String() string {
|
|
return awsutil.Prettify(s)
|
|
}
|
|
|
|
// GoString returns the string representation
|
|
func (s DescribeHandshakeInput) GoString() string {
|
|
return s.String()
|
|
}
|
|
|
|
// Validate inspects the fields of the type to determine if they are valid.
|
|
func (s *DescribeHandshakeInput) Validate() error {
|
|
invalidParams := request.ErrInvalidParams{Context: "DescribeHandshakeInput"}
|
|
if s.HandshakeId == nil {
|
|
invalidParams.Add(request.NewErrParamRequired("HandshakeId"))
|
|
}
|
|
|
|
if invalidParams.Len() > 0 {
|
|
return invalidParams
|
|
}
|
|
return nil
|
|
}
|
|
|
|
// SetHandshakeId sets the HandshakeId field's value.
|
|
func (s *DescribeHandshakeInput) SetHandshakeId(v string) *DescribeHandshakeInput {
|
|
s.HandshakeId = &v
|
|
return s
|
|
}
|
|
|
|
type DescribeHandshakeOutput struct {
|
|
_ struct{} `type:"structure"`
|
|
|
|
// A structure that contains information about the specified handshake.
|
|
Handshake *Handshake `type:"structure"`
|
|
}
|
|
|
|
// String returns the string representation
|
|
func (s DescribeHandshakeOutput) String() string {
|
|
return awsutil.Prettify(s)
|
|
}
|
|
|
|
// GoString returns the string representation
|
|
func (s DescribeHandshakeOutput) GoString() string {
|
|
return s.String()
|
|
}
|
|
|
|
// SetHandshake sets the Handshake field's value.
|
|
func (s *DescribeHandshakeOutput) SetHandshake(v *Handshake) *DescribeHandshakeOutput {
|
|
s.Handshake = v
|
|
return s
|
|
}
|
|
|
|
type DescribeOrganizationInput struct {
|
|
_ struct{} `type:"structure"`
|
|
}
|
|
|
|
// String returns the string representation
|
|
func (s DescribeOrganizationInput) String() string {
|
|
return awsutil.Prettify(s)
|
|
}
|
|
|
|
// GoString returns the string representation
|
|
func (s DescribeOrganizationInput) GoString() string {
|
|
return s.String()
|
|
}
|
|
|
|
type DescribeOrganizationOutput struct {
|
|
_ struct{} `type:"structure"`
|
|
|
|
// A structure that contains information about the organization.
|
|
Organization *Organization `type:"structure"`
|
|
}
|
|
|
|
// String returns the string representation
|
|
func (s DescribeOrganizationOutput) String() string {
|
|
return awsutil.Prettify(s)
|
|
}
|
|
|
|
// GoString returns the string representation
|
|
func (s DescribeOrganizationOutput) GoString() string {
|
|
return s.String()
|
|
}
|
|
|
|
// SetOrganization sets the Organization field's value.
|
|
func (s *DescribeOrganizationOutput) SetOrganization(v *Organization) *DescribeOrganizationOutput {
|
|
s.Organization = v
|
|
return s
|
|
}
|
|
|
|
type DescribeOrganizationalUnitInput struct {
|
|
_ struct{} `type:"structure"`
|
|
|
|
// The unique identifier (ID) of the organizational unit that you want details
|
|
// about. You can get the ID from the ListOrganizationalUnitsForParent operation.
|
|
//
|
|
// The regex pattern (http://wikipedia.org/wiki/regex) for an organizational
|
|
// unit ID string requires "ou-" followed by from 4 to 32 lower-case letters
|
|
// or digits (the ID of the root that contains the OU) followed by a second
|
|
// "-" dash and from 8 to 32 additional lower-case letters or digits.
|
|
//
|
|
// OrganizationalUnitId is a required field
|
|
OrganizationalUnitId *string `type:"string" required:"true"`
|
|
}
|
|
|
|
// String returns the string representation
|
|
func (s DescribeOrganizationalUnitInput) String() string {
|
|
return awsutil.Prettify(s)
|
|
}
|
|
|
|
// GoString returns the string representation
|
|
func (s DescribeOrganizationalUnitInput) GoString() string {
|
|
return s.String()
|
|
}
|
|
|
|
// Validate inspects the fields of the type to determine if they are valid.
|
|
func (s *DescribeOrganizationalUnitInput) Validate() error {
|
|
invalidParams := request.ErrInvalidParams{Context: "DescribeOrganizationalUnitInput"}
|
|
if s.OrganizationalUnitId == nil {
|
|
invalidParams.Add(request.NewErrParamRequired("OrganizationalUnitId"))
|
|
}
|
|
|
|
if invalidParams.Len() > 0 {
|
|
return invalidParams
|
|
}
|
|
return nil
|
|
}
|
|
|
|
// SetOrganizationalUnitId sets the OrganizationalUnitId field's value.
|
|
func (s *DescribeOrganizationalUnitInput) SetOrganizationalUnitId(v string) *DescribeOrganizationalUnitInput {
|
|
s.OrganizationalUnitId = &v
|
|
return s
|
|
}
|
|
|
|
type DescribeOrganizationalUnitOutput struct {
|
|
_ struct{} `type:"structure"`
|
|
|
|
// A structure that contains details about the specified OU.
|
|
OrganizationalUnit *OrganizationalUnit `type:"structure"`
|
|
}
|
|
|
|
// String returns the string representation
|
|
func (s DescribeOrganizationalUnitOutput) String() string {
|
|
return awsutil.Prettify(s)
|
|
}
|
|
|
|
// GoString returns the string representation
|
|
func (s DescribeOrganizationalUnitOutput) GoString() string {
|
|
return s.String()
|
|
}
|
|
|
|
// SetOrganizationalUnit sets the OrganizationalUnit field's value.
|
|
func (s *DescribeOrganizationalUnitOutput) SetOrganizationalUnit(v *OrganizationalUnit) *DescribeOrganizationalUnitOutput {
|
|
s.OrganizationalUnit = v
|
|
return s
|
|
}
|
|
|
|
type DescribePolicyInput struct {
|
|
_ struct{} `type:"structure"`
|
|
|
|
// The unique identifier (ID) of the policy that you want details about. You
|
|
// can get the ID from the ListPolicies or ListPoliciesForTarget operations.
|
|
//
|
|
// The regex pattern (http://wikipedia.org/wiki/regex) for a policy ID string
|
|
// requires "p-" followed by from 8 to 128 lower-case letters or digits.
|
|
//
|
|
// PolicyId is a required field
|
|
PolicyId *string `type:"string" required:"true"`
|
|
}
|
|
|
|
// String returns the string representation
|
|
func (s DescribePolicyInput) String() string {
|
|
return awsutil.Prettify(s)
|
|
}
|
|
|
|
// GoString returns the string representation
|
|
func (s DescribePolicyInput) GoString() string {
|
|
return s.String()
|
|
}
|
|
|
|
// Validate inspects the fields of the type to determine if they are valid.
|
|
func (s *DescribePolicyInput) Validate() error {
|
|
invalidParams := request.ErrInvalidParams{Context: "DescribePolicyInput"}
|
|
if s.PolicyId == nil {
|
|
invalidParams.Add(request.NewErrParamRequired("PolicyId"))
|
|
}
|
|
|
|
if invalidParams.Len() > 0 {
|
|
return invalidParams
|
|
}
|
|
return nil
|
|
}
|
|
|
|
// SetPolicyId sets the PolicyId field's value.
|
|
func (s *DescribePolicyInput) SetPolicyId(v string) *DescribePolicyInput {
|
|
s.PolicyId = &v
|
|
return s
|
|
}
|
|
|
|
type DescribePolicyOutput struct {
|
|
_ struct{} `type:"structure"`
|
|
|
|
// A structure that contains details about the specified policy.
|
|
Policy *Policy `type:"structure"`
|
|
}
|
|
|
|
// String returns the string representation
|
|
func (s DescribePolicyOutput) String() string {
|
|
return awsutil.Prettify(s)
|
|
}
|
|
|
|
// GoString returns the string representation
|
|
func (s DescribePolicyOutput) GoString() string {
|
|
return s.String()
|
|
}
|
|
|
|
// SetPolicy sets the Policy field's value.
|
|
func (s *DescribePolicyOutput) SetPolicy(v *Policy) *DescribePolicyOutput {
|
|
s.Policy = v
|
|
return s
|
|
}
|
|
|
|
type DetachPolicyInput struct {
|
|
_ struct{} `type:"structure"`
|
|
|
|
// The unique identifier (ID) of the policy you want to detach. You can get
|
|
// the ID from the ListPolicies or ListPoliciesForTarget operations.
|
|
//
|
|
// The regex pattern (http://wikipedia.org/wiki/regex) for a policy ID string
|
|
// requires "p-" followed by from 8 to 128 lower-case letters or digits.
|
|
//
|
|
// PolicyId is a required field
|
|
PolicyId *string `type:"string" required:"true"`
|
|
|
|
// The unique identifier (ID) of the root, OU, or account from which you want
|
|
// to detach the policy. You can get the ID from the ListRoots, ListOrganizationalUnitsForParent,
|
|
// or ListAccounts operations.
|
|
//
|
|
// The regex pattern (http://wikipedia.org/wiki/regex) for a target ID string
|
|
// requires one of the following:
|
|
//
|
|
// * Root: a string that begins with "r-" followed by from 4 to 32 lower-case
|
|
// letters or digits.
|
|
//
|
|
// * Account: a string that consists of exactly 12 digits.
|
|
//
|
|
// * Organizational unit (OU): a string that begins with "ou-" followed by
|
|
// from 4 to 32 lower-case letters or digits (the ID of the root that the
|
|
// OU is in) followed by a second "-" dash and from 8 to 32 additional lower-case
|
|
// letters or digits.
|
|
//
|
|
// TargetId is a required field
|
|
TargetId *string `type:"string" required:"true"`
|
|
}
|
|
|
|
// String returns the string representation
|
|
func (s DetachPolicyInput) String() string {
|
|
return awsutil.Prettify(s)
|
|
}
|
|
|
|
// GoString returns the string representation
|
|
func (s DetachPolicyInput) GoString() string {
|
|
return s.String()
|
|
}
|
|
|
|
// Validate inspects the fields of the type to determine if they are valid.
|
|
func (s *DetachPolicyInput) Validate() error {
|
|
invalidParams := request.ErrInvalidParams{Context: "DetachPolicyInput"}
|
|
if s.PolicyId == nil {
|
|
invalidParams.Add(request.NewErrParamRequired("PolicyId"))
|
|
}
|
|
if s.TargetId == nil {
|
|
invalidParams.Add(request.NewErrParamRequired("TargetId"))
|
|
}
|
|
|
|
if invalidParams.Len() > 0 {
|
|
return invalidParams
|
|
}
|
|
return nil
|
|
}
|
|
|
|
// SetPolicyId sets the PolicyId field's value.
|
|
func (s *DetachPolicyInput) SetPolicyId(v string) *DetachPolicyInput {
|
|
s.PolicyId = &v
|
|
return s
|
|
}
|
|
|
|
// SetTargetId sets the TargetId field's value.
|
|
func (s *DetachPolicyInput) SetTargetId(v string) *DetachPolicyInput {
|
|
s.TargetId = &v
|
|
return s
|
|
}
|
|
|
|
type DetachPolicyOutput struct {
|
|
_ struct{} `type:"structure"`
|
|
}
|
|
|
|
// String returns the string representation
|
|
func (s DetachPolicyOutput) String() string {
|
|
return awsutil.Prettify(s)
|
|
}
|
|
|
|
// GoString returns the string representation
|
|
func (s DetachPolicyOutput) GoString() string {
|
|
return s.String()
|
|
}
|
|
|
|
type DisableAWSServiceAccessInput struct {
|
|
_ struct{} `type:"structure"`
|
|
|
|
// The service principal name of the AWS service for which you want to disable
|
|
// integration with your organization. This is typically in the form of a URL,
|
|
// such as service-abbreviation.amazonaws.com.
|
|
//
|
|
// ServicePrincipal is a required field
|
|
ServicePrincipal *string `min:"1" type:"string" required:"true"`
|
|
}
|
|
|
|
// String returns the string representation
|
|
func (s DisableAWSServiceAccessInput) String() string {
|
|
return awsutil.Prettify(s)
|
|
}
|
|
|
|
// GoString returns the string representation
|
|
func (s DisableAWSServiceAccessInput) GoString() string {
|
|
return s.String()
|
|
}
|
|
|
|
// Validate inspects the fields of the type to determine if they are valid.
|
|
func (s *DisableAWSServiceAccessInput) Validate() error {
|
|
invalidParams := request.ErrInvalidParams{Context: "DisableAWSServiceAccessInput"}
|
|
if s.ServicePrincipal == nil {
|
|
invalidParams.Add(request.NewErrParamRequired("ServicePrincipal"))
|
|
}
|
|
if s.ServicePrincipal != nil && len(*s.ServicePrincipal) < 1 {
|
|
invalidParams.Add(request.NewErrParamMinLen("ServicePrincipal", 1))
|
|
}
|
|
|
|
if invalidParams.Len() > 0 {
|
|
return invalidParams
|
|
}
|
|
return nil
|
|
}
|
|
|
|
// SetServicePrincipal sets the ServicePrincipal field's value.
|
|
func (s *DisableAWSServiceAccessInput) SetServicePrincipal(v string) *DisableAWSServiceAccessInput {
|
|
s.ServicePrincipal = &v
|
|
return s
|
|
}
|
|
|
|
type DisableAWSServiceAccessOutput struct {
|
|
_ struct{} `type:"structure"`
|
|
}
|
|
|
|
// String returns the string representation
|
|
func (s DisableAWSServiceAccessOutput) String() string {
|
|
return awsutil.Prettify(s)
|
|
}
|
|
|
|
// GoString returns the string representation
|
|
func (s DisableAWSServiceAccessOutput) GoString() string {
|
|
return s.String()
|
|
}
|
|
|
|
type DisablePolicyTypeInput struct {
|
|
_ struct{} `type:"structure"`
|
|
|
|
// The policy type that you want to disable in this root.
|
|
//
|
|
// PolicyType is a required field
|
|
PolicyType *string `type:"string" required:"true" enum:"PolicyType"`
|
|
|
|
// The unique identifier (ID) of the root in which you want to disable a policy
|
|
// type. You can get the ID from the ListRoots operation.
|
|
//
|
|
// The regex pattern (http://wikipedia.org/wiki/regex) for a root ID string
|
|
// requires "r-" followed by from 4 to 32 lower-case letters or digits.
|
|
//
|
|
// RootId is a required field
|
|
RootId *string `type:"string" required:"true"`
|
|
}
|
|
|
|
// String returns the string representation
|
|
func (s DisablePolicyTypeInput) String() string {
|
|
return awsutil.Prettify(s)
|
|
}
|
|
|
|
// GoString returns the string representation
|
|
func (s DisablePolicyTypeInput) GoString() string {
|
|
return s.String()
|
|
}
|
|
|
|
// Validate inspects the fields of the type to determine if they are valid.
|
|
func (s *DisablePolicyTypeInput) Validate() error {
|
|
invalidParams := request.ErrInvalidParams{Context: "DisablePolicyTypeInput"}
|
|
if s.PolicyType == nil {
|
|
invalidParams.Add(request.NewErrParamRequired("PolicyType"))
|
|
}
|
|
if s.RootId == nil {
|
|
invalidParams.Add(request.NewErrParamRequired("RootId"))
|
|
}
|
|
|
|
if invalidParams.Len() > 0 {
|
|
return invalidParams
|
|
}
|
|
return nil
|
|
}
|
|
|
|
// SetPolicyType sets the PolicyType field's value.
|
|
func (s *DisablePolicyTypeInput) SetPolicyType(v string) *DisablePolicyTypeInput {
|
|
s.PolicyType = &v
|
|
return s
|
|
}
|
|
|
|
// SetRootId sets the RootId field's value.
|
|
func (s *DisablePolicyTypeInput) SetRootId(v string) *DisablePolicyTypeInput {
|
|
s.RootId = &v
|
|
return s
|
|
}
|
|
|
|
type DisablePolicyTypeOutput struct {
|
|
_ struct{} `type:"structure"`
|
|
|
|
// A structure that shows the root with the updated list of enabled policy types.
|
|
Root *Root `type:"structure"`
|
|
}
|
|
|
|
// String returns the string representation
|
|
func (s DisablePolicyTypeOutput) String() string {
|
|
return awsutil.Prettify(s)
|
|
}
|
|
|
|
// GoString returns the string representation
|
|
func (s DisablePolicyTypeOutput) GoString() string {
|
|
return s.String()
|
|
}
|
|
|
|
// SetRoot sets the Root field's value.
|
|
func (s *DisablePolicyTypeOutput) SetRoot(v *Root) *DisablePolicyTypeOutput {
|
|
s.Root = v
|
|
return s
|
|
}
|
|
|
|
type EnableAWSServiceAccessInput struct {
|
|
_ struct{} `type:"structure"`
|
|
|
|
// The service principal name of the AWS service for which you want to enable
|
|
// integration with your organization. This is typically in the form of a URL,
|
|
// such as service-abbreviation.amazonaws.com.
|
|
//
|
|
// ServicePrincipal is a required field
|
|
ServicePrincipal *string `min:"1" type:"string" required:"true"`
|
|
}
|
|
|
|
// String returns the string representation
|
|
func (s EnableAWSServiceAccessInput) String() string {
|
|
return awsutil.Prettify(s)
|
|
}
|
|
|
|
// GoString returns the string representation
|
|
func (s EnableAWSServiceAccessInput) GoString() string {
|
|
return s.String()
|
|
}
|
|
|
|
// Validate inspects the fields of the type to determine if they are valid.
|
|
func (s *EnableAWSServiceAccessInput) Validate() error {
|
|
invalidParams := request.ErrInvalidParams{Context: "EnableAWSServiceAccessInput"}
|
|
if s.ServicePrincipal == nil {
|
|
invalidParams.Add(request.NewErrParamRequired("ServicePrincipal"))
|
|
}
|
|
if s.ServicePrincipal != nil && len(*s.ServicePrincipal) < 1 {
|
|
invalidParams.Add(request.NewErrParamMinLen("ServicePrincipal", 1))
|
|
}
|
|
|
|
if invalidParams.Len() > 0 {
|
|
return invalidParams
|
|
}
|
|
return nil
|
|
}
|
|
|
|
// SetServicePrincipal sets the ServicePrincipal field's value.
|
|
func (s *EnableAWSServiceAccessInput) SetServicePrincipal(v string) *EnableAWSServiceAccessInput {
|
|
s.ServicePrincipal = &v
|
|
return s
|
|
}
|
|
|
|
type EnableAWSServiceAccessOutput struct {
|
|
_ struct{} `type:"structure"`
|
|
}
|
|
|
|
// String returns the string representation
|
|
func (s EnableAWSServiceAccessOutput) String() string {
|
|
return awsutil.Prettify(s)
|
|
}
|
|
|
|
// GoString returns the string representation
|
|
func (s EnableAWSServiceAccessOutput) GoString() string {
|
|
return s.String()
|
|
}
|
|
|
|
type EnableAllFeaturesInput struct {
|
|
_ struct{} `type:"structure"`
|
|
}
|
|
|
|
// String returns the string representation
|
|
func (s EnableAllFeaturesInput) String() string {
|
|
return awsutil.Prettify(s)
|
|
}
|
|
|
|
// GoString returns the string representation
|
|
func (s EnableAllFeaturesInput) GoString() string {
|
|
return s.String()
|
|
}
|
|
|
|
type EnableAllFeaturesOutput struct {
|
|
_ struct{} `type:"structure"`
|
|
|
|
// A structure that contains details about the handshake created to support
|
|
// this request to enable all features in the organization.
