aws-sdk-organizations 1.47.0 → 1.52.0
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- checksums.yaml +4 -4
- data/lib/aws-sdk-organizations.rb +3 -2
- data/lib/aws-sdk-organizations/client.rb +292 -52
- data/lib/aws-sdk-organizations/client_api.rb +6 -0
- data/lib/aws-sdk-organizations/types.rb +224 -15
- metadata +4 -4
checksums.yaml
CHANGED
@@ -1,7 +1,7 @@
|
|
1
1
|
---
|
2
2
|
SHA256:
|
3
|
-
metadata.gz:
|
4
|
-
data.tar.gz:
|
3
|
+
metadata.gz: f6065d9084c1562745c98ea8243f024fddd524b4f9464bc4741cad9b7e215dfe
|
4
|
+
data.tar.gz: 54ee4e6eec2723a224ae5c69395ea7d20913644b7a97983dcd5b54aca23ad7d2
|
5
5
|
SHA512:
|
6
|
-
metadata.gz:
|
7
|
-
data.tar.gz:
|
6
|
+
metadata.gz: 566c51f8153ee6d4b7f9b4decab247c6c19daf191d26009120803fa19615cf718a71962ba046680da42f98abb01c6183afe5ce53367461dc85f1ecfe42c40f9c
|
7
|
+
data.tar.gz: f1dd181f63b20655e02ba84ec3c4a1652ceca26ca92a73069119311242a91bd7c015f7c2512c321afe0a83ad2f928be256c6208ac31f563bedc6710ce488accb
|
@@ -7,6 +7,7 @@
|
|
7
7
|
#
|
8
8
|
# WARNING ABOUT GENERATED CODE
|
9
9
|
|
10
|
+
|
10
11
|
require 'aws-sdk-core'
|
11
12
|
require 'aws-sigv4'
|
12
13
|
|
@@ -44,9 +45,9 @@ require_relative 'aws-sdk-organizations/customizations'
|
|
44
45
|
#
|
45
46
|
# See {Errors} for more information.
|
46
47
|
#
|
47
|
-
#
|
48
|
+
# @!group service
|
48
49
|
module Aws::Organizations
|
49
50
|
|
50
|
-
GEM_VERSION = '1.
|
51
|
+
GEM_VERSION = '1.52.0'
