aws-sdk-organizations 1.39.0 → 1.44.0
Sign up to get free protection for your applications and to get access to all the features.
- checksums.yaml +5 -5
- data/lib/aws-sdk-organizations.rb +3 -1
- data/lib/aws-sdk-organizations/client.rb +158 -117
- data/lib/aws-sdk-organizations/client_api.rb +5 -0
- data/lib/aws-sdk-organizations/errors.rb +2 -0
- data/lib/aws-sdk-organizations/resource.rb +2 -0
- data/lib/aws-sdk-organizations/types.rb +308 -61
- metadata +5 -5
checksums.yaml
CHANGED
@@ -1,7 +1,7 @@
|
|
1
1
|
---
|
2
|
-
|
3
|
-
metadata.gz:
|
4
|
-
data.tar.gz:
|
2
|
+
SHA256:
|
3
|
+
metadata.gz: 6ebadba43f096af5be849b50db20ca8deb69aa6dcb3828497411a2e0c8ab1200
|
4
|
+
data.tar.gz: d836d51e5ee3c1f7bd09a9e494881a3dced377b13cd7b663adc1a26b7ebbff92
|
5
5
|
SHA512:
|
6
|
-
metadata.gz:
|
7
|
-
data.tar.gz:
|
6
|
+
metadata.gz: 5333ab5a7ea2226538783ebab132065070542f9fb6d15e67c4ad98f5772d68c65c7f7a52b6fdbbc5150d68900f1723924adc0db011fb0aa17ade19df48876214
|
7
|
+
data.tar.gz: b7bfeaaec653087d7b478d842f3c59845d83523608ee8e526b84867ec4b45793712ca6021a4bae745aa38a18c1d411eeb4c1ad14787db1ac79c274bc56a68f84
|
@@ -1,3 +1,5 @@
|
|
1
|
+
# frozen_string_literal: true
|
2
|
+
|
1
3
|
# WARNING ABOUT GENERATED CODE
|
2
4
|
#
|
3
5
|
# This file is generated. See the contributing guide for more information:
|
@@ -45,6 +47,6 @@ require_relative 'aws-sdk-organizations/customizations'
|
|
45
47
|
# @service
|
46
48
|
module Aws::Organizations
|
47
49
|
|
48
|
-
GEM_VERSION = '1.
|
50
|
+
GEM_VERSION = '1.44.0'
|
49
51
|
|
50
52
|
end
|
@@ -1,3 +1,5 @@
|
|
1
|
+
# frozen_string_literal: true
|
2
|
+
|
1
3
|
# WARNING ABOUT GENERATED CODE
|
2
4
|
#
|
3
5
|
# This file is generated. See the contributing guide for more information:
|
@@ -24,6 +26,7 @@ require 'aws-sdk-core/plugins/jsonvalue_converter.rb'
|
|
24
26
|
require 'aws-sdk-core/plugins/client_metrics_plugin.rb'
|
25
27
|
require 'aws-sdk-core/plugins/client_metrics_send_plugin.rb'
|
26
28
|
require 'aws-sdk-core/plugins/transfer_encoding.rb'
|
29
|
+
require 'aws-sdk-core/plugins/http_checksum.rb'
|
27
30
|
require 'aws-sdk-core/plugins/signature_v4.rb'
|
28
31
|
require 'aws-sdk-core/plugins/protocols/json_rpc.rb'
|
29
32
|
|
@@ -69,6 +72,7 @@ module Aws::Organizations
|
|
69
72
|
add_plugin(Aws::Plugins::ClientMetricsPlugin)
|
70
73
|
add_plugin(Aws::Plugins::ClientMetricsSendPlugin)
|
71
74
|
add_plugin(Aws::Plugins::TransferEncoding)
|
75
|
+
add_plugin(Aws::Plugins::HttpChecksum)
|
72
76
|
add_plugin(Aws::Plugins::SignatureV4)
|
73
77
|
add_plugin(Aws::Plugins::Protocols::JsonRpc)
