aws-sdk-account 1.24.0 → 1.25.0

checksums.yaml

@@ -1,7 +1,7 @@
 ---
 SHA256:
-  metadata.gz: a1cab7117f07eb468c1490565de23b9cc87451fd28a09df62d698bf0fbb0c6e7
-  data.tar.gz: 40f86c093c8a33d45e6cc262db712203ed4e21119cae41c4758581a6611caf5c
+  metadata.gz: 831d2a240d24a468764bd176311533a285eec52a2060768f150c77ea32528385
+  data.tar.gz: dbf6fa9b502fc6fb6a0c4ea24f286f8f127b066a1280a8b8ce85249437419750
 SHA512:
-  metadata.gz: 1565969e39fa08063bd6da08bd31c15fd0a9d0ef67dd06581e79fe7ecbcd995997b1f161f8e5b1197c30b9a4fff443bb374ab039fb3d424a67a17cbc8f9a481a
-  data.tar.gz: ad4ae5ae887a55860d3541bb4bf15e9b9b47c07013375cd76da3954b54b684f2da2c3270a95ee9e41be61cfb2771d47b2e06bcebf97e58b1fe946eba1e51d779
+  metadata.gz: 90171994d8c19f0de82d7db7245e34afa7001a51a6004f3355c75d31b68bfd4bfdeca15c35cafd07b55f129c97c94cb33c87dcf98d40887aa7471d573ae2db6d
+  data.tar.gz: 74e8d94056af678bf662574c1cf0bec330642ef4a465638fe6894a06a6c56c778de27a1a2a7a1ae20004e2975d11b24f3ed694ffc2074aba29b7638be90b171a

data/CHANGELOG.md

@@ -1,6 +1,11 @@
 Unreleased Changes
 ------------------
 
+1.25.0 (2024-06-06)
+------------------
+
+* Feature - This release adds 3 new APIs (AcceptPrimaryEmailUpdate, GetPrimaryEmail, and StartPrimaryEmailUpdate) used to centrally manage the root user email address of member accounts within an AWS organization.
+
 1.24.0 (2024-06-05)
 ------------------
 

data/VERSION

@@ -1 +1 @@
-1.24.0
+1.25.0

data/lib/aws-sdk-account/client.rb

@@ -413,6 +413,70 @@ module Aws::Account
 
     # @!group API Operations
 
+    # Accepts the request that originated from StartPrimaryEmailUpdate to
+    # update the primary email address (also known as the root user email
+    # address) for the specified account.
+    #
+    # @option params [required, String] :account_id
+    #   Specifies the 12-digit account ID number of the Amazon Web Services
+    #   account that you want to access or modify with this operation. To use
+    #   this parameter, the caller must be an identity in the [organization's
+    #   management account][1] or a delegated administrator account. The
+    #   specified account ID must be a member account in the same
+    #   organization. The organization must have [all features enabled][2],
+    #   and the organization must have [trusted access][3] enabled for the
+    #   Account Management service, and optionally a [delegated admin][4]
+    #   account assigned.
+    #
+    #   This operation can only be called from the management account or the
+    #   delegated administrator account of an organization for a member
+    #   account.
+    #
+    #   <note markdown="1"> The management account can't specify its own `AccountId`.
+    #
+    #    </note>
+    #
+    #
+    #
+    #   [1]: https://docs.aws.amazon.com/organizations/latest/userguide/orgs_getting-started_concepts.html#account
+    #   [2]: https://docs.aws.amazon.com/organizations/latest/userguide/orgs_manage_org_support-all-features.html
+    #   [3]: https://docs.aws.amazon.com/organizations/latest/userguide/using-orgs-trusted-access.html
+    #   [4]: https://docs.aws.amazon.com/organizations/latest/userguide/using-orgs-delegated-admin.html
+    #
+    # @option params [required, String] :otp
+    #   The OTP code sent to the `PrimaryEmail` specified on the
+    #   `StartPrimaryEmailUpdate` API call.
+    #
+    # @option params [required, String] :primary_email
+    #   The new primary email address for use with the specified account. This
+    #   must match the `PrimaryEmail` from the `StartPrimaryEmailUpdate` API
+    #   call.
+    #
+    # @return [Types::AcceptPrimaryEmailUpdateResponse] Returns a {Seahorse::Client::Response response} object which responds to the following methods:
+    #
+    #   * {Types::AcceptPrimaryEmailUpdateResponse#status #status} => String
+    #
+    # @example Request syntax with placeholder values
+    #
+    #   resp = client.accept_primary_email_update({
+    #     account_id: "AccountId", # required
+    #     otp: "Otp", # required
+    #     primary_email: "PrimaryEmailAddress", # required
+    #   })
+    #
+    # @example Response structure
+    #
+    #   resp.status #=> String, one of "PENDING", "ACCEPTED"
+    #
+    # @see http://docs.aws.amazon.com/goto/WebAPI/account-2021-02-01/AcceptPrimaryEmailUpdate AWS API Documentation
+    #
+    # @overload accept_primary_email_update(params = {})
+    # @param [Hash] params ({})
+    def accept_primary_email_update(params = {}, options = {})
+      req = build_request(:accept_primary_email_update, params)
+      req.send_request(options)
+    end
+
     # Deletes the specified alternate contact from an Amazon Web Services
     # account.
     #
@@ -488,6 +552,11 @@ module Aws::Account
 