|
|
Handshake *Handshake `type:"structure"`
|
|
}
|
|
|
|
// String returns the string representation
|
|
func (s EnableAllFeaturesOutput) String() string {
|
|
return awsutil.Prettify(s)
|
|
}
|
|
|
|
// GoString returns the string representation
|
|
func (s EnableAllFeaturesOutput) GoString() string {
|
|
return s.String()
|
|
}
|
|
|
|
// SetHandshake sets the Handshake field's value.
|
|
func (s *EnableAllFeaturesOutput) SetHandshake(v *Handshake) *EnableAllFeaturesOutput {
|
|
s.Handshake = v
|
|
return s
|
|
}
|
|
|
|
type EnablePolicyTypeInput struct {
|
|
_ struct{} `type:"structure"`
|
|
|
|
// The policy type that you want to enable.
|
|
//
|
|
// PolicyType is a required field
|
|
PolicyType *string `type:"string" required:"true" enum:"PolicyType"`
|
|
|
|
// The unique identifier (ID) of the root in which you want to enable a policy
|
|
// type. You can get the ID from the ListRoots operation.
|
|
//
|
|
// The regex pattern (http://wikipedia.org/wiki/regex) for a root ID string
|
|
// requires "r-" followed by from 4 to 32 lower-case letters or digits.
|
|
//
|
|
// RootId is a required field
|
|
RootId *string `type:"string" required:"true"`
|
|
}
|
|
|
|
// String returns the string representation
|
|
func (s EnablePolicyTypeInput) String() string {
|
|
return awsutil.Prettify(s)
|
|
}
|
|
|
|
// GoString returns the string representation
|
|
func (s EnablePolicyTypeInput) GoString() string {
|
|
return s.String()
|
|
}
|
|
|
|
// Validate inspects the fields of the type to determine if they are valid.
|
|
func (s *EnablePolicyTypeInput) Validate() error {
|
|
invalidParams := request.ErrInvalidParams{Context: "EnablePolicyTypeInput"}
|
|
if s.PolicyType == nil {
|
|
invalidParams.Add(request.NewErrParamRequired("PolicyType"))
|
|
}
|
|
if s.RootId == nil {
|
|
invalidParams.Add(request.NewErrParamRequired("RootId"))
|
|
}
|
|
|
|
if invalidParams.Len() > 0 {
|
|
return invalidParams
|
|
}
|
|
return nil
|
|
}
|
|
|
|
// SetPolicyType sets the PolicyType field's value.
|
|
func (s *EnablePolicyTypeInput) SetPolicyType(v string) *EnablePolicyTypeInput {
|
|
s.PolicyType = &v
|
|
return s
|
|
}
|
|
|
|
// SetRootId sets the RootId field's value.
|
|
func (s *EnablePolicyTypeInput) SetRootId(v string) *EnablePolicyTypeInput {
|
|
s.RootId = &v
|
|
return s
|
|
}
|
|
|
|
type EnablePolicyTypeOutput struct {
|
|
_ struct{} `type:"structure"`
|
|
|
|
// A structure that shows the root with the updated list of enabled policy types.
|
|
Root *Root `type:"structure"`
|
|
}
|
|
|
|
// String returns the string representation
|
|
func (s EnablePolicyTypeOutput) String() string {
|
|
return awsutil.Prettify(s)
|
|
}
|
|
|
|
// GoString returns the string representation
|
|
func (s EnablePolicyTypeOutput) GoString() string {
|
|
return s.String()
|
|
}
|
|
|
|
// SetRoot sets the Root field's value.
|
|
func (s *EnablePolicyTypeOutput) SetRoot(v *Root) *EnablePolicyTypeOutput {
|
|
s.Root = v
|
|
return s
|
|
}
|
|
|
|
// A structure that contains details of a service principal that is enabled
|
|
// to integrate with AWS Organizations.
|
|
type EnabledServicePrincipal struct {
|
|
_ struct{} `type:"structure"`
|
|
|
|
// The date that the service principal was enabled for integration with AWS
|
|
// Organizations.
|
|
DateEnabled *time.Time `type:"timestamp" timestampFormat:"unix"`
|
|
|
|
// The name of the service principal. This is typically in the form of a URL,
|
|
// such as: servicename.amazonaws.com.
|
|
ServicePrincipal *string `min:"1" type:"string"`
|
|
}
|
|
|
|
// String returns the string representation
|
|
func (s EnabledServicePrincipal) String() string {
|
|
return awsutil.Prettify(s)
|
|
}
|
|
|
|
// GoString returns the string representation
|
|
func (s EnabledServicePrincipal) GoString() string {
|
|
return s.String()
|
|
}
|
|
|
|
// SetDateEnabled sets the DateEnabled field's value.
|
|
func (s *EnabledServicePrincipal) SetDateEnabled(v time.Time) *EnabledServicePrincipal {
|
|
s.DateEnabled = &v
|
|
return s
|
|
}
|
|
|
|
// SetServicePrincipal sets the ServicePrincipal field's value.
|
|
func (s *EnabledServicePrincipal) SetServicePrincipal(v string) *EnabledServicePrincipal {
|
|
s.ServicePrincipal = &v
|
|
return s
|
|
}
|
|
|
|
// Contains information that must be exchanged to securely establish a relationship
|
|
// between two accounts (an originator and a recipient). For example, when a
|
|
// master account (the originator) invites another account (the recipient) to
|
|
// join its organization, the two accounts exchange information as a series
|
|
// of handshake requests and responses.
|
|
//
|
|
// Note: Handshakes that are CANCELED, ACCEPTED, or DECLINED show up in lists
|
|
// for only 30 days after entering that state After that they are deleted.
|
|
type Handshake struct {
|
|
_ struct{} `type:"structure"`
|
|
|
|
// The type of handshake, indicating what action occurs when the recipient accepts
|
|
// the handshake. The following handshake types are supported:
|
|
//
|
|
// * INVITE: This type of handshake represents a request to join an organization.
|
|
// It is always sent from the master account to only non-member accounts.
|
|
//
|
|
// * ENABLE_ALL_FEATURES: This type of handshake represents a request to
|
|
// enable all features in an organization. It is always sent from the master
|
|
// account to only invited member accounts. Created accounts do not receive
|
|
// this because those accounts were created by the organization's master
|
|
// account and approval is inferred.
|
|
//
|
|
// * APPROVE_ALL_FEATURES: This type of handshake is sent from the Organizations
|
|
// service when all member accounts have approved the ENABLE_ALL_FEATURES
|
|
// invitation. It is sent only to the master account and signals the master
|
|
// that it can finalize the process to enable all features.
|
|
Action *string `type:"string" enum:"ActionType"`
|
|
|
|
// The Amazon Resource Name (ARN) of a handshake.
|
|
//
|
|
// For more information about ARNs in Organizations, see ARN Formats Supported
|
|
// by Organizations (http://docs.aws.amazon.com/organizations/latest/userguide/orgs_permissions.html#orgs-permissions-arns)
|
|
// in the AWS Organizations User Guide.
|
|
Arn *string `type:"string"`
|
|
|
|
// The date and time that the handshake expires. If the recipient of the handshake
|
|
// request fails to respond before the specified date and time, the handshake
|
|
// becomes inactive and is no longer valid.
|
|
ExpirationTimestamp *time.Time `type:"timestamp" timestampFormat:"unix"`
|
|
|
|
// The unique identifier (ID) of a handshake. The originating account creates
|
|
// the ID when it initiates the handshake.
|
|
//
|
|
// The regex pattern (http://wikipedia.org/wiki/regex) for handshake ID string
|
|
// requires "h-" followed by from 8 to 32 lower-case letters or digits.
|
|
Id *string `type:"string"`
|
|
|
|
// Information about the two accounts that are participating in the handshake.
|
|
Parties []*HandshakeParty `type:"list"`
|
|
|
|
// The date and time that the handshake request was made.
|
|
RequestedTimestamp *time.Time `type:"timestamp" timestampFormat:"unix"`
|
|
|
|
// Additional information that is needed to process the handshake.
|
|
Resources []*HandshakeResource `type:"list"`
|
|
|
|
// The current state of the handshake. Use the state to trace the flow of the
|
|
// handshake through the process from its creation to its acceptance. The meaning
|
|
// of each of the valid values is as follows:
|
|
//
|
|
// * REQUESTED: This handshake was sent to multiple recipients (applicable
|
|
// to only some handshake types) and not all recipients have responded yet.
|
|
// The request stays in this state until all recipients respond.
|
|
//
|
|
// * OPEN: This handshake was sent to multiple recipients (applicable to
|
|
// only some policy types) and all recipients have responded, allowing the
|
|
// originator to complete the handshake action.
|
|
//
|
|
// * CANCELED: This handshake is no longer active because it was canceled
|
|
// by the originating account.
|
|
//
|
|
// * ACCEPTED: This handshake is complete because it has been accepted by
|
|
// the recipient.
|
|
//
|
|
// * DECLINED: This handshake is no longer active because it was declined
|
|
// by the recipient account.
|
|
//
|
|
// * EXPIRED: This handshake is no longer active because the originator did
|
|
// not receive a response of any kind from the recipient before the expiration
|
|
// time (15 days).
|
|
State *string `type:"string" enum:"HandshakeState"`
|
|
}
|
|
|
|
// String returns the string representation
|
|
func (s Handshake) String() string {
|
|
return awsutil.Prettify(s)
|
|
}
|
|
|
|
// GoString returns the string representation
|
|
func (s Handshake) GoString() string {
|
|
return s.String()
|
|
}
|
|
|
|
// SetAction sets the Action field's value.
|
|
func (s *Handshake) SetAction(v string) *Handshake {
|
|
s.Action = &v
|
|
return s
|
|
}
|
|
|
|
// SetArn sets the Arn field's value.
|
|
func (s *Handshake) SetArn(v string) *Handshake {
|
|
s.Arn = &v
|
|
return s
|
|
}
|
|
|
|
// SetExpirationTimestamp sets the ExpirationTimestamp field's value.
|
|
func (s *Handshake) SetExpirationTimestamp(v time.Time) *Handshake {
|
|
s.ExpirationTimestamp = &v
|
|
return s
|
|
}
|
|
|
|
// SetId sets the Id field's value.
|
|
func (s *Handshake) SetId(v string) *Handshake {
|
|
s.Id = &v
|
|
return s
|
|
}
|
|
|
|
// SetParties sets the Parties field's value.
|
|
func (s *Handshake) SetParties(v []*HandshakeParty) *Handshake {
|
|
s.Parties = v
|
|
return s
|
|
}
|
|
|
|
// SetRequestedTimestamp sets the RequestedTimestamp field's value.
|
|
func (s *Handshake) SetRequestedTimestamp(v time.Time) *Handshake {
|
|
s.RequestedTimestamp = &v
|
|
return s
|
|
}
|
|
|
|
// SetResources sets the Resources field's value.
|
|
func (s *Handshake) SetResources(v []*HandshakeResource) *Handshake {
|
|
s.Resources = v
|
|
return s
|
|
}
|
|
|
|
// SetState sets the State field's value.
|
|
func (s *Handshake) SetState(v string) *Handshake {
|
|
s.State = &v
|
|
return s
|
|
}
|
|
|
|
// Specifies the criteria that are used to select the handshakes for the operation.
|
|
type HandshakeFilter struct {
|
|
_ struct{} `type:"structure"`
|
|
|
|
// Specifies the type of handshake action.
|
|
//
|
|
// If you specify ActionType, you cannot also specify ParentHandshakeId.
|
|
ActionType *string `type:"string" enum:"ActionType"`
|
|
|
|
// Specifies the parent handshake. Only used for handshake types that are a
|
|
// child of another type.
|
|
//
|
|
// If you specify ParentHandshakeId, you cannot also specify ActionType.
|
|
//
|
|
// The regex pattern (http://wikipedia.org/wiki/regex) for handshake ID string
|
|
// requires "h-" followed by from 8 to 32 lower-case letters or digits.
|
|
ParentHandshakeId *string `type:"string"`
|
|
}
|
|
|
|
// String returns the string representation
|
|
func (s HandshakeFilter) String() string {
|
|
return awsutil.Prettify(s)
|
|
}
|
|
|
|
// GoString returns the string representation
|
|
func (s HandshakeFilter) GoString() string {
|
|
return s.String()
|
|
}
|
|
|
|
// SetActionType sets the ActionType field's value.
|
|
func (s *HandshakeFilter) SetActionType(v string) *HandshakeFilter {
|
|
s.ActionType = &v
|
|
return s
|
|
}
|
|
|
|
// SetParentHandshakeId sets the ParentHandshakeId field's value.
|
|
func (s *HandshakeFilter) SetParentHandshakeId(v string) *HandshakeFilter {
|
|
s.ParentHandshakeId = &v
|
|
return s
|
|
}
|
|
|
|
// Identifies a participant in a handshake.
|
|
type HandshakeParty struct {
|
|
_ struct{} `type:"structure"`
|
|
|
|
// The unique identifier (ID) for the party.
|
|
//
|
|
// The regex pattern (http://wikipedia.org/wiki/regex) for handshake ID string
|
|
// requires "h-" followed by from 8 to 32 lower-case letters or digits.
|
|
//
|
|
// Id is a required field
|
|
Id *string `min:"1" type:"string" required:"true"`
|
|
|
|
// The type of party.
|
|
//
|
|
// Type is a required field
|
|
Type *string `type:"string" required:"true" enum:"HandshakePartyType"`
|
|
}
|
|
|
|
// String returns the string representation
|
|
func (s HandshakeParty) String() string {
|
|
return awsutil.Prettify(s)
|
|
}
|
|
|
|
// GoString returns the string representation
|
|
func (s HandshakeParty) GoString() string {
|
|
return s.String()
|
|
}
|
|
|
|
// Validate inspects the fields of the type to determine if they are valid.
|
|
func (s *HandshakeParty) Validate() error {
|
|
invalidParams := request.ErrInvalidParams{Context: "HandshakeParty"}
|
|
if s.Id == nil {
|
|
invalidParams.Add(request.NewErrParamRequired("Id"))
|
|
}
|
|
if s.Id != nil && len(*s.Id) < 1 {
|
|
invalidParams.Add(request.NewErrParamMinLen("Id", 1))
|
|
}
|
|
if s.Type == nil {
|
|
invalidParams.Add(request.NewErrParamRequired("Type"))
|
|
}
|
|
|
|
if invalidParams.Len() > 0 {
|
|
return invalidParams
|
|
}
|
|
return nil
|
|
}
|
|
|
|
// SetId sets the Id field's value.
|
|
func (s *HandshakeParty) SetId(v string) *HandshakeParty {
|
|
s.Id = &v
|
|
return s
|
|
}
|
|
|
|
// SetType sets the Type field's value.
|
|
func (s *HandshakeParty) SetType(v string) *HandshakeParty {
|
|
s.Type = &v
|
|
return s
|
|
}
|
|
|
|
// Contains additional data that is needed to process a handshake.
|
|
type HandshakeResource struct {
|
|
_ struct{} `type:"structure"`
|
|
|
|
// When needed, contains an additional array of HandshakeResource objects.
|
|
Resources []*HandshakeResource `type:"list"`
|
|
|
|
// The type of information being passed, specifying how the value is to be interpreted
|
|
// by the other party:
|
|
//
|
|
// * ACCOUNT - Specifies an AWS account ID number.
|
|
//
|
|
// * ORGANIZATION - Specifies an organization ID number.
|
|
//
|
|
// * EMAIL - Specifies the email address that is associated with the account
|
|
// that receives the handshake.
|
|
//
|
|
// * OWNER_EMAIL - Specifies the email address associated with the master
|
|
// account. Included as information about an organization.
|
|
//
|
|
// * OWNER_NAME - Specifies the name associated with the master account.
|
|
// Included as information about an organization.
|
|
//
|
|
// * NOTES - Additional text provided by the handshake initiator and intended
|
|
// for the recipient to read.
|
|
Type *string `type:"string" enum:"HandshakeResourceType"`
|
|
|
|
// The information that is passed to the other party in the handshake. The format
|
|
// of the value string must match the requirements of the specified type.
|
|
Value *string `type:"string"`
|
|
}
|
|
|
|
// String returns the string representation
|
|
func (s HandshakeResource) String() string {
|
|
return awsutil.Prettify(s)
|
|
}
|
|
|
|
// GoString returns the string representation
|
|
func (s HandshakeResource) GoString() string {
|
|
return s.String()
|
|
}
|
|
|
|
// SetResources sets the Resources field's value.
|
|
func (s *HandshakeResource) SetResources(v []*HandshakeResource) *HandshakeResource {
|
|
s.Resources = v
|
|
return s
|
|
}
|
|
|
|
// SetType sets the Type field's value.
|
|
func (s *HandshakeResource) SetType(v string) *HandshakeResource {
|
|
s.Type = &v
|
|
return s
|
|
}
|
|
|
|
// SetValue sets the Value field's value.
|
|
func (s *HandshakeResource) SetValue(v string) *HandshakeResource {
|
|
s.Value = &v
|
|
return s
|
|
}
|
|
|
|
type InviteAccountToOrganizationInput struct {
|
|
_ struct{} `type:"structure"`
|
|
|
|
// Additional information that you want to include in the generated email to
|
|
// the recipient account owner.
|
|
Notes *string `type:"string"`
|
|
|
|
// The identifier (ID) of the AWS account that you want to invite to join your
|
|
// organization. This is a JSON object that contains the following elements:
|
|
//
|
|
// { "Type": "ACCOUNT", "Id": "<account id number>" }
|
|
//
|
|
// If you use the AWS CLI, you can submit this as a single string, similar to
|
|
// the following example:
|
|
//
|
|
// --target Id=123456789012,Type=ACCOUNT
|
|
//
|
|
// If you specify "Type": "ACCOUNT", then you must provide the AWS account ID
|
|
// number as the Id. If you specify "Type": "EMAIL", then you must specify the
|
|
// email address that is associated with the account.
|
|
//
|
|
// --target Id=bill@example.com,Type=EMAIL
|
|
//
|
|
// Target is a required field
|
|
Target *HandshakeParty `type:"structure" required:"true"`
|
|
}
|
|
|
|
// String returns the string representation
|
|
func (s InviteAccountToOrganizationInput) String() string {
|
|
return awsutil.Prettify(s)
|
|
}
|
|
|
|
// GoString returns the string representation
|
|
func (s InviteAccountToOrganizationInput) GoString() string {
|
|
return s.String()
|
|
}
|
|
|
|
// Validate inspects the fields of the type to determine if they are valid.
|
|
func (s *InviteAccountToOrganizationInput) Validate() error {
|
|
invalidParams := request.ErrInvalidParams{Context: "InviteAccountToOrganizationInput"}
|
|
if s.Target == nil {
|
|
invalidParams.Add(request.NewErrParamRequired("Target"))
|
|
}
|
|
if s.Target != nil {
|
|
if err := s.Target.Validate(); err != nil {
|
|
invalidParams.AddNested("Target", err.(request.ErrInvalidParams))
|
|
}
|
|
}
|
|
|
|
if invalidParams.Len() > 0 {
|
|
return invalidParams
|
|
}
|
|
return nil
|
|
}
|
|
|
|
// SetNotes sets the Notes field's value.