|
74
78
|
|
@@ -105,7 +109,7 @@ module Aws::Organizations
|
|
105
109
|
# @option options [required, String] :region
|
106
110
|
# The AWS region to connect to. The configured `:region` is
|
107
111
|
# used to determine the service `:endpoint`. When not passed,
|
108
|
-
# a default `:region` is
|
112
|
+
# a default `:region` is searched for in the following locations:
|
109
113
|
#
|
110
114
|
# * `Aws.config[:region]`
|
111
115
|
# * `ENV['AWS_REGION']`
|
@@ -161,7 +165,7 @@ module Aws::Organizations
|
|
161
165
|
# @option options [String] :endpoint
|
162
166
|
# The client endpoint is normally constructed from the `:region`
|
163
167
|
# option. You should only configure an `:endpoint` when connecting
|
164
|
-
# to test endpoints. This should be
|
168
|
+
# to test or custom endpoints. This should be a valid HTTP(S) URI.
|
165
169
|
#
|
166
170
|
# @option options [Integer] :endpoint_cache_max_entries (1000)
|
167
171
|
# Used for the maximum size limit of the LRU cache storing endpoints data
|
@@ -176,7 +180,7 @@ module Aws::Organizations
|
|
176
180
|
# requests fetching endpoints information. Defaults to 60 sec.
|
177
181
|
#
|
178
182
|
# @option options [Boolean] :endpoint_discovery (false)
|
179
|
-
# When set to `true`, endpoint discovery will be enabled for operations when available.
|
183
|
+
# When set to `true`, endpoint discovery will be enabled for operations when available.
|
180
184
|
#
|
181
185
|
# @option options [Aws::Log::Formatter] :log_formatter (Aws::Log::Formatter.default)
|
182
186
|
# The log formatter.
|
@@ -457,53 +461,23 @@ module Aws::Organizations
|
|
457
461
|
|
458
462
|
# Attaches a policy to a root, an organizational unit (OU), or an
|
459
463
|
# individual account. How the policy affects accounts depends on the
|
460
|
-
# type of policy
|
461
|
-
#
|
462
|
-
#
|
463
|
-
#
|
464
|
-
#
|
465
|
-
#
|
466
|
-
#
|
467
|
-
#
|
468
|
-
#
|
469
|
-
# * If you attach an SCP to an OU, it affects all accounts in that OU
|
470
|
-
# and in any child OUs.
|
471
|
-
#
|
472
|
-
# * If you attach the policy directly to an account, it affects only
|
473
|
-
# that account.
|
474
|
-
#
|
475
|
-
# SCPs are JSON policies that specify the maximum permissions for an
|
476
|
-
# organization or organizational unit (OU). You can attach one SCP to
|
477
|
-
# a higher level root or OU, and a different SCP to a child OU or to
|
478
|
-
# an account. The child policy can further restrict only the
|
479
|
-
# permissions that pass through the parent filter and are available to
|
480
|
-
# the child. An SCP that is attached to a child can't grant a
|
481
|
-
# permission that the parent hasn't already granted. For example,
|
482
|
-
# imagine that the parent SCP allows permissions A, B, C, D, and E.
|
483
|
-
# The child SCP allows C, D, E, F, and G. The result is that the
|
484
|
-
# accounts affected by the child SCP are allowed to use only C, D, and
|
485
|
-
# E. They can't use A or B because the child OU filtered them out.
|
486
|
-
# They also can't use F and G because the parent OU filtered them
|
487
|
-
# out. They can't be granted back by the child SCP; child SCPs can
|
488
|
-
# only filter the permissions they receive from the parent SCP.
|
489
|
-
#
|
490
|
-
# AWS Organizations attaches a default SCP named `"FullAWSAccess` to
|
491
|
-
# every root, OU, and account. This default SCP allows all services
|
492
|
-
# and actions, enabling any new child OU or account to inherit the
|
493
|
-
# permissions of the parent root or OU. If you detach the default
|
494
|
-
# policy, you must replace it with a policy that specifies the
|
495
|
-
# permissions that you want to allow in that OU or account.
|
496
|
-
#
|
497
|
-
# For more information about how AWS Organizations policies
|
498
|
-
# permissions work, see [Using Service Control Policies][1] in the
|
499
|
-
# *AWS Organizations User Guide.*
|
464
|
+
# type of policy. Refer to the *AWS Organizations User Guide* for
|
465
|
+
# information about each policy type:
|
466
|
+
#
|
467
|
+
# * [BACKUP\_POLICY][1]
|
468
|
+
#
|
469
|
+
# * [SERVICE\_CONTROL\_POLICY][2]
|
470
|
+
#
|
471
|
+
# * [TAG\_POLICY][3]
|
500
472
|
#
|
501
473
|
# This operation can be called only from the organization's master
|
502
474
|
# account.
|
503
475
|
#
|
504
476
|
#
|
505
477
|
#
|
506
|
-
# [1]:
|
478
|
+
# [1]: http://docs.aws.amazon.com/organizations/latest/userguide/orgs_manage_policies_backup.html
|
479
|
+
# [2]: http://docs.aws.amazon.com/organizations/latest/userguide/orgs_manage_policies_scp.html
|
480
|
+
# [3]: http://docs.aws.amazon.com/organizations/latest/userguide/orgs_manage_policies_tag-policies.html
|
507
481
|
#
|
508
482
|
# @option params [required, String] :policy_id
|
509
483
|
# The unique identifier (ID) of the policy that you want to attach to
|
@@ -965,12 +939,13 @@ module Aws::Organizations
|
|
965
939
|
#
|
966
940
|
# * When you create an account in an organization using the AWS
|
967
941
|
# Organizations console, API, or CLI commands, the information
|
968
|
-
# required for the account to operate as a standalone account
|
