aws-sdk-organizations 1.40.0 → 1.45.0
Sign up to get free protection for your applications and to get access to all the features.
- checksums.yaml +4 -4
- data/lib/aws-sdk-organizations.rb +3 -1
- data/lib/aws-sdk-organizations/client.rb +178 -116
- data/lib/aws-sdk-organizations/client_api.rb +5 -0
- data/lib/aws-sdk-organizations/errors.rb +2 -0
- data/lib/aws-sdk-organizations/resource.rb +2 -0
- data/lib/aws-sdk-organizations/types.rb +336 -70
- metadata +4 -4
checksums.yaml
CHANGED
@@ -1,7 +1,7 @@
|
|
1
1
|
---
|
2
2
|
SHA256:
|
3
|
-
metadata.gz:
|
4
|
-
data.tar.gz:
|
3
|
+
metadata.gz: b95c85194f445ac7ca32a2c1db7d9a29ce094b35a2e7e3bf640b63eb1ffaf085
|
4
|
+
data.tar.gz: b865e200caf7a72cdea6388885b65b34deaeb12394d654484d02085bba37e807
|
5
5
|
SHA512:
|
6
|
-
metadata.gz:
|
7
|
-
data.tar.gz:
|
6
|
+
metadata.gz: 60a3a483e5b64d2bac7b172d1a57946592deec4e6723ed8bf6f55ec12ea27ddcddb447f0fd0c3e9f9764f71bd5fd6decb229cdf2f4f65132133bed0514bfdc91
|
7
|
+
data.tar.gz: 7b0c7fdebd2f45d108525958d4b5a53ac4312cdb4f95984694cb9cf493bc580abf6135ebc490172bc52882eab636b6c35fa4e5243b9c77b6d1b4485f63b5b6cb
|
@@ -1,3 +1,5 @@
|
|
1
|
+
# frozen_string_literal: true
|
2
|
+
|
1
3
|
# WARNING ABOUT GENERATED CODE
|
2
4
|
#
|
3
5
|
# This file is generated. See the contributing guide for more information:
|
@@ -45,6 +47,6 @@ require_relative 'aws-sdk-organizations/customizations'
|
|
45
47
|
# @service
|
46
48
|
module Aws::Organizations
|
47
49
|
|
48
|
-
GEM_VERSION = '1.
|
50
|
+
GEM_VERSION = '1.45.0'
|
49
51
|
|
50
52
|
end
|
@@ -1,3 +1,5 @@
|
|
1
|
+
# frozen_string_literal: true
|
2
|
+
|
1
3
|
# WARNING ABOUT GENERATED CODE
|
2
4
|
#
|
3
5
|
# This file is generated. See the contributing guide for more information:
|
@@ -24,6 +26,7 @@ require 'aws-sdk-core/plugins/jsonvalue_converter.rb'
|
|
24
26
|
require 'aws-sdk-core/plugins/client_metrics_plugin.rb'
|
25
27
|
require 'aws-sdk-core/plugins/client_metrics_send_plugin.rb'
|
26
28
|
require 'aws-sdk-core/plugins/transfer_encoding.rb'
|
29
|
+
require 'aws-sdk-core/plugins/http_checksum.rb'
|
27
30
|
require 'aws-sdk-core/plugins/signature_v4.rb'
|
28
31
|
require 'aws-sdk-core/plugins/protocols/json_rpc.rb'
|
29
32
|
|
@@ -69,6 +72,7 @@ module Aws::Organizations
|
|
69
72
|
add_plugin(Aws::Plugins::ClientMetricsPlugin)
|
70
73
|
add_plugin(Aws::Plugins::ClientMetricsSendPlugin)
|
71
74
|
add_plugin(Aws::Plugins::TransferEncoding)
|
75
|
+
add_plugin(Aws::Plugins::HttpChecksum)
|
72
76
|
add_plugin(Aws::Plugins::SignatureV4)
|
73
77
|
add_plugin(Aws::Plugins::Protocols::JsonRpc)