|
|
func (s *InviteAccountToOrganizationInput) SetNotes(v string) *InviteAccountToOrganizationInput {
|
|
s.Notes = &v
|
|
return s
|
|
}
|
|
|
|
// SetTarget sets the Target field's value.
|
|
func (s *InviteAccountToOrganizationInput) SetTarget(v *HandshakeParty) *InviteAccountToOrganizationInput {
|
|
s.Target = v
|
|
return s
|
|
}
|
|
|
|
type InviteAccountToOrganizationOutput struct {
|
|
_ struct{} `type:"structure"`
|
|
|
|
// A structure that contains details about the handshake that is created to
|
|
// support this invitation request.
|
|
Handshake *Handshake `type:"structure"`
|
|
}
|
|
|
|
// String returns the string representation
|
|
func (s InviteAccountToOrganizationOutput) String() string {
|
|
return awsutil.Prettify(s)
|
|
}
|
|
|
|
// GoString returns the string representation
|
|
func (s InviteAccountToOrganizationOutput) GoString() string {
|
|
return s.String()
|
|
}
|
|
|
|
// SetHandshake sets the Handshake field's value.
|
|
func (s *InviteAccountToOrganizationOutput) SetHandshake(v *Handshake) *InviteAccountToOrganizationOutput {
|
|
s.Handshake = v
|
|
return s
|
|
}
|
|
|
|
type LeaveOrganizationInput struct {
|
|
_ struct{} `type:"structure"`
|
|
}
|
|
|
|
// String returns the string representation
|
|
func (s LeaveOrganizationInput) String() string {
|
|
return awsutil.Prettify(s)
|
|
}
|
|
|
|
// GoString returns the string representation
|
|
func (s LeaveOrganizationInput) GoString() string {
|
|
return s.String()
|
|
}
|
|
|
|
type LeaveOrganizationOutput struct {
|
|
_ struct{} `type:"structure"`
|
|
}
|
|
|
|
// String returns the string representation
|
|
func (s LeaveOrganizationOutput) String() string {
|
|
return awsutil.Prettify(s)
|
|
}
|
|
|
|
// GoString returns the string representation
|
|
func (s LeaveOrganizationOutput) GoString() string {
|
|
return s.String()
|
|
}
|
|
|
|
type ListAWSServiceAccessForOrganizationInput struct {
|
|
_ struct{} `type:"structure"`
|
|
|
|
// (Optional) Use this to limit the number of results you want included in the
|
|
// response. If you do not include this parameter, it defaults to a value that
|
|
// is specific to the operation. If additional items exist beyond the maximum
|
|
// you specify, the NextToken response element is present and has a value (is
|
|
// not null). Include that value as the NextToken request parameter in the next
|
|
// call to the operation to get the next part of the results. Note that Organizations
|
|
// might return fewer results than the maximum even when there are more results
|
|
// available. You should check NextToken after every operation to ensure that
|
|
// you receive all of the results.
|
|
MaxResults *int64 `min:"1" type:"integer"`
|
|
|
|
// Use this parameter if you receive a NextToken response in a previous request
|
|
// that indicates that there is more output available. Set it to the value of
|
|
// the previous call's NextToken response to indicate where the output should
|
|
// continue from.
|
|
NextToken *string `type:"string"`
|
|
}
|
|
|
|
// String returns the string representation
|
|
func (s ListAWSServiceAccessForOrganizationInput) String() string {
|
|
return awsutil.Prettify(s)
|
|
}
|
|
|
|
// GoString returns the string representation
|
|
func (s ListAWSServiceAccessForOrganizationInput) GoString() string {
|
|
return s.String()
|
|
}
|
|
|
|
// Validate inspects the fields of the type to determine if they are valid.
|
|
func (s *ListAWSServiceAccessForOrganizationInput) Validate() error {
|
|
invalidParams := request.ErrInvalidParams{Context: "ListAWSServiceAccessForOrganizationInput"}
|
|
if s.MaxResults != nil && *s.MaxResults < 1 {
|
|
invalidParams.Add(request.NewErrParamMinValue("MaxResults", 1))
|
|
}
|
|
|
|
if invalidParams.Len() > 0 {
|
|
return invalidParams
|
|
}
|
|
return nil
|
|
}
|
|
|
|
// SetMaxResults sets the MaxResults field's value.
|
|
func (s *ListAWSServiceAccessForOrganizationInput) SetMaxResults(v int64) *ListAWSServiceAccessForOrganizationInput {
|
|
s.MaxResults = &v
|
|
return s
|
|
}
|
|
|
|
// SetNextToken sets the NextToken field's value.
|
|
func (s *ListAWSServiceAccessForOrganizationInput) SetNextToken(v string) *ListAWSServiceAccessForOrganizationInput {
|
|
s.NextToken = &v
|
|
return s
|
|
}
|
|
|
|
type ListAWSServiceAccessForOrganizationOutput struct {
|
|
_ struct{} `type:"structure"`
|
|
|
|
// A list of the service principals for the services that are enabled to integrate
|
|
// with your organization. Each principal is a structure that includes the name
|
|
// and the date that it was enabled for integration with AWS Organizations.
|
|
EnabledServicePrincipals []*EnabledServicePrincipal `type:"list"`
|
|
|
|
// If present, this value indicates that there is more output available than
|
|
// is included in the current response. Use this value in the NextToken request
|
|
// parameter in a subsequent call to the operation to get the next part of the
|
|
// output. You should repeat this until the NextToken response element comes
|
|
// back as null.
|
|
NextToken *string `type:"string"`
|
|
}
|
|
|
|
// String returns the string representation
|
|
func (s ListAWSServiceAccessForOrganizationOutput) String() string {
|
|
return awsutil.Prettify(s)
|
|
}
|
|
|
|
// GoString returns the string representation
|
|
func (s ListAWSServiceAccessForOrganizationOutput) GoString() string {
|
|
return s.String()
|
|
}
|
|
|
|
// SetEnabledServicePrincipals sets the EnabledServicePrincipals field's value.
|
|
func (s *ListAWSServiceAccessForOrganizationOutput) SetEnabledServicePrincipals(v []*EnabledServicePrincipal) *ListAWSServiceAccessForOrganizationOutput {
|
|
s.EnabledServicePrincipals = v
|
|
return s
|
|
}
|
|
|
|
// SetNextToken sets the NextToken field's value.
|
|
func (s *ListAWSServiceAccessForOrganizationOutput) SetNextToken(v string) *ListAWSServiceAccessForOrganizationOutput {
|
|
s.NextToken = &v
|
|
return s
|
|
}
|
|
|
|
type ListAccountsForParentInput struct {
|
|
_ struct{} `type:"structure"`
|
|
|
|
// (Optional) Use this to limit the number of results you want included in the
|
|
// response. If you do not include this parameter, it defaults to a value that
|
|
// is specific to the operation. If additional items exist beyond the maximum
|
|
// you specify, the NextToken response element is present and has a value (is
|
|
// not null). Include that value as the NextToken request parameter in the next
|
|
// call to the operation to get the next part of the results. Note that Organizations
|
|
// might return fewer results than the maximum even when there are more results
|
|
// available. You should check NextToken after every operation to ensure that
|
|
// you receive all of the results.
|
|
MaxResults *int64 `min:"1" type:"integer"`
|
|
|
|
// Use this parameter if you receive a NextToken response in a previous request
|
|
// that indicates that there is more output available. Set it to the value of
|
|
// the previous call's NextToken response to indicate where the output should
|
|
// continue from.
|
|
NextToken *string `type:"string"`
|
|
|
|
// The unique identifier (ID) for the parent root or organization unit (OU)
|
|
// whose accounts you want to list.
|
|
//
|
|
// ParentId is a required field
|
|
ParentId *string `type:"string" required:"true"`
|
|
}
|
|
|
|
// String returns the string representation
|
|
func (s ListAccountsForParentInput) String() string {
|
|
return awsutil.Prettify(s)
|
|
}
|
|
|
|
// GoString returns the string representation
|
|
func (s ListAccountsForParentInput) GoString() string {
|
|
return s.String()
|
|
}
|
|
|
|
// Validate inspects the fields of the type to determine if they are valid.
|
|
func (s *ListAccountsForParentInput) Validate() error {
|
|
invalidParams := request.ErrInvalidParams{Context: "ListAccountsForParentInput"}
|
|
if s.MaxResults != nil && *s.MaxResults < 1 {
|
|
invalidParams.Add(request.NewErrParamMinValue("MaxResults", 1))
|
|
}
|
|
if s.ParentId == nil {
|
|
invalidParams.Add(request.NewErrParamRequired("ParentId"))
|
|
}
|
|
|
|
if invalidParams.Len() > 0 {
|
|
return invalidParams
|
|
}
|
|
return nil
|
|
}
|
|
|
|
// SetMaxResults sets the MaxResults field's value.
|
|
func (s *ListAccountsForParentInput) SetMaxResults(v int64) *ListAccountsForParentInput {
|
|
s.MaxResults = &v
|
|
return s
|
|
}
|
|
|
|
// SetNextToken sets the NextToken field's value.
|
|
func (s *ListAccountsForParentInput) SetNextToken(v string) *ListAccountsForParentInput {
|
|
s.NextToken = &v
|
|
return s
|
|
}
|
|
|
|
// SetParentId sets the ParentId field's value.
|
|
func (s *ListAccountsForParentInput) SetParentId(v string) *ListAccountsForParentInput {
|
|
s.ParentId = &v
|
|
return s
|
|
}
|
|
|
|
type ListAccountsForParentOutput struct {
|
|
_ struct{} `type:"structure"`
|
|
|
|
// A list of the accounts in the specified root or OU.
|
|
Accounts []*Account `type:"list"`
|
|
|
|
// If present, this value indicates that there is more output available than
|
|
// is included in the current response. Use this value in the NextToken request
|
|
// parameter in a subsequent call to the operation to get the next part of the
|
|
// output. You should repeat this until the NextToken response element comes
|
|
// back as null.
|
|
NextToken *string `type:"string"`
|
|
}
|
|
|
|
// String returns the string representation
|
|
func (s ListAccountsForParentOutput) String() string {
|
|
return awsutil.Prettify(s)
|
|
}
|
|
|
|
// GoString returns the string representation
|
|
func (s ListAccountsForParentOutput) GoString() string {
|
|
return s.String()
|
|
}
|
|
|
|
// SetAccounts sets the Accounts field's value.
|
|
func (s *ListAccountsForParentOutput) SetAccounts(v []*Account) *ListAccountsForParentOutput {
|
|
s.Accounts = v
|
|
return s
|
|
}
|
|
|
|
// SetNextToken sets the NextToken field's value.
|
|
func (s *ListAccountsForParentOutput) SetNextToken(v string) *ListAccountsForParentOutput {
|
|
s.NextToken = &v
|
|
return s
|
|
}
|
|
|
|
type ListAccountsInput struct {
|
|
_ struct{} `type:"structure"`
|
|
|
|
// (Optional) Use this to limit the number of results you want included in the
|
|
// response. If you do not include this parameter, it defaults to a value that
|
|
// is specific to the operation. If additional items exist beyond the maximum
|
|
// you specify, the NextToken response element is present and has a value (is
|
|
// not null). Include that value as the NextToken request parameter in the next
|
|
// call to the operation to get the next part of the results. Note that Organizations
|
|
// might return fewer results than the maximum even when there are more results
|
|
// available. You should check NextToken after every operation to ensure that
|
|
// you receive all of the results.
|
|
MaxResults *int64 `min:"1" type:"integer"`
|
|
|
|
// Use this parameter if you receive a NextToken response in a previous request
|
|
// that indicates that there is more output available. Set it to the value of
|
|
// the previous call's NextToken response to indicate where the output should
|
|
// continue from.
|
|
NextToken *string `type:"string"`
|
|
}
|
|
|
|
// String returns the string representation
|
|
func (s ListAccountsInput) String() string {
|
|
return awsutil.Prettify(s)
|
|
}
|
|
|
|
// GoString returns the string representation
|
|
func (s ListAccountsInput) GoString() string {
|
|
return s.String()
|
|
}
|
|
|
|
// Validate inspects the fields of the type to determine if they are valid.
|
|
func (s *ListAccountsInput) Validate() error {
|
|
invalidParams := request.ErrInvalidParams{Context: "ListAccountsInput"}
|
|
if s.MaxResults != nil && *s.MaxResults < 1 {
|
|
invalidParams.Add(request.NewErrParamMinValue("MaxResults", 1))
|
|
}
|
|
|
|
if invalidParams.Len() > 0 {
|
|
return invalidParams
|
|
}
|
|
return nil
|
|
}
|
|
|
|
// SetMaxResults sets the MaxResults field's value.
|
|
func (s *ListAccountsInput) SetMaxResults(v int64) *ListAccountsInput {
|
|
s.MaxResults = &v
|
|
return s
|
|
}
|
|
|
|
// SetNextToken sets the NextToken field's value.
|
|
func (s *ListAccountsInput) SetNextToken(v string) *ListAccountsInput {
|
|
s.NextToken = &v
|
|
return s
|
|
}
|
|
|
|
type ListAccountsOutput struct {
|
|
_ struct{} `type:"structure"`
|
|
|
|
// A list of objects in the organization.
|
|
Accounts []*Account `type:"list"`
|
|
|
|
// If present, this value indicates that there is more output available than
|
|
// is included in the current response. Use this value in the NextToken request
|
|
// parameter in a subsequent call to the operation to get the next part of the
|
|
// output. You should repeat this until the NextToken response element comes
|
|
// back as null.
|
|
NextToken *string `type:"string"`
|
|
}
|
|
|
|
// String returns the string representation
|
|
func (s ListAccountsOutput) String() string {
|
|
return awsutil.Prettify(s)
|
|
}
|
|
|
|
// GoString returns the string representation
|
|
func (s ListAccountsOutput) GoString() string {
|
|
return s.String()
|
|
}
|
|
|
|
// SetAccounts sets the Accounts field's value.
|
|
func (s *ListAccountsOutput) SetAccounts(v []*Account) *ListAccountsOutput {
|
|
s.Accounts = v
|
|
return s
|
|
}
|
|
|
|
// SetNextToken sets the NextToken field's value.
|
|
func (s *ListAccountsOutput) SetNextToken(v string) *ListAccountsOutput {
|
|
s.NextToken = &v
|
|
return s
|
|
}
|
|
|
|
type ListChildrenInput struct {
|
|
_ struct{} `type:"structure"`
|
|
|
|
// Filters the output to include only the specified child type.
|
|
//
|
|
// ChildType is a required field
|
|
ChildType *string `type:"string" required:"true" enum:"ChildType"`
|
|
|
|
// (Optional) Use this to limit the number of results you want included in the
|
|
// response. If you do not include this parameter, it defaults to a value that
|
|
// is specific to the operation. If additional items exist beyond the maximum
|
|
// you specify, the NextToken response element is present and has a value (is
|
|
// not null). Include that value as the NextToken request parameter in the next
|
|
// call to the operation to get the next part of the results. Note that Organizations
|
|
// might return fewer results than the maximum even when there are more results
|
|
// available. You should check NextToken after every operation to ensure that
|
|
// you receive all of the results.
|
|
MaxResults *int64 `min:"1" type:"integer"`
|
|
|
|
// Use this parameter if you receive a NextToken response in a previous request
|
|
// that indicates that there is more output available. Set it to the value of
|
|
// the previous call's NextToken response to indicate where the output should
|
|
// continue from.
|
|
NextToken *string `type:"string"`
|
|
|
|
// The unique identifier (ID) for the parent root or OU whose children you want
|
|
// to list.
|
|
//
|
|
// The regex pattern (http://wikipedia.org/wiki/regex) for a parent ID string
|
|
// requires one of the following:
|
|
//
|
|
// * Root: a string that begins with "r-" followed by from 4 to 32 lower-case
|
|
// letters or digits.
|
|
//
|
|
// * Organizational unit (OU): a string that begins with "ou-" followed by
|
|
// from 4 to 32 lower-case letters or digits (the ID of the root that the
|
|
// OU is in) followed by a second "-" dash and from 8 to 32 additional lower-case
|
|
// letters or digits.
|
|
//
|
|
// ParentId is a required field
|
|
ParentId *string `type:"string" required:"true"`
|
|
}
|
|
|
|
// String returns the string representation
|
|
func (s ListChildrenInput) String() string {
|
|
return awsutil.Prettify(s)
|
|
}
|
|
|
|
// GoString returns the string representation
|
|
func (s ListChildrenInput) GoString() string {
|
|
return s.String()
|
|
}
|
|
|
|
// Validate inspects the fields of the type to determine if they are valid.
|
|
func (s *ListChildrenInput) Validate() error {
|
|
invalidParams := request.ErrInvalidParams{Context: "ListChildrenInput"}
|
|
if s.ChildType == nil {
|
|
invalidParams.Add(request.NewErrParamRequired("ChildType"))
|
|
}
|
|
if s.MaxResults != nil && *s.MaxResults < 1 {
|
|
invalidParams.Add(request.NewErrParamMinValue("MaxResults", 1))
|
|
}
|
|
if s.ParentId == nil {
|
|
invalidParams.Add(request.NewErrParamRequired("ParentId"))
|
|
}
|
|
|
|
if invalidParams.Len() > 0 {
|
|
return invalidParams
|
|
}
|
|
return nil
|
|
}
|
|
|
|
// SetChildType sets the ChildType field's value.
|
|
func (s *ListChildrenInput) SetChildType(v string) *ListChildrenInput {
|
|
s.ChildType = &v
|
|
return s
|
|
}
|
|
|
|
// SetMaxResults sets the MaxResults field's value.
|
|
func (s *ListChildrenInput) SetMaxResults(v int64) *ListChildrenInput {
|
|
s.MaxResults = &v
|
|
return s
|
|
}
|
|
|
|
// SetNextToken sets the NextToken field's value.
|
|
func (s *ListChildrenInput) SetNextToken(v string) *ListChildrenInput {
|
|
s.NextToken = &v
|
|
return s
|
|
}
|
|
|
|
// SetParentId sets the ParentId field's value.
|
|
func (s *ListChildrenInput) SetParentId(v string) *ListChildrenInput {
|
|
s.ParentId = &v
|
|
return s
|
|
}
|
|
|
|
type ListChildrenOutput struct {
|
|
_ struct{} `type:"structure"`
|
|
|
|
// The list of children of the specified parent container.
|
|
Children []*Child `type:"list"`
|
|
|
|
// If present, this value indicates that there is more output available than
|
|
// is included in the current response. Use this value in the NextToken request
|
|
// parameter in a subsequent call to the operation to get the next part of the
|
|
// output. You should repeat this until the NextToken response element comes
|
|
// back as null.
|
|
NextToken *string `type:"string"`
|
|
}
|
|
|
|
// String returns the string representation
|
|
func (s ListChildrenOutput) String() string {
|
|
return awsutil.Prettify(s)
|
|
}
|
|
|
|
// GoString returns the string representation
|
|
func (s ListChildrenOutput) GoString() string {
|
|
return s.String()
|
|
}
|
|
|
|
// SetChildren sets the Children field's value.
|
|
func (s *ListChildrenOutput) SetChildren(v []*Child) *ListChildrenOutput {
|
|
s.Children = v
|
|
return s
|
|
}
|
|
|
|
// SetNextToken sets the NextToken field's value.