969
|
-
# a payment method and signing
|
970
|
-
#
|
971
|
-
# your organization later, you can do so only after you provide
|
972
|
-
# missing information. Follow the steps at [ To leave an
|
973
|
-
# as a member account][7] in the *AWS Organizations User
|
942
|
+
# required for the account to operate as a standalone account is *not*
|
943
|
+
# automatically collected. This includes a payment method and signing
|
944
|
+
# the end user license agreement (EULA). If you must remove an account
|
945
|
+
# from your organization later, you can do so only after you provide
|
946
|
+
# the missing information. Follow the steps at [ To leave an
|
947
|
+
# organization as a member account][7] in the *AWS Organizations User
|
948
|
+
# Guide.*
|
974
949
|
#
|
975
950
|
# * If you get an exception that indicates that you exceeded your
|
976
951
|
# account limits for the organization, contact [AWS Support][8].
|
@@ -1215,7 +1190,7 @@ module Aws::Organizations
|
|
1215
1190
|
# resp.organization.master_account_id #=> String
|
1216
1191
|
# resp.organization.master_account_email #=> String
|
1217
1192
|
# resp.organization.available_policy_types #=> Array
|
1218
|
-
# resp.organization.available_policy_types[0].type #=> String, one of "SERVICE_CONTROL_POLICY", "TAG_POLICY"
|
1193
|
+
# resp.organization.available_policy_types[0].type #=> String, one of "SERVICE_CONTROL_POLICY", "TAG_POLICY", "BACKUP_POLICY"
|
1219
1194
|
# resp.organization.available_policy_types[0].status #=> String, one of "ENABLED", "PENDING_ENABLE", "PENDING_DISABLE"
|
1220
1195
|
#
|
1221
1196
|
# @see http://docs.aws.amazon.com/goto/WebAPI/organizations-2016-11-28/CreateOrganization AWS API Documentation
|
@@ -1325,17 +1300,9 @@ module Aws::Organizations
|
|
1325
1300
|
# [1]: https://docs.aws.amazon.com/organizations/latest/userguide/orgs_manage_policies.html
|
1326
1301
|
#
|
1327
1302
|
# @option params [required, String] :content
|
1328
|
-
# The policy content to add to the new policy.
|
1329
|
-
#
|
1330
|
-
#
|
1331
|
-
# can delegate to their users, groups, and roles. For more information
|
1332
|
-
# about the SCP syntax, see [Service Control Policy Syntax][2] in the
|
1333
|
-
# *AWS Organizations User Guide.*
|
1334
|
-
#
|
1335
|
-
#
|
1336
|
-
#
|
1337
|
-
# [1]: https://docs.aws.amazon.com/organizations/latest/userguide/orgs_manage_policies_scp.html
|
1338
|
-
# [2]: https://docs.aws.amazon.com/organizations/latest/userguide/orgs_reference_scp-syntax.html
|
1303
|
+
# The policy text content to add to the new policy. The text that you
|
1304
|
+
# supply must adhere to the rules of the policy type you specify in the
|
1305
|
+
# `Type` parameter.
|
1339
1306
|
#
|
1340
1307
|
# @option params [required, String] :description
|
1341
1308
|
# An optional description to assign to the policy.
|
@@ -1351,12 +1318,20 @@ module Aws::Organizations
|
|
1351
1318
|
# [1]: http://wikipedia.org/wiki/regex
|
1352
1319
|
#
|
1353
1320
|
# @option params [required, String] :type
|
1354
|
-
# The type of policy to create.
|
1321
|
+
# The type of policy to create. You can specify one of the following
|
1322
|
+
# values:
|
1323
|
+
#
|
1324
|
+
# * [BACKUP\_POLICY][1]
|
1355
1325
|
#
|
1356
|
-
#
|
1357
|
-
# a service control policy (SCP).
|
1326
|
+
# * [SERVICE\_CONTROL\_POLICY][2]
|
1358
1327
|
#
|
1359
|
-
#
|
1328
|
+
# * [TAG\_POLICY][3]
|
1329
|
+
#
|
1330
|
+
#
|
1331
|
+
#
|
1332
|
+
# [1]: http://docs.aws.amazon.com/organizations/latest/userguide/orgs_manage_policies_backup.html
|
1333
|
+
# [2]: http://docs.aws.amazon.com/organizations/latest/userguide/orgs_manage_policies_scp.html
|
1334
|
+
# [3]: http://docs.aws.amazon.com/organizations/latest/userguide/orgs_manage_policies_tag-policies.html
|
1360
1335
|
#
|
1361
1336
|
# @return [Types::CreatePolicyResponse] Returns a {Seahorse::Client::Response response} object which responds to the following methods:
|
1362
1337
|
#
|
@@ -1396,7 +1371,7 @@ module Aws::Organizations
|
|
1396
1371
|
# content: "PolicyContent", # required
|
1397
1372
|
# description: "PolicyDescription", # required
|
1398
1373
|
# name: "PolicyName", # required
|
1399
|
-
# type: "SERVICE_CONTROL_POLICY", # required, accepts SERVICE_CONTROL_POLICY, TAG_POLICY
|
1374
|
+
# type: "SERVICE_CONTROL_POLICY", # required, accepts SERVICE_CONTROL_POLICY, TAG_POLICY, BACKUP_POLICY
|
1400
1375
|
# })
|
1401
1376
|
#
|
1402
1377
|
# @example Response structure
|
@@ -1405,7 +1380,7 @@ module Aws::Organizations
|
|
1405
1380
|
# resp.policy.policy_summary.arn #=> String
|
1406
1381
|
# resp.policy.policy_summary.name #=> String
|
1407
1382
|
# resp.policy.policy_summary.description #=> String
|
1408
|
-
# resp.policy.policy_summary.type #=> String, one of "SERVICE_CONTROL_POLICY", "TAG_POLICY"
|
1383
|
+
# resp.policy.policy_summary.type #=> String, one of "SERVICE_CONTROL_POLICY", "TAG_POLICY", "BACKUP_POLICY"
|
1409
1384
|
# resp.policy.policy_summary.aws_managed #=> Boolean
|
1410
1385
|
# resp.policy.content #=> String
|
1411
1386
|
#
|
@@ -1825,14 +1800,15 @@ module Aws::Organizations
|
|
1825
1800
|
req.send_request(options)