     # Disables (opts-out) a particular Region for an account.
     #
+    # <note markdown="1"> The act of disabling a Region will remove all IAM access to any
+    # resources that reside in that Region.
+    #
+    #  </note>
+    #
     # @option params [String] :account_id
     #   Specifies the 12-digit account ID number of the Amazon Web Services
     #   account that you want to access or modify with this operation. If you
@@ -495,7 +564,7 @@ module Aws::Account
     #   account of the identity used to call the operation. To use this
     #   parameter, the caller must be an identity in the [organization's
     #   management account][1] or a delegated administrator account. The
-    #   specified account ID must also be a member account in the same
+    #   specified account ID must be a member account in the same
     #   organization. The organization must have [all features enabled][2],
     #   and the organization must have [trusted access][3] enabled for the
     #   Account Management service, and optionally a [delegated admin][4]
@@ -554,7 +623,7 @@ module Aws::Account
     #   account of the identity used to call the operation. To use this
     #   parameter, the caller must be an identity in the [organization's
     #   management account][1] or a delegated administrator account. The
-    #   specified account ID must also be a member account in the same
+    #   specified account ID must be a member account in the same
     #   organization. The organization must have [all features enabled][2],
     #   and the organization must have [trusted access][3] enabled for the
     #   Account Management service, and optionally a [delegated admin][4]
@@ -705,7 +774,7 @@ module Aws::Account
     #   account of the identity used to call the operation. To use this
     #   parameter, the caller must be an identity in the [organization's
     #   management account][1] or a delegated administrator account. The
-    #   specified account ID must also be a member account in the same
+    #   specified account ID must be a member account in the same
     #   organization. The organization must have [all features enabled][2],
     #   and the organization must have [trusted access][3] enabled for the
     #   Account Management service, and optionally a [delegated admin][4]
@@ -763,6 +832,57 @@ module Aws::Account
       req.send_request(options)
     end
 
+    # Retrieves the primary email address for the specified account.
+    #
+    # @option params [required, String] :account_id
+    #   Specifies the 12-digit account ID number of the Amazon Web Services
+    #   account that you want to access or modify with this operation. To use
+    #   this parameter, the caller must be an identity in the [organization's
+    #   management account][1] or a delegated administrator account. The
+    #   specified account ID must be a member account in the same
+    #   organization. The organization must have [all features enabled][2],
+    #   and the organization must have [trusted access][3] enabled for the
+    #   Account Management service, and optionally a [delegated admin][4]
+    #   account assigned.
+    #
+    #   This operation can only be called from the management account or the
+    #   delegated administrator account of an organization for a member
+    #   account.
+    #
+    #   <note markdown="1"> The management account can't specify its own `AccountId`.
+    #
+    #    </note>
+    #
+    #
+    #
+    #   [1]: https://docs.aws.amazon.com/organizations/latest/userguide/orgs_getting-started_concepts.html#account
+    #   [2]: https://docs.aws.amazon.com/organizations/latest/userguide/orgs_manage_org_support-all-features.html
+    #   [3]: https://docs.aws.amazon.com/organizations/latest/userguide/using-orgs-trusted-access.html
+    #   [4]: https://docs.aws.amazon.com/organizations/latest/userguide/using-orgs-delegated-admin.html
+    #
+    # @return [Types::GetPrimaryEmailResponse] Returns a {Seahorse::Client::Response response} object which responds to the following methods:
+    #
+    #   * {Types::GetPrimaryEmailResponse#primary_email #primary_email} => String
+    #
+    # @example Request syntax with placeholder values
+    #
+    #   resp = client.get_primary_email({
+    #     account_id: "AccountId", # required
+    #   })
+    #
+    # @example Response structure
+    #
+    #   resp.primary_email #=> String
+    #
+    # @see http://docs.aws.amazon.com/goto/WebAPI/account-2021-02-01/GetPrimaryEmail AWS API Documentation
+    #
+    # @overload get_primary_email(params = {})
+    # @param [Hash] params ({})
+    def get_primary_email(params = {}, options = {})
+      req = build_request(:get_primary_email, params)
+      req.send_request(options)
+    end
+
     # Retrieves the opt-in status of a particular Region.
     #
     # @option params [String] :account_id
@@ -772,7 +892,7 @@ module Aws::Account
     #   account of the identity used to call the operation. To use this
     #   parameter, the caller must be an identity in the [organization's
     #   management account][1] or a delegated administrator account. The
-    #   specified account ID must also be a member account in the same
+    #   specified account ID must be a member account in the same
     #   organization. The organization must have [all features enabled][2],
     #   and the organization must have [trusted access][3] enabled for the
     #   Account Management service, and optionally a [delegated admin][4]
@@ -838,7 +958,7 @@ module Aws::Account
     #   account of the identity used to call the operation. To use this
     #   parameter, the caller must be an identity in the [organization's
     #   management account][1] or a delegated administrator account. The
-    #   specified account ID must also be a member account in the same
+    #   specified account ID must be a member account in the same
     #   organization. The organization must have [all features enabled][2],
     #   and the organization must have [trusted access][3] enabled for the
     #   Account Management service, and optionally a [delegated admin][4]
@@ -1030,7 +1150,7 @@ module Aws::Account
     #   account of the identity used to call the operation. To use this
     #   parameter, the caller must be an identity in the [organization's
     #   management account][1] or a delegated administrator account. The
-    #   specified account ID must also be a member account in the same
+    #   specified account ID must be a member account in the same
     #   organization. The organization must have [all features enabled][2],
     #   and the organization must have [trusted access][3] enabled for the
     #   Account Management service, and optionally a [delegated admin][4]
@@ -1089,6 +1209,63 @@ module Aws::Account
       req.send_request(options)
     end
 