|
|
func (s *ListChildrenOutput) SetNextToken(v string) *ListChildrenOutput {
|
|
s.NextToken = &v
|
|
return s
|
|
}
|
|
|
|
type ListCreateAccountStatusInput struct {
|
|
_ struct{} `type:"structure"`
|
|
|
|
// (Optional) Use this to limit the number of results you want included in the
|
|
// response. If you do not include this parameter, it defaults to a value that
|
|
// is specific to the operation. If additional items exist beyond the maximum
|
|
// you specify, the NextToken response element is present and has a value (is
|
|
// not null). Include that value as the NextToken request parameter in the next
|
|
// call to the operation to get the next part of the results. Note that Organizations
|
|
// might return fewer results than the maximum even when there are more results
|
|
// available. You should check NextToken after every operation to ensure that
|
|
// you receive all of the results.
|
|
MaxResults *int64 `min:"1" type:"integer"`
|
|
|
|
// Use this parameter if you receive a NextToken response in a previous request
|
|
// that indicates that there is more output available. Set it to the value of
|
|
// the previous call's NextToken response to indicate where the output should
|
|
// continue from.
|
|
NextToken *string `type:"string"`
|
|
|
|
// A list of one or more states that you want included in the response. If this
|
|
// parameter is not present, then all requests are included in the response.
|
|
States []*string `type:"list"`
|
|
}
|
|
|
|
// String returns the string representation
|
|
func (s ListCreateAccountStatusInput) String() string {
|
|
return awsutil.Prettify(s)
|
|
}
|
|
|
|
// GoString returns the string representation
|
|
func (s ListCreateAccountStatusInput) GoString() string {
|
|
return s.String()
|
|
}
|
|
|
|
// Validate inspects the fields of the type to determine if they are valid.
|
|
func (s *ListCreateAccountStatusInput) Validate() error {
|
|
invalidParams := request.ErrInvalidParams{Context: "ListCreateAccountStatusInput"}
|
|
if s.MaxResults != nil && *s.MaxResults < 1 {
|
|
invalidParams.Add(request.NewErrParamMinValue("MaxResults", 1))
|
|
}
|
|
|
|
if invalidParams.Len() > 0 {
|
|
return invalidParams
|
|
}
|
|
return nil
|
|
}
|
|
|
|
// SetMaxResults sets the MaxResults field's value.
|
|
func (s *ListCreateAccountStatusInput) SetMaxResults(v int64) *ListCreateAccountStatusInput {
|
|
s.MaxResults = &v
|
|
return s
|
|
}
|
|
|
|
// SetNextToken sets the NextToken field's value.
|
|
func (s *ListCreateAccountStatusInput) SetNextToken(v string) *ListCreateAccountStatusInput {
|
|
s.NextToken = &v
|
|
return s
|
|
}
|
|
|
|
// SetStates sets the States field's value.
|
|
func (s *ListCreateAccountStatusInput) SetStates(v []*string) *ListCreateAccountStatusInput {
|
|
s.States = v
|
|
return s
|
|
}
|
|
|
|
type ListCreateAccountStatusOutput struct {
|
|
_ struct{} `type:"structure"`
|
|
|
|
// A list of objects with details about the requests. Certain elements, such
|
|
// as the accountId number, are present in the output only after the account
|
|
// has been successfully created.
|
|
CreateAccountStatuses []*CreateAccountStatus `type:"list"`
|
|
|
|
// If present, this value indicates that there is more output available than
|
|
// is included in the current response. Use this value in the NextToken request
|
|
// parameter in a subsequent call to the operation to get the next part of the
|
|
// output. You should repeat this until the NextToken response element comes
|
|
// back as null.
|
|
NextToken *string `type:"string"`
|
|
}
|
|
|
|
// String returns the string representation
|
|
func (s ListCreateAccountStatusOutput) String() string {
|
|
return awsutil.Prettify(s)
|
|
}
|
|
|
|
// GoString returns the string representation
|
|
func (s ListCreateAccountStatusOutput) GoString() string {
|
|
return s.String()
|
|
}
|
|
|
|
// SetCreateAccountStatuses sets the CreateAccountStatuses field's value.
|
|
func (s *ListCreateAccountStatusOutput) SetCreateAccountStatuses(v []*CreateAccountStatus) *ListCreateAccountStatusOutput {
|
|
s.CreateAccountStatuses = v
|
|
return s
|
|
}
|
|
|
|
// SetNextToken sets the NextToken field's value.
|
|
func (s *ListCreateAccountStatusOutput) SetNextToken(v string) *ListCreateAccountStatusOutput {
|
|
s.NextToken = &v
|
|
return s
|
|
}
|
|
|
|
type ListHandshakesForAccountInput struct {
|
|
_ struct{} `type:"structure"`
|
|
|
|
// Filters the handshakes that you want included in the response. The default
|
|
// is all types. Use the ActionType element to limit the output to only a specified
|
|
// type, such as INVITE, ENABLE-FULL-CONTROL, or APPROVE-FULL-CONTROL. Alternatively,
|
|
// for the ENABLE-FULL-CONTROL handshake that generates a separate child handshake
|
|
// for each member account, you can specify ParentHandshakeId to see only the
|
|
// handshakes that were generated by that parent request.
|
|
Filter *HandshakeFilter `type:"structure"`
|
|
|
|
// (Optional) Use this to limit the number of results you want included in the
|
|
// response. If you do not include this parameter, it defaults to a value that
|
|
// is specific to the operation. If additional items exist beyond the maximum
|
|
// you specify, the NextToken response element is present and has a value (is
|
|
// not null). Include that value as the NextToken request parameter in the next
|
|
// call to the operation to get the next part of the results. Note that Organizations
|
|
// might return fewer results than the maximum even when there are more results
|
|
// available. You should check NextToken after every operation to ensure that
|
|
// you receive all of the results.
|
|
MaxResults *int64 `min:"1" type:"integer"`
|
|
|
|
// Use this parameter if you receive a NextToken response in a previous request
|
|
// that indicates that there is more output available. Set it to the value of
|
|
// the previous call's NextToken response to indicate where the output should
|
|
// continue from.
|
|
NextToken *string `type:"string"`
|
|
}
|
|
|
|
// String returns the string representation
|
|
func (s ListHandshakesForAccountInput) String() string {
|
|
return awsutil.Prettify(s)
|
|
}
|
|
|
|
// GoString returns the string representation
|
|
func (s ListHandshakesForAccountInput) GoString() string {
|
|
return s.String()
|
|
}
|
|
|
|
// Validate inspects the fields of the type to determine if they are valid.
|
|
func (s *ListHandshakesForAccountInput) Validate() error {
|
|
invalidParams := request.ErrInvalidParams{Context: "ListHandshakesForAccountInput"}
|
|
if s.MaxResults != nil && *s.MaxResults < 1 {
|
|
invalidParams.Add(request.NewErrParamMinValue("MaxResults", 1))
|
|
}
|
|
|
|
if invalidParams.Len() > 0 {
|
|
return invalidParams
|
|
}
|
|
return nil
|
|
}
|
|
|
|
// SetFilter sets the Filter field's value.
|
|
func (s *ListHandshakesForAccountInput) SetFilter(v *HandshakeFilter) *ListHandshakesForAccountInput {
|
|
s.Filter = v
|
|
return s
|
|
}
|
|
|
|
// SetMaxResults sets the MaxResults field's value.
|
|
func (s *ListHandshakesForAccountInput) SetMaxResults(v int64) *ListHandshakesForAccountInput {
|
|
s.MaxResults = &v
|
|
return s
|
|
}
|
|
|
|
// SetNextToken sets the NextToken field's value.
|
|
func (s *ListHandshakesForAccountInput) SetNextToken(v string) *ListHandshakesForAccountInput {
|
|
s.NextToken = &v
|
|
return s
|
|
}
|
|
|
|
type ListHandshakesForAccountOutput struct {
|
|
_ struct{} `type:"structure"`
|
|
|
|
// A list of Handshake objects with details about each of the handshakes that
|
|
// is associated with the specified account.
|
|
Handshakes []*Handshake `type:"list"`
|
|
|
|
// If present, this value indicates that there is more output available than
|
|
// is included in the current response. Use this value in the NextToken request
|
|
// parameter in a subsequent call to the operation to get the next part of the
|
|
// output. You should repeat this until the NextToken response element comes
|
|
// back as null.
|
|
NextToken *string `type:"string"`
|
|
}
|
|
|
|
// String returns the string representation
|
|
func (s ListHandshakesForAccountOutput) String() string {
|
|
return awsutil.Prettify(s)
|
|
}
|
|
|
|
// GoString returns the string representation
|
|
func (s ListHandshakesForAccountOutput) GoString() string {
|
|
return s.String()
|
|
}
|
|
|
|
// SetHandshakes sets the Handshakes field's value.
|
|
func (s *ListHandshakesForAccountOutput) SetHandshakes(v []*Handshake) *ListHandshakesForAccountOutput {
|
|
s.Handshakes = v
|
|
return s
|
|
}
|
|
|
|
// SetNextToken sets the NextToken field's value.
|
|
func (s *ListHandshakesForAccountOutput) SetNextToken(v string) *ListHandshakesForAccountOutput {
|
|
s.NextToken = &v
|
|
return s
|
|
}
|
|
|
|
type ListHandshakesForOrganizationInput struct {
|
|
_ struct{} `type:"structure"`
|
|
|
|
// A filter of the handshakes that you want included in the response. The default
|
|
// is all types. Use the ActionType element to limit the output to only a specified
|
|
// type, such as INVITE, ENABLE-ALL-FEATURES, or APPROVE-ALL-FEATURES. Alternatively,
|
|
// for the ENABLE-ALL-FEATURES handshake that generates a separate child handshake
|
|
// for each member account, you can specify the ParentHandshakeId to see only
|
|
// the handshakes that were generated by that parent request.
|
|
Filter *HandshakeFilter `type:"structure"`
|
|
|
|
// (Optional) Use this to limit the number of results you want included in the
|
|
// response. If you do not include this parameter, it defaults to a value that
|
|
// is specific to the operation. If additional items exist beyond the maximum
|
|
// you specify, the NextToken response element is present and has a value (is
|
|
// not null). Include that value as the NextToken request parameter in the next
|
|
// call to the operation to get the next part of the results. Note that Organizations
|
|
// might return fewer results than the maximum even when there are more results
|
|
// available. You should check NextToken after every operation to ensure that
|
|
// you receive all of the results.
|
|
MaxResults *int64 `min:"1" type:"integer"`
|
|
|
|
// Use this parameter if you receive a NextToken response in a previous request
|
|
// that indicates that there is more output available. Set it to the value of
|
|
// the previous call's NextToken response to indicate where the output should
|
|
// continue from.
|
|
NextToken *string `type:"string"`
|
|
}
|
|
|
|
// String returns the string representation
|
|
func (s ListHandshakesForOrganizationInput) String() string {
|
|
return awsutil.Prettify(s)
|
|
}
|
|
|
|
// GoString returns the string representation
|
|
func (s ListHandshakesForOrganizationInput) GoString() string {
|
|
return s.String()
|
|
}
|
|
|
|
// Validate inspects the fields of the type to determine if they are valid.
|
|
func (s *ListHandshakesForOrganizationInput) Validate() error {
|
|
invalidParams := request.ErrInvalidParams{Context: "ListHandshakesForOrganizationInput"}
|
|
if s.MaxResults != nil && *s.MaxResults < 1 {
|
|
invalidParams.Add(request.NewErrParamMinValue("MaxResults", 1))
|
|
}
|
|
|
|
if invalidParams.Len() > 0 {
|
|
return invalidParams
|
|
}
|
|
return nil
|
|
}
|
|
|
|
// SetFilter sets the Filter field's value.
|
|
func (s *ListHandshakesForOrganizationInput) SetFilter(v *HandshakeFilter) *ListHandshakesForOrganizationInput {
|
|
s.Filter = v
|
|
return s
|
|
}
|
|
|
|
// SetMaxResults sets the MaxResults field's value.
|
|
func (s *ListHandshakesForOrganizationInput) SetMaxResults(v int64) *ListHandshakesForOrganizationInput {
|
|
s.MaxResults = &v
|
|
return s
|
|
}
|
|
|
|
// SetNextToken sets the NextToken field's value.
|
|
func (s *ListHandshakesForOrganizationInput) SetNextToken(v string) *ListHandshakesForOrganizationInput {
|
|
s.NextToken = &v
|
|
return s
|
|
}
|
|
|
|
type ListHandshakesForOrganizationOutput struct {
|
|
_ struct{} `type:"structure"`
|
|
|
|
// A list of Handshake objects with details about each of the handshakes that
|
|
// are associated with an organization.
|
|
Handshakes []*Handshake `type:"list"`
|
|
|
|
// If present, this value indicates that there is more output available than
|
|
// is included in the current response. Use this value in the NextToken request
|
|
// parameter in a subsequent call to the operation to get the next part of the
|
|
// output. You should repeat this until the NextToken response element comes
|
|
// back as null.
|
|
NextToken *string `type:"string"`
|
|
}
|
|
|
|
// String returns the string representation
|
|
func (s ListHandshakesForOrganizationOutput) String() string {
|
|
return awsutil.Prettify(s)
|
|
}
|
|
|
|
// GoString returns the string representation
|
|
func (s ListHandshakesForOrganizationOutput) GoString() string {
|
|
return s.String()
|
|
}
|
|
|
|
// SetHandshakes sets the Handshakes field's value.
|
|
func (s *ListHandshakesForOrganizationOutput) SetHandshakes(v []*Handshake) *ListHandshakesForOrganizationOutput {
|
|
s.Handshakes = v
|
|
return s
|
|
}
|
|
|
|
// SetNextToken sets the NextToken field's value.
|
|
func (s *ListHandshakesForOrganizationOutput) SetNextToken(v string) *ListHandshakesForOrganizationOutput {
|
|
s.NextToken = &v
|
|
return s
|
|
}
|
|
|
|
type ListOrganizationalUnitsForParentInput struct {
|
|
_ struct{} `type:"structure"`
|
|
|
|
// (Optional) Use this to limit the number of results you want included in the
|
|
// response. If you do not include this parameter, it defaults to a value that
|
|
// is specific to the operation. If additional items exist beyond the maximum
|
|
// you specify, the NextToken response element is present and has a value (is
|
|
// not null). Include that value as the NextToken request parameter in the next
|
|
// call to the operation to get the next part of the results. Note that Organizations
|
|
// might return fewer results than the maximum even when there are more results
|
|
// available. You should check NextToken after every operation to ensure that
|
|
// you receive all of the results.
|
|
MaxResults *int64 `min:"1" type:"integer"`
|
|
|
|
// Use this parameter if you receive a NextToken response in a previous request
|
|
// that indicates that there is more output available. Set it to the value of
|
|
// the previous call's NextToken response to indicate where the output should
|
|
// continue from.
|
|
NextToken *string `type:"string"`
|
|
|
|
// The unique identifier (ID) of the root or OU whose child OUs you want to
|
|
// list.
|
|
//
|
|
// The regex pattern (http://wikipedia.org/wiki/regex) for a parent ID string
|
|
// requires one of the following:
|
|
//
|
|
// * Root: a string that begins with "r-" followed by from 4 to 32 lower-case
|
|
// letters or digits.
|
|
//
|
|
// * Organizational unit (OU): a string that begins with "ou-" followed by
|
|
// from 4 to 32 lower-case letters or digits (the ID of the root that the
|
|
// OU is in) followed by a second "-" dash and from 8 to 32 additional lower-case
|
|
// letters or digits.
|
|
//
|
|
// ParentId is a required field
|
|
ParentId *string `type:"string" required:"true"`
|
|
}
|
|
|
|
// String returns the string representation
|
|
func (s ListOrganizationalUnitsForParentInput) String() string {
|
|
return awsutil.Prettify(s)
|
|
}
|
|
|
|
// GoString returns the string representation
|
|
func (s ListOrganizationalUnitsForParentInput) GoString() string {
|
|
return s.String()
|
|
}
|
|
|
|
// Validate inspects the fields of the type to determine if they are valid.
|
|
func (s *ListOrganizationalUnitsForParentInput) Validate() error {
|
|
invalidParams := request.ErrInvalidParams{Context: "ListOrganizationalUnitsForParentInput"}
|
|
if s.MaxResults != nil && *s.MaxResults < 1 {
|
|
invalidParams.Add(request.NewErrParamMinValue("MaxResults", 1))
|
|
}
|
|
if s.ParentId == nil {
|
|
invalidParams.Add(request.NewErrParamRequired("ParentId"))
|
|
}
|
|
|
|
if invalidParams.Len() > 0 {
|
|
return invalidParams
|
|
}
|
|
return nil
|
|
}
|
|
|
|
// SetMaxResults sets the MaxResults field's value.
|
|
func (s *ListOrganizationalUnitsForParentInput) SetMaxResults(v int64) *ListOrganizationalUnitsForParentInput {
|
|
s.MaxResults = &v
|
|
return s
|
|
}
|
|
|
|
// SetNextToken sets the NextToken field's value.
|
|
func (s *ListOrganizationalUnitsForParentInput) SetNextToken(v string) *ListOrganizationalUnitsForParentInput {
|
|
s.NextToken = &v
|
|
return s
|
|
}
|
|
|
|
// SetParentId sets the ParentId field's value.
|
|
func (s *ListOrganizationalUnitsForParentInput) SetParentId(v string) *ListOrganizationalUnitsForParentInput {
|
|
s.ParentId = &v
|
|
return s
|
|
}
|
|
|
|
type ListOrganizationalUnitsForParentOutput struct {
|
|
_ struct{} `type:"structure"`
|
|
|
|
// If present, this value indicates that there is more output available than
|
|
// is included in the current response. Use this value in the NextToken request
|
|
// parameter in a subsequent call to the operation to get the next part of the
|
|
// output. You should repeat this until the NextToken response element comes
|
|
// back as null.
|
|
NextToken *string `type:"string"`
|
|
|
|
// A list of the OUs in the specified root or parent OU.
|
|
OrganizationalUnits []*OrganizationalUnit `type:"list"`
|
|
}
|
|
|
|
// String returns the string representation
|
|
func (s ListOrganizationalUnitsForParentOutput) String() string {
|
|
return awsutil.Prettify(s)
|
|
}
|
|
|
|
// GoString returns the string representation
|
|
func (s ListOrganizationalUnitsForParentOutput) GoString() string {
|
|
return s.String()
|
|
}
|
|
|
|
// SetNextToken sets the NextToken field's value.
|
|
func (s *ListOrganizationalUnitsForParentOutput) SetNextToken(v string) *ListOrganizationalUnitsForParentOutput {
|
|
s.NextToken = &v
|
|
return s
|
|
}
|
|
|
|
// SetOrganizationalUnits sets the OrganizationalUnits field's value.
|
|
func (s *ListOrganizationalUnitsForParentOutput) SetOrganizationalUnits(v []*OrganizationalUnit) *ListOrganizationalUnitsForParentOutput {
|
|
s.OrganizationalUnits = v
|
|
return s
|
|
}
|
|
|
|
type ListParentsInput struct {
|
|
_ struct{} `type:"structure"`
|
|
|
|
// The unique identifier (ID) of the OU or account whose parent containers you
|
|
// want to list. Do not specify a root.
|
|
//
|
|
// The regex pattern (http://wikipedia.org/wiki/regex) for a child ID string
|
|
// requires one of the following:
|
|
//
|
|
// * Account: a string that consists of exactly 12 digits.