|
1826
1801
|
end
|
1827
1802
|
|
1828
|
-
# Returns the contents of the effective
|
1829
|
-
# effective
|
1830
|
-
# account inherits, plus any policy
|
1831
|
-
# account.
|
1803
|
+
# Returns the contents of the effective policy for specified policy type
|
1804
|
+
# and account. The effective policy is the aggregation of any policies
|
1805
|
+
# of the specified type that the account inherits, plus any policy of
|
1806
|
+
# that type that is directly attached to the account.
|
1832
1807
|
#
|
1833
|
-
# This
|
1808
|
+
# This operation applies only to policy types *other* than service
|
1809
|
+
# control policies (SCPs).
|
1834
1810
|
#
|
1835
|
-
# For more information
|
1811
|
+
# For more information about policy inheritance, see [How Policy
|
1836
1812
|
# Inheritance Works][1] in the *AWS Organizations User Guide*.
|
1837
1813
|
#
|
1838
1814
|
# This operation can be called only from the organization's master
|
@@ -1844,12 +1820,22 @@ module Aws::Organizations
|
|
1844
1820
|
# [1]: http://docs.aws.amazon.com/organizations/latest/userguide/orgs_manage_policies-inheritance.html
|
1845
1821
|
#
|
1846
1822
|
# @option params [required, String] :policy_type
|
1847
|
-
# The type of policy that you want information about.
|
1823
|
+
# The type of policy that you want information about. You can specify
|
1824
|
+
# one of the following values:
|
1825
|
+
#
|
1826
|
+
# * [BACKUP\_POLICY][1]
|
1827
|
+
#
|
1828
|
+
# * [TAG\_POLICY][2]
|
1829
|
+
#
|
1830
|
+
#
|
1831
|
+
#
|
1832
|
+
# [1]: http://docs.aws.amazon.com/organizations/latest/userguide/orgs_manage_policies_backup.html
|
1833
|
+
# [2]: http://docs.aws.amazon.com/organizations/latest/userguide/orgs_manage_policies_tag-policies.html
|
1848
1834
|
#
|
1849
1835
|
# @option params [String] :target_id
|
1850
1836
|
# When you're signed in as the master account, specify the ID of the
|
1851
1837
|
# account that you want details about. Specifying an organization root
|
1852
|
-
# or OU as the target is not supported.
|
1838
|
+
# or organizational unit (OU) as the target is not supported.
|
1853
1839
|
#
|
1854
1840
|
# @return [Types::DescribeEffectivePolicyResponse] Returns a {Seahorse::Client::Response response} object which responds to the following methods:
|
1855
1841
|
#
|
@@ -1858,7 +1844,7 @@ module Aws::Organizations
|
|
1858
1844
|
# @example Request syntax with placeholder values
|
1859
1845
|
#
|
1860
1846
|
# resp = client.describe_effective_policy({
|
1861
|
-
# policy_type: "TAG_POLICY", # required, accepts TAG_POLICY
|
1847
|
+
# policy_type: "TAG_POLICY", # required, accepts TAG_POLICY, BACKUP_POLICY
|
1862
1848
|
# target_id: "PolicyTargetId",
|
1863
1849
|
# })
|
1864
1850
|
#
|
@@ -1867,7 +1853,7 @@ module Aws::Organizations
|
|
1867
1853
|
# resp.effective_policy.policy_content #=> String
|
1868
1854
|
# resp.effective_policy.last_updated_timestamp #=> Time
|
1869
1855
|
# resp.effective_policy.target_id #=> String
|
1870
|
-
# resp.effective_policy.policy_type #=> String, one of "TAG_POLICY"
|
1856
|
+
# resp.effective_policy.policy_type #=> String, one of "TAG_POLICY", "BACKUP_POLICY"
|
1871
1857
|
#
|
1872
1858
|
# @see http://docs.aws.amazon.com/goto/WebAPI/organizations-2016-11-28/DescribeEffectivePolicy AWS API Documentation
|
1873
1859
|
#
|
@@ -2038,7 +2024,7 @@ module Aws::Organizations
|
|
2038
2024
|
# resp.organization.master_account_id #=> String
|
2039
2025
|
# resp.organization.master_account_email #=> String
|
2040
2026
|
# resp.organization.available_policy_types #=> Array
|
2041
|
-
# resp.organization.available_policy_types[0].type #=> String, one of "SERVICE_CONTROL_POLICY", "TAG_POLICY"
|
2027
|
+
# resp.organization.available_policy_types[0].type #=> String, one of "SERVICE_CONTROL_POLICY", "TAG_POLICY", "BACKUP_POLICY"
|
2042
2028
|
# resp.organization.available_policy_types[0].status #=> String, one of "ENABLED", "PENDING_ENABLE", "PENDING_DISABLE"
|
2043
2029
|
#
|
2044
2030
|
# @see http://docs.aws.amazon.com/goto/WebAPI/organizations-2016-11-28/DescribeOrganization AWS API Documentation
|
@@ -2172,7 +2158,7 @@ module Aws::Organizations
|
|
2172
2158
|
# resp.policy.policy_summary.arn #=> String
|
2173
2159
|
# resp.policy.policy_summary.name #=> String
|
2174
2160
|
# resp.policy.policy_summary.description #=> String
|
2175
|
-
# resp.policy.policy_summary.type #=> String, one of "SERVICE_CONTROL_POLICY", "TAG_POLICY"
|
2161
|
+
# resp.policy.policy_summary.type #=> String, one of "SERVICE_CONTROL_POLICY", "TAG_POLICY", "BACKUP_POLICY"
|
2176
2162
|
# resp.policy.policy_summary.aws_managed #=> Boolean
|
2177
2163
|
# resp.policy.content #=> String
|
2178
2164
|
#
|
@@ -2186,18 +2172,20 @@ module Aws::Organizations
|
|
2186
2172
|
end
|
2187
2173
|
|
2188
2174
|
# Detaches a policy from a target root, organizational unit (OU), or
|
2189
|
-
# account.
|
2190
|
-
#
|
2191
|
-
#
|
2192
|
-
#
|
2193
|
-
#
|
2194
|
-
#
|
2195
|
-
#
|
2196
|
-
#
|
2197
|
-
#
|
2198
|
-
#
|
2199
|
-
#
|
2200
|
-
#
|
2175
|
+
# account.
|
2176
|
+
#
|
2177
|
+
# If the policy being detached is a service control policy (SCP), the
|
2178
|
+
# changes to permissions for AWS Identity and Access Management (IAM)
|
2179
|
+
# users and roles in affected accounts are immediate.
|
2180
|
+
#
|
2181
|
+
# Every root, OU, and account must have at least one SCP attached. If
|
2182
|
+
# you want to replace the default `FullAWSAccess` policy with an SCP
|
2183
|
+
# that limits the permissions that can be delegated, you must attach the
|
2184
|
+
# replacement SCP before you can remove the default SCP. This is the
|
2185
|
+
# authorization strategy of an "[allow list][1]". If you instead
|
2186
|
+
# attach a second SCP and leave the `FullAWSAccess` SCP still attached,
|
2187
|
+
# and specify `"Effect": "Deny"` in the second SCP to override the
|
2188
|
+
# `"Effect": "Allow"` in the `FullAWSAccess` policy (or any other
|
2201
2189
|
# attached SCP), you're using the authorization strategy of a "[deny
|
2202
2190
|
# list][2]".
|
2203
2191
|
#
|
@@ -2206,8 +2194,8 @@ module Aws::Organizations
|
|
2206
2194
|
#
|
2207
2195
|
#
|
2208
2196
|
#
|
2209
|
-
# [1]: https://docs.aws.amazon.com/organizations/latest/userguide/
|
2210
|
-
# [2]: https://docs.aws.amazon.com/organizations/latest/userguide/
|
2197
|
+
# [1]: https://docs.aws.amazon.com/organizations/latest/userguide/SCP_strategies.html#orgs_policies_allowlist
|
2198
|
+
# [2]: https://docs.aws.amazon.com/organizations/latest/userguide/SCP_strategies.html#orgs_policies_denylist
|
2211
2199
|
#
|
2212
2200
|
# @option params [required, String] :policy_id
|
2213
2201
|
# The unique identifier (ID) of the policy you want to detach. You can
|
@@ -2330,18 +2318,19 @@ module Aws::Organizations
|
|
2330
2318
|
req.send_request(options)