|
51
52
|
|
52
53
|
end
|
@@ -85,13 +85,28 @@ module Aws::Organizations
|
|
85
85
|
# * `Aws::Credentials` - Used for configuring static, non-refreshing
|
86
86
|
# credentials.
|
87
87
|
#
|
88
|
+
# * `Aws::SharedCredentials` - Used for loading static credentials from a
|
89
|
+
# shared file, such as `~/.aws/config`.
|
90
|
+
#
|
91
|
+
# * `Aws::AssumeRoleCredentials` - Used when you need to assume a role.
|
92
|
+
#
|
93
|
+
# * `Aws::AssumeRoleWebIdentityCredentials` - Used when you need to
|
94
|
+
# assume a role after providing credentials via the web.
|
95
|
+
#
|
96
|
+
# * `Aws::SSOCredentials` - Used for loading credentials from AWS SSO using an
|
97
|
+
# access token generated from `aws login`.
|
98
|
+
#
|
99
|
+
# * `Aws::ProcessCredentials` - Used for loading credentials from a
|
100
|
+
# process that outputs to stdout.
|
101
|
+
#
|
88
102
|
# * `Aws::InstanceProfileCredentials` - Used for loading credentials
|
89
103
|
# from an EC2 IMDS on an EC2 instance.
|
90
104
|
#
|
91
|
-
# * `Aws::
|
92
|
-
#
|
105
|
+
# * `Aws::ECSCredentials` - Used for loading credentials from
|
106
|
+
# instances running in ECS.
|
93
107
|
#
|
94
|
-
# * `Aws::
|
108
|
+
# * `Aws::CognitoIdentityCredentials` - Used for loading credentials
|
109
|
+
# from the Cognito Identity service.
|
95
110
|
#
|
96
111
|
# When `:credentials` are not configured directly, the following
|
97
112
|
# locations will be searched for credentials:
|
@@ -101,10 +116,10 @@ module Aws::Organizations
|
|
101
116
|
# * ENV['AWS_ACCESS_KEY_ID'], ENV['AWS_SECRET_ACCESS_KEY']
|
102
117
|
# * `~/.aws/credentials`
|
103
118
|
# * `~/.aws/config`
|
104
|
-
# * EC2 IMDS instance profile - When used by default, the timeouts
|
105
|
-
# very aggressive. Construct and pass an instance of
|
106
|
-
# `Aws::InstanceProfileCredentails`
|
107
|
-
# timeouts.
|
119
|
+
# * EC2/ECS IMDS instance profile - When used by default, the timeouts
|
120
|
+
# are very aggressive. Construct and pass an instance of
|
121
|
+
# `Aws::InstanceProfileCredentails` or `Aws::ECSCredentials` to
|
122
|
+
# enable retries and extended timeouts.
|
108
123
|
#
|
109
124
|
# @option options [required, String] :region
|
110
125
|
# The AWS region to connect to. The configured `:region` is
|
@@ -688,8 +703,6 @@ module Aws::Organizations
|
|
688
703
|
# [Monitoring the Activity in Your Organization][1] in the *AWS
|
689
704
|
# Organizations User Guide.*
|
690
705
|
#
|
691
|
-
#
|
692
|
-
#
|
693
706
|
# The user who calls the API to create an account must have the
|
694
707
|
# `organizations:CreateAccount` permission. If you enabled all features
|
695
708
|
# in the organization, AWS Organizations creates the required
|
@@ -697,6 +710,9 @@ module Aws::Organizations
|
|
697
710
|
# information, see [AWS Organizations and Service-Linked Roles][2] in
|
698
711
|
# the *AWS Organizations User Guide*.
|
699
712
|
#
|
713
|
+
# If the request includes tags, then the requester must have the
|
714
|
+
# `organizations:TagResource` permission.
|
715
|
+
#
|
700
716
|
# AWS Organizations preconfigures the new member account with a role
|
701
717
|
# (named `OrganizationAccountAccessRole` by default) that grants users
|
702
718
|
# in the master account administrator permissions in the new member
|
@@ -812,6 +828,23 @@ module Aws::Organizations
|
|
812
828
|
#
|
813
829
|
# [1]: https://docs.aws.amazon.com/awsaccountbilling/latest/aboutv2/grantaccess.html#ControllingAccessWebsite-Activate
|
814
830
|
#
|
831
|
+
# @option params [Array<Types::Tag>] :tags
|
832
|
+
# A list of tags that you want to attach to the newly created account.
|
833
|
+
# For each tag in the list, you must specify both a tag key and a value.
|
834
|
+
# You can set the value to an empty string, but you can't set it to
|
835
|
+
# `null`. For more information about tagging, see [Tagging AWS
|
836
|
+
# Organizations resources][1] in the AWS Organizations User Guide.
|
837
|
+
#
|
838
|
+
# <note markdown="1"> If any one of the tags is invalid or if you exceed the allowed number
|
839
|
+
# of tags for an account, then the entire request fails and the account
|
840
|
+
# is not created.
|
841
|
+
#
|
842
|
+
# </note>
|
843
|
+
#
|
844
|
+
#
|
845
|
+
#
|
846
|
+
# [1]: https://docs.aws.amazon.com/organizations/latest/userguide/orgs_tagging.html
|
847
|
+
#
|
815
848
|
# @return [Types::CreateAccountResponse] Returns a {Seahorse::Client::Response response} object which responds to the following methods:
|
816
849
|
#
|
817
850
|
# * {Types::CreateAccountResponse#create_account_status #create_account_status} => Types::CreateAccountStatus
|
@@ -844,6 +877,12 @@ module Aws::Organizations
|
|
844
877
|
# account_name: "AccountName", # required
|
845
878
|
# role_name: "RoleName",
|
846
879
|
# iam_user_access_to_billing: "ALLOW", # accepts ALLOW, DENY
|
880
|
+
# tags: [
|
881
|
+
# {
|
882
|
+
# key: "TagKey", # required
|
883
|
+
# value: "TagValue", # required
|
884
|
+
# },
|
885
|
+
# ],
|
847
886
|
# })
|
848
887
|
#
|
849
888
|
# @example Response structure
|
@@ -878,11 +917,12 @@ module Aws::Organizations
|
|
878
917
|
# * You call this action from the master account of your organization in
|
879
918
|
# the commercial Region.
|
880
919
|
#
|
881
|
-
# * You have the `organizations:CreateGovCloudAccount` permission.
|
882
|
-
#
|
883
|
-
#
|
884
|
-
#
|
885
|
-
#
|
920
|
+
# * You have the `organizations:CreateGovCloudAccount` permission.
|
921
|
+
#
|
922
|
+
# AWS Organizations automatically creates the required service-linked
|
923
|
+
# role named `AWSServiceRoleForOrganizations`. For more information, see
|
924
|
+
# [AWS Organizations and Service-Linked Roles][2] in the *AWS
|
925
|
+
# Organizations User Guide.*
|
886
926
|
#
|
887
927
|
# AWS automatically enables AWS CloudTrail for AWS GovCloud (US)
|
888
928
|
# accounts, but you should also do the following:
|
@@ -894,6 +934,13 @@ module Aws::Organizations
|
|
894
934
|
# For more information, see [Verifying AWS CloudTrail Is Enabled][3]
|
895
935
|
# in the *AWS GovCloud User Guide*.
|
896
936
|
#
|
937
|
+
# If the request includes tags, then the requester must have the
|
938
|
+
# `organizations:TagResource` permission. The tags are attached to the
|
939
|
+
# commercial account associated with the GovCloud account, rather than
|
940
|
+
# the GovCloud account itself. To add tags to the GovCloud account, call
|
941
|
+
# the TagResource operation in the GovCloud Region after the new
|
942
|
+
# GovCloud account exists.
|
943
|
+
#
|
897
944
|
# You call this action from the master account of your organization in
|
898
945
|
# the commercial Region to create a standalone AWS account in the AWS
|
899
946
|
# GovCloud (US) Region. After the account is created, the master account
|
@@ -930,10 +977,10 @@ module Aws::Organizations
|
|
930
977
|
# allows the master account in the organization in the commercial Region
|
931
978
|
# to assume it. An AWS GovCloud (US) account is then created and
|
932
979
|
# associated with the commercial account that you just created. A role
|
933
|
-
# is created in the new AWS GovCloud (US) account that can be
|
934
|
-
# the AWS GovCloud (US) account that is associated with the
|
935
|
-
# account of the commercial organization. For more information
|
936
|
-
# view a diagram that explains how account access works, see [AWS
|
980
|
+
# is also created in the new AWS GovCloud (US) account that can be
|
981
|
+
# assumed by the AWS GovCloud (US) account that is associated with the
|
982
|
+
# master account of the commercial organization. For more information
|
983
|
+
# and to view a diagram that explains how account access works, see [AWS
|
937
984
|
# Organizations][4] in the *AWS GovCloud User Guide.*
|
938
985
|
#
|
939
986
|
# For more information about creating accounts, see [Creating an AWS
|
@@ -1047,6 +1094,28 @@ module Aws::Organizations
|
|
1047
1094
|
#
|
1048
1095
|
# [1]: https://docs.aws.amazon.com/awsaccountbilling/latest/aboutv2/grantaccess.html#ControllingAccessWebsite-Activate
|
1049
1096
|
#
|
1097
|
+
# @option params [Array<Types::Tag>] :tags
|
1098
|
+
# A list of tags that you want to attach to the newly created account.
|
1099
|
+
# These tags are attached to the commercial account associated with the
|
1100
|
+
# GovCloud account, and not to the GovCloud account itself. To add tags
|
1101
|
+
# to the actual GovCloud account, call the TagResource operation in the
|
1102
|
+
# GovCloud region after the new GovCloud account exists.
|
1103
|
+
#
|
1104
|
+
# For each tag in the list, you must specify both a tag key and a value.
|
1105
|
+
# You can set the value to an empty string, but you can't set it to
|
1106
|
+
# `null`. For more information about tagging, see [Tagging AWS
|
1107
|
+
# Organizations resources][1] in the AWS Organizations User Guide.
|
1108
|
+
#
|
1109
|
+
# <note markdown="1"> If any one of the tags is invalid or if you exceed the allowed number
|
1110
|
+
# of tags for an account, then the entire request fails and the account
|
1111
|
+
# is not created.
|
1112
|
+
#
|
1113
|
+
# </note>
|
1114
|
+
#
|
1115
|
+
#
|
1116
|
+
#
|
1117
|
+
# [1]: https://docs.aws.amazon.com/organizations/latest/userguide/orgs_tagging.html
|
1118
|
+
#
|
1050
1119
|
# @return [Types::CreateGovCloudAccountResponse] Returns a {Seahorse::Client::Response response} object which responds to the following methods:
|
1051
1120
|
#
|
1052
1121
|
# * {Types::CreateGovCloudAccountResponse#create_account_status #create_account_status} => Types::CreateAccountStatus
|
@@ -1058,6 +1127,12 @@ module Aws::Organizations
|
|
1058
1127
|
# account_name: "AccountName", # required
|
1059
1128
|
# role_name: "RoleName",
|
1060
1129
|
# iam_user_access_to_billing: "ALLOW", # accepts ALLOW, DENY
|
1130
|
+
# tags: [
|
1131
|
+
# {
|
1132
|
+
# key: "TagKey", # required
|
1133
|
+
# value: "TagValue", # required
|
1134
|
+
# },
|
1135
|
+
# ],
|
1061
1136
|
# })
|
1062
1137
|
#
|
1063
1138
|
# @example Response structure
|
@@ -1098,7 +1173,7 @@ module Aws::Organizations
|
|
1098
1173
|
#
|
1099
1174
|
#
|
1100
1175
|
#
|
1101
|
-
# [1]: https://docs.aws.amazon.com/
|
1176
|
+
# [1]: https://docs.aws.amazon.com/organizations/latest/userguide/orgs_getting-started_concepts.html#account
|
1102
1177
|
#
|
1103
1178
|
# @option params [String] :feature_set
|
1104
1179
|
# Specifies the feature set supported by the new organization. Each
|
@@ -1215,6 +1290,9 @@ module Aws::Organizations
|
|
1215
1290
|
# For more information about OUs, see [Managing Organizational Units][1]
|
1216
1291
|
# in the *AWS Organizations User Guide.*
|
1217
1292
|
#
|
1293
|
+
# If the request includes tags, then the requester must have the
|
1294
|
+
# `organizations:TagResource` permission.
|
1295
|
+
#
|
1218
1296
|
# This operation can be called only from the organization's master
|
1219
1297
|
# account.
|
1220
1298
|
#
|
@@ -1244,6 +1322,23 @@ module Aws::Organizations
|
|
1244
1322
|
# @option params [required, String] :name
|
1245
1323
|
# The friendly name to assign to the new OU.
|
1246
1324
|
#
|
1325
|
+
# @option params [Array<Types::Tag>] :tags
|
1326
|
+
# A list of tags that you want to attach to the newly created OU. For
|
1327
|
+
# each tag in the list, you must specify both a tag key and a value. You
|
1328
|
+
# can set the value to an empty string, but you can't set it to `null`.
|
1329
|
+
# For more information about tagging, see [Tagging AWS Organizations
|
1330
|
+
# resources][1] in the AWS Organizations User Guide.
|
1331
|
+
#
|
1332
|
+
# <note markdown="1"> If any one of the tags is invalid or if you exceed the allowed number
|
1333
|
+
# of tags for an OU, then the entire request fails and the OU is not
|
1334
|
+
# created.
|
1335
|
+
#
|
1336
|
+
# </note>
|
1337
|
+
#
|
1338
|
+
#
|
1339
|
+
#
|
1340
|
+
# [1]: https://docs.aws.amazon.com/organizations/latest/userguide/orgs_tagging.html
|
1341
|
+
#
|
1247
1342
|
# @return [Types::CreateOrganizationalUnitResponse] Returns a {Seahorse::Client::Response response} object which responds to the following methods:
|
1248
1343
|
#
|
1249
1344
|
# * {Types::CreateOrganizationalUnitResponse#organizational_unit #organizational_unit} => Types::OrganizationalUnit
|
@@ -1272,6 +1367,12 @@ module Aws::Organizations
|
|
1272
1367
|
# resp = client.create_organizational_unit({
|
1273
1368
|
# parent_id: "ParentId", # required
|
1274
1369
|
# name: "OrganizationalUnitName", # required
|
1370
|
+
# tags: [
|
1371
|
+
# {
|
1372
|
+
# key: "TagKey", # required
|
1373
|
+
# value: "TagValue", # required
|
1374
|
+
# },
|
1375
|
+
# ],
|
1275
1376
|
# })
|
1276
1377
|
#
|
1277
1378
|
# @example Response structure
|
@@ -1295,6 +1396,9 @@ module Aws::Organizations
|
|
1295
1396
|
# For more information about policies and their use, see [Managing
|
1296
1397
|
# Organization Policies][1].
|
1297
1398
|
#
|
1399
|
+
# If the request includes tags, then the requester must have the
|
1400
|
+
# `organizations:TagResource` permission.
|
1401
|
+
#
|
1298
1402
|
# This operation can be called only from the organization's master
|
1299
1403
|
# account.
|
1300
1404
|
#
|
@@ -1339,6 +1443,23 @@ module Aws::Organizations
|
|
1339
1443
|
# [3]: http://docs.aws.amazon.com/organizations/latest/userguide/orgs_manage_policies_scp.html
|
1340
1444
|
# [4]: http://docs.aws.amazon.com/organizations/latest/userguide/orgs_manage_policies_tag-policies.html
|
1341
1445
|
#
|
1446
|
+
# @option params [Array<Types::Tag>] :tags
|
1447
|
+
# A list of tags that you want to attach to the newly created policy.
|
1448
|
+
# For each tag in the list, you must specify both a tag key and a value.
|
1449
|
+
# You can set the value to an empty string, but you can't set it to
|
1450
|
+
# `null`. For more information about tagging, see [Tagging AWS
|
1451
|
+
# Organizations resources][1] in the AWS Organizations User Guide.
|
1452
|
+
#
|
1453
|
+
# <note markdown="1"> If any one of the tags is invalid or if you exceed the allowed number
|
1454
|
+
# of tags for a policy, then the entire request fails and the policy is
|
1455
|
+
# not created.
|
1456
|
+
#
|
1457
|
+
# </note>
|
1458
|
+
#
|
1459
|
+
#
|
1460
|
+
#
|
1461
|
+
# [1]: https://docs.aws.amazon.com/organizations/latest/userguide/orgs_tagging.html
|
1462
|
+
#
|
1342
1463
|
# @return [Types::CreatePolicyResponse] Returns a {Seahorse::Client::Response response} object which responds to the following methods:
|
1343
1464
|
#
|
1344
1465
|
# * {Types::CreatePolicyResponse#policy #policy} => Types::Policy
|
@@ -1378,6 +1499,12 @@ module Aws::Organizations
|
|
1378
1499
|
# description: "PolicyDescription", # required
|
1379
1500
|
# name: "PolicyName", # required
|
1380
1501
|
# type: "SERVICE_CONTROL_POLICY", # required, accepts SERVICE_CONTROL_POLICY, TAG_POLICY, BACKUP_POLICY, AISERVICES_OPT_OUT_POLICY
|
1502
|
+
# tags: [
|
1503
|
+
# {
|
1504
|
+
# key: "TagKey", # required
|
1505
|
+
# value: "TagValue", # required
|
1506
|
+
# },
|
1507
|
+
# ],
|
1381
1508
|
# })
|
1382
1509
|
#
|
1383
1510
|
# @example Response structure
|
@@ -2711,6 +2838,9 @@ module Aws::Organizations
|
|
2711
2838
|
# then try again. If the error persists after an hour, contact [AWS
|
2712
2839
|
# Support][2].
|
2713
2840
|
#
|
2841
|
+
# If the request includes tags, then the requester must have the
|
2842
|
+
# `organizations:TagResource` permission.
|
2843
|
+
#
|
2714
2844
|
# This operation can be called only from the organization's master
|
2715
2845
|
# account.
|
2716
2846
|
#
|
@@ -2741,6 +2871,33 @@ module Aws::Organizations
|
|
2741
2871
|
# Additional information that you want to include in the generated email
|
2742
2872
|
# to the recipient account owner.
|
2743
2873
|
#
|
2874
|
+
# @option params [Array<Types::Tag>] :tags
|
2875
|
+
# A list of tags that you want to attach to the account when it becomes
|
2876
|
+
# a member of the organization. For each tag in the list, you must
|
2877
|
+
# specify both a tag key and a value. You can set the value to an empty
|
2878
|
+
# string, but you can't set it to `null`. For more information about
|
2879
|
+
# tagging, see [Tagging AWS Organizations resources][1] in the AWS
|
2880
|
+
# Organizations User Guide.
|
2881
|
+
#
|
2882
|
+
# Any tags in the request are checked for compliance with any applicable
|
2883
|
+
# tag policies when the request is made. The request is rejected if the
|
2884
|
+
# tags in the request don't match the requirements of the policy at
|
2885
|
+
# that time. Tag policy compliance is <i> <b>not</b> </i> checked again
|
2886
|
+
# when the invitation is accepted and the tags are actually attached to
|
2887
|
+
# the account. That means that if the tag policy changes between the
|
2888
|
+
# invitation and the acceptance, then that tags could potentially be
|
2889
|
+
# non-compliant.
|
2890
|
+
#
|
2891
|
+
# <note markdown="1"> If any one of the tags is invalid or if you exceed the allowed number
|
2892
|
+
# of tags for an account, then the entire request fails and invitations
|
2893
|
+
# are not sent.
|
2894
|
+
#
|
2895
|
+
# </note>
|
2896
|
+
#
|
2897
|
+
#
|
2898
|
+
#
|
2899
|
+
# [1]: https://docs.aws.amazon.com/organizations/latest/userguide/orgs_tagging.html
|
2900
|
+
#
|
2744
2901
|
# @return [Types::InviteAccountToOrganizationResponse] Returns a {Seahorse::Client::Response response} object which responds to the following methods:
|
2745
2902
|
#
|
2746
2903
|
# * {Types::InviteAccountToOrganizationResponse#handshake #handshake} => Types::Handshake
|
@@ -2813,6 +2970,12 @@ module Aws::Organizations
|
|
2813
2970
|
# type: "ACCOUNT", # required, accepts ACCOUNT, ORGANIZATION, EMAIL
|
2814
2971
|
# },
|
2815
2972
|
# notes: "HandshakeNotes",
|
2973
|
+
# tags: [
|
2974
|
+
# {
|
2975
|
+
# key: "TagKey", # required
|
2976
|
+
# value: "TagValue", # required
|
2977
|
+
# },
|
2978
|
+
# ],
|
2816
2979
|
# })
|
2817
2980
|
#
|
2818
2981
|
# @example Response structure
|
@@ -2860,9 +3023,8 @@ module Aws::Organizations
|
|
2860
3023
|
# using the AWS Organizations console, API, or CLI commands, the
|
2861
3024
|
# information required of standalone accounts is *not* automatically
|
2862
3025
|
# collected. For each account that you want to make standalone, you
|
2863
|
-
# must
|
2864
|
-
#
|
2865
|
-
# * Accept the end user license agreement (EULA)
|
3026
|
+
# must perform the following steps. If any of the steps are already
|
3027
|
+
# completed for this account, that step doesn't appear.
|
2866
3028
|
#
|
2867
3029
|
# * Choose a support plan
|
2868
3030
|
#
|
@@ -2881,6 +3043,10 @@ module Aws::Organizations
|
|
2881
3043
|
# Access to the Billing and Cost Management Console][2] in the *AWS
|
2882
3044
|
# Billing and Cost Management User Guide.*
|
2883
3045
|
#
|
3046
|
+
# * After the account leaves the organization, all tags that were
|
3047
|
+
# attached to the account object in the organization are deleted. AWS
|
3048
|
+
# accounts outside of an organization do not support tags.
|
3049
|
+
#
|
2884
3050
|
#
|
2885
3051
|
#
|
2886
3052
|
# [1]: http://docs.aws.amazon.com/organizations/latest/userguide/orgs_manage_accounts_remove.html#leave-without-all-info
|
@@ -3588,9 +3754,7 @@ module Aws::Organizations
|
|
3588
3754
|
#
|
3589
3755
|
# </note>
|
3590
3756
|
#
|
3591
|
-
# This operation can be called
|
3592
|
-
# account or by a member account that is a delegated administrator for
|
3593
|
-
# an AWS service.
|
3757
|
+
# This operation can be called from any account in the organization.
|
3594
3758
|
#
|
3595
3759
|
# @option params [Types::HandshakeFilter] :filter
|
3596
3760
|
# Filters the handshakes that you want included in the response. The
|
@@ -4497,16 +4661,37 @@ module Aws::Organizations
|
|
4497
4661
|
req.send_request(options)