|
|
//
|
|
// * Organizational unit (OU): a string that begins with "ou-" followed by
|
|
// from 4 to 32 lower-case letters or digits (the ID of the root that contains
|
|
// the OU) followed by a second "-" dash and from 8 to 32 additional lower-case
|
|
// letters or digits.
|
|
//
|
|
// ChildId is a required field
|
|
ChildId *string `type:"string" required:"true"`
|
|
|
|
// (Optional) Use this to limit the number of results you want included in the
|
|
// response. If you do not include this parameter, it defaults to a value that
|
|
// is specific to the operation. If additional items exist beyond the maximum
|
|
// you specify, the NextToken response element is present and has a value (is
|
|
// not null). Include that value as the NextToken request parameter in the next
|
|
// call to the operation to get the next part of the results. Note that Organizations
|
|
// might return fewer results than the maximum even when there are more results
|
|
// available. You should check NextToken after every operation to ensure that
|
|
// you receive all of the results.
|
|
MaxResults *int64 `min:"1" type:"integer"`
|
|
|
|
// Use this parameter if you receive a NextToken response in a previous request
|
|
// that indicates that there is more output available. Set it to the value of
|
|
// the previous call's NextToken response to indicate where the output should
|
|
// continue from.
|
|
NextToken *string `type:"string"`
|
|
}
|
|
|
|
// String returns the string representation
|
|
func (s ListParentsInput) String() string {
|
|
return awsutil.Prettify(s)
|
|
}
|
|
|
|
// GoString returns the string representation
|
|
func (s ListParentsInput) GoString() string {
|
|
return s.String()
|
|
}
|
|
|
|
// Validate inspects the fields of the type to determine if they are valid.
|
|
func (s *ListParentsInput) Validate() error {
|
|
invalidParams := request.ErrInvalidParams{Context: "ListParentsInput"}
|
|
if s.ChildId == nil {
|
|
invalidParams.Add(request.NewErrParamRequired("ChildId"))
|
|
}
|
|
if s.MaxResults != nil && *s.MaxResults < 1 {
|
|
invalidParams.Add(request.NewErrParamMinValue("MaxResults", 1))
|
|
}
|
|
|
|
if invalidParams.Len() > 0 {
|
|
return invalidParams
|
|
}
|
|
return nil
|
|
}
|
|
|
|
// SetChildId sets the ChildId field's value.
|
|
func (s *ListParentsInput) SetChildId(v string) *ListParentsInput {
|
|
s.ChildId = &v
|
|
return s
|
|
}
|
|
|
|
// SetMaxResults sets the MaxResults field's value.
|
|
func (s *ListParentsInput) SetMaxResults(v int64) *ListParentsInput {
|
|
s.MaxResults = &v
|
|
return s
|
|
}
|
|
|
|
// SetNextToken sets the NextToken field's value.
|
|
func (s *ListParentsInput) SetNextToken(v string) *ListParentsInput {
|
|
s.NextToken = &v
|
|
return s
|
|
}
|
|
|
|
type ListParentsOutput struct {
|
|
_ struct{} `type:"structure"`
|
|
|
|
// If present, this value indicates that there is more output available than
|
|
// is included in the current response. Use this value in the NextToken request
|
|
// parameter in a subsequent call to the operation to get the next part of the
|
|
// output. You should repeat this until the NextToken response element comes
|
|
// back as null.
|
|
NextToken *string `type:"string"`
|
|
|
|
// A list of parents for the specified child account or OU.
|
|
Parents []*Parent `type:"list"`
|
|
}
|
|
|
|
// String returns the string representation
|
|
func (s ListParentsOutput) String() string {
|
|
return awsutil.Prettify(s)
|
|
}
|
|
|
|
// GoString returns the string representation
|
|
func (s ListParentsOutput) GoString() string {
|
|
return s.String()
|
|
}
|
|
|
|
// SetNextToken sets the NextToken field's value.
|
|
func (s *ListParentsOutput) SetNextToken(v string) *ListParentsOutput {
|
|
s.NextToken = &v
|
|
return s
|
|
}
|
|
|
|
// SetParents sets the Parents field's value.
|
|
func (s *ListParentsOutput) SetParents(v []*Parent) *ListParentsOutput {
|
|
s.Parents = v
|
|
return s
|
|
}
|
|
|
|
type ListPoliciesForTargetInput struct {
|
|
_ struct{} `type:"structure"`
|
|
|
|
// The type of policy that you want to include in the returned list.
|
|
//
|
|
// Filter is a required field
|
|
Filter *string `type:"string" required:"true" enum:"PolicyType"`
|
|
|
|
// (Optional) Use this to limit the number of results you want included in the
|
|
// response. If you do not include this parameter, it defaults to a value that
|
|
// is specific to the operation. If additional items exist beyond the maximum
|
|
// you specify, the NextToken response element is present and has a value (is
|
|
// not null). Include that value as the NextToken request parameter in the next
|
|
// call to the operation to get the next part of the results. Note that Organizations
|
|
// might return fewer results than the maximum even when there are more results
|
|
// available. You should check NextToken after every operation to ensure that
|
|
// you receive all of the results.
|
|
MaxResults *int64 `min:"1" type:"integer"`
|
|
|
|
// Use this parameter if you receive a NextToken response in a previous request
|
|
// that indicates that there is more output available. Set it to the value of
|
|
// the previous call's NextToken response to indicate where the output should
|
|
// continue from.
|
|
NextToken *string `type:"string"`
|
|
|
|
// The unique identifier (ID) of the root, organizational unit, or account whose
|
|
// policies you want to list.
|
|
//
|
|
// The regex pattern (http://wikipedia.org/wiki/regex) for a target ID string
|
|
// requires one of the following:
|
|
//
|
|
// * Root: a string that begins with "r-" followed by from 4 to 32 lower-case
|
|
// letters or digits.
|
|
//
|
|
// * Account: a string that consists of exactly 12 digits.
|
|
//
|
|
// * Organizational unit (OU): a string that begins with "ou-" followed by
|
|
// from 4 to 32 lower-case letters or digits (the ID of the root that the
|
|
// OU is in) followed by a second "-" dash and from 8 to 32 additional lower-case
|
|
// letters or digits.
|
|
//
|
|
// TargetId is a required field
|
|
TargetId *string `type:"string" required:"true"`
|
|
}
|
|
|
|
// String returns the string representation
|
|
func (s ListPoliciesForTargetInput) String() string {
|
|
return awsutil.Prettify(s)
|
|
}
|
|
|
|
// GoString returns the string representation
|
|
func (s ListPoliciesForTargetInput) GoString() string {
|
|
return s.String()
|
|
}
|
|
|
|
// Validate inspects the fields of the type to determine if they are valid.
|
|
func (s *ListPoliciesForTargetInput) Validate() error {
|
|
invalidParams := request.ErrInvalidParams{Context: "ListPoliciesForTargetInput"}
|
|
if s.Filter == nil {
|
|
invalidParams.Add(request.NewErrParamRequired("Filter"))
|
|
}
|
|
if s.MaxResults != nil && *s.MaxResults < 1 {
|
|
invalidParams.Add(request.NewErrParamMinValue("MaxResults", 1))
|
|
}
|
|
if s.TargetId == nil {
|
|
invalidParams.Add(request.NewErrParamRequired("TargetId"))
|
|
}
|
|
|
|
if invalidParams.Len() > 0 {
|
|
return invalidParams
|
|
}
|
|
return nil
|
|
}
|
|
|
|
// SetFilter sets the Filter field's value.
|
|
func (s *ListPoliciesForTargetInput) SetFilter(v string) *ListPoliciesForTargetInput {
|
|
s.Filter = &v
|
|
return s
|
|
}
|
|
|
|
// SetMaxResults sets the MaxResults field's value.
|
|
func (s *ListPoliciesForTargetInput) SetMaxResults(v int64) *ListPoliciesForTargetInput {
|
|
s.MaxResults = &v
|
|
return s
|
|
}
|
|
|
|
// SetNextToken sets the NextToken field's value.
|
|
func (s *ListPoliciesForTargetInput) SetNextToken(v string) *ListPoliciesForTargetInput {
|
|
s.NextToken = &v
|
|
return s
|
|
}
|
|
|
|
// SetTargetId sets the TargetId field's value.
|
|
func (s *ListPoliciesForTargetInput) SetTargetId(v string) *ListPoliciesForTargetInput {
|
|
s.TargetId = &v
|
|
return s
|
|
}
|
|
|
|
type ListPoliciesForTargetOutput struct {
|
|
_ struct{} `type:"structure"`
|
|
|
|
// If present, this value indicates that there is more output available than
|
|
// is included in the current response. Use this value in the NextToken request
|
|
// parameter in a subsequent call to the operation to get the next part of the
|
|
// output. You should repeat this until the NextToken response element comes
|
|
// back as null.
|
|
NextToken *string `type:"string"`
|
|
|
|
// The list of policies that match the criteria in the request.
|
|
Policies []*PolicySummary `type:"list"`
|
|
}
|
|
|
|
// String returns the string representation
|
|
func (s ListPoliciesForTargetOutput) String() string {
|
|
return awsutil.Prettify(s)
|
|
}
|
|
|
|
// GoString returns the string representation
|
|
func (s ListPoliciesForTargetOutput) GoString() string {
|
|
return s.String()
|
|
}
|
|
|
|
// SetNextToken sets the NextToken field's value.
|
|
func (s *ListPoliciesForTargetOutput) SetNextToken(v string) *ListPoliciesForTargetOutput {
|
|
s.NextToken = &v
|
|
return s
|
|
}
|
|
|
|
// SetPolicies sets the Policies field's value.
|
|
func (s *ListPoliciesForTargetOutput) SetPolicies(v []*PolicySummary) *ListPoliciesForTargetOutput {
|
|
s.Policies = v
|
|
return s
|
|
}
|
|
|
|
type ListPoliciesInput struct {
|
|
_ struct{} `type:"structure"`
|
|
|
|
// Specifies the type of policy that you want to include in the response.
|
|
//
|
|
// Filter is a required field
|
|
Filter *string `type:"string" required:"true" enum:"PolicyType"`
|
|
|
|
// (Optional) Use this to limit the number of results you want included in the
|
|
// response. If you do not include this parameter, it defaults to a value that
|
|
// is specific to the operation. If additional items exist beyond the maximum
|
|
// you specify, the NextToken response element is present and has a value (is
|
|
// not null). Include that value as the NextToken request parameter in the next
|
|
// call to the operation to get the next part of the results. Note that Organizations
|
|
// might return fewer results than the maximum even when there are more results
|
|
// available. You should check NextToken after every operation to ensure that
|
|
// you receive all of the results.
|
|
MaxResults *int64 `min:"1" type:"integer"`
|
|
|
|
// Use this parameter if you receive a NextToken response in a previous request
|
|
// that indicates that there is more output available. Set it to the value of
|
|
// the previous call's NextToken response to indicate where the output should
|
|
// continue from.
|
|
NextToken *string `type:"string"`
|
|
}
|
|
|
|
// String returns the string representation
|
|
func (s ListPoliciesInput) String() string {
|
|
return awsutil.Prettify(s)
|
|
}
|
|
|
|
// GoString returns the string representation
|
|
func (s ListPoliciesInput) GoString() string {
|
|
return s.String()
|
|
}
|
|
|
|
// Validate inspects the fields of the type to determine if they are valid.
|
|
func (s *ListPoliciesInput) Validate() error {
|
|
invalidParams := request.ErrInvalidParams{Context: "ListPoliciesInput"}
|
|
if s.Filter == nil {
|
|
invalidParams.Add(request.NewErrParamRequired("Filter"))
|
|
}
|
|
if s.MaxResults != nil && *s.MaxResults < 1 {
|
|
invalidParams.Add(request.NewErrParamMinValue("MaxResults", 1))
|
|
}
|
|
|
|
if invalidParams.Len() > 0 {
|
|
return invalidParams
|
|
}
|
|
return nil
|
|
}
|
|
|
|
// SetFilter sets the Filter field's value.
|
|
func (s *ListPoliciesInput) SetFilter(v string) *ListPoliciesInput {
|
|
s.Filter = &v
|
|
return s
|
|
}
|
|
|
|
// SetMaxResults sets the MaxResults field's value.
|
|
func (s *ListPoliciesInput) SetMaxResults(v int64) *ListPoliciesInput {
|
|
s.MaxResults = &v
|
|
return s
|
|
}
|
|
|
|
// SetNextToken sets the NextToken field's value.
|
|
func (s *ListPoliciesInput) SetNextToken(v string) *ListPoliciesInput {
|
|
s.NextToken = &v
|
|
return s
|
|
}
|
|
|
|
type ListPoliciesOutput struct {
|
|
_ struct{} `type:"structure"`
|
|
|
|
// If present, this value indicates that there is more output available than
|
|
// is included in the current response. Use this value in the NextToken request
|
|
// parameter in a subsequent call to the operation to get the next part of the
|
|
// output. You should repeat this until the NextToken response element comes
|
|
// back as null.
|
|
NextToken *string `type:"string"`
|
|
|
|
// A list of policies that match the filter criteria in the request. The output
|
|
// list does not include the policy contents. To see the content for a policy,
|
|
// see DescribePolicy.
|
|
Policies []*PolicySummary `type:"list"`
|
|
}
|
|
|
|
// String returns the string representation
|
|
func (s ListPoliciesOutput) String() string {
|
|
return awsutil.Prettify(s)
|
|
}
|
|
|
|
// GoString returns the string representation
|
|
func (s ListPoliciesOutput) GoString() string {
|
|
return s.String()
|
|
}
|
|
|
|
// SetNextToken sets the NextToken field's value.
|
|
func (s *ListPoliciesOutput) SetNextToken(v string) *ListPoliciesOutput {
|
|
s.NextToken = &v
|
|
return s
|
|
}
|
|
|
|
// SetPolicies sets the Policies field's value.
|
|
func (s *ListPoliciesOutput) SetPolicies(v []*PolicySummary) *ListPoliciesOutput {
|
|
s.Policies = v
|
|
return s
|
|
}
|
|
|
|
type ListRootsInput struct {
|
|
_ struct{} `type:"structure"`
|
|
|
|
// (Optional) Use this to limit the number of results you want included in the
|
|
// response. If you do not include this parameter, it defaults to a value that
|
|
// is specific to the operation. If additional items exist beyond the maximum
|
|
// you specify, the NextToken response element is present and has a value (is
|
|
// not null). Include that value as the NextToken request parameter in the next
|
|
// call to the operation to get the next part of the results. Note that Organizations
|
|
// might return fewer results than the maximum even when there are more results
|
|
// available. You should check NextToken after every operation to ensure that
|
|
// you receive all of the results.
|
|
MaxResults *int64 `min:"1" type:"integer"`
|
|
|
|
// Use this parameter if you receive a NextToken response in a previous request
|
|
// that indicates that there is more output available. Set it to the value of
|
|
// the previous call's NextToken response to indicate where the output should
|
|
// continue from.
|
|
NextToken *string `type:"string"`
|
|
}
|
|
|
|
// String returns the string representation
|
|
func (s ListRootsInput) String() string {
|
|
return awsutil.Prettify(s)
|
|
}
|
|
|
|
// GoString returns the string representation
|
|
func (s ListRootsInput) GoString() string {
|
|
return s.String()
|
|
}
|
|
|
|
// Validate inspects the fields of the type to determine if they are valid.
|
|
func (s *ListRootsInput) Validate() error {
|
|
invalidParams := request.ErrInvalidParams{Context: "ListRootsInput"}
|
|
if s.MaxResults != nil && *s.MaxResults < 1 {
|
|
invalidParams.Add(request.NewErrParamMinValue("MaxResults", 1))
|
|
}
|
|
|
|
if invalidParams.Len() > 0 {
|
|
return invalidParams
|
|
}
|
|
return nil
|
|
}
|
|
|
|
// SetMaxResults sets the MaxResults field's value.
|
|
func (s *ListRootsInput) SetMaxResults(v int64) *ListRootsInput {
|
|
s.MaxResults = &v
|
|
return s
|
|
}
|
|
|
|
// SetNextToken sets the NextToken field's value.
|
|
func (s *ListRootsInput) SetNextToken(v string) *ListRootsInput {
|
|
s.NextToken = &v
|
|
return s
|
|
}
|
|
|
|
type ListRootsOutput struct {
|
|
_ struct{} `type:"structure"`
|
|
|
|
// If present, this value indicates that there is more output available than
|
|
// is included in the current response. Use this value in the NextToken request
|
|
// parameter in a subsequent call to the operation to get the next part of the
|
|
// output. You should repeat this until the NextToken response element comes
|
|
// back as null.
|
|
NextToken *string `type:"string"`
|
|
|
|
// A list of roots that are defined in an organization.
|
|
Roots []*Root `type:"list"`
|
|
}
|
|
|
|
// String returns the string representation
|
|
func (s ListRootsOutput) String() string {
|
|
return awsutil.Prettify(s)
|
|
}
|
|
|
|
// GoString returns the string representation
|
|
func (s ListRootsOutput) GoString() string {
|
|
return s.String()
|
|
}
|
|
|
|
// SetNextToken sets the NextToken field's value.
|
|
func (s *ListRootsOutput) SetNextToken(v string) *ListRootsOutput {
|
|
s.NextToken = &v
|
|
return s
|
|
}
|
|
|
|
// SetRoots sets the Roots field's value.
|
|
func (s *ListRootsOutput) SetRoots(v []*Root) *ListRootsOutput {
|
|
s.Roots = v
|
|
return s
|
|
}
|
|
|
|
type ListTargetsForPolicyInput struct {
|
|
_ struct{} `type:"structure"`
|
|
|
|
// (Optional) Use this to limit the number of results you want included in the
|
|
// response. If you do not include this parameter, it defaults to a value that
|
|
// is specific to the operation. If additional items exist beyond the maximum
|
|
// you specify, the NextToken response element is present and has a value (is
|
|
// not null). Include that value as the NextToken request parameter in the next
|
|
// call to the operation to get the next part of the results. Note that Organizations
|
|
// might return fewer results than the maximum even when there are more results
|
|
// available. You should check NextToken after every operation to ensure that
|
|
// you receive all of the results.
|
|
MaxResults *int64 `min:"1" type:"integer"`
|
|
|
|
// Use this parameter if you receive a NextToken response in a previous request
|
|
// that indicates that there is more output available. Set it to the value of
|
|
// the previous call's NextToken response to indicate where the output should
|
|
// continue from.
|
|
NextToken *string `type:"string"`
|
|
|
|
// The unique identifier (ID) of the policy for which you want to know its attachments.
|
|
//
|
|
// The regex pattern (http://wikipedia.org/wiki/regex) for a policy ID string
|
|
// requires "p-" followed by from 8 to 128 lower-case letters or digits.
|
|
//
|
|
// PolicyId is a required field
|
|
PolicyId *string `type:"string" required:"true"`
|
|
}
|
|
|
|
// String returns the string representation
|
|
func (s ListTargetsForPolicyInput) String() string {
|
|
return awsutil.Prettify(s)
|
|
}
|
|
|
|
// GoString returns the string representation
|
|
func (s ListTargetsForPolicyInput) GoString() string {
|
|
return s.String()
|
|
}
|
|
|
|
// Validate inspects the fields of the type to determine if they are valid.