+    # Starts the process to update the primary email address for the
+    # specified account.
+    #
+    # @option params [required, String] :account_id
+    #   Specifies the 12-digit account ID number of the Amazon Web Services
+    #   account that you want to access or modify with this operation. To use
+    #   this parameter, the caller must be an identity in the [organization's
+    #   management account][1] or a delegated administrator account. The
+    #   specified account ID must be a member account in the same
+    #   organization. The organization must have [all features enabled][2],
+    #   and the organization must have [trusted access][3] enabled for the
+    #   Account Management service, and optionally a [delegated admin][4]
+    #   account assigned.
+    #
+    #   This operation can only be called from the management account or the
+    #   delegated administrator account of an organization for a member
+    #   account.
+    #
+    #   <note markdown="1"> The management account can't specify its own `AccountId`.
+    #
+    #    </note>
+    #
+    #
+    #
+    #   [1]: https://docs.aws.amazon.com/organizations/latest/userguide/orgs_getting-started_concepts.html#account
+    #   [2]: https://docs.aws.amazon.com/organizations/latest/userguide/orgs_manage_org_support-all-features.html
+    #   [3]: https://docs.aws.amazon.com/organizations/latest/userguide/using-orgs-trusted-access.html
+    #   [4]: https://docs.aws.amazon.com/organizations/latest/userguide/using-orgs-delegated-admin.html
+    #
+    # @option params [required, String] :primary_email
+    #   The new primary email address (also known as the root user email
+    #   address) to use in the specified account.
+    #
+    # @return [Types::StartPrimaryEmailUpdateResponse] Returns a {Seahorse::Client::Response response} object which responds to the following methods:
+    #
+    #   * {Types::StartPrimaryEmailUpdateResponse#status #status} => String
+    #
+    # @example Request syntax with placeholder values
+    #
+    #   resp = client.start_primary_email_update({
+    #     account_id: "AccountId", # required
+    #     primary_email: "PrimaryEmailAddress", # required
+    #   })
+    #
+    # @example Response structure
+    #
+    #   resp.status #=> String, one of "PENDING", "ACCEPTED"
+    #
+    # @see http://docs.aws.amazon.com/goto/WebAPI/account-2021-02-01/StartPrimaryEmailUpdate AWS API Documentation
+    #
+    # @overload start_primary_email_update(params = {})
+    # @param [Hash] params ({})
+    def start_primary_email_update(params = {}, options = {})
+      req = build_request(:start_primary_email_update, params)
+      req.send_request(options)
+    end
+
     # @!endgroup
 
     # @param params ({})
@@ -1102,7 +1279,7 @@ module Aws::Account
         params: params,
         config: config)
       context[:gem_name] = 'aws-sdk-account'
-      context[:gem_version] = '1.24.0'
+      context[:gem_version] = '1.25.0'
       Seahorse::Client::Request.new(handlers, context)
     end
 

data/lib/aws-sdk-account/client_api.rb

@@ -13,6 +13,8 @@ module Aws::Account
 
     include Seahorse::Model
 
+    AcceptPrimaryEmailUpdateRequest = Shapes::StructureShape.new(name: 'AcceptPrimaryEmailUpdateRequest')
+    AcceptPrimaryEmailUpdateResponse = Shapes::StructureShape.new(name: 'AcceptPrimaryEmailUpdateResponse')
     AccessDeniedException = Shapes::StructureShape.new(name: 'AccessDeniedException')
     AccountId = Shapes::StringShape.new(name: 'AccountId')
     AddressLine = Shapes::StringShape.new(name: 'AddressLine')
@@ -34,6 +36,8 @@ module Aws::Account
     GetAlternateContactResponse = Shapes::StructureShape.new(name: 'GetAlternateContactResponse')
     GetContactInformationRequest = Shapes::StructureShape.new(name: 'GetContactInformationRequest')
     GetContactInformationResponse = Shapes::StructureShape.new(name: 'GetContactInformationResponse')
+    GetPrimaryEmailRequest = Shapes::StructureShape.new(name: 'GetPrimaryEmailRequest')
+    GetPrimaryEmailResponse = Shapes::StructureShape.new(name: 'GetPrimaryEmailResponse')
     GetRegionOptStatusRequest = Shapes::StructureShape.new(name: 'GetRegionOptStatusRequest')
     GetRegionOptStatusResponse = Shapes::StructureShape.new(name: 'GetRegionOptStatusResponse')
     InternalServerException = Shapes::StructureShape.new(name: 'InternalServerException')
@@ -42,8 +46,11 @@ module Aws::Account
     ListRegionsRequestNextTokenString = Shapes::StringShape.new(name: 'ListRegionsRequestNextTokenString')
     ListRegionsResponse = Shapes::StructureShape.new(name: 'ListRegionsResponse')
     Name = Shapes::StringShape.new(name: 'Name')
+    Otp = Shapes::StringShape.new(name: 'Otp')
     PhoneNumber = Shapes::StringShape.new(name: 'PhoneNumber')
     PostalCode = Shapes::StringShape.new(name: 'PostalCode')
+    PrimaryEmailAddress = Shapes::StringShape.new(name: 'PrimaryEmailAddress')
+    PrimaryEmailUpdateStatus = Shapes::StringShape.new(name: 'PrimaryEmailUpdateStatus')
     PutAlternateContactRequest = Shapes::StructureShape.new(name: 'PutAlternateContactRequest')
     PutContactInformationRequest = Shapes::StructureShape.new(name: 'PutContactInformationRequest')
     Region = Shapes::StructureShape.new(name: 'Region')
@@ -53,6 +60,8 @@ module Aws::Account
     RegionOptStatusList = Shapes::ListShape.new(name: 'RegionOptStatusList')
     ResourceNotFoundException = Shapes::StructureShape.new(name: 'ResourceNotFoundException')
     SensitiveString = Shapes::StringShape.new(name: 'SensitiveString')
+    StartPrimaryEmailUpdateRequest = Shapes::StructureShape.new(name: 'StartPrimaryEmailUpdateRequest')
+    StartPrimaryEmailUpdateResponse = Shapes::StructureShape.new(name: 'StartPrimaryEmailUpdateResponse')
     StateOrRegion = Shapes::StringShape.new(name: 'StateOrRegion')
     String = Shapes::StringShape.new(name: 'String')
     Title = Shapes::StringShape.new(name: 'Title')
@@ -63,6 +72,14 @@ module Aws::Account
     ValidationExceptionReason = Shapes::StringShape.new(name: 'ValidationExceptionReason')
     WebsiteUrl = Shapes::StringShape.new(name: 'WebsiteUrl')
 