|
2331
2319
|
end
|
2332
2320
|
|
2333
|
-
# Disables an organizational
|
2334
|
-
#
|
2321
|
+
# Disables an organizational policy type in a root. A policy of a
|
2322
|
+
# certain type can be attached to entities in a root only if that type
|
2335
2323
|
# is enabled in the root. After you perform this operation, you no
|
2336
2324
|
# longer can attach policies of the specified type to that root or to
|
2337
2325
|
# any organizational unit (OU) or account in that root. You can undo
|
2338
2326
|
# this by using the EnablePolicyType operation.
|
2339
2327
|
#
|
2340
2328
|
# This is an asynchronous request that AWS performs in the background.
|
2341
|
-
# If you disable a policy for a root, it still appears enabled for
|
2342
|
-
# organization if [all features][1] are enabled for the
|
2343
|
-
# AWS recommends that you first use ListRoots to see the
|
2344
|
-
# policy types for a specified root, and then use this
|
2329
|
+
# If you disable a policy type for a root, it still appears enabled for
|
2330
|
+
# the organization if [all features][1] are enabled for the
|
2331
|
+
# organization. AWS recommends that you first use ListRoots to see the
|
2332
|
+
# status of policy types for a specified root, and then use this
|
2333
|
+
# operation.
|
2345
2334
|
#
|
2346
2335
|
# This operation can be called only from the organization's master
|
2347
2336
|
# account.
|
@@ -2365,7 +2354,20 @@ module Aws::Organizations
|
|
2365
2354
|
# [1]: http://wikipedia.org/wiki/regex
|
2366
2355
|
#
|
2367
2356
|
# @option params [required, String] :policy_type
|
2368
|
-
# The policy type that you want to disable in this root.
|
2357
|
+
# The policy type that you want to disable in this root. You can specify
|
2358
|
+
# one of the following values:
|
2359
|
+
#
|
2360
|
+
# * [BACKUP\_POLICY][1]
|
2361
|
+
#
|
2362
|
+
# * [SERVICE\_CONTROL\_POLICY][2]
|
2363
|
+
#
|
2364
|
+
# * [TAG\_POLICY][3]
|
2365
|
+
#
|
2366
|
+
#
|
2367
|
+
#
|
2368
|
+
# [1]: http://docs.aws.amazon.com/organizations/latest/userguide/orgs_manage_policies_backup.html
|
2369
|
+
# [2]: http://docs.aws.amazon.com/organizations/latest/userguide/orgs_manage_policies_scp.html
|
2370
|
+
# [3]: http://docs.aws.amazon.com/organizations/latest/userguide/orgs_manage_policies_tag-policies.html
|
2369
2371
|
#
|
2370
2372
|
# @return [Types::DisablePolicyTypeResponse] Returns a {Seahorse::Client::Response response} object which responds to the following methods:
|
2371
2373
|
#
|
@@ -2397,7 +2399,7 @@ module Aws::Organizations
|
|
2397
2399
|
#
|
2398
2400
|
# resp = client.disable_policy_type({
|
2399
2401
|
# root_id: "RootId", # required
|
2400
|
-
# policy_type: "SERVICE_CONTROL_POLICY", # required, accepts SERVICE_CONTROL_POLICY, TAG_POLICY
|
2402
|
+
# policy_type: "SERVICE_CONTROL_POLICY", # required, accepts SERVICE_CONTROL_POLICY, TAG_POLICY, BACKUP_POLICY
|
2401
2403
|
# })
|
2402
2404
|
#
|
2403
2405
|
# @example Response structure
|
@@ -2406,7 +2408,7 @@ module Aws::Organizations
|
|
2406
2408
|
# resp.root.arn #=> String
|
2407
2409
|
# resp.root.name #=> String
|
2408
2410
|
# resp.root.policy_types #=> Array
|
2409
|
-
# resp.root.policy_types[0].type #=> String, one of "SERVICE_CONTROL_POLICY", "TAG_POLICY"
|
2411
|
+
# resp.root.policy_types[0].type #=> String, one of "SERVICE_CONTROL_POLICY", "TAG_POLICY", "BACKUP_POLICY"
|
2410
2412
|
# resp.root.policy_types[0].status #=> String, one of "ENABLED", "PENDING_ENABLE", "PENDING_DISABLE"
|
2411
2413
|
#
|
2412
2414
|
# @see http://docs.aws.amazon.com/goto/WebAPI/organizations-2016-11-28/DisablePolicyType AWS API Documentation
|
@@ -2599,7 +2601,20 @@ module Aws::Organizations
|
|
2599
2601
|
# [1]: http://wikipedia.org/wiki/regex
|
2600
2602
|
#
|
2601
2603
|
# @option params [required, String] :policy_type
|
2602
|
-
# The policy type that you want to enable.
|
2604
|
+
# The policy type that you want to enable. You can specify one of the
|
2605
|
+
# following values:
|
2606
|
+
#
|
2607
|
+
# * [BACKUP\_POLICY][1]
|
2608
|
+
#
|
2609
|
+
# * [SERVICE\_CONTROL\_POLICY][2]
|
2610
|
+
#
|
2611
|
+
# * [TAG\_POLICY][3]
|
2612
|
+
#
|
2613
|
+
#
|
2614
|
+
#
|
2615
|
+
# [1]: http://docs.aws.amazon.com/organizations/latest/userguide/orgs_manage_policies_backup.html
|
2616
|
+
# [2]: http://docs.aws.amazon.com/organizations/latest/userguide/orgs_manage_policies_scp.html
|
2617
|
+
# [3]: http://docs.aws.amazon.com/organizations/latest/userguide/orgs_manage_policies_tag-policies.html
|
2603
2618
|
#
|
2604
2619
|
# @return [Types::EnablePolicyTypeResponse] Returns a {Seahorse::Client::Response response} object which responds to the following methods:
|
2605
2620
|
#
|
@@ -2635,7 +2650,7 @@ module Aws::Organizations
|
|
2635
2650
|
#
|
2636
2651
|
# resp = client.enable_policy_type({
|
2637
2652
|
# root_id: "RootId", # required
|
2638
|
-
# policy_type: "SERVICE_CONTROL_POLICY", # required, accepts SERVICE_CONTROL_POLICY, TAG_POLICY
|
2653
|
+
# policy_type: "SERVICE_CONTROL_POLICY", # required, accepts SERVICE_CONTROL_POLICY, TAG_POLICY, BACKUP_POLICY
|
2639
2654
|
# })
|
2640
2655
|
#
|
2641
2656
|
# @example Response structure
|
@@ -2644,7 +2659,7 @@ module Aws::Organizations
|
|
2644
2659
|
# resp.root.arn #=> String
|
2645
2660
|
# resp.root.name #=> String
|
2646
2661
|
# resp.root.policy_types #=> Array
|
2647
|
-
# resp.root.policy_types[0].type #=> String, one of "SERVICE_CONTROL_POLICY", "TAG_POLICY"
|
2662
|
+
# resp.root.policy_types[0].type #=> String, one of "SERVICE_CONTROL_POLICY", "TAG_POLICY", "BACKUP_POLICY"
|
2648
2663
|
# resp.root.policy_types[0].status #=> String, one of "ENABLED", "PENDING_ENABLE", "PENDING_DISABLE"
|
2649
2664
|
#
|
2650
2665
|
# @see http://docs.aws.amazon.com/goto/WebAPI/organizations-2016-11-28/EnablePolicyType AWS API Documentation
|
@@ -4114,6 +4129,19 @@ module Aws::Organizations
|
|
4114
4129
|
#
|
4115
4130
|
# @option params [required, String] :filter
|
4116
4131
|
# Specifies the type of policy that you want to include in the response.
|
4132
|
+
# You must specify one of the following values:
|
4133
|
+
#
|
4134
|
+
# * [BACKUP\_POLICY][1]
|
4135
|
+
#
|
4136
|
+
# * [SERVICE\_CONTROL\_POLICY][2]
|
4137
|
+
#
|
4138
|
+
# * [TAG\_POLICY][3]
|
4139
|
+
#
|
4140
|
+
#
|
4141
|
+
#
|
4142
|
+
# [1]: http://docs.aws.amazon.com/organizations/latest/userguide/orgs_manage_policies_backup.html
|
4143
|
+
# [2]: http://docs.aws.amazon.com/organizations/latest/userguide/orgs_manage_policies_scp.html
|
4144
|
+
# [3]: http://docs.aws.amazon.com/organizations/latest/userguide/orgs_manage_policies_tag-policies.html
|
4117
4145
|
#
|
4118
4146
|
# @option params [String] :next_token
|
4119
4147
|
# The parameter for receiving additional results if you receive a
|
@@ -4183,7 +4211,7 @@ module Aws::Organizations
|
|
4183
4211
|
# @example Request syntax with placeholder values
|
4184
4212
|
#
|
4185
4213
|
# resp = client.list_policies({
|
4186
|
-
# filter: "SERVICE_CONTROL_POLICY", # required, accepts SERVICE_CONTROL_POLICY, TAG_POLICY
|
4214
|
+
# filter: "SERVICE_CONTROL_POLICY", # required, accepts SERVICE_CONTROL_POLICY, TAG_POLICY, BACKUP_POLICY
|
4187
4215
|
# next_token: "NextToken",
|
4188
4216
|
# max_results: 1,
|
4189
4217
|
# })
|
@@ -4195,7 +4223,7 @@ module Aws::Organizations
|
|
4195
4223
|
# resp.policies[0].arn #=> String
|
4196
4224
|
# resp.policies[0].name #=> String
|
4197
4225
|
# resp.policies[0].description #=> String
|
4198
|
-
# resp.policies[0].type #=> String, one of "SERVICE_CONTROL_POLICY", "TAG_POLICY"
|
4226
|
+
# resp.policies[0].type #=> String, one of "SERVICE_CONTROL_POLICY", "TAG_POLICY", "BACKUP_POLICY"
|
4199
4227
|
# resp.policies[0].aws_managed #=> Boolean
|
4200
4228
|
# resp.next_token #=> String
|
4201
4229
|
#
|
@@ -4246,7 +4274,20 @@ module Aws::Organizations
|
|
4246
4274
|
# [1]: http://wikipedia.org/wiki/regex
|
4247
4275
|
#
|
4248
4276
|
# @option params [required, String] :filter
|
4249
|
-
# The type of policy that you want to include in the returned list.
|
4277
|
+
# The type of policy that you want to include in the returned list. You
|
4278
|
+
# must specify one of the following values:
|
4279
|
+
#
|
4280
|
+
# * [BACKUP\_POLICY][1]
|
4281
|
+
#
|
4282
|
+
# * [SERVICE\_CONTROL\_POLICY][2]
|
4283
|
+
#
|
4284
|
+
# * [TAG\_POLICY][3]
|
4285
|
+
#
|