|
|
func (s *ListTargetsForPolicyInput) Validate() error {
|
|
invalidParams := request.ErrInvalidParams{Context: "ListTargetsForPolicyInput"}
|
|
if s.MaxResults != nil && *s.MaxResults < 1 {
|
|
invalidParams.Add(request.NewErrParamMinValue("MaxResults", 1))
|
|
}
|
|
if s.PolicyId == nil {
|
|
invalidParams.Add(request.NewErrParamRequired("PolicyId"))
|
|
}
|
|
|
|
if invalidParams.Len() > 0 {
|
|
return invalidParams
|
|
}
|
|
return nil
|
|
}
|
|
|
|
// SetMaxResults sets the MaxResults field's value.
|
|
func (s *ListTargetsForPolicyInput) SetMaxResults(v int64) *ListTargetsForPolicyInput {
|
|
s.MaxResults = &v
|
|
return s
|
|
}
|
|
|
|
// SetNextToken sets the NextToken field's value.
|
|
func (s *ListTargetsForPolicyInput) SetNextToken(v string) *ListTargetsForPolicyInput {
|
|
s.NextToken = &v
|
|
return s
|
|
}
|
|
|
|
// SetPolicyId sets the PolicyId field's value.
|
|
func (s *ListTargetsForPolicyInput) SetPolicyId(v string) *ListTargetsForPolicyInput {
|
|
s.PolicyId = &v
|
|
return s
|
|
}
|
|
|
|
type ListTargetsForPolicyOutput struct {
|
|
_ struct{} `type:"structure"`
|
|
|
|
// If present, this value indicates that there is more output available than
|
|
// is included in the current response. Use this value in the NextToken request
|
|
// parameter in a subsequent call to the operation to get the next part of the
|
|
// output. You should repeat this until the NextToken response element comes
|
|
// back as null.
|
|
NextToken *string `type:"string"`
|
|
|
|
// A list of structures, each of which contains details about one of the entities
|
|
// to which the specified policy is attached.
|
|
Targets []*PolicyTargetSummary `type:"list"`
|
|
}
|
|
|
|
// String returns the string representation
|
|
func (s ListTargetsForPolicyOutput) String() string {
|
|
return awsutil.Prettify(s)
|
|
}
|
|
|
|
// GoString returns the string representation
|
|
func (s ListTargetsForPolicyOutput) GoString() string {
|
|
return s.String()
|
|
}
|
|
|
|
// SetNextToken sets the NextToken field's value.
|
|
func (s *ListTargetsForPolicyOutput) SetNextToken(v string) *ListTargetsForPolicyOutput {
|
|
s.NextToken = &v
|
|
return s
|
|
}
|
|
|
|
// SetTargets sets the Targets field's value.
|
|
func (s *ListTargetsForPolicyOutput) SetTargets(v []*PolicyTargetSummary) *ListTargetsForPolicyOutput {
|
|
s.Targets = v
|
|
return s
|
|
}
|
|
|
|
type MoveAccountInput struct {
|
|
_ struct{} `type:"structure"`
|
|
|
|
// The unique identifier (ID) of the account that you want to move.
|
|
//
|
|
// The regex pattern (http://wikipedia.org/wiki/regex) for an account ID string
|
|
// requires exactly 12 digits.
|
|
//
|
|
// AccountId is a required field
|
|
AccountId *string `type:"string" required:"true"`
|
|
|
|
// The unique identifier (ID) of the root or organizational unit that you want
|
|
// to move the account to.
|
|
//
|
|
// The regex pattern (http://wikipedia.org/wiki/regex) for a parent ID string
|
|
// requires one of the following:
|
|
//
|
|
// * Root: a string that begins with "r-" followed by from 4 to 32 lower-case
|
|
// letters or digits.
|
|
//
|
|
// * Organizational unit (OU): a string that begins with "ou-" followed by
|
|
// from 4 to 32 lower-case letters or digits (the ID of the root that the
|
|
// OU is in) followed by a second "-" dash and from 8 to 32 additional lower-case
|
|
// letters or digits.
|
|
//
|
|
// DestinationParentId is a required field
|
|
DestinationParentId *string `type:"string" required:"true"`
|
|
|
|
// The unique identifier (ID) of the root or organizational unit that you want
|
|
// to move the account from.
|
|
//
|
|
// The regex pattern (http://wikipedia.org/wiki/regex) for a parent ID string
|
|
// requires one of the following:
|
|
//
|
|
// * Root: a string that begins with "r-" followed by from 4 to 32 lower-case
|
|
// letters or digits.
|
|
//
|
|
// * Organizational unit (OU): a string that begins with "ou-" followed by
|
|
// from 4 to 32 lower-case letters or digits (the ID of the root that the
|
|
// OU is in) followed by a second "-" dash and from 8 to 32 additional lower-case
|
|
// letters or digits.
|
|
//
|
|
// SourceParentId is a required field
|
|
SourceParentId *string `type:"string" required:"true"`
|
|
}
|
|
|
|
// String returns the string representation
|
|
func (s MoveAccountInput) String() string {
|
|
return awsutil.Prettify(s)
|
|
}
|
|
|
|
// GoString returns the string representation
|
|
func (s MoveAccountInput) GoString() string {
|
|
return s.String()
|
|
}
|
|
|
|
// Validate inspects the fields of the type to determine if they are valid.
|
|
func (s *MoveAccountInput) Validate() error {
|
|
invalidParams := request.ErrInvalidParams{Context: "MoveAccountInput"}
|
|
if s.AccountId == nil {
|
|
invalidParams.Add(request.NewErrParamRequired("AccountId"))
|
|
}
|
|
if s.DestinationParentId == nil {
|
|
invalidParams.Add(request.NewErrParamRequired("DestinationParentId"))
|
|
}
|
|
if s.SourceParentId == nil {
|
|
invalidParams.Add(request.NewErrParamRequired("SourceParentId"))
|
|
}
|
|
|
|
if invalidParams.Len() > 0 {
|
|
return invalidParams
|
|
}
|
|
return nil
|
|
}
|
|
|
|
// SetAccountId sets the AccountId field's value.
|
|
func (s *MoveAccountInput) SetAccountId(v string) *MoveAccountInput {
|
|
s.AccountId = &v
|
|
return s
|
|
}
|
|
|
|
// SetDestinationParentId sets the DestinationParentId field's value.
|
|
func (s *MoveAccountInput) SetDestinationParentId(v string) *MoveAccountInput {
|
|
s.DestinationParentId = &v
|
|
return s
|
|
}
|
|
|
|
// SetSourceParentId sets the SourceParentId field's value.
|
|
func (s *MoveAccountInput) SetSourceParentId(v string) *MoveAccountInput {
|
|
s.SourceParentId = &v
|
|
return s
|
|
}
|
|
|
|
type MoveAccountOutput struct {
|
|
_ struct{} `type:"structure"`
|
|
}
|
|
|
|
// String returns the string representation
|
|
func (s MoveAccountOutput) String() string {
|
|
return awsutil.Prettify(s)
|
|
}
|
|
|
|
// GoString returns the string representation
|
|
func (s MoveAccountOutput) GoString() string {
|
|
return s.String()
|
|
}
|
|
|
|
// Contains details about an organization. An organization is a collection of
|
|
// accounts that are centrally managed together using consolidated billing,
|
|
// organized hierarchically with organizational units (OUs), and controlled
|
|
// with policies .
|
|
type Organization struct {
|
|
_ struct{} `type:"structure"`
|
|
|
|
// The Amazon Resource Name (ARN) of an organization.
|
|
//
|
|
// For more information about ARNs in Organizations, see ARN Formats Supported
|
|
// by Organizations (http://docs.aws.amazon.com/organizations/latest/userguide/orgs_permissions.html#orgs-permissions-arns)
|
|
// in the AWS Organizations User Guide.
|
|
Arn *string `type:"string"`
|
|
|
|
// A list of policy types that are enabled for this organization. For example,
|
|
// if your organization has all features enabled, then service control policies
|
|
// (SCPs) are included in the list.
|
|
//
|
|
// Even if a policy type is shown as available in the organization, you can
|
|
// separately enable and disable them at the root level by using EnablePolicyType
|
|
// and DisablePolicyType. Use ListRoots to see the status of a policy type in
|
|
// that root.
|
|
AvailablePolicyTypes []*PolicyTypeSummary `type:"list"`
|
|
|
|
// Specifies the functionality that currently is available to the organization.
|
|
// If set to "ALL", then all features are enabled and policies can be applied
|
|
// to accounts in the organization. If set to "CONSOLIDATED_BILLING", then only
|
|
// consolidated billing functionality is available. For more information, see
|
|
// Enabling All Features in Your Organization (http://docs.aws.amazon.com/IAM/latest/UserGuide/orgs_manage_org_support-all-features.html)
|
|
// in the AWS Organizations User Guide.
|
|
FeatureSet *string `type:"string" enum:"OrganizationFeatureSet"`
|
|
|
|
// The unique identifier (ID) of an organization.
|
|
//
|
|
// The regex pattern (http://wikipedia.org/wiki/regex) for an organization ID
|
|
// string requires "o-" followed by from 10 to 32 lower-case letters or digits.
|
|
Id *string `type:"string"`
|
|
|
|
// The Amazon Resource Name (ARN) of the account that is designated as the master
|
|
// account for the organization.
|
|
//
|
|
// For more information about ARNs in Organizations, see ARN Formats Supported
|
|
// by Organizations (http://docs.aws.amazon.com/organizations/latest/userguide/orgs_permissions.html#orgs-permissions-arns)
|
|
// in the AWS Organizations User Guide.
|
|
MasterAccountArn *string `type:"string"`
|
|
|
|
// The email address that is associated with the AWS account that is designated
|
|
// as the master account for the organization.
|
|
MasterAccountEmail *string `min:"6" type:"string"`
|
|
|
|
// The unique identifier (ID) of the master account of an organization.
|
|
//
|
|
// The regex pattern (http://wikipedia.org/wiki/regex) for an account ID string
|
|
// requires exactly 12 digits.
|
|
MasterAccountId *string `type:"string"`
|
|
}
|
|
|
|
// String returns the string representation
|
|
func (s Organization) String() string {
|
|
return awsutil.Prettify(s)
|
|
}
|
|
|
|
// GoString returns the string representation
|
|
func (s Organization) GoString() string {
|
|
return s.String()
|
|
}
|
|
|
|
// SetArn sets the Arn field's value.
|
|
func (s *Organization) SetArn(v string) *Organization {
|
|
s.Arn = &v
|
|
return s
|
|
}
|
|
|
|
// SetAvailablePolicyTypes sets the AvailablePolicyTypes field's value.
|
|
func (s *Organization) SetAvailablePolicyTypes(v []*PolicyTypeSummary) *Organization {
|
|
s.AvailablePolicyTypes = v
|
|
return s
|
|
}
|
|
|
|
// SetFeatureSet sets the FeatureSet field's value.
|
|
func (s *Organization) SetFeatureSet(v string) *Organization {
|
|
s.FeatureSet = &v
|
|
return s
|
|
}
|
|
|
|
// SetId sets the Id field's value.
|
|
func (s *Organization) SetId(v string) *Organization {
|
|
s.Id = &v
|
|
return s
|
|
}
|
|
|
|
// SetMasterAccountArn sets the MasterAccountArn field's value.
|
|
func (s *Organization) SetMasterAccountArn(v string) *Organization {
|
|
s.MasterAccountArn = &v
|
|
return s
|
|
}
|
|
|
|
// SetMasterAccountEmail sets the MasterAccountEmail field's value.
|
|
func (s *Organization) SetMasterAccountEmail(v string) *Organization {
|
|
s.MasterAccountEmail = &v
|
|
return s
|
|
}
|
|
|
|
// SetMasterAccountId sets the MasterAccountId field's value.
|
|
func (s *Organization) SetMasterAccountId(v string) *Organization {
|
|
s.MasterAccountId = &v
|
|
return s
|
|
}
|
|
|
|
// Contains details about an organizational unit (OU). An OU is a container
|
|
// of AWS accounts within a root of an organization. Policies that are attached
|
|
// to an OU apply to all accounts contained in that OU and in any child OUs.
|
|
type OrganizationalUnit struct {
|
|
_ struct{} `type:"structure"`
|
|
|
|
// The Amazon Resource Name (ARN) of this OU.
|
|
//
|
|
// For more information about ARNs in Organizations, see ARN Formats Supported
|
|
// by Organizations (http://docs.aws.amazon.com/organizations/latest/userguide/orgs_permissions.html#orgs-permissions-arns)
|
|
// in the AWS Organizations User Guide.
|
|
Arn *string `type:"string"`
|
|
|
|
// The unique identifier (ID) associated with this OU.
|
|
//
|
|
// The regex pattern (http://wikipedia.org/wiki/regex) for an organizational
|
|
// unit ID string requires "ou-" followed by from 4 to 32 lower-case letters
|
|
// or digits (the ID of the root that contains the OU) followed by a second
|
|
// "-" dash and from 8 to 32 additional lower-case letters or digits.
|
|
Id *string `type:"string"`
|
|
|
|
// The friendly name of this OU.
|
|
//
|
|
// The regex pattern (http://wikipedia.org/wiki/regex) that is used to validate
|
|
// this parameter is a string of any of the characters in the ASCII character
|
|
// range.
|
|
Name *string `min:"1" type:"string"`
|
|
}
|
|
|
|
// String returns the string representation
|
|
func (s OrganizationalUnit) String() string {
|
|
return awsutil.Prettify(s)
|
|
}
|
|
|
|
// GoString returns the string representation
|
|
func (s OrganizationalUnit) GoString() string {
|
|
return s.String()
|
|
}
|
|
|
|
// SetArn sets the Arn field's value.
|
|
func (s *OrganizationalUnit) SetArn(v string) *OrganizationalUnit {
|
|
s.Arn = &v
|
|
return s
|
|
}
|
|
|
|
// SetId sets the Id field's value.
|
|
func (s *OrganizationalUnit) SetId(v string) *OrganizationalUnit {
|
|
s.Id = &v
|
|
return s
|
|
}
|
|
|
|
// SetName sets the Name field's value.
|
|
func (s *OrganizationalUnit) SetName(v string) *OrganizationalUnit {
|
|
s.Name = &v
|
|
return s
|
|
}
|
|
|
|
// Contains information about either a root or an organizational unit (OU) that
|
|
// can contain OUs or accounts in an organization.
|
|
type Parent struct {
|
|
_ struct{} `type:"structure"`
|
|
|
|
// The unique identifier (ID) of the parent entity.
|
|
//
|
|
// The regex pattern (http://wikipedia.org/wiki/regex) for a parent ID string
|
|
// requires one of the following:
|
|
//
|
|
// * Root: a string that begins with "r-" followed by from 4 to 32 lower-case
|
|
// letters or digits.
|
|
//
|
|
// * Organizational unit (OU): a string that begins with "ou-" followed by
|
|
// from 4 to 32 lower-case letters or digits (the ID of the root that the
|
|
// OU is in) followed by a second "-" dash and from 8 to 32 additional lower-case
|
|
// letters or digits.
|
|
Id *string `type:"string"`
|
|
|
|
// The type of the parent entity.
|
|
Type *string `type:"string" enum:"ParentType"`
|
|
}
|
|
|
|
// String returns the string representation
|
|
func (s Parent) String() string {
|
|
return awsutil.Prettify(s)
|
|
}
|
|
|
|
// GoString returns the string representation
|
|
func (s Parent) GoString() string {
|
|
return s.String()
|
|
}
|
|
|
|
// SetId sets the Id field's value.
|
|
func (s *Parent) SetId(v string) *Parent {
|
|
s.Id = &v
|
|
return s
|
|
}
|
|
|
|
// SetType sets the Type field's value.
|
|
func (s *Parent) SetType(v string) *Parent {
|
|
s.Type = &v
|
|
return s
|
|
}
|
|
|
|
// Contains rules to be applied to the affected accounts. Policies can be attached
|
|
// directly to accounts, or to roots and OUs to affect all accounts in those
|
|
// hierarchies.
|
|
type Policy struct {
|
|
_ struct{} `type:"structure"`
|
|
|
|
// The text content of the policy.
|
|
Content *string `min:"1" type:"string"`
|
|
|
|
// A structure that contains additional details about the policy.
|
|
PolicySummary *PolicySummary `type:"structure"`
|
|
}
|
|
|
|
// String returns the string representation
|
|
func (s Policy) String() string {
|
|
return awsutil.Prettify(s)
|
|
}
|
|
|
|
// GoString returns the string representation
|
|
func (s Policy) GoString() string {
|
|
return s.String()
|
|
}
|
|
|
|
// SetContent sets the Content field's value.
|
|
func (s *Policy) SetContent(v string) *Policy {
|
|
s.Content = &v
|
|
return s
|
|
}
|
|
|
|
// SetPolicySummary sets the PolicySummary field's value.
|
|
func (s *Policy) SetPolicySummary(v *PolicySummary) *Policy {
|
|
s.PolicySummary = v
|
|
return s
|
|
}
|
|
|
|
// Contains information about a policy, but does not include the content. To
|
|
// see the content of a policy, see DescribePolicy.
|
|
type PolicySummary struct {
|
|
_ struct{} `type:"structure"`
|
|
|
|
// The Amazon Resource Name (ARN) of the policy.
|
|
//
|
|
// For more information about ARNs in Organizations, see ARN Formats Supported
|
|
// by Organizations (http://docs.aws.amazon.com/organizations/latest/userguide/orgs_permissions.html#orgs-permissions-arns)
|
|
// in the AWS Organizations User Guide.
|
|
Arn *string `type:"string"`
|
|
|
|
// A boolean value that indicates whether the specified policy is an AWS managed
|
|
// policy. If true, then you can attach the policy to roots, OUs, or accounts,
|
|
// but you cannot edit it.
|
|
AwsManaged *bool `type:"boolean"`
|
|
|
|
// The description of the policy.
|
|
Description *string `type:"string"`
|
|
|
|
// The unique identifier (ID) of the policy.
|
|
//
|
|
// The regex pattern (http://wikipedia.org/wiki/regex) for a policy ID string
|
|
// requires "p-" followed by from 8 to 128 lower-case letters or digits.
|
|
Id *string `type:"string"`
|
|
|
|
// The friendly name of the policy.
|
|
//
|
|
// The regex pattern (http://wikipedia.org/wiki/regex) that is used to validate
|
|
// this parameter is a string of any of the characters in the ASCII character
|
|
// range.
|
|
Name *string `min:"1" type:"string"`
|
|
|
|
// The type of policy.
|
|
Type *string `type:"string" enum:"PolicyType"`
|
|
}
|
|
|
|
// String returns the string representation
|
|
func (s PolicySummary) String() string {
|
|
return awsutil.Prettify(s)
|
|
}
|
|
|
|
// GoString returns the string representation
|
|
func (s PolicySummary) GoString() string {
|
|
return s.String()
|
|
}
|
|
|
|
// SetArn sets the Arn field's value.
|
|
func (s *PolicySummary) SetArn(v string) *PolicySummary {
|
|
s.Arn = &v
|
|
return s
|
|
}
|
|
|
|
// SetAwsManaged sets the AwsManaged field's value.
|
|
func (s *PolicySummary) SetAwsManaged(v bool) *PolicySummary {
|
|
s.AwsManaged = &v
|
|
return s
|
|
}
|
|
|
|
// SetDescription sets the Description field's value.
|
|
func (s *PolicySummary) SetDescription(v string) *PolicySummary {
|
|
s.Description = &v
|
|
return s
|
|
}
|
|
|
|
// SetId sets the Id field's value.