+    AcceptPrimaryEmailUpdateRequest.add_member(:account_id, Shapes::ShapeRef.new(shape: AccountId, required: true, location_name: "AccountId"))
+    AcceptPrimaryEmailUpdateRequest.add_member(:otp, Shapes::ShapeRef.new(shape: Otp, required: true, location_name: "Otp"))
+    AcceptPrimaryEmailUpdateRequest.add_member(:primary_email, Shapes::ShapeRef.new(shape: PrimaryEmailAddress, required: true, location_name: "PrimaryEmail"))
+    AcceptPrimaryEmailUpdateRequest.struct_class = Types::AcceptPrimaryEmailUpdateRequest
+
+    AcceptPrimaryEmailUpdateResponse.add_member(:status, Shapes::ShapeRef.new(shape: PrimaryEmailUpdateStatus, location_name: "Status"))
+    AcceptPrimaryEmailUpdateResponse.struct_class = Types::AcceptPrimaryEmailUpdateResponse
+
     AccessDeniedException.add_member(:message, Shapes::ShapeRef.new(shape: String, required: true, location_name: "message"))
     AccessDeniedException.struct_class = Types::AccessDeniedException
 
@@ -115,6 +132,12 @@ module Aws::Account
     GetContactInformationResponse.add_member(:contact_information, Shapes::ShapeRef.new(shape: ContactInformation, location_name: "ContactInformation"))
     GetContactInformationResponse.struct_class = Types::GetContactInformationResponse
 
+    GetPrimaryEmailRequest.add_member(:account_id, Shapes::ShapeRef.new(shape: AccountId, required: true, location_name: "AccountId"))
+    GetPrimaryEmailRequest.struct_class = Types::GetPrimaryEmailRequest
+
+    GetPrimaryEmailResponse.add_member(:primary_email, Shapes::ShapeRef.new(shape: PrimaryEmailAddress, location_name: "PrimaryEmail"))
+    GetPrimaryEmailResponse.struct_class = Types::GetPrimaryEmailResponse
+
     GetRegionOptStatusRequest.add_member(:account_id, Shapes::ShapeRef.new(shape: AccountId, location_name: "AccountId"))
     GetRegionOptStatusRequest.add_member(:region_name, Shapes::ShapeRef.new(shape: RegionName, required: true, location_name: "RegionName"))
     GetRegionOptStatusRequest.struct_class = Types::GetRegionOptStatusRequest
@@ -159,6 +182,13 @@ module Aws::Account
     ResourceNotFoundException.add_member(:message, Shapes::ShapeRef.new(shape: String, required: true, location_name: "message"))
     ResourceNotFoundException.struct_class = Types::ResourceNotFoundException
 
+    StartPrimaryEmailUpdateRequest.add_member(:account_id, Shapes::ShapeRef.new(shape: AccountId, required: true, location_name: "AccountId"))
+    StartPrimaryEmailUpdateRequest.add_member(:primary_email, Shapes::ShapeRef.new(shape: PrimaryEmailAddress, required: true, location_name: "PrimaryEmail"))
+    StartPrimaryEmailUpdateRequest.struct_class = Types::StartPrimaryEmailUpdateRequest
+
+    StartPrimaryEmailUpdateResponse.add_member(:status, Shapes::ShapeRef.new(shape: PrimaryEmailUpdateStatus, location_name: "Status"))
+    StartPrimaryEmailUpdateResponse.struct_class = Types::StartPrimaryEmailUpdateResponse
+
     TooManyRequestsException.add_member(:message, Shapes::ShapeRef.new(shape: String, required: true, location_name: "message"))
     TooManyRequestsException.struct_class = Types::TooManyRequestsException
 
@@ -191,6 +221,20 @@ module Aws::Account
         "uid" => "account-2021-02-01",
       }
 
+      api.add_operation(:accept_primary_email_update, Seahorse::Model::Operation.new.tap do |o|
+        o.name = "AcceptPrimaryEmailUpdate"
+        o.http_method = "POST"
+        o.http_request_uri = "/acceptPrimaryEmailUpdate"
+        o.input = Shapes::ShapeRef.new(shape: AcceptPrimaryEmailUpdateRequest)
+        o.output = Shapes::ShapeRef.new(shape: AcceptPrimaryEmailUpdateResponse)
+        o.errors << Shapes::ShapeRef.new(shape: ResourceNotFoundException)
+        o.errors << Shapes::ShapeRef.new(shape: ValidationException)
+        o.errors << Shapes::ShapeRef.new(shape: ConflictException)
+        o.errors << Shapes::ShapeRef.new(shape: AccessDeniedException)
+        o.errors << Shapes::ShapeRef.new(shape: TooManyRequestsException)
+        o.errors << Shapes::ShapeRef.new(shape: InternalServerException)
+      end)
+
       api.add_operation(:delete_alternate_contact, Seahorse::Model::Operation.new.tap do |o|
         o.name = "DeleteAlternateContact"
         o.http_method = "POST"
@@ -256,6 +300,19 @@ module Aws::Account
         o.errors << Shapes::ShapeRef.new(shape: InternalServerException)
       end)
 