|
74
78
|
|
@@ -161,7 +165,7 @@ module Aws::Organizations
|
|
161
165
|
# @option options [String] :endpoint
|
162
166
|
# The client endpoint is normally constructed from the `:region`
|
163
167
|
# option. You should only configure an `:endpoint` when connecting
|
164
|
-
# to test endpoints. This should be a valid HTTP(S) URI.
|
168
|
+
# to test or custom endpoints. This should be a valid HTTP(S) URI.
|
165
169
|
#
|
166
170
|
# @option options [Integer] :endpoint_cache_max_entries (1000)
|
167
171
|
# Used for the maximum size limit of the LRU cache storing endpoints data
|
@@ -176,7 +180,7 @@ module Aws::Organizations
|
|
176
180
|
# requests fetching endpoints information. Defaults to 60 sec.
|
177
181
|
#
|
178
182
|
# @option options [Boolean] :endpoint_discovery (false)
|
179
|
-
# When set to `true`, endpoint discovery will be enabled for operations when available.
|
183
|
+
# When set to `true`, endpoint discovery will be enabled for operations when available.
|
180
184
|
#
|
181
185
|
# @option options [Aws::Log::Formatter] :log_formatter (Aws::Log::Formatter.default)
|
182
186
|
# The log formatter.
|
@@ -457,53 +461,26 @@ module Aws::Organizations
|
|
457
461
|
|
458
462
|
# Attaches a policy to a root, an organizational unit (OU), or an
|
459
463
|
# individual account. How the policy affects accounts depends on the
|
460
|
-
# type of policy
|
461
|
-
#
|
462
|
-
#
|
463
|
-
#
|
464
|
-
#
|
465
|
-
#
|
466
|
-
#
|
467
|
-
#
|
468
|
-
#
|
469
|
-
#
|
470
|
-
# and in any child OUs.
|
471
|
-
#
|
472
|
-
# * If you attach the policy directly to an account, it affects only
|
473
|
-
# that account.
|
474
|
-
#
|
475
|
-
# SCPs are JSON policies that specify the maximum permissions for an
|
476
|
-
# organization or organizational unit (OU). You can attach one SCP to
|
477
|
-
# a higher level root or OU, and a different SCP to a child OU or to
|
478
|
-
# an account. The child policy can further restrict only the
|
479
|
-
# permissions that pass through the parent filter and are available to
|
480
|
-
# the child. An SCP that is attached to a child can't grant a
|
481
|
-
# permission that the parent hasn't already granted. For example,
|
482
|
-
# imagine that the parent SCP allows permissions A, B, C, D, and E.
|
483
|
-
# The child SCP allows C, D, E, F, and G. The result is that the
|
484
|
-
# accounts affected by the child SCP are allowed to use only C, D, and
|
485
|
-
# E. They can't use A or B because the child OU filtered them out.
|
486
|
-
# They also can't use F and G because the parent OU filtered them
|
487
|
-
# out. They can't be granted back by the child SCP; child SCPs can
|
488
|
-
# only filter the permissions they receive from the parent SCP.
|
489
|
-
#
|
490
|
-
# AWS Organizations attaches a default SCP named `"FullAWSAccess` to
|
491
|
-
# every root, OU, and account. This default SCP allows all services
|
492
|
-
# and actions, enabling any new child OU or account to inherit the
|
493
|
-
# permissions of the parent root or OU. If you detach the default
|
494
|
-
# policy, you must replace it with a policy that specifies the
|
495
|
-
# permissions that you want to allow in that OU or account.
|
496
|
-
#
|
497
|
-
# For more information about how AWS Organizations policies
|
498
|
-
# permissions work, see [Using Service Control Policies][1] in the
|
499
|
-
# *AWS Organizations User Guide.*
|
464
|
+
# type of policy. Refer to the *AWS Organizations User Guide* for
|
465
|
+
# information about each policy type:
|
466
|
+
#
|
467
|
+
# * [AISERVICES\_OPT\_OUT\_POLICY][1]
|
468
|
+
#
|
469
|
+
# * [BACKUP\_POLICY][2]
|
470
|
+
#
|
471
|
+
# * [SERVICE\_CONTROL\_POLICY][3]
|
472
|
+
#
|
473
|
+
# * [TAG\_POLICY][4]
|
500
474
|
#
|
501
475
|
# This operation can be called only from the organization's master
|
502
476
|
# account.
|
503
477
|
#
|
504
478
|
#
|
505
479
|
#
|
506
|
-
# [1]:
|
480
|
+
# [1]: http://docs.aws.amazon.com/organizations/latest/userguide/orgs_manage_policies_ai-opt-out.html
|
481
|
+
# [2]: http://docs.aws.amazon.com/organizations/latest/userguide/orgs_manage_policies_backup.html
|
482
|
+
# [3]: http://docs.aws.amazon.com/organizations/latest/userguide/orgs_manage_policies_scp.html
|
483
|
+
# [4]: http://docs.aws.amazon.com/organizations/latest/userguide/orgs_manage_policies_tag-policies.html
|
507
484
|
#
|
508
485
|
# @option params [required, String] :policy_id
|
509
486
|
# The unique identifier (ID) of the policy that you want to attach to
|
@@ -965,12 +942,13 @@ module Aws::Organizations
|
|
965
942
|
#
|
966
943
|
# * When you create an account in an organization using the AWS
|
967
944
|
# Organizations console, API, or CLI commands, the information
|
968
|
-
# required for the account to operate as a standalone account
|
969
|
-
# a payment method and signing
|
970
|
-
#
|
971
|
-
# your organization later, you can do so only after you provide
|
972
|
-
# missing information. Follow the steps at [ To leave an
|
973
|
-
# as a member account][7] in the *AWS Organizations User
|
945
|
+