|
4498
4662
|
end
|
4499
4663
|
|
4500
|
-
# Lists tags
|
4664
|
+
# Lists tags that are attached to the specified resource.
|
4665
|
+
#
|
4666
|
+
# You can attach tags to the following resources in AWS Organizations.
|
4667
|
+
#
|
4668
|
+
# * AWS account
|
4669
|
+
#
|
4670
|
+
# * Organization root
|
4501
4671
|
#
|
4502
|
-
#
|
4672
|
+
# * Organizational unit (OU)
|
4673
|
+
#
|
4674
|
+
# * Policy (any type)
|
4503
4675
|
#
|
4504
4676
|
# This operation can be called only from the organization's master
|
4505
4677
|
# account or by a member account that is a delegated administrator for
|
4506
4678
|
# an AWS service.
|
4507
4679
|
#
|
4508
4680
|
# @option params [required, String] :resource_id
|
4509
|
-
# The ID of the resource
|
4681
|
+
# The ID of the resource with the tags to list.
|
4682
|
+
#
|
4683
|
+
# You can specify any of the following taggable resources.
|
4684
|
+
#
|
4685
|
+
# * AWS account – specify the account ID number.
|
4686
|
+
#
|
4687
|
+
# * Organizational unit – specify the OU ID that begins with `ou-` and
|
4688
|
+
# looks similar to: `ou-1a2b-34uvwxyz `
|
4689
|
+
#
|
4690
|
+
# * Root – specify the root ID that begins with `r-` and looks similar
|
4691
|
+
# to: `r-1a2b `
|
4692
|
+
#
|
4693
|
+
# * Policy – specify the policy ID that begins with `p-` andlooks
|
4694
|
+
# similar to: `p-12abcdefg3 `
|
4510
4695
|
#
|
4511
4696
|
# @option params [String] :next_token
|
4512
4697
|
# The parameter for receiving additional results if you receive a
|
@@ -4798,21 +4983,25 @@ module Aws::Organizations
|
|
4798
4983
|
# account. Member accounts can remove themselves with LeaveOrganization
|
4799
4984
|
# instead.
|
4800
4985
|
#
|
4801
|
-
# You can remove an account from your organization only if the account
|
4802
|
-
#
|
4803
|
-
# account. When you create an account in an organization
|
4804
|
-
# Organizations console, API, or CLI commands, the
|
4805
|
-
# of standalone accounts is *not* automatically
|
4806
|
-
# account that you want to make standalone, you must
|
4807
|
-
#
|
4808
|
-
#
|
4809
|
-
#
|
4810
|
-
#
|
4811
|
-
#
|
4812
|
-
#
|
4813
|
-
#
|
4814
|
-
#
|
4815
|
-
#
|
4986
|
+
# * You can remove an account from your organization only if the account
|
4987
|
+
# is configured with the information required to operate as a
|
4988
|
+
# standalone account. When you create an account in an organization
|
4989
|
+
# using the AWS Organizations console, API, or CLI commands, the
|
4990
|
+
# information required of standalone accounts is *not* automatically
|
4991
|
+
# collected. For an account that you want to make standalone, you must
|
4992
|
+
# choose a support plan, provide and verify the required contact
|
4993
|
+
# information, and provide a current payment method. AWS uses the
|
4994
|
+
# payment method to charge for any billable (not free tier) AWS
|
4995
|
+
# activity that occurs while the account isn't attached to an
|
4996
|
+
# organization. To remove an account that doesn't yet have this
|
4997
|
+
# information, you must sign in as the member account and follow the
|
4998
|
+
# steps at [ To leave an organization when all required account
|
4999
|
+
# information has not yet been provided][1] in the *AWS Organizations
|
5000
|
+
# User Guide.*
|
5001
|
+
#
|
5002
|
+
# * After the account leaves the organization, all tags that were
|
5003
|
+
# attached to the account object in the organization are deleted. AWS
|
5004
|
+
# accounts outside of an organization do not support tags.
|
4816
5005
|
#
|
4817
5006
|
#
|
4818
5007
|
#
|
@@ -4857,7 +5046,16 @@ module Aws::Organizations
|
|
4857
5046
|
|
4858
5047
|
# Adds one or more tags to the specified resource.
|
4859
5048
|
#
|
4860
|
-
# Currently, you can
|
5049
|
+
# Currently, you can attach tags to the following resources in AWS
|
5050
|
+
# Organizations.
|
5051
|
+
#
|
5052
|
+
# * AWS account
|
5053
|
+
#
|
5054
|
+
# * Organization root
|
5055
|
+
#
|
5056
|
+
# * Organizational unit (OU)
|
5057
|
+
#
|
5058
|
+
# * Policy (any type)
|
4861
5059
|
#
|
4862
5060
|
# This operation can be called only from the organization's master
|
4863
5061
|
# account.
|
@@ -4866,9 +5064,30 @@ module Aws::Organizations
|
|
4866
5064
|
# The ID of the resource to add a tag to.
|
4867
5065
|
#
|
4868
5066
|
# @option params [required, Array<Types::Tag>] :tags
|
4869
|
-
#
|
4870
|
-
#
|
4871
|
-
#
|
5067
|
+
# A list of tags to add to the specified resource.
|
5068
|
+
#
|
5069
|
+
# You can specify any of the following taggable resources.
|
5070
|
+
#
|
5071
|
+
# * AWS account – specify the account ID number.
|
5072
|
+
#
|
5073
|
+
# * Organizational unit – specify the OU ID that begins with `ou-` and
|
5074
|
+
# looks similar to: `ou-1a2b-34uvwxyz `
|
5075
|
+
#
|
5076
|
+
# * Root – specify the root ID that begins with `r-` and looks similar
|
5077
|
+
# to: `r-1a2b `
|
5078
|
+
#
|
5079
|
+
# * Policy – specify the policy ID that begins with `p-` andlooks
|
5080
|
+
# similar to: `p-12abcdefg3 `
|
5081
|
+
#
|
5082
|
+
# For each tag in the list, you must specify both a tag key and a value.
|
5083
|
+
# You can set the value to an empty string, but you can't set it to
|
5084
|
+
# `null`.
|
5085
|
+
#
|
5086
|
+
# <note markdown="1"> If any one of the tags is invalid or if you exceed the allowed number
|
5087
|
+
# of tags for an account user, then the entire request fails and the
|
5088
|
+
# account is not created.
|
5089
|
+
#
|
5090
|
+
# </note>
|
4872
5091
|
#
|
4873
5092
|
# @return [Struct] Returns an empty {Seahorse::Client::Response response}.
|
4874
5093
|
#
|
@@ -4893,18 +5112,39 @@ module Aws::Organizations
|
|
4893
5112
|
req.send_request(options)