+      api.add_operation(:get_primary_email, Seahorse::Model::Operation.new.tap do |o|
+        o.name = "GetPrimaryEmail"
+        o.http_method = "POST"
+        o.http_request_uri = "/getPrimaryEmail"
+        o.input = Shapes::ShapeRef.new(shape: GetPrimaryEmailRequest)
+        o.output = Shapes::ShapeRef.new(shape: GetPrimaryEmailResponse)
+        o.errors << Shapes::ShapeRef.new(shape: ResourceNotFoundException)
+        o.errors << Shapes::ShapeRef.new(shape: ValidationException)
+        o.errors << Shapes::ShapeRef.new(shape: AccessDeniedException)
+        o.errors << Shapes::ShapeRef.new(shape: TooManyRequestsException)
+        o.errors << Shapes::ShapeRef.new(shape: InternalServerException)
+      end)
+
       api.add_operation(:get_region_opt_status, Seahorse::Model::Operation.new.tap do |o|
         o.name = "GetRegionOptStatus"
         o.http_method = "POST"
@@ -309,6 +366,20 @@ module Aws::Account
         o.errors << Shapes::ShapeRef.new(shape: TooManyRequestsException)
         o.errors << Shapes::ShapeRef.new(shape: InternalServerException)
       end)
+
+      api.add_operation(:start_primary_email_update, Seahorse::Model::Operation.new.tap do |o|
+        o.name = "StartPrimaryEmailUpdate"
+        o.http_method = "POST"
+        o.http_request_uri = "/startPrimaryEmailUpdate"
+        o.input = Shapes::ShapeRef.new(shape: StartPrimaryEmailUpdateRequest)
+        o.output = Shapes::ShapeRef.new(shape: StartPrimaryEmailUpdateResponse)
+        o.errors << Shapes::ShapeRef.new(shape: ResourceNotFoundException)
+        o.errors << Shapes::ShapeRef.new(shape: ValidationException)
+        o.errors << Shapes::ShapeRef.new(shape: ConflictException)
+        o.errors << Shapes::ShapeRef.new(shape: AccessDeniedException)
+        o.errors << Shapes::ShapeRef.new(shape: TooManyRequestsException)
+        o.errors << Shapes::ShapeRef.new(shape: InternalServerException)
+      end)
     end
 
   end

data/lib/aws-sdk-account/endpoint_provider.rb

@@ -38,7 +38,7 @@ module Aws::Account
             raise ArgumentError, "FIPS and DualStack are enabled, but this partition does not support one or both"
           end
           if Aws::Endpoints::Matchers.boolean_equals?(use_fips, true)
-            if Aws::Endpoints::Matchers.boolean_equals?(true, Aws::Endpoints::Matchers.attr(partition_result, "supportsFIPS"))
+            if Aws::Endpoints::Matchers.boolean_equals?(Aws::Endpoints::Matchers.attr(partition_result, "supportsFIPS"), true)
               return Aws::Endpoints::Endpoint.new(url: "https://account-fips.#{region}.#{partition_result['dnsSuffix']}", headers: {}, properties: {})
             end
             raise ArgumentError, "FIPS is enabled but this partition does not support FIPS"

data/lib/aws-sdk-account/endpoints.rb

@@ -12,6 +12,20 @@ module Aws::Account
   # @api private
   module Endpoints
 
+    class AcceptPrimaryEmailUpdate
+      def self.build(context)
+        unless context.config.regional_endpoint
+          endpoint = context.config.endpoint.to_s
+        end
+        Aws::Account::EndpointParameters.new(
+          region: context.config.region,
+          use_dual_stack: context.config.use_dualstack_endpoint,
+          use_fips: context.config.use_fips_endpoint,
+          endpoint: endpoint,
+        )
+      end
+    end
+
     class DeleteAlternateContact
       def self.build(context)
         unless context.config.regional_endpoint
@@ -82,6 +96,20 @@ module Aws::Account
       end
     end
 
+    class GetPrimaryEmail
+      def self.build(context)
+        unless context.config.regional_endpoint
+          endpoint = context.config.endpoint.to_s
+        end
+        Aws::Account::EndpointParameters.new(
+          region: context.config.region,
+          use_dual_stack: context.config.use_dualstack_endpoint,
+          use_fips: context.config.use_fips_endpoint,
+          endpoint: endpoint,
+        )
+      end
+    end
+
     class GetRegionOptStatus
       def self.build(context)
         unless context.config.regional_endpoint
@@ -138,5 +166,19 @@ module Aws::Account
       end
     end
 
+    class StartPrimaryEmailUpdate
+      def self.build(context)
+        unless context.config.regional_endpoint
+          endpoint = context.config.endpoint.to_s
+        end
+        Aws::Account::EndpointParameters.new(
+          region: context.config.region,
+          use_dual_stack: context.config.use_dualstack_endpoint,
+          use_fips: context.config.use_fips_endpoint,
+          endpoint: endpoint,
+        )
+      end
+    end
+
   end
 end

data/lib/aws-sdk-account/plugins/endpoints.rb

@@ -58,6 +58,8 @@ module Aws::Account
 
         def parameters_for_operation(context)
           case context.operation_name
+          when :accept_primary_email_update
+            Aws::Account::Endpoints::AcceptPrimaryEmailUpdate.build(context)
           when :delete_alternate_contact
             Aws::Account::Endpoints::DeleteAlternateContact.build(context)
           when :disable_region
@@ -68,6 +70,8 @@ module Aws::Account
             Aws::Account::Endpoints::GetAlternateContact.build(context)
           when :get_contact_information
             Aws::Account::Endpoints::GetContactInformation.build(context)
+          when :get_primary_email
+            Aws::Account::Endpoints::GetPrimaryEmail.build(context)
           when :get_region_opt_status
             Aws::Account::Endpoints::GetRegionOptStatus.build(context)
           when :list_regions
@@ -76,6 +80,8 @@ module Aws::Account
             Aws::Account::Endpoints::PutAlternateContact.build(context)
           when :put_contact_information
             Aws::Account::Endpoints::PutContactInformation.build(context)
+          when :start_primary_email_update
+            Aws::Account::Endpoints::StartPrimaryEmailUpdate.build(context)
           end
         end
       end