# required for the account to operate as a standalone account is *not*
|
946
|
+
# automatically collected. This includes a payment method and signing
|
947
|
+
# the end user license agreement (EULA). If you must remove an account
|
948
|
+
# from your organization later, you can do so only after you provide
|
949
|
+
# the missing information. Follow the steps at [ To leave an
|
950
|
+
# organization as a member account][7] in the *AWS Organizations User
|
951
|
+
# Guide.*
|
974
952
|
#
|
975
953
|
# * If you get an exception that indicates that you exceeded your
|
976
954
|
# account limits for the organization, contact [AWS Support][8].
|
@@ -1215,7 +1193,7 @@ module Aws::Organizations
|
|
1215
1193
|
# resp.organization.master_account_id #=> String
|
1216
1194
|
# resp.organization.master_account_email #=> String
|
1217
1195
|
# resp.organization.available_policy_types #=> Array
|
1218
|
-
# resp.organization.available_policy_types[0].type #=> String, one of "SERVICE_CONTROL_POLICY", "TAG_POLICY"
|
1196
|
+
# resp.organization.available_policy_types[0].type #=> String, one of "SERVICE_CONTROL_POLICY", "TAG_POLICY", "BACKUP_POLICY", "AISERVICES_OPT_OUT_POLICY"
|
1219
1197
|
# resp.organization.available_policy_types[0].status #=> String, one of "ENABLED", "PENDING_ENABLE", "PENDING_DISABLE"
|
1220
1198
|
#
|
1221
1199
|
# @see http://docs.aws.amazon.com/goto/WebAPI/organizations-2016-11-28/CreateOrganization AWS API Documentation
|
@@ -1325,17 +1303,9 @@ module Aws::Organizations
|
|
1325
1303
|
# [1]: https://docs.aws.amazon.com/organizations/latest/userguide/orgs_manage_policies.html
|
1326
1304
|
#
|
1327
1305
|
# @option params [required, String] :content
|
1328
|
-
# The policy content to add to the new policy.
|
1329
|
-
#
|
1330
|
-
#
|
1331
|
-
# can delegate to their users, groups, and roles. For more information
|
1332
|
-
# about the SCP syntax, see [Service Control Policy Syntax][2] in the
|
1333
|
-
# *AWS Organizations User Guide.*
|
1334
|
-
#
|
1335
|
-
#
|
1336
|
-
#
|
1337
|
-
# [1]: https://docs.aws.amazon.com/organizations/latest/userguide/orgs_manage_policies_scp.html
|
1338
|
-
# [2]: https://docs.aws.amazon.com/organizations/latest/userguide/orgs_reference_scp-syntax.html
|
1306
|
+
# The policy text content to add to the new policy. The text that you
|
1307
|
+
# supply must adhere to the rules of the policy type you specify in the
|
1308
|
+
# `Type` parameter.
|
1339
1309
|
#
|
1340
1310
|
# @option params [required, String] :description
|
1341
1311
|
# An optional description to assign to the policy.
|
@@ -1351,12 +1321,23 @@ module Aws::Organizations
|
|
1351
1321
|
# [1]: http://wikipedia.org/wiki/regex
|
1352
1322
|
#
|
1353
1323
|
# @option params [required, String] :type
|
1354
|
-
# The type of policy to create.
|
1324
|
+
# The type of policy to create. You can specify one of the following
|
1325
|
+
# values:
|
1326
|
+
#
|
1327
|
+
# * [AISERVICES\_OPT\_OUT\_POLICY][1]
|
1328
|
+
#
|
1329
|
+
# * [BACKUP\_POLICY][2]
|
1355
1330
|
#
|
1356
|
-
#
|
1357
|
-
# a service control policy (SCP).
|
1331
|
+
# * [SERVICE\_CONTROL\_POLICY][3]
|
1358
1332
|
#
|
1359
|
-
#
|
1333
|
+
# * [TAG\_POLICY][4]
|
1334
|
+
#
|
1335
|
+
#
|
1336
|
+
#
|
1337
|
+
# [1]: http://docs.aws.amazon.com/organizations/latest/userguide/orgs_manage_policies_ai-opt-out.html
|
1338
|
+
# [2]: http://docs.aws.amazon.com/organizations/latest/userguide/orgs_manage_policies_backup.html
|
1339
|
+
# [3]: http://docs.aws.amazon.com/organizations/latest/userguide/orgs_manage_policies_scp.html
|
1340
|
+
# [4]: http://docs.aws.amazon.com/organizations/latest/userguide/orgs_manage_policies_tag-policies.html
|
1360
1341
|
#
|
1361
1342
|
# @return [Types::CreatePolicyResponse] Returns a {Seahorse::Client::Response response} object which responds to the following methods:
|
1362
1343
|
#
|
@@ -1396,7 +1377,7 @@ module Aws::Organizations
|
|
1396
1377
|
# content: "PolicyContent", # required
|
1397
1378
|
# description: "PolicyDescription", # required
|
1398
1379
|
# name: "PolicyName", # required
|
1399
|
-
# type: "SERVICE_CONTROL_POLICY", # required, accepts SERVICE_CONTROL_POLICY, TAG_POLICY
|
1380
|
+
# type: "SERVICE_CONTROL_POLICY", # required, accepts SERVICE_CONTROL_POLICY, TAG_POLICY, BACKUP_POLICY, AISERVICES_OPT_OUT_POLICY
|
1400
1381
|
# })
|
1401
1382
|
#
|
1402
1383
|
# @example Response structure
|
@@ -1405,7 +1386,7 @@ module Aws::Organizations
|
|
1405
1386
|
# resp.policy.policy_summary.arn #=> String
|
1406
1387
|
# resp.policy.policy_summary.name #=> String
|
1407
1388
|
# resp.policy.policy_summary.description #=> String
|
1408
|
-
# resp.policy.policy_summary.type #=> String, one of "SERVICE_CONTROL_POLICY", "TAG_POLICY"
|
1389
|
+
# resp.policy.policy_summary.type #=> String, one of "SERVICE_CONTROL_POLICY", "TAG_POLICY", "BACKUP_POLICY", "AISERVICES_OPT_OUT_POLICY"
|
1409
1390
|
# resp.policy.policy_summary.aws_managed #=> Boolean
|
1410
1391
|
# resp.policy.content #=> String
|
1411
1392
|
#
|
@@ -1825,14 +1806,15 @@ module Aws::Organizations
|
|
1825
1806
|
req.send_request(options)