|
|
func (s *PolicySummary) SetId(v string) *PolicySummary {
|
|
s.Id = &v
|
|
return s
|
|
}
|
|
|
|
// SetName sets the Name field's value.
|
|
func (s *PolicySummary) SetName(v string) *PolicySummary {
|
|
s.Name = &v
|
|
return s
|
|
}
|
|
|
|
// SetType sets the Type field's value.
|
|
func (s *PolicySummary) SetType(v string) *PolicySummary {
|
|
s.Type = &v
|
|
return s
|
|
}
|
|
|
|
// Contains information about a root, OU, or account that a policy is attached
|
|
// to.
|
|
type PolicyTargetSummary struct {
|
|
_ struct{} `type:"structure"`
|
|
|
|
// The Amazon Resource Name (ARN) of the policy target.
|
|
//
|
|
// For more information about ARNs in Organizations, see ARN Formats Supported
|
|
// by Organizations (http://docs.aws.amazon.com/organizations/latest/userguide/orgs_permissions.html#orgs-permissions-arns)
|
|
// in the AWS Organizations User Guide.
|
|
Arn *string `type:"string"`
|
|
|
|
// The friendly name of the policy target.
|
|
//
|
|
// The regex pattern (http://wikipedia.org/wiki/regex) that is used to validate
|
|
// this parameter is a string of any of the characters in the ASCII character
|
|
// range.
|
|
Name *string `min:"1" type:"string"`
|
|
|
|
// The unique identifier (ID) of the policy target.
|
|
//
|
|
// The regex pattern (http://wikipedia.org/wiki/regex) for a target ID string
|
|
// requires one of the following:
|
|
//
|
|
// * Root: a string that begins with "r-" followed by from 4 to 32 lower-case
|
|
// letters or digits.
|
|
//
|
|
// * Account: a string that consists of exactly 12 digits.
|
|
//
|
|
// * Organizational unit (OU): a string that begins with "ou-" followed by
|
|
// from 4 to 32 lower-case letters or digits (the ID of the root that the
|
|
// OU is in) followed by a second "-" dash and from 8 to 32 additional lower-case
|
|
// letters or digits.
|
|
TargetId *string `type:"string"`
|
|
|
|
// The type of the policy target.
|
|
Type *string `type:"string" enum:"TargetType"`
|
|
}
|
|
|
|
// String returns the string representation
|
|
func (s PolicyTargetSummary) String() string {
|
|
return awsutil.Prettify(s)
|
|
}
|
|
|
|
// GoString returns the string representation
|
|
func (s PolicyTargetSummary) GoString() string {
|
|
return s.String()
|
|
}
|
|
|
|
// SetArn sets the Arn field's value.
|
|
func (s *PolicyTargetSummary) SetArn(v string) *PolicyTargetSummary {
|
|
s.Arn = &v
|
|
return s
|
|
}
|
|
|
|
// SetName sets the Name field's value.
|
|
func (s *PolicyTargetSummary) SetName(v string) *PolicyTargetSummary {
|
|
s.Name = &v
|
|
return s
|
|
}
|
|
|
|
// SetTargetId sets the TargetId field's value.
|
|
func (s *PolicyTargetSummary) SetTargetId(v string) *PolicyTargetSummary {
|
|
s.TargetId = &v
|
|
return s
|
|
}
|
|
|
|
// SetType sets the Type field's value.
|
|
func (s *PolicyTargetSummary) SetType(v string) *PolicyTargetSummary {
|
|
s.Type = &v
|
|
return s
|
|
}
|
|
|
|
// Contains information about a policy type and its status in the associated
|
|
// root.
|
|
type PolicyTypeSummary struct {
|
|
_ struct{} `type:"structure"`
|
|
|
|
// The status of the policy type as it relates to the associated root. To attach
|
|
// a policy of the specified type to a root or to an OU or account in that root,
|
|
// it must be available in the organization and enabled for that root.
|
|
Status *string `type:"string" enum:"PolicyTypeStatus"`
|
|
|
|
// The name of the policy type.
|
|
Type *string `type:"string" enum:"PolicyType"`
|
|
}
|
|
|
|
// String returns the string representation
|
|
func (s PolicyTypeSummary) String() string {
|
|
return awsutil.Prettify(s)
|
|
}
|
|
|
|
// GoString returns the string representation
|
|
func (s PolicyTypeSummary) GoString() string {
|
|
return s.String()
|
|
}
|
|
|
|
// SetStatus sets the Status field's value.
|
|
func (s *PolicyTypeSummary) SetStatus(v string) *PolicyTypeSummary {
|
|
s.Status = &v
|
|
return s
|
|
}
|
|
|
|
// SetType sets the Type field's value.
|
|
func (s *PolicyTypeSummary) SetType(v string) *PolicyTypeSummary {
|
|
s.Type = &v
|
|
return s
|
|
}
|
|
|
|
type RemoveAccountFromOrganizationInput struct {
|
|
_ struct{} `type:"structure"`
|
|
|
|
// The unique identifier (ID) of the member account that you want to remove
|
|
// from the organization.
|
|
//
|
|
// The regex pattern (http://wikipedia.org/wiki/regex) for an account ID string
|
|
// requires exactly 12 digits.
|
|
//
|
|
// AccountId is a required field
|
|
AccountId *string `type:"string" required:"true"`
|
|
}
|
|
|
|
// String returns the string representation
|
|
func (s RemoveAccountFromOrganizationInput) String() string {
|
|
return awsutil.Prettify(s)
|
|
}
|
|
|
|
// GoString returns the string representation
|
|
func (s RemoveAccountFromOrganizationInput) GoString() string {
|
|
return s.String()
|
|
}
|
|
|
|
// Validate inspects the fields of the type to determine if they are valid.
|
|
func (s *RemoveAccountFromOrganizationInput) Validate() error {
|
|
invalidParams := request.ErrInvalidParams{Context: "RemoveAccountFromOrganizationInput"}
|
|
if s.AccountId == nil {
|
|
invalidParams.Add(request.NewErrParamRequired("AccountId"))
|
|
}
|
|
|
|
if invalidParams.Len() > 0 {
|
|
return invalidParams
|
|
}
|
|
return nil
|
|
}
|
|
|
|
// SetAccountId sets the AccountId field's value.
|
|
func (s *RemoveAccountFromOrganizationInput) SetAccountId(v string) *RemoveAccountFromOrganizationInput {
|
|
s.AccountId = &v
|
|
return s
|
|
}
|
|
|
|
type RemoveAccountFromOrganizationOutput struct {
|
|
_ struct{} `type:"structure"`
|
|
}
|
|
|
|
// String returns the string representation
|
|
func (s RemoveAccountFromOrganizationOutput) String() string {
|
|
return awsutil.Prettify(s)
|
|
}
|
|
|
|
// GoString returns the string representation
|
|
func (s RemoveAccountFromOrganizationOutput) GoString() string {
|
|
return s.String()
|
|
}
|
|
|
|
// Contains details about a root. A root is a top-level parent node in the hierarchy
|
|
// of an organization that can contain organizational units (OUs) and accounts.
|
|
// Every root contains every AWS account in the organization. Each root enables
|
|
// the accounts to be organized in a different way and to have different policy
|
|
// types enabled for use in that root.
|
|
type Root struct {
|
|
_ struct{} `type:"structure"`
|
|
|
|
// The Amazon Resource Name (ARN) of the root.
|
|
//
|
|
// For more information about ARNs in Organizations, see ARN Formats Supported
|
|
// by Organizations (http://docs.aws.amazon.com/organizations/latest/userguide/orgs_permissions.html#orgs-permissions-arns)
|
|
// in the AWS Organizations User Guide.
|
|
Arn *string `type:"string"`
|
|
|
|
// The unique identifier (ID) for the root.
|
|
//
|
|
// The regex pattern (http://wikipedia.org/wiki/regex) for a root ID string
|
|
// requires "r-" followed by from 4 to 32 lower-case letters or digits.
|
|
Id *string `type:"string"`
|
|
|
|
// The friendly name of the root.
|
|
//
|
|
// The regex pattern (http://wikipedia.org/wiki/regex) that is used to validate
|
|
// this parameter is a string of any of the characters in the ASCII character
|
|
// range.
|
|
Name *string `min:"1" type:"string"`
|
|
|
|
// The types of policies that are currently enabled for the root and therefore
|
|
// can be attached to the root or to its OUs or accounts.
|
|
//
|
|
// Even if a policy type is shown as available in the organization, you can
|
|
// separately enable and disable them at the root level by using EnablePolicyType
|
|
// and DisablePolicyType. Use DescribeOrganization to see the availability of
|
|
// the policy types in that organization.
|
|
PolicyTypes []*PolicyTypeSummary `type:"list"`
|
|
}
|
|
|
|
// String returns the string representation
|
|
func (s Root) String() string {
|
|
return awsutil.Prettify(s)
|
|
}
|
|
|
|
// GoString returns the string representation
|
|
func (s Root) GoString() string {
|
|
return s.String()
|
|
}
|
|
|
|
// SetArn sets the Arn field's value.
|
|
func (s *Root) SetArn(v string) *Root {
|
|
s.Arn = &v
|
|
return s
|
|
}
|
|
|
|
// SetId sets the Id field's value.
|
|
func (s *Root) SetId(v string) *Root {
|
|
s.Id = &v
|
|
return s
|
|
}
|
|
|
|
// SetName sets the Name field's value.
|
|
func (s *Root) SetName(v string) *Root {
|
|
s.Name = &v
|
|
return s
|
|
}
|
|
|
|
// SetPolicyTypes sets the PolicyTypes field's value.
|
|
func (s *Root) SetPolicyTypes(v []*PolicyTypeSummary) *Root {
|
|
s.PolicyTypes = v
|
|
return s
|
|
}
|
|
|
|
type UpdateOrganizationalUnitInput struct {
|
|
_ struct{} `type:"structure"`
|
|
|
|
// The new name that you want to assign to the OU.
|
|
//
|
|
// The regex pattern (http://wikipedia.org/wiki/regex) that is used to validate
|
|
// this parameter is a string of any of the characters in the ASCII character
|
|
// range.
|
|
Name *string `min:"1" type:"string"`
|
|
|
|
// The unique identifier (ID) of the OU that you want to rename. You can get
|
|
// the ID from the ListOrganizationalUnitsForParent operation.
|
|
//
|
|
// The regex pattern (http://wikipedia.org/wiki/regex) for an organizational
|
|
// unit ID string requires "ou-" followed by from 4 to 32 lower-case letters
|
|
// or digits (the ID of the root that contains the OU) followed by a second
|
|
// "-" dash and from 8 to 32 additional lower-case letters or digits.
|
|
//
|
|
// OrganizationalUnitId is a required field
|
|
OrganizationalUnitId *string `type:"string" required:"true"`
|
|
}
|
|
|
|
// String returns the string representation
|
|
func (s UpdateOrganizationalUnitInput) String() string {
|
|
return awsutil.Prettify(s)
|
|
}
|
|
|
|
// GoString returns the string representation
|
|
func (s UpdateOrganizationalUnitInput) GoString() string {
|
|
return s.String()
|
|
}
|
|
|
|
// Validate inspects the fields of the type to determine if they are valid.
|
|
func (s *UpdateOrganizationalUnitInput) Validate() error {
|
|
invalidParams := request.ErrInvalidParams{Context: "UpdateOrganizationalUnitInput"}
|
|
if s.Name != nil && len(*s.Name) < 1 {
|
|
invalidParams.Add(request.NewErrParamMinLen("Name", 1))
|
|
}
|
|
if s.OrganizationalUnitId == nil {
|
|
invalidParams.Add(request.NewErrParamRequired("OrganizationalUnitId"))
|
|
}
|
|
|
|
if invalidParams.Len() > 0 {
|
|
return invalidParams
|
|
}
|
|
return nil
|
|
}
|
|
|
|
// SetName sets the Name field's value.
|
|
func (s *UpdateOrganizationalUnitInput) SetName(v string) *UpdateOrganizationalUnitInput {
|
|
s.Name = &v
|
|
return s
|
|
}
|
|
|
|
// SetOrganizationalUnitId sets the OrganizationalUnitId field's value.
|
|
func (s *UpdateOrganizationalUnitInput) SetOrganizationalUnitId(v string) *UpdateOrganizationalUnitInput {
|
|
s.OrganizationalUnitId = &v
|
|
return s
|
|
}
|
|
|
|
type UpdateOrganizationalUnitOutput struct {
|
|
_ struct{} `type:"structure"`
|
|
|
|
// A structure that contains the details about the specified OU, including its
|
|
// new name.
|
|
OrganizationalUnit *OrganizationalUnit `type:"structure"`
|
|
}
|
|
|
|
// String returns the string representation
|
|
func (s UpdateOrganizationalUnitOutput) String() string {
|
|
return awsutil.Prettify(s)
|
|
}
|
|
|
|
// GoString returns the string representation
|
|
func (s UpdateOrganizationalUnitOutput) GoString() string {
|
|
return s.String()
|
|
}
|
|
|
|
// SetOrganizationalUnit sets the OrganizationalUnit field's value.
|
|
func (s *UpdateOrganizationalUnitOutput) SetOrganizationalUnit(v *OrganizationalUnit) *UpdateOrganizationalUnitOutput {
|
|
s.OrganizationalUnit = v
|
|
return s
|
|
}
|
|
|
|
type UpdatePolicyInput struct {
|
|
_ struct{} `type:"structure"`
|
|
|
|
// If provided, the new content for the policy. The text must be correctly formatted
|
|
// JSON that complies with the syntax for the policy's type. For more information,
|
|
// see Service Control Policy Syntax (http://docs.aws.amazon.com/organizations/latest/userguide/orgs_reference_scp-syntax.html)
|
|
// in the AWS Organizations User Guide.
|
|
Content *string `min:"1" type:"string"`
|
|
|
|
// If provided, the new description for the policy.
|
|
Description *string `type:"string"`
|
|
|
|
// If provided, the new name for the policy.
|
|
//
|
|
// The regex pattern (http://wikipedia.org/wiki/regex) that is used to validate
|
|
// this parameter is a string of any of the characters in the ASCII character
|
|
// range.
|
|
Name *string `min:"1" type:"string"`
|
|
|
|
// The unique identifier (ID) of the policy that you want to update.
|
|
//
|
|
// The regex pattern (http://wikipedia.org/wiki/regex) for a policy ID string
|
|
// requires "p-" followed by from 8 to 128 lower-case letters or digits.
|
|
//
|
|
// PolicyId is a required field
|
|
PolicyId *string `type:"string" required:"true"`
|
|
}
|
|
|
|
// String returns the string representation
|
|
func (s UpdatePolicyInput) String() string {
|
|
return awsutil.Prettify(s)
|
|
}
|
|
|
|
// GoString returns the string representation
|
|
func (s UpdatePolicyInput) GoString() string {
|
|
return s.String()
|
|
}
|
|
|
|
// Validate inspects the fields of the type to determine if they are valid.
|
|
func (s *UpdatePolicyInput) Validate() error {
|
|
invalidParams := request.ErrInvalidParams{Context: "UpdatePolicyInput"}
|
|
if s.Content != nil && len(*s.Content) < 1 {
|
|
invalidParams.Add(request.NewErrParamMinLen("Content", 1))
|
|
}
|
|
if s.Name != nil && len(*s.Name) < 1 {
|
|
invalidParams.Add(request.NewErrParamMinLen("Name", 1))
|
|
}
|
|
if s.PolicyId == nil {
|
|
invalidParams.Add(request.NewErrParamRequired("PolicyId"))
|
|
}
|
|
|
|
if invalidParams.Len() > 0 {
|
|
return invalidParams
|
|
}
|
|
return nil
|
|
}
|
|
|
|
// SetContent sets the Content field's value.
|
|
func (s *UpdatePolicyInput) SetContent(v string) *UpdatePolicyInput {
|
|
s.Content = &v
|
|
return s
|
|
}
|
|
|
|
// SetDescription sets the Description field's value.
|
|
func (s *UpdatePolicyInput) SetDescription(v string) *UpdatePolicyInput {
|
|
s.Description = &v
|
|
return s
|
|
}
|
|
|
|
// SetName sets the Name field's value.
|
|
func (s *UpdatePolicyInput) SetName(v string) *UpdatePolicyInput {
|
|
s.Name = &v
|
|
return s
|
|
}
|
|
|
|
// SetPolicyId sets the PolicyId field's value.
|
|
func (s *UpdatePolicyInput) SetPolicyId(v string) *UpdatePolicyInput {
|
|
s.PolicyId = &v
|
|
return s
|
|
}
|
|
|
|
type UpdatePolicyOutput struct {
|
|
_ struct{} `type:"structure"`
|
|
|
|
// A structure that contains details about the updated policy, showing the requested
|
|
// changes.
|
|
Policy *Policy `type:"structure"`
|
|
}
|
|
|
|
// String returns the string representation
|
|
func (s UpdatePolicyOutput) String() string {
|
|
return awsutil.Prettify(s)
|
|
}
|
|
|
|
// GoString returns the string representation
|
|
func (s UpdatePolicyOutput) GoString() string {
|
|
return s.String()
|
|
}
|
|
|
|
// SetPolicy sets the Policy field's value.