data/lib/aws-sdk-account/types.rb

@@ -10,6 +10,66 @@
 module Aws::Account
   module Types
 
+    # @!attribute [rw] account_id
+    #   Specifies the 12-digit account ID number of the Amazon Web Services
+    #   account that you want to access or modify with this operation. To
+    #   use this parameter, the caller must be an identity in the
+    #   [organization's management account][1] or a delegated administrator
+    #   account. The specified account ID must be a member account in the
+    #   same organization. The organization must have [all features
+    #   enabled][2], and the organization must have [trusted access][3]
+    #   enabled for the Account Management service, and optionally a
+    #   [delegated admin][4] account assigned.
+    #
+    #   This operation can only be called from the management account or the
+    #   delegated administrator account of an organization for a member
+    #   account.
+    #
+    #   <note markdown="1"> The management account can't specify its own `AccountId`.
+    #
+    #    </note>
+    #
+    #
+    #
+    #   [1]: https://docs.aws.amazon.com/organizations/latest/userguide/orgs_getting-started_concepts.html#account
+    #   [2]: https://docs.aws.amazon.com/organizations/latest/userguide/orgs_manage_org_support-all-features.html
+    #   [3]: https://docs.aws.amazon.com/organizations/latest/userguide/using-orgs-trusted-access.html
+    #   [4]: https://docs.aws.amazon.com/organizations/latest/userguide/using-orgs-delegated-admin.html
+    #   @return [String]
+    #
+    # @!attribute [rw] otp
+    #   The OTP code sent to the `PrimaryEmail` specified on the
+    #   `StartPrimaryEmailUpdate` API call.
+    #   @return [String]
+    #
+    # @!attribute [rw] primary_email
+    #   The new primary email address for use with the specified account.
+    #   This must match the `PrimaryEmail` from the
+    #   `StartPrimaryEmailUpdate` API call.
+    #   @return [String]
+    #
+    # @see http://docs.aws.amazon.com/goto/WebAPI/account-2021-02-01/AcceptPrimaryEmailUpdateRequest AWS API Documentation
+    #
+    class AcceptPrimaryEmailUpdateRequest < Struct.new(
+      :account_id,
+      :otp,
+      :primary_email)
+      SENSITIVE = [:otp, :primary_email]
+      include Aws::Structure
+    end
+
+    # @!attribute [rw] status
+    #   Retrieves the status of the accepted primary email update request.
+    #   @return [String]
+    #
+    # @see http://docs.aws.amazon.com/goto/WebAPI/account-2021-02-01/AcceptPrimaryEmailUpdateResponse AWS API Documentation
+    #
+    class AcceptPrimaryEmailUpdateResponse < Struct.new(
+      :status)
+      SENSITIVE = []
+      include Aws::Structure
+    end
+
     # The operation failed because the calling identity doesn't have the
     # minimum required permissions.
     #
@@ -122,8 +182,12 @@ module Aws::Account
     #   @return [String]
     #
     # @!attribute [rw] state_or_region
-    #   The state or region of the primary contact address. This field is
-    #   required in selected countries.
+    #   The state or region of the primary contact address. If the mailing
+    #   address is within the United States (US), the value in this field
+    #   can be either a two character state code (for example, `NJ`) or the
+    #   full state name (for example, `New Jersey`). This field is required
+    #   in the following countries: `US`, `CA`, `GB`, `DE`, `JP`, `IN`, and
+    #   `BR`.
     #   @return [String]
     #
     # @!attribute [rw] website_url
@@ -204,8 +268,8 @@ module Aws::Account
     #   Services account of the identity used to call the operation. To use
     #   this parameter, the caller must be an identity in the
     #   [organization's management account][1] or a delegated administrator
-    #   account. The specified account ID must also be a member account in
-    #   the same organization. The organization must have [all features
+    #   account. The specified account ID must be a member account in the
+    #   same organization. The organization must have [all features
     #   enabled][2], and the organization must have [trusted access][3]
     #   enabled for the Account Management service, and optionally a
     #   [delegated admin][4] account assigned.
@@ -255,8 +319,8 @@ module Aws::Account
     #   Services account of the identity used to call the operation. To use
     #   this parameter, the caller must be an identity in the
     #   [organization's management account][1] or a delegated administrator
-    #   account. The specified account ID must also be a member account in
-    #   the same organization. The organization must have [all features
+    #   account. The specified account ID must be a member account in the
+    #   same organization. The organization must have [all features
     #   enabled][2], and the organization must have [trusted access][3]
     #   enabled for the Account Management service, and optionally a
     #   [delegated admin][4] account assigned.
@@ -367,8 +431,8 @@ module Aws::Account
     #   Services account of the identity used to call the operation. To use
     #   this parameter, the caller must be an identity in the
     #   [organization's management account][1] or a delegated administrator
-    #   account. The specified account ID must also be a member account in
-    #   the same organization. The organization must have [all features
+    #   account. The specified account ID must be a member account in the
+    #   same organization. The organization must have [all features
     #   enabled][2], and the organization must have [trusted access][3]
     #   enabled for the Account Management service, and optionally a
     #   [delegated admin][4] account assigned.
@@ -413,6 +477,54 @@ module Aws::Account
       include Aws::Structure
     end
 