|
1826
1807
|
end
|
1827
1808
|
|
1828
|
-
# Returns the contents of the effective
|
1829
|
-
# effective
|
1830
|
-
# account inherits, plus any policy
|
1831
|
-
# account.
|
1809
|
+
# Returns the contents of the effective policy for specified policy type
|
1810
|
+
# and account. The effective policy is the aggregation of any policies
|
1811
|
+
# of the specified type that the account inherits, plus any policy of
|
1812
|
+
# that type that is directly attached to the account.
|
1832
1813
|
#
|
1833
|
-
# This
|
1814
|
+
# This operation applies only to policy types *other* than service
|
1815
|
+
# control policies (SCPs).
|
1834
1816
|
#
|
1835
|
-
# For more information
|
1817
|
+
# For more information about policy inheritance, see [How Policy
|
1836
1818
|
# Inheritance Works][1] in the *AWS Organizations User Guide*.
|
1837
1819
|
#
|
1838
1820
|
# This operation can be called only from the organization's master
|
@@ -1844,12 +1826,25 @@ module Aws::Organizations
|
|
1844
1826
|
# [1]: http://docs.aws.amazon.com/organizations/latest/userguide/orgs_manage_policies-inheritance.html
|
1845
1827
|
#
|
1846
1828
|
# @option params [required, String] :policy_type
|
1847
|
-
# The type of policy that you want information about.
|
1829
|
+
# The type of policy that you want information about. You can specify
|
1830
|
+
# one of the following values:
|
1831
|
+
#
|
1832
|
+
# * [AISERVICES\_OPT\_OUT\_POLICY][1]
|
1833
|
+
#
|
1834
|
+
# * [BACKUP\_POLICY][2]
|
1835
|
+
#
|
1836
|
+
# * [TAG\_POLICY][3]
|
1837
|
+
#
|
1838
|
+
#
|
1839
|
+
#
|
1840
|
+
# [1]: http://docs.aws.amazon.com/organizations/latest/userguide/orgs_manage_policies_ai-opt-out.html
|
1841
|
+
# [2]: http://docs.aws.amazon.com/organizations/latest/userguide/orgs_manage_policies_backup.html
|
1842
|
+
# [3]: http://docs.aws.amazon.com/organizations/latest/userguide/orgs_manage_policies_tag-policies.html
|
1848
1843
|
#
|
1849
1844
|
# @option params [String] :target_id
|
1850
1845
|
# When you're signed in as the master account, specify the ID of the
|
1851
1846
|
# account that you want details about. Specifying an organization root
|
1852
|
-
# or OU as the target is not supported.
|
1847
|
+
# or organizational unit (OU) as the target is not supported.
|
1853
1848
|
#
|
1854
1849
|
# @return [Types::DescribeEffectivePolicyResponse] Returns a {Seahorse::Client::Response response} object which responds to the following methods:
|
1855
1850
|
#
|
@@ -1858,7 +1853,7 @@ module Aws::Organizations
|
|
1858
1853
|
# @example Request syntax with placeholder values
|
1859
1854
|
#
|
1860
1855
|
# resp = client.describe_effective_policy({
|
1861
|
-
# policy_type: "TAG_POLICY", # required, accepts TAG_POLICY
|
1856
|
+
# policy_type: "TAG_POLICY", # required, accepts TAG_POLICY, BACKUP_POLICY, AISERVICES_OPT_OUT_POLICY
|
1862
1857
|
# target_id: "PolicyTargetId",
|
1863
1858
|
# })
|
1864
1859
|
#
|
@@ -1867,7 +1862,7 @@ module Aws::Organizations
|
|
1867
1862
|
# resp.effective_policy.policy_content #=> String
|
1868
1863
|
# resp.effective_policy.last_updated_timestamp #=> Time
|
1869
1864
|
# resp.effective_policy.target_id #=> String
|
1870
|
-
# resp.effective_policy.policy_type #=> String, one of "TAG_POLICY"
|
1865
|
+
# resp.effective_policy.policy_type #=> String, one of "TAG_POLICY", "BACKUP_POLICY", "AISERVICES_OPT_OUT_POLICY"
|
1871
1866
|
#
|
1872
1867
|
# @see http://docs.aws.amazon.com/goto/WebAPI/organizations-2016-11-28/DescribeEffectivePolicy AWS API Documentation
|
1873
1868
|
#
|
@@ -2038,7 +2033,7 @@ module Aws::Organizations
|
|
2038
2033
|
# resp.organization.master_account_id #=> String
|
2039
2034
|
# resp.organization.master_account_email #=> String
|
2040
2035
|
# resp.organization.available_policy_types #=> Array
|
2041
|
-
# resp.organization.available_policy_types[0].type #=> String, one of "SERVICE_CONTROL_POLICY", "TAG_POLICY"
|
2036
|
+
# resp.organization.available_policy_types[0].type #=> String, one of "SERVICE_CONTROL_POLICY", "TAG_POLICY", "BACKUP_POLICY", "AISERVICES_OPT_OUT_POLICY"
|
2042
2037
|
# resp.organization.available_policy_types[0].status #=> String, one of "ENABLED", "PENDING_ENABLE", "PENDING_DISABLE"
|
2043
2038
|
#
|
2044
2039
|
# @see http://docs.aws.amazon.com/goto/WebAPI/organizations-2016-11-28/DescribeOrganization AWS API Documentation
|
@@ -2172,7 +2167,7 @@ module Aws::Organizations
|
|
2172
2167
|
# resp.policy.policy_summary.arn #=> String
|
2173
2168
|
# resp.policy.policy_summary.name #=> String
|
2174
2169
|
# resp.policy.policy_summary.description #=> String
|
2175
|
-
# resp.policy.policy_summary.type #=> String, one of "SERVICE_CONTROL_POLICY", "TAG_POLICY"
|
2170
|
+
# resp.policy.policy_summary.type #=> String, one of "SERVICE_CONTROL_POLICY", "TAG_POLICY", "BACKUP_POLICY", "AISERVICES_OPT_OUT_POLICY"