|
|
func (s *UpdatePolicyOutput) SetPolicy(v *Policy) *UpdatePolicyOutput {
|
|
s.Policy = v
|
|
return s
|
|
}
|
|
|
|
const (
|
|
// AccessDeniedForDependencyExceptionReasonAccessDeniedDuringCreateServiceLinkedRole is a AccessDeniedForDependencyExceptionReason enum value
|
|
AccessDeniedForDependencyExceptionReasonAccessDeniedDuringCreateServiceLinkedRole = "ACCESS_DENIED_DURING_CREATE_SERVICE_LINKED_ROLE"
|
|
)
|
|
|
|
const (
|
|
// AccountJoinedMethodInvited is a AccountJoinedMethod enum value
|
|
AccountJoinedMethodInvited = "INVITED"
|
|
|
|
// AccountJoinedMethodCreated is a AccountJoinedMethod enum value
|
|
AccountJoinedMethodCreated = "CREATED"
|
|
)
|
|
|
|
const (
|
|
// AccountStatusActive is a AccountStatus enum value
|
|
AccountStatusActive = "ACTIVE"
|
|
|
|
// AccountStatusSuspended is a AccountStatus enum value
|
|
AccountStatusSuspended = "SUSPENDED"
|
|
)
|
|
|
|
const (
|
|
// ActionTypeInvite is a ActionType enum value
|
|
ActionTypeInvite = "INVITE"
|
|
|
|
// ActionTypeEnableAllFeatures is a ActionType enum value
|
|
ActionTypeEnableAllFeatures = "ENABLE_ALL_FEATURES"
|
|
|
|
// ActionTypeApproveAllFeatures is a ActionType enum value
|
|
ActionTypeApproveAllFeatures = "APPROVE_ALL_FEATURES"
|
|
|
|
// ActionTypeAddOrganizationsServiceLinkedRole is a ActionType enum value
|
|
ActionTypeAddOrganizationsServiceLinkedRole = "ADD_ORGANIZATIONS_SERVICE_LINKED_ROLE"
|
|
)
|
|
|
|
const (
|
|
// ChildTypeAccount is a ChildType enum value
|
|
ChildTypeAccount = "ACCOUNT"
|
|
|
|
// ChildTypeOrganizationalUnit is a ChildType enum value
|
|
ChildTypeOrganizationalUnit = "ORGANIZATIONAL_UNIT"
|
|
)
|
|
|
|
const (
|
|
// ConstraintViolationExceptionReasonAccountNumberLimitExceeded is a ConstraintViolationExceptionReason enum value
|
|
ConstraintViolationExceptionReasonAccountNumberLimitExceeded = "ACCOUNT_NUMBER_LIMIT_EXCEEDED"
|
|
|
|
// ConstraintViolationExceptionReasonHandshakeRateLimitExceeded is a ConstraintViolationExceptionReason enum value
|
|
ConstraintViolationExceptionReasonHandshakeRateLimitExceeded = "HANDSHAKE_RATE_LIMIT_EXCEEDED"
|
|
|
|
// ConstraintViolationExceptionReasonOuNumberLimitExceeded is a ConstraintViolationExceptionReason enum value
|
|
ConstraintViolationExceptionReasonOuNumberLimitExceeded = "OU_NUMBER_LIMIT_EXCEEDED"
|
|
|
|
// ConstraintViolationExceptionReasonOuDepthLimitExceeded is a ConstraintViolationExceptionReason enum value
|
|
ConstraintViolationExceptionReasonOuDepthLimitExceeded = "OU_DEPTH_LIMIT_EXCEEDED"
|
|
|
|
// ConstraintViolationExceptionReasonPolicyNumberLimitExceeded is a ConstraintViolationExceptionReason enum value
|
|
ConstraintViolationExceptionReasonPolicyNumberLimitExceeded = "POLICY_NUMBER_LIMIT_EXCEEDED"
|
|
|
|
// ConstraintViolationExceptionReasonMaxPolicyTypeAttachmentLimitExceeded is a ConstraintViolationExceptionReason enum value
|
|
ConstraintViolationExceptionReasonMaxPolicyTypeAttachmentLimitExceeded = "MAX_POLICY_TYPE_ATTACHMENT_LIMIT_EXCEEDED"
|
|
|
|
// ConstraintViolationExceptionReasonMinPolicyTypeAttachmentLimitExceeded is a ConstraintViolationExceptionReason enum value
|
|
ConstraintViolationExceptionReasonMinPolicyTypeAttachmentLimitExceeded = "MIN_POLICY_TYPE_ATTACHMENT_LIMIT_EXCEEDED"
|
|
|
|
// ConstraintViolationExceptionReasonAccountCannotLeaveOrganization is a ConstraintViolationExceptionReason enum value
|
|
ConstraintViolationExceptionReasonAccountCannotLeaveOrganization = "ACCOUNT_CANNOT_LEAVE_ORGANIZATION"
|
|
|
|
// ConstraintViolationExceptionReasonAccountCannotLeaveWithoutEula is a ConstraintViolationExceptionReason enum value
|
|
ConstraintViolationExceptionReasonAccountCannotLeaveWithoutEula = "ACCOUNT_CANNOT_LEAVE_WITHOUT_EULA"
|
|
|
|
// ConstraintViolationExceptionReasonAccountCannotLeaveWithoutPhoneVerification is a ConstraintViolationExceptionReason enum value
|
|
ConstraintViolationExceptionReasonAccountCannotLeaveWithoutPhoneVerification = "ACCOUNT_CANNOT_LEAVE_WITHOUT_PHONE_VERIFICATION"
|
|
|
|
// ConstraintViolationExceptionReasonMasterAccountPaymentInstrumentRequired is a ConstraintViolationExceptionReason enum value
|
|
ConstraintViolationExceptionReasonMasterAccountPaymentInstrumentRequired = "MASTER_ACCOUNT_PAYMENT_INSTRUMENT_REQUIRED"
|
|
|
|
// ConstraintViolationExceptionReasonMemberAccountPaymentInstrumentRequired is a ConstraintViolationExceptionReason enum value
|
|
ConstraintViolationExceptionReasonMemberAccountPaymentInstrumentRequired = "MEMBER_ACCOUNT_PAYMENT_INSTRUMENT_REQUIRED"
|
|
|
|
// ConstraintViolationExceptionReasonAccountCreationRateLimitExceeded is a ConstraintViolationExceptionReason enum value
|
|
ConstraintViolationExceptionReasonAccountCreationRateLimitExceeded = "ACCOUNT_CREATION_RATE_LIMIT_EXCEEDED"
|
|
|
|
// ConstraintViolationExceptionReasonMasterAccountAddressDoesNotMatchMarketplace is a ConstraintViolationExceptionReason enum value
|
|
ConstraintViolationExceptionReasonMasterAccountAddressDoesNotMatchMarketplace = "MASTER_ACCOUNT_ADDRESS_DOES_NOT_MATCH_MARKETPLACE"
|
|
|
|
// ConstraintViolationExceptionReasonMasterAccountMissingContactInfo is a ConstraintViolationExceptionReason enum value
|
|
ConstraintViolationExceptionReasonMasterAccountMissingContactInfo = "MASTER_ACCOUNT_MISSING_CONTACT_INFO"
|
|
|
|
// ConstraintViolationExceptionReasonOrganizationNotInAllFeaturesMode is a ConstraintViolationExceptionReason enum value
|
|
ConstraintViolationExceptionReasonOrganizationNotInAllFeaturesMode = "ORGANIZATION_NOT_IN_ALL_FEATURES_MODE"
|
|
)
|
|
|
|
const (
|
|
// CreateAccountFailureReasonAccountLimitExceeded is a CreateAccountFailureReason enum value
|
|
CreateAccountFailureReasonAccountLimitExceeded = "ACCOUNT_LIMIT_EXCEEDED"
|
|
|
|
// CreateAccountFailureReasonEmailAlreadyExists is a CreateAccountFailureReason enum value
|
|
CreateAccountFailureReasonEmailAlreadyExists = "EMAIL_ALREADY_EXISTS"
|
|
|
|
// CreateAccountFailureReasonInvalidAddress is a CreateAccountFailureReason enum value
|
|
CreateAccountFailureReasonInvalidAddress = "INVALID_ADDRESS"
|
|
|
|
// CreateAccountFailureReasonInvalidEmail is a CreateAccountFailureReason enum value
|
|
CreateAccountFailureReasonInvalidEmail = "INVALID_EMAIL"
|
|
|
|
// CreateAccountFailureReasonConcurrentAccountModification is a CreateAccountFailureReason enum value
|
|
CreateAccountFailureReasonConcurrentAccountModification = "CONCURRENT_ACCOUNT_MODIFICATION"
|
|
|
|
// CreateAccountFailureReasonInternalFailure is a CreateAccountFailureReason enum value
|
|
CreateAccountFailureReasonInternalFailure = "INTERNAL_FAILURE"
|
|
)
|
|
|
|
const (
|
|
// CreateAccountStateInProgress is a CreateAccountState enum value
|
|
CreateAccountStateInProgress = "IN_PROGRESS"
|
|
|
|
// CreateAccountStateSucceeded is a CreateAccountState enum value
|
|
CreateAccountStateSucceeded = "SUCCEEDED"
|
|
|
|
// CreateAccountStateFailed is a CreateAccountState enum value
|
|
CreateAccountStateFailed = "FAILED"
|
|
)
|
|
|
|
const (
|
|
// HandshakeConstraintViolationExceptionReasonAccountNumberLimitExceeded is a HandshakeConstraintViolationExceptionReason enum value
|
|
HandshakeConstraintViolationExceptionReasonAccountNumberLimitExceeded = "ACCOUNT_NUMBER_LIMIT_EXCEEDED"
|
|
|
|
// HandshakeConstraintViolationExceptionReasonHandshakeRateLimitExceeded is a HandshakeConstraintViolationExceptionReason enum value
|
|
HandshakeConstraintViolationExceptionReasonHandshakeRateLimitExceeded = "HANDSHAKE_RATE_LIMIT_EXCEEDED"
|
|
|
|
// HandshakeConstraintViolationExceptionReasonAlreadyInAnOrganization is a HandshakeConstraintViolationExceptionReason enum value
|
|
HandshakeConstraintViolationExceptionReasonAlreadyInAnOrganization = "ALREADY_IN_AN_ORGANIZATION"
|
|
|
|
// HandshakeConstraintViolationExceptionReasonOrganizationAlreadyHasAllFeatures is a HandshakeConstraintViolationExceptionReason enum value
|
|
HandshakeConstraintViolationExceptionReasonOrganizationAlreadyHasAllFeatures = "ORGANIZATION_ALREADY_HAS_ALL_FEATURES"
|
|
|
|
// HandshakeConstraintViolationExceptionReasonInviteDisabledDuringEnableAllFeatures is a HandshakeConstraintViolationExceptionReason enum value
|
|
HandshakeConstraintViolationExceptionReasonInviteDisabledDuringEnableAllFeatures = "INVITE_DISABLED_DURING_ENABLE_ALL_FEATURES"
|
|
|
|
// HandshakeConstraintViolationExceptionReasonPaymentInstrumentRequired is a HandshakeConstraintViolationExceptionReason enum value
|
|
HandshakeConstraintViolationExceptionReasonPaymentInstrumentRequired = "PAYMENT_INSTRUMENT_REQUIRED"
|
|
|
|
// HandshakeConstraintViolationExceptionReasonOrganizationFromDifferentSellerOfRecord is a HandshakeConstraintViolationExceptionReason enum value
|
|
HandshakeConstraintViolationExceptionReasonOrganizationFromDifferentSellerOfRecord = "ORGANIZATION_FROM_DIFFERENT_SELLER_OF_RECORD"
|
|
|
|
// HandshakeConstraintViolationExceptionReasonOrganizationMembershipChangeRateLimitExceeded is a HandshakeConstraintViolationExceptionReason enum value
|
|
HandshakeConstraintViolationExceptionReasonOrganizationMembershipChangeRateLimitExceeded = "ORGANIZATION_MEMBERSHIP_CHANGE_RATE_LIMIT_EXCEEDED"
|
|
)
|
|
|
|
const (
|
|
// HandshakePartyTypeAccount is a HandshakePartyType enum value
|
|
HandshakePartyTypeAccount = "ACCOUNT"
|
|
|
|
// HandshakePartyTypeOrganization is a HandshakePartyType enum value
|
|
HandshakePartyTypeOrganization = "ORGANIZATION"
|
|
|
|
// HandshakePartyTypeEmail is a HandshakePartyType enum value
|
|
HandshakePartyTypeEmail = "EMAIL"
|
|
)
|
|
|
|
const (
|
|
// HandshakeResourceTypeAccount is a HandshakeResourceType enum value
|
|
HandshakeResourceTypeAccount = "ACCOUNT"
|
|
|
|
// HandshakeResourceTypeOrganization is a HandshakeResourceType enum value
|
|
HandshakeResourceTypeOrganization = "ORGANIZATION"
|
|
|
|
// HandshakeResourceTypeOrganizationFeatureSet is a HandshakeResourceType enum value
|
|
HandshakeResourceTypeOrganizationFeatureSet = "ORGANIZATION_FEATURE_SET"
|
|
|
|
// HandshakeResourceTypeEmail is a HandshakeResourceType enum value
|
|
HandshakeResourceTypeEmail = "EMAIL"
|
|
|
|
// HandshakeResourceTypeMasterEmail is a HandshakeResourceType enum value
|
|
HandshakeResourceTypeMasterEmail = "MASTER_EMAIL"
|
|
|
|
// HandshakeResourceTypeMasterName is a HandshakeResourceType enum value
|
|
HandshakeResourceTypeMasterName = "MASTER_NAME"
|
|
|
|
// HandshakeResourceTypeNotes is a HandshakeResourceType enum value
|
|
HandshakeResourceTypeNotes = "NOTES"
|
|
|
|
// HandshakeResourceTypeParentHandshake is a HandshakeResourceType enum value
|
|
HandshakeResourceTypeParentHandshake = "PARENT_HANDSHAKE"
|
|
)
|
|
|
|
const (
|
|
// HandshakeStateRequested is a HandshakeState enum value
|
|
HandshakeStateRequested = "REQUESTED"
|
|
|
|
// HandshakeStateOpen is a HandshakeState enum value
|
|
HandshakeStateOpen = "OPEN"
|
|
|
|
// HandshakeStateCanceled is a HandshakeState enum value
|
|
HandshakeStateCanceled = "CANCELED"
|
|
|
|
// HandshakeStateAccepted is a HandshakeState enum value
|
|
HandshakeStateAccepted = "ACCEPTED"
|
|
|
|
// HandshakeStateDeclined is a HandshakeState enum value
|
|
HandshakeStateDeclined = "DECLINED"
|
|
|
|
// HandshakeStateExpired is a HandshakeState enum value
|
|
HandshakeStateExpired = "EXPIRED"
|
|
)
|
|
|
|
const (
|
|
// IAMUserAccessToBillingAllow is a IAMUserAccessToBilling enum value
|
|
IAMUserAccessToBillingAllow = "ALLOW"
|
|
|
|
// IAMUserAccessToBillingDeny is a IAMUserAccessToBilling enum value
|
|
IAMUserAccessToBillingDeny = "DENY"
|
|
)
|
|
|
|
const (
|
|
// InvalidInputExceptionReasonInvalidPartyTypeTarget is a InvalidInputExceptionReason enum value
|
|
InvalidInputExceptionReasonInvalidPartyTypeTarget = "INVALID_PARTY_TYPE_TARGET"
|
|
|
|
// InvalidInputExceptionReasonInvalidSyntaxOrganizationArn is a InvalidInputExceptionReason enum value
|
|
InvalidInputExceptionReasonInvalidSyntaxOrganizationArn = "INVALID_SYNTAX_ORGANIZATION_ARN"
|
|
|
|
// InvalidInputExceptionReasonInvalidSyntaxPolicyId is a InvalidInputExceptionReason enum value
|
|
InvalidInputExceptionReasonInvalidSyntaxPolicyId = "INVALID_SYNTAX_POLICY_ID"
|
|
|
|
// InvalidInputExceptionReasonInvalidEnum is a InvalidInputExceptionReason enum value
|
|
InvalidInputExceptionReasonInvalidEnum = "INVALID_ENUM"
|
|
|
|
// InvalidInputExceptionReasonInvalidListMember is a InvalidInputExceptionReason enum value
|
|
InvalidInputExceptionReasonInvalidListMember = "INVALID_LIST_MEMBER"
|
|
|
|
// InvalidInputExceptionReasonMaxLengthExceeded is a InvalidInputExceptionReason enum value
|
|
InvalidInputExceptionReasonMaxLengthExceeded = "MAX_LENGTH_EXCEEDED"
|
|
|
|
// InvalidInputExceptionReasonMaxValueExceeded is a InvalidInputExceptionReason enum value
|
|
InvalidInputExceptionReasonMaxValueExceeded = "MAX_VALUE_EXCEEDED"
|
|
|
|
// InvalidInputExceptionReasonMinLengthExceeded is a InvalidInputExceptionReason enum value
|
|
InvalidInputExceptionReasonMinLengthExceeded = "MIN_LENGTH_EXCEEDED"
|
|
|
|
// InvalidInputExceptionReasonMinValueExceeded is a InvalidInputExceptionReason enum value
|
|
InvalidInputExceptionReasonMinValueExceeded = "MIN_VALUE_EXCEEDED"
|
|
|
|
// InvalidInputExceptionReasonImmutablePolicy is a InvalidInputExceptionReason enum value
|
|
InvalidInputExceptionReasonImmutablePolicy = "IMMUTABLE_POLICY"
|
|
|
|
// InvalidInputExceptionReasonInvalidPattern is a InvalidInputExceptionReason enum value
|
|
InvalidInputExceptionReasonInvalidPattern = "INVALID_PATTERN"
|
|
|
|
// InvalidInputExceptionReasonInvalidPatternTargetId is a InvalidInputExceptionReason enum value
|
|
InvalidInputExceptionReasonInvalidPatternTargetId = "INVALID_PATTERN_TARGET_ID"
|
|
|
|
// InvalidInputExceptionReasonInputRequired is a InvalidInputExceptionReason enum value
|
|
InvalidInputExceptionReasonInputRequired = "INPUT_REQUIRED"
|
|
|
|
// InvalidInputExceptionReasonInvalidNextToken is a InvalidInputExceptionReason enum value
|
|
InvalidInputExceptionReasonInvalidNextToken = "INVALID_NEXT_TOKEN"
|
|
|
|
// InvalidInputExceptionReasonMaxLimitExceededFilter is a InvalidInputExceptionReason enum value
|
|
InvalidInputExceptionReasonMaxLimitExceededFilter = "MAX_LIMIT_EXCEEDED_FILTER"
|
|
|
|
// InvalidInputExceptionReasonMovingAccountBetweenDifferentRoots is a InvalidInputExceptionReason enum value
|
|
InvalidInputExceptionReasonMovingAccountBetweenDifferentRoots = "MOVING_ACCOUNT_BETWEEN_DIFFERENT_ROOTS"
|
|
|
|
// InvalidInputExceptionReasonInvalidFullNameTarget is a InvalidInputExceptionReason enum value
|
|
InvalidInputExceptionReasonInvalidFullNameTarget = "INVALID_FULL_NAME_TARGET"
|
|
|
|
// InvalidInputExceptionReasonUnrecognizedServicePrincipal is a InvalidInputExceptionReason enum value
|
|
InvalidInputExceptionReasonUnrecognizedServicePrincipal = "UNRECOGNIZED_SERVICE_PRINCIPAL"
|
|
|
|
// InvalidInputExceptionReasonInvalidRoleName is a InvalidInputExceptionReason enum value
|
|
InvalidInputExceptionReasonInvalidRoleName = "INVALID_ROLE_NAME"
|
|
)
|
|
|
|
const (
|
|
// OrganizationFeatureSetAll is a OrganizationFeatureSet enum value
|
|
OrganizationFeatureSetAll = "ALL"
|
|
|
|
// OrganizationFeatureSetConsolidatedBilling is a OrganizationFeatureSet enum value
|
|
OrganizationFeatureSetConsolidatedBilling = "CONSOLIDATED_BILLING"
|
|
)
|
|
|
|
const (
|
|
// ParentTypeRoot is a ParentType enum value
|
|
ParentTypeRoot = "ROOT"
|
|
|
|
// ParentTypeOrganizationalUnit is a ParentType enum value
|
|
ParentTypeOrganizationalUnit = "ORGANIZATIONAL_UNIT"
|
|
)
|
|
|
|
const (
|
|
// PolicyTypeServiceControlPolicy is a PolicyType enum value
|
|
PolicyTypeServiceControlPolicy = "SERVICE_CONTROL_POLICY"
|
|
)
|
|
|
|
const (
|
|
// PolicyTypeStatusEnabled is a PolicyTypeStatus enum value
|
|
PolicyTypeStatusEnabled = "ENABLED"
|
|
|
|
// PolicyTypeStatusPendingEnable is a PolicyTypeStatus enum value
|
|
PolicyTypeStatusPendingEnable = "PENDING_ENABLE"
|
|
|
|
// PolicyTypeStatusPendingDisable is a PolicyTypeStatus enum value
|
|
PolicyTypeStatusPendingDisable = "PENDING_DISABLE"
|
|
)
|
|
|
|
const (
|
|
// TargetTypeAccount is a TargetType enum value
|
|
TargetTypeAccount = "ACCOUNT"
|
|
|
|
// TargetTypeOrganizationalUnit is a TargetType enum value
|
|
TargetTypeOrganizationalUnit = "ORGANIZATIONAL_UNIT"
|
|
|
|
// TargetTypeRoot is a TargetType enum value
|
|
TargetTypeRoot = "ROOT"
|
|
)
|