|
4894
5113
|
end
|
4895
5114
|
|
4896
|
-
# Removes
|
5115
|
+
# Removes any tags with the specified keys from the specified resource.
|
5116
|
+
#
|
5117
|
+
# You can attach tags to the following resources in AWS Organizations.
|
5118
|
+
#
|
5119
|
+
# * AWS account
|
4897
5120
|
#
|
4898
|
-
#
|
5121
|
+
# * Organization root
|
5122
|
+
#
|
5123
|
+
# * Organizational unit (OU)
|
5124
|
+
#
|
5125
|
+
# * Policy (any type)
|
4899
5126
|
#
|
4900
5127
|
# This operation can be called only from the organization's master
|
4901
5128
|
# account.
|
4902
5129
|
#
|
4903
5130
|
# @option params [required, String] :resource_id
|
4904
|
-
# The ID of the resource to remove
|
5131
|
+
# The ID of the resource to remove a tag from.
|
5132
|
+
#
|
5133
|
+
# You can specify any of the following taggable resources.
|
5134
|
+
#
|
5135
|
+
# * AWS account – specify the account ID number.
|
5136
|
+
#
|
5137
|
+
# * Organizational unit – specify the OU ID that begins with `ou-` and
|
5138
|
+
# looks similar to: `ou-1a2b-34uvwxyz `
|
5139
|
+
#
|
5140
|
+
# * Root – specify the root ID that begins with `r-` and looks similar
|
5141
|
+
# to: `r-1a2b `
|
5142
|
+
#
|
5143
|
+
# * Policy – specify the policy ID that begins with `p-` andlooks
|
5144
|
+
# similar to: `p-12abcdefg3 `
|
4905
5145
|
#
|
4906
5146
|
# @option params [required, Array<String>] :tag_keys
|
4907
|
-
# The
|
5147
|
+
# The list of keys for tags to remove from the specified resource.
|
4908
5148
|
#
|
4909
5149
|
# @return [Struct] Returns an empty {Seahorse::Client::Response response}.
|
4910
5150
|
#
|
@@ -5137,7 +5377,7 @@ module Aws::Organizations
|
|
5137
5377
|
params: params,
|
5138
5378
|
config: config)
|
5139
5379
|
context[:gem_name] = 'aws-sdk-organizations'
|
5140
|
-
context[:gem_version] = '1.
|
5380
|
+
context[:gem_version] = '1.52.0'
|
5141
5381
|
Seahorse::Client::Request.new(handlers, context)
|
5142
5382
|
end
|
5143
5383
|
|
@@ -312,6 +312,7 @@ module Aws::Organizations
|
|
312
312
|
CreateAccountRequest.add_member(:account_name, Shapes::ShapeRef.new(shape: AccountName, required: true, location_name: "AccountName"))
|
313
313
|
CreateAccountRequest.add_member(:role_name, Shapes::ShapeRef.new(shape: RoleName, location_name: "RoleName"))
|
314
314
|
CreateAccountRequest.add_member(:iam_user_access_to_billing, Shapes::ShapeRef.new(shape: IAMUserAccessToBilling, location_name: "IamUserAccessToBilling"))
|
315
|
+
CreateAccountRequest.add_member(:tags, Shapes::ShapeRef.new(shape: Tags, location_name: "Tags"))
|
315
316
|
CreateAccountRequest.struct_class = Types::CreateAccountRequest
|
316
317
|
|
317
318
|
CreateAccountResponse.add_member(:create_account_status, Shapes::ShapeRef.new(shape: CreateAccountStatus, location_name: "CreateAccountStatus"))
|
@@ -338,6 +339,7 @@ module Aws::Organizations
|
|
338
339
|
CreateGovCloudAccountRequest.add_member(:account_name, Shapes::ShapeRef.new(shape: AccountName, required: true, location_name: "AccountName"))
|
339
340
|
CreateGovCloudAccountRequest.add_member(:role_name, Shapes::ShapeRef.new(shape: RoleName, location_name: "RoleName"))
|
340
341
|
CreateGovCloudAccountRequest.add_member(:iam_user_access_to_billing, Shapes::ShapeRef.new(shape: IAMUserAccessToBilling, location_name: "IamUserAccessToBilling"))
|
342
|
+
CreateGovCloudAccountRequest.add_member(:tags, Shapes::ShapeRef.new(shape: Tags, location_name: "Tags"))
|
341
343
|
CreateGovCloudAccountRequest.struct_class = Types::CreateGovCloudAccountRequest
|
342
344
|
|
343
345
|
CreateGovCloudAccountResponse.add_member(:create_account_status, Shapes::ShapeRef.new(shape: CreateAccountStatus, location_name: "CreateAccountStatus"))
|
@@ -351,6 +353,7 @@ module Aws::Organizations
|
|
351
353
|
|
352
354
|
CreateOrganizationalUnitRequest.add_member(:parent_id, Shapes::ShapeRef.new(shape: ParentId, required: true, location_name: "ParentId"))
|
353
355
|
CreateOrganizationalUnitRequest.add_member(:name, Shapes::ShapeRef.new(shape: OrganizationalUnitName, required: true, location_name: "Name"))
|
356
|
+
CreateOrganizationalUnitRequest.add_member(:tags, Shapes::ShapeRef.new(shape: Tags, location_name: "Tags"))
|
354
357
|
CreateOrganizationalUnitRequest.struct_class = Types::CreateOrganizationalUnitRequest
|
355
358
|
|
356
359
|
CreateOrganizationalUnitResponse.add_member(:organizational_unit, Shapes::ShapeRef.new(shape: OrganizationalUnit, location_name: "OrganizationalUnit"))
|
@@ -360,6 +363,7 @@ module Aws::Organizations
|
|
360
363
|
CreatePolicyRequest.add_member(:description, Shapes::ShapeRef.new(shape: PolicyDescription, required: true, location_name: "Description"))
|
361
364
|
CreatePolicyRequest.add_member(:name, Shapes::ShapeRef.new(shape: PolicyName, required: true, location_name: "Name"))
|
362
365
|
CreatePolicyRequest.add_member(:type, Shapes::ShapeRef.new(shape: PolicyType, required: true, location_name: "Type"))
|
366
|
+
CreatePolicyRequest.add_member(:tags, Shapes::ShapeRef.new(shape: Tags, location