|
2176
2171
|
# resp.policy.policy_summary.aws_managed #=> Boolean
|
2177
2172
|
# resp.policy.content #=> String
|
2178
2173
|
#
|
@@ -2186,18 +2181,20 @@ module Aws::Organizations
|
|
2186
2181
|
end
|
2187
2182
|
|
2188
2183
|
# Detaches a policy from a target root, organizational unit (OU), or
|
2189
|
-
# account.
|
2190
|
-
#
|
2191
|
-
#
|
2192
|
-
#
|
2193
|
-
#
|
2194
|
-
#
|
2195
|
-
#
|
2196
|
-
#
|
2197
|
-
#
|
2198
|
-
#
|
2199
|
-
#
|
2200
|
-
#
|
2184
|
+
# account.
|
2185
|
+
#
|
2186
|
+
# If the policy being detached is a service control policy (SCP), the
|
2187
|
+
# changes to permissions for AWS Identity and Access Management (IAM)
|
2188
|
+
# users and roles in affected accounts are immediate.
|
2189
|
+
#
|
2190
|
+
# Every root, OU, and account must have at least one SCP attached. If
|
2191
|
+
# you want to replace the default `FullAWSAccess` policy with an SCP
|
2192
|
+
# that limits the permissions that can be delegated, you must attach the
|
2193
|
+
# replacement SCP before you can remove the default SCP. This is the
|
2194
|
+
# authorization strategy of an "[allow list][1]". If you instead
|
2195
|
+
# attach a second SCP and leave the `FullAWSAccess` SCP still attached,
|
2196
|
+
# and specify `"Effect": "Deny"` in the second SCP to override the
|
2197
|
+
# `"Effect": "Allow"` in the `FullAWSAccess` policy (or any other
|
2201
2198
|
# attached SCP), you're using the authorization strategy of a "[deny
|
2202
2199
|
# list][2]".
|
2203
2200
|
#
|
@@ -2206,8 +2203,8 @@ module Aws::Organizations
|
|
2206
2203
|
#
|
2207
2204
|
#
|
2208
2205
|
#
|
2209
|
-
# [1]: https://docs.aws.amazon.com/organizations/latest/userguide/
|
2210
|
-
# [2]: https://docs.aws.amazon.com/organizations/latest/userguide/
|
2206
|
+
# [1]: https://docs.aws.amazon.com/organizations/latest/userguide/SCP_strategies.html#orgs_policies_allowlist
|
2207
|
+
# [2]: https://docs.aws.amazon.com/organizations/latest/userguide/SCP_strategies.html#orgs_policies_denylist
|
2211
2208
|
#
|
2212
2209
|
# @option params [required, String] :policy_id
|
2213
2210
|
# The unique identifier (ID) of the policy you want to detach. You can
|
@@ -2330,18 +2327,19 @@ module Aws::Organizations
|
|
2330
2327
|
req.send_request(options)