+    # @!attribute [rw] account_id
+    #   Specifies the 12-digit account ID number of the Amazon Web Services
+    #   account that you want to access or modify with this operation. To
+    #   use this parameter, the caller must be an identity in the
+    #   [organization's management account][1] or a delegated administrator
+    #   account. The specified account ID must be a member account in the
+    #   same organization. The organization must have [all features
+    #   enabled][2], and the organization must have [trusted access][3]
+    #   enabled for the Account Management service, and optionally a
+    #   [delegated admin][4] account assigned.
+    #
+    #   This operation can only be called from the management account or the
+    #   delegated administrator account of an organization for a member
+    #   account.
+    #
+    #   <note markdown="1"> The management account can't specify its own `AccountId`.
+    #
+    #    </note>
+    #
+    #
+    #
+    #   [1]: https://docs.aws.amazon.com/organizations/latest/userguide/orgs_getting-started_concepts.html#account
+    #   [2]: https://docs.aws.amazon.com/organizations/latest/userguide/orgs_manage_org_support-all-features.html
+    #   [3]: https://docs.aws.amazon.com/organizations/latest/userguide/using-orgs-trusted-access.html
+    #   [4]: https://docs.aws.amazon.com/organizations/latest/userguide/using-orgs-delegated-admin.html
+    #   @return [String]
+    #
+    # @see http://docs.aws.amazon.com/goto/WebAPI/account-2021-02-01/GetPrimaryEmailRequest AWS API Documentation
+    #
+    class GetPrimaryEmailRequest < Struct.new(
+      :account_id)
+      SENSITIVE = []
+      include Aws::Structure
+    end
+
+    # @!attribute [rw] primary_email
+    #   Retrieves the primary email address associated with the specified
+    #   account.
+    #   @return [String]
+    #
+    # @see http://docs.aws.amazon.com/goto/WebAPI/account-2021-02-01/GetPrimaryEmailResponse AWS API Documentation
+    #
+    class GetPrimaryEmailResponse < Struct.new(
+      :primary_email)
+      SENSITIVE = [:primary_email]
+      include Aws::Structure
+    end
+
     # @!attribute [rw] account_id
     #   Specifies the 12-digit account ID number of the Amazon Web Services
     #   account that you want to access or modify with this operation. If
@@ -420,8 +532,8 @@ module Aws::Account
     #   Services account of the identity used to call the operation. To use
     #   this parameter, the caller must be an identity in the
     #   [organization's management account][1] or a delegated administrator
-    #   account. The specified account ID must also be a member account in
-    #   the same organization. The organization must have [all features
+    #   account. The specified account ID must be a member account in the
+    #   same organization. The organization must have [all features
     #   enabled][2], and the organization must have [trusted access][3]
     #   enabled for the Account Management service, and optionally a
     #   [delegated admin][4] account assigned.
@@ -499,8 +611,8 @@ module Aws::Account
     #   Services account of the identity used to call the operation. To use
     #   this parameter, the caller must be an identity in the
     #   [organization's management account][1] or a delegated administrator
-    #   account. The specified account ID must also be a member account in
-    #   the same organization. The organization must have [all features
+    #   account. The specified account ID must be a member account in the
+    #   same organization. The organization must have [all features
     #   enabled][2], and the organization must have [trusted access][3]
     #   enabled for the Account Management service, and optionally a
     #   [delegated admin][4] account assigned.
@@ -663,8 +775,8 @@ module Aws::Account
     #   Services account of the identity used to call the operation. To use
     #   this parameter, the caller must be an identity in the
     #   [organization's management account][1] or a delegated administrator
-    #   account. The specified account ID must also be a member account in
-    #   the same organization. The organization must have [all features
+    #   account. The specified account ID must be a member account in the
+    #   same organization. The organization must have [all features
     #   enabled][2], and the organization must have [trusted access][3]
     #   enabled for the Account Management service, and optionally a
     #   [delegated admin][4] account assigned.
@@ -737,6 +849,59 @@ module Aws::Account
       include Aws::Structure
     end
 
+    # @!attribute [rw] account_id
+    #   Specifies the 12-digit account ID number of the Amazon Web Services
+    #   account that you want to access or modify with this operation. To
+    #   use this parameter, the caller must be an identity in the
+    #   [organization's management account][1] or a delegated administrator
+    #   account. The specified account ID must be a member account in the
+    #   same organization. The organization must have [all features
+    #   enabled][2], and the organization must have [trusted access][3]
+    #   enabled for the Account Management service, and optionally a
+    #   [delegated admin][4] account assigned.
+    #
+    #   This operation can only be called from the management account or the
+    #   delegated administrator account of an organization for a member
+    #   account.
+    #
+    #   <note markdown="1"> The management account can't specify its own `AccountId`.
+    #
+    #    </note>
+    #
+    #
+    #
+    #   [1]: https://docs.aws.amazon.com/organizations/latest/userguide/orgs_getting-started_concepts.html#account
+    #   [2]: https://docs.aws.amazon.com/organizations/latest/userguide/orgs_manage_org_support-all-features.html
+    #   [3]: https://docs.aws.amazon.com/organizations/latest/userguide/using-orgs-trusted-access.html
+    #   [4]: https://docs.aws.amazon.com/organizations/latest/userguide/using-orgs-delegated-admin.html
+    #   @return [String]
+    #
+    # @!attribute [rw] primary_email
+    #   The new primary email address (also known as the root user email
+    #   address) to use in the specified account.
+    #   @return [String]
+    #
+    # @see http://docs.aws.amazon.com/goto/WebAPI/account-2021-02-01/StartPrimaryEmailUpdateRequest AWS API Documentation
+    #
+    class StartPrimaryEmailUpdateRequest < Struct.new(
+      :account_id,
+      :primary_email)
+      SENSITIVE = [:primary_email]
+      include Aws::Structure
+    end
+
+    # @!attribute [rw] status
+    #   The status of the primary email update request.
+    #   @return [String]
+    #
+    # @see http://docs.aws.amazon.com/goto/WebAPI/account-2021-02-01/StartPrimaryEmailUpdateResponse AWS API Documentation
+    #
+    class StartPrimaryEmailUpdateResponse < Struct.new(
+      :status)
+      SENSITIVE = []
+      include Aws::Structure
+    end
+
     # The operation failed because it was called too frequently and exceeded
     # a throttle limit.
     #

data/lib/aws-sdk-account.rb

@@ -32,7 +32,7 @@ require_relative 'aws-sdk-account/customizations'
 # structure.
 #
 #     account = Aws::Account::Client.new
-#     resp = account.delete_alternate_contact(params)
+#     resp = account.accept_primary_email_update(params)
 #
 # See {Client} for more information.
 #
@@ -52,6 +52,6 @@ require_relative 'aws-sdk-account/customizations'
 # @!group service
 module Aws::Account
 