4286
|
+
#
|
4287
|
+
#
|
4288
|
+
# [1]: http://docs.aws.amazon.com/organizations/latest/userguide/orgs_manage_policies_backup.html
|
4289
|
+
# [2]: http://docs.aws.amazon.com/organizations/latest/userguide/orgs_manage_policies_scp.html
|
4290
|
+
# [3]: http://docs.aws.amazon.com/organizations/latest/userguide/orgs_manage_policies_tag-policies.html
|
4250
4291
|
#
|
4251
4292
|
# @option params [String] :next_token
|
4252
4293
|
# The parameter for receiving additional results if you receive a
|
@@ -4304,7 +4345,7 @@ module Aws::Organizations
|
|
4304
4345
|
#
|
4305
4346
|
# resp = client.list_policies_for_target({
|
4306
4347
|
# target_id: "PolicyTargetId", # required
|
4307
|
-
# filter: "SERVICE_CONTROL_POLICY", # required, accepts SERVICE_CONTROL_POLICY, TAG_POLICY
|
4348
|
+
# filter: "SERVICE_CONTROL_POLICY", # required, accepts SERVICE_CONTROL_POLICY, TAG_POLICY, BACKUP_POLICY
|
4308
4349
|
# next_token: "NextToken",
|
4309
4350
|
# max_results: 1,
|
4310
4351
|
# })
|
@@ -4316,7 +4357,7 @@ module Aws::Organizations
|
|
4316
4357
|
# resp.policies[0].arn #=> String
|
4317
4358
|
# resp.policies[0].name #=> String
|
4318
4359
|
# resp.policies[0].description #=> String
|
4319
|
-
# resp.policies[0].type #=> String, one of "SERVICE_CONTROL_POLICY", "TAG_POLICY"
|
4360
|
+
# resp.policies[0].type #=> String, one of "SERVICE_CONTROL_POLICY", "TAG_POLICY", "BACKUP_POLICY"
|
4320
4361
|
# resp.policies[0].aws_managed #=> Boolean
|
4321
4362
|
# resp.next_token #=> String
|
4322
4363
|
#
|
@@ -4417,7 +4458,7 @@ module Aws::Organizations
|
|
4417
4458
|
# resp.roots[0].arn #=> String
|
4418
4459
|
# resp.roots[0].name #=> String
|
4419
4460
|
# resp.roots[0].policy_types #=> Array
|
4420
|
-
# resp.roots[0].policy_types[0].type #=> String, one of "SERVICE_CONTROL_POLICY", "TAG_POLICY"
|
4461
|
+
# resp.roots[0].policy_types[0].type #=> String, one of "SERVICE_CONTROL_POLICY", "TAG_POLICY", "BACKUP_POLICY"
|
4421
4462
|
# resp.roots[0].policy_types[0].status #=> String, one of "ENABLED", "PENDING_ENABLE", "PENDING_DISABLE"
|
4422
4463
|
# resp.next_token #=> String
|
4423
4464
|
#
|
@@ -4799,9 +4840,9 @@ module Aws::Organizations
|
|
4799
4840
|
# The ID of the resource to add a tag to.
|
4800
4841
|
#
|
4801
4842
|
# @option params [required, Array<Types::Tag>] :tags
|
4802
|
-
# The tag to add to the specified resource.
|
4803
|
-
#
|
4804
|
-
# can't set
|
4843
|
+
# The tag to add to the specified resource. You must specify both a tag
|
4844
|
+
# key and value. You can set the value of a tag to an empty string, but
|
4845
|
+
# you can't set it to null.
|
4805
4846
|
#
|
4806
4847
|
# @return [Struct] Returns an empty {Seahorse::Client::Response response}.
|
4807
4848
|
#
|
@@ -5044,7 +5085,7 @@ module Aws::Organizations
|
|
5044
5085
|
# resp.policy.policy_summary.arn #=> String
|
5045
5086
|
# resp.policy.policy_summary.name #=> String
|
5046
5087
|
# resp.policy.policy_summary.description #=> String
|
5047
|
-
# resp.policy.policy_summary.type #=> String, one of "SERVICE_CONTROL_POLICY", "TAG_POLICY"
|
5088
|
+
# resp.policy.policy_summary.type #=> String, one of "SERVICE_CONTROL_POLICY", "TAG_POLICY", "BACKUP_POLICY"
|
5048
5089
|
# resp.policy.policy_summary.aws_managed #=> Boolean
|
5049
5090
|
# resp.policy.content #=> String
|
5050
5091
|
#
|
@@ -5070,7 +5111,7 @@ module Aws::Organizations
|
|
5070
5111
|
params: params,
|
5071
5112
|
config: config)
|
5072
5113
|
context[:gem_name] = 'aws-sdk-organizations'
|
5073
|
-
context[:gem_version] = '1.
|
5114
|
+
context[:gem_version] = '1.44.0'
|
5074
5115
|
Seahorse::Client::Request.new(handlers, context)
|
5075
5116
|
end
|
5076
5117
|
|