|
2331
2328
|
end
|
2332
2329
|
|
2333
|
-
# Disables an organizational
|
2334
|
-
#
|
2330
|
+
# Disables an organizational policy type in a root. A policy of a
|
2331
|
+
# certain type can be attached to entities in a root only if that type
|
2335
2332
|
# is enabled in the root. After you perform this operation, you no
|
2336
2333
|
# longer can attach policies of the specified type to that root or to
|
2337
2334
|
# any organizational unit (OU) or account in that root. You can undo
|
2338
2335
|
# this by using the EnablePolicyType operation.
|
2339
2336
|
#
|
2340
2337
|
# This is an asynchronous request that AWS performs in the background.
|
2341
|
-
# If you disable a policy for a root, it still appears enabled for
|
2342
|
-
# organization if [all features][1] are enabled for the
|
2343
|
-
# AWS recommends that you first use ListRoots to see the
|
2344
|
-
# policy types for a specified root, and then use this
|
2338
|
+
# If you disable a policy type for a root, it still appears enabled for
|
2339
|
+
# the organization if [all features][1] are enabled for the
|
2340
|
+
# organization. AWS recommends that you first use ListRoots to see the
|
2341
|
+
# status of policy types for a specified root, and then use this
|
2342
|
+
# operation.
|
2345
2343
|
#
|
2346
2344
|
# This operation can be called only from the organization's master
|
2347
2345
|
# account.
|
@@ -2365,7 +2363,23 @@ module Aws::Organizations
|
|
2365
2363
|
# [1]: http://wikipedia.org/wiki/regex
|
2366
2364
|
#
|
2367
2365
|
# @option params [required, String] :policy_type
|
2368
|
-
# The policy type that you want to disable in this root.
|
2366
|
+
# The policy type that you want to disable in this root. You can specify
|
2367
|
+
# one of the following values:
|
2368
|
+
#
|
2369
|
+
# * [AISERVICES\_OPT\_OUT\_POLICY][1]
|
2370
|
+
#
|
2371
|
+
# * [BACKUP\_POLICY][2]
|
2372
|
+
#
|
2373
|
+
# * [SERVICE\_CONTROL\_POLICY][3]
|
2374
|
+
#
|
2375
|
+
# * [TAG\_POLICY][4]
|
2376
|
+
#
|
2377
|
+
#
|
2378
|
+
#
|
2379
|
+
# [1]: http://docs.aws.amazon.com/organizations/latest/userguide/orgs_manage_policies_ai-opt-out.html
|
2380
|
+
# [2]: http://docs.aws.amazon.com/organizations/latest/userguide/orgs_manage_policies_backup.html
|
2381
|
+
# [3]: http://docs.aws.amazon.com/organizations/latest/userguide/orgs_manage_policies_scp.html
|
2382
|
+
# [4]: http://docs.aws.amazon.com/organizations/latest/userguide/orgs_manage_policies_tag-policies.html
|
2369
2383
|
#
|
2370
2384
|
# @return [Types::DisablePolicyTypeResponse] Returns a {Seahorse::Client::Response response} object which responds to the following methods:
|
2371
2385
|
#
|
@@ -2397,7 +2411,7 @@ module Aws::Organizations
|
|
2397
2411
|
#
|
2398
2412
|
# resp = client.disable_policy_type({
|
2399
2413
|
# root_id: "RootId", # required
|
2400
|
-
# policy_type: "SERVICE_CONTROL_POLICY", # required, accepts SERVICE_CONTROL_POLICY, TAG_POLICY
|
2414
|
+
# policy_type: "SERVICE_CONTROL_POLICY", # required, accepts SERVICE_CONTROL_POLICY, TAG_POLICY, BACKUP_POLICY, AISERVICES_OPT_OUT_POLICY
|
2401
2415
|
# })
|
2402
2416
|
#
|
2403
2417
|
# @example Response structure
|
@@ -2406,7 +2420,7 @@ module Aws::Organizations
|
|
2406
2420
|
# resp.root.arn #=> String
|
2407
2421
|
# resp.root.name #=> String
|
2408
2422
|
# resp.root.policy_types #=> Array
|
2409
|
-
# resp.root.policy_types[0].type #=> String, one of "SERVICE_CONTROL_POLICY", "TAG_POLICY"
|
2423
|
+
# resp.root.policy_types[0].type #=> String, one of "SERVICE_CONTROL_POLICY", "TAG_POLICY", "BACKUP_POLICY", "AISERVICES_OPT_OUT_POLICY"
|
2410
2424
|
# resp.root.policy_types[0].status #=> String, one of "ENABLED", "PENDING_ENABLE", "PENDING_DISABLE"
|
2411
2425
|
#
|
2412
2426
|
# @see http://docs.aws.amazon.com/goto/WebAPI/organizations-2016-11-28/DisablePolicyType AWS API Documentation
|
@@ -2599,7 +2613,23 @@ module Aws::Organizations
|
|
2599
2613
|
# [1]: http://wikipedia.org/wiki/regex
|
2600
2614
|
#
|
2601
2615
|
# @option params [required, String] :policy_type
|
2602
|
-
# The policy type that you want to enable.
|
2616
|
+
# The policy type that you want to enable. You can specify one of the
|