-  GEM_VERSION = '1.24.0'
+  GEM_VERSION = '1.25.0'
 
 end

data/sig/client.rbs

@@ -72,6 +72,18 @@ module Aws
                   | (?Hash[Symbol, untyped]) -> instance
 
 
+      interface _AcceptPrimaryEmailUpdateResponseSuccess
+        include ::Seahorse::Client::_ResponseSuccess[Types::AcceptPrimaryEmailUpdateResponse]
+        def status: () -> ("PENDING" | "ACCEPTED")
+      end
+      # https://docs.aws.amazon.com/sdk-for-ruby/v3/api/Aws/Account/Client.html#accept_primary_email_update-instance_method
+      def accept_primary_email_update: (
+                                         account_id: ::String,
+                                         otp: ::String,
+                                         primary_email: ::String
+                                       ) -> _AcceptPrimaryEmailUpdateResponseSuccess
+                                     | (Hash[Symbol, untyped] params, ?Hash[Symbol, untyped] options) -> _AcceptPrimaryEmailUpdateResponseSuccess
+
       # https://docs.aws.amazon.com/sdk-for-ruby/v3/api/Aws/Account/Client.html#delete_alternate_contact-instance_method
       def delete_alternate_contact: (
                                       ?account_id: ::String,
@@ -114,6 +126,16 @@ module Aws
                                    ) -> _GetContactInformationResponseSuccess
                                  | (?Hash[Symbol, untyped] params, ?Hash[Symbol, untyped] options) -> _GetContactInformationResponseSuccess
 
+      interface _GetPrimaryEmailResponseSuccess
+        include ::Seahorse::Client::_ResponseSuccess[Types::GetPrimaryEmailResponse]
+        def primary_email: () -> ::String
+      end
+      # https://docs.aws.amazon.com/sdk-for-ruby/v3/api/Aws/Account/Client.html#get_primary_email-instance_method
+      def get_primary_email: (
+                               account_id: ::String
+                             ) -> _GetPrimaryEmailResponseSuccess
+                           | (Hash[Symbol, untyped] params, ?Hash[Symbol, untyped] options) -> _GetPrimaryEmailResponseSuccess
+
       interface _GetRegionOptStatusResponseSuccess
         include ::Seahorse::Client::_ResponseSuccess[Types::GetRegionOptStatusResponse]
         def region_name: () -> ::String
@@ -170,6 +192,17 @@ module Aws
                                      }
                                    ) -> ::Seahorse::Client::_ResponseSuccess[::Aws::EmptyStructure]
                                  | (Hash[Symbol, untyped] params, ?Hash[Symbol, untyped] options) -> ::Seahorse::Client::_ResponseSuccess[::Aws::EmptyStructure]
+
+      interface _StartPrimaryEmailUpdateResponseSuccess
+        include ::Seahorse::Client::_ResponseSuccess[Types::StartPrimaryEmailUpdateResponse]
+        def status: () -> ("PENDING" | "ACCEPTED")
+      end
+      # https://docs.aws.amazon.com/sdk-for-ruby/v3/api/Aws/Account/Client.html#start_primary_email_update-instance_method
+      def start_primary_email_update: (
+                                        account_id: ::String,
+                                        primary_email: ::String
+                                      ) -> _StartPrimaryEmailUpdateResponseSuccess
+                                    | (Hash[Symbol, untyped] params, ?Hash[Symbol, untyped] options) -> _StartPrimaryEmailUpdateResponseSuccess
     end
   end
 end

data/sig/types.rbs

@@ -8,6 +8,18 @@
 module Aws::Account
   module Types
 
+    class AcceptPrimaryEmailUpdateRequest
+      attr_accessor account_id: ::String
+      attr_accessor otp: ::String
+      attr_accessor primary_email: ::String
+      SENSITIVE: [:otp, :primary_email]
+    end
+
+    class AcceptPrimaryEmailUpdateResponse
+      attr_accessor status: ("PENDING" | "ACCEPTED")
+      SENSITIVE: []
+    end
+
     class AccessDeniedException
       attr_accessor message: ::String
       SENSITIVE: []
@@ -82,6 +94,16 @@ module Aws::Account
       SENSITIVE: []
     end
 
+    class GetPrimaryEmailRequest
+      attr_accessor account_id: ::String
+      SENSITIVE: []
+    end
+
+    class GetPrimaryEmailResponse
+      attr_accessor primary_email: ::String
+      SENSITIVE: [:primary_email]
+    end
+
     class GetRegionOptStatusRequest
       attr_accessor account_id: ::String
       attr_accessor region_name: ::String
@@ -140,6 +162,17 @@ module Aws::Account
       SENSITIVE: []
     end
 
+    class StartPrimaryEmailUpdateRequest
+      attr_accessor account_id: ::String
+      attr_accessor primary_email: ::String
+      SENSITIVE: [:primary_email]
+    end
+
+    class StartPrimaryEmailUpdateResponse
+      attr_accessor status: ("PENDING" | "ACCEPTED")
+      SENSITIVE: []
+    end
+
     class TooManyRequestsException
       attr_accessor message: ::String
       SENSITIVE: []

metadata

@@ -1,14 +1,14 @@
 --- !ruby/object:Gem::Specification
 name: aws-sdk-account
 version: !ruby/object:Gem::Version
-  version: 1.24.0
+  version: 1.25.0
 platform: ruby
 authors:
 - Amazon Web Services
 autorequire:
 bindir: bin
 cert_chain: []
-date: 2024-06-05 00:00:00.000000000 Z
+date: 2024-06-06 00:00:00.000000000 Z
 dependencies:
 - !ruby/object:Gem::Dependency
   name: aws-sdk-core