2617
|
+
# following values:
|
2618
|
+
#
|
2619
|
+
# * [AISERVICES\_OPT\_OUT\_POLICY][1]
|
2620
|
+
#
|
2621
|
+
# * [BACKUP\_POLICY][2]
|
2622
|
+
#
|
2623
|
+
# * [SERVICE\_CONTROL\_POLICY][3]
|
2624
|
+
#
|
2625
|
+
# * [TAG\_POLICY][4]
|
2626
|
+
#
|
2627
|
+
#
|
2628
|
+
#
|
2629
|
+
# [1]: http://docs.aws.amazon.com/organizations/latest/userguide/orgs_manage_policies_ai-opt-out.html
|
2630
|
+
# [2]: http://docs.aws.amazon.com/organizations/latest/userguide/orgs_manage_policies_backup.html
|
2631
|
+
# [3]: http://docs.aws.amazon.com/organizations/latest/userguide/orgs_manage_policies_scp.html
|
2632
|
+
# [4]: http://docs.aws.amazon.com/organizations/latest/userguide/orgs_manage_policies_tag-policies.html
|
2603
2633
|
#
|
2604
2634
|
# @return [Types::EnablePolicyTypeResponse] Returns a {Seahorse::Client::Response response} object which responds to the following methods:
|
2605
2635
|
#
|
@@ -2635,7 +2665,7 @@ module Aws::Organizations
|
|
2635
2665
|
#
|
2636
2666
|
# resp = client.enable_policy_type({
|
2637
2667
|
# root_id: "RootId", # required
|
2638
|
-
# policy_type: "SERVICE_CONTROL_POLICY", # required, accepts SERVICE_CONTROL_POLICY, TAG_POLICY
|
2668
|
+
# policy_type: "SERVICE_CONTROL_POLICY", # required, accepts SERVICE_CONTROL_POLICY, TAG_POLICY, BACKUP_POLICY, AISERVICES_OPT_OUT_POLICY
|
2639
2669
|
# })
|
2640
2670
|
#
|
2641
2671
|
# @example Response structure
|
@@ -2644,7 +2674,7 @@ module Aws::Organizations
|
|
2644
2674
|
# resp.root.arn #=> String
|
2645
2675
|
# resp.root.name #=> String
|
2646
2676
|
# resp.root.policy_types #=> Array
|
2647
|
-
# resp.root.policy_types[0].type #=> String, one of "SERVICE_CONTROL_POLICY", "TAG_POLICY"
|
2677
|
+
# resp.root.policy_types[0].type #=> String, one of "SERVICE_CONTROL_POLICY", "TAG_POLICY", "BACKUP_POLICY", "AISERVICES_OPT_OUT_POLICY"
|
2648
2678
|
# resp.root.policy_types[0].status #=> String, one of "ENABLED", "PENDING_ENABLE", "PENDING_DISABLE"
|
2649
2679
|
#
|
2650
2680
|
# @see http://docs.aws.amazon.com/goto/WebAPI/organizations-2016-11-28/EnablePolicyType AWS API Documentation
|
@@ -4114,6 +4144,22 @@ module Aws::Organizations
|
|
4114
4144
|
#
|
4115
4145
|
# @option params [required, String] :filter
|
4116
4146
|
# Specifies the type of policy that you want to include in the response.
|
4147
|
+
# You must specify one of the following values:
|
4148
|
+
#
|
4149
|
+
# * [AISERVICES\_OPT\_OUT\_POLICY][1]
|
4150
|
+
#
|
4151
|
+
# * [BACKUP\_POLICY][2]
|
4152
|
+
#
|
4153
|
+
# * [SERVICE\_CONTROL\_POLICY][3]
|
4154
|
+
#
|
4155
|
+
# * [TAG\_POLICY][4]
|
4156
|
+
#
|
4157
|
+
#
|
4158
|
+
#
|
4159
|
+
# [1]: http://docs.aws.amazon.com/organizations/latest/userguide/orgs_manage_policies_ai-opt-out.html
|
4160
|
+
# [2]: http://docs.aws.amazon.com/organizations/latest/userguide/orgs_manage_policies_backup.html
|
4161
|
+
# [3]: http://docs.aws.amazon.com/organizations/latest/userguide/orgs_manage_policies_scp.html
|
4162
|
+
# [4]: http://docs.aws.amazon.com/organizations/latest/userguide/orgs_manage_policies_tag-policies.html
|
4117
4163
|
#
|
4118
4164
|
# @option params [String] :next_token
|
4119
4165
|
# The parameter for receiving additional results if you receive a
|
@@ -4183,7 +4229,7 @@ module Aws::Organizations
|
|
4183
4229
|
# @example Request syntax with placeholder values
|
4184
4230
|
#
|
4185
4231
|
# resp = client.list_policies({
|
4186
|
-
# filter: "SERVICE_CONTROL_POLICY", # required, accepts SERVICE_CONTROL_POLICY, TAG_POLICY
|
4232
|
+
# filter: "SERVICE_CONTROL_POLICY", # required, accepts SERVICE_CONTROL_POLICY, TAG_POLICY, BACKUP_POLICY, AISERVICES_OPT_OUT_POLICY
|
4187
4233
|
# next_token: "NextToken",
|
4188
4234
|
# max_results: 1,
|
4189
4235
|
# })
|
@@ -4195,7 +4241,7 @@ module Aws::Organizations
|
|
4195
4241
|
# resp.policies[0].arn #=> String
|
4196
4242
|
# resp.policies[0].name #=> String
|
4197
4243
|
# resp.policies[0].description #=> String
|
4198
|
-
# resp.policies[0].type #=> String, one of "SERVICE_CONTROL_POLICY", "TAG_POLICY"
|
4244
|
+
# resp.policies[0].type #=> String, one of "SERVICE_CONTROL_POLICY", "TAG_POLICY", "BACKUP_POLICY", "AISERVICES_OPT_OUT_POLICY"
|
4199
4245
|
# resp.policies[0].aws_managed #=> Boolean
|
4200
4246
|
# resp.next_token #=> String
|
4201
4247
|
#
|
@@ -4246,7 +4292,23 @@ module Aws::Organizations
|
|
4246
4292
|
# [1]: http://wikipedia.org/wiki/regex
|
4247
4293
|
#
|
4248
4294
|
# @option params [required, String] :filter
|
4249
|
-
# The type of policy that you want to include in the returned list.
|
4295
|
+
# The type of policy that you want to include in the returned list. You
|
4296
|
+
# must specify one of the following values:
|
4297
|
+
#
|
4298
|
+
# * [AISERVICES\_OPT\_OUT\_POLICY][1]
|
4299
|
+
#
|
4300
|
+
# * [BACKUP\_POLICY][2]
|
4301
|
+
#
|
4302
|
+
# * [SERVICE\_CONTROL\_POLICY][3]
|
4303
|
+
#
|
4304
|
+
# * [TAG\_POLICY][4]
|
4305
|
+
#
|
4306
|
+
#
|
4307
|
+
#
|
4308
|
+
# [1]: http://docs.aws.amazon.com/organizations/latest/userguide/orgs_manage_policies_ai-opt-out.html
|
4309
|
+
# [2]: http://docs.aws.amazon.com/organizations/latest/userguide/orgs_manage_policies_backup.html
|
4310
|
+
# [3]: http://docs.aws.amazon.com/organizations/latest/userguide/orgs_manage_policies_scp.html
|
4311
|
+
# [4]: http://docs.aws.amazon.com/organizations/latest/userguide/orgs_manage_policies_tag-policies.html
|
4250
4312
|
#
|
4251
4313
|
# @option params [String] :next_token
|
4252
4314
|
# The parameter for receiving additional results if you receive a
|
@@ -4304,7 +4366,7 @@ module Aws::Organizations
|
|
4304
4366
|
#
|
4305
4367
|
# resp = client.list_policies_for_target({
|
4306
4368
|
# target_id: "PolicyTargetId", # required
|
4307
|
-
# filter: "SERVICE_CONTROL_POLICY", # required, accepts SERVICE_CONTROL_POLICY, TAG_POLICY
|
4369
|
+
# filter: "SERVICE_CONTROL_POLICY", # required, accepts SERVICE_CONTROL_POLICY, TAG_POLICY, BACKUP_POLICY, AISERVICES_OPT_OUT_POLICY
|
4308
4370
|
# next_token: "NextToken",
|
4309
4371
|
# max_results: 1,
|
4310
4372
|
# })
|
@@ -4316,7 +4378,7 @@ module Aws::Organizations
|
|
4316
4378
|
# resp.policies[0].arn #=> String
|
4317
4379
|
# resp.policies[0].name #=> String
|
4318
4380
|
# resp.policies[0].description #=> String
|
4319
|
-
# resp.policies[0].type #=> String, one of "SERVICE_CONTROL_POLICY", "TAG_POLICY"
|
4381
|
+
# resp.policies[0].type #=> String, one of "SERVICE_CONTROL_POLICY", "TAG_POLICY", "BACKUP_POLICY", "AISERVICES_OPT_OUT_POLICY"
|
4320
4382
|
# resp.policies[0].aws_managed #=> Boolean
|
4321
4383
|
# resp.next_token #=> String
|
4322
4384
|
#
|
@@ -4417,7 +4479,7 @@ module Aws::Organizations
|
|
4417
4479
|
# resp.roots[0].arn #=> String
|
4418
4480
|
# resp.roots[0].name #=> String
|
4419
4481
|
# resp.roots[0].policy_types #=> Array
|
4420
|
-
# resp.roots[0].policy_types[0].type #=> String, one of "SERVICE_CONTROL_POLICY", "TAG_POLICY"
|
4482
|
+
# resp.roots[0].policy_types[0].type #=> String, one of "SERVICE_CONTROL_POLICY", "TAG_POLICY", "BACKUP_POLICY", "AISERVICES_OPT_OUT_POLICY"
|
4421
4483
|
# resp.roots[0].policy_types[0].status #=> String, one of "ENABLED", "PENDING_ENABLE", "PENDING_DISABLE"
|
4422
4484
|
# resp.next_token #=> String
|
4423
4485
|
#
|
@@ -4799,9 +4861,9 @@ module Aws::Organizations
|
|
4799
4861
|
# The ID of the resource to add a tag to.
|
4800
4862
|
#
|
4801
4863
|
# @option params [required, Array<Types::Tag>] :tags
|
4802
|
-
# The tag to add to the specified resource.
|
4803
|
-
#
|
4804
|
-
# can't set
|
4864
|
+
# The tag to add to the specified resource. You must specify both a tag
|
4865
|
+
# key and value. You can set the value of a tag to an empty string, but
|
4866
|
+
# you can't set it to null.
|
4805
4867
|
#
|
4806
4868
|
# @return [Struct] Returns an empty {Seahorse::Client::Response response}.
|
4807
4869
|
#
|
@@ -5044,7 +5106,7 @@ module Aws::Organizations
|
|
5044
5106
|
# resp.policy.policy_summary.arn #=> String
|
5045
5107
|
# resp.policy.policy_summary.name #=> String
|
5046
5108
|
# resp.policy.policy_summary.description #=> String
|
5047
|
-
# resp.policy.policy_summary.type #=> String, one of "SERVICE_CONTROL_POLICY", "TAG_POLICY"
|
5109
|
+
# resp.policy.policy_summary.type #=> String, one of "SERVICE_CONTROL_POLICY", "TAG_POLICY", "BACKUP_POLICY", "AISERVICES_OPT_OUT_POLICY"
|
5048
5110
|
# resp.policy.policy_summary.aws_managed #=> Boolean
|
5049
5111
|
# resp.policy.content #=> String
|
5050
5112
|
#
|
@@ -5070,7 +5132,7 @@ module Aws::Organizations
|
|
5070
5132
|
params: params,
|
5071
5133
|
config: config)
|
5072
5134
|
context[:gem_name] = 'aws-sdk-organizations'
|
5073
|
-
context[:gem_version] = '1.
|
5135
|
+
context[:gem_version] = '1.45.0'
|
5074
5136
|
Seahorse::Client::Request.new(handlers, context)
|
5075
5137
|
end
|
5076
5138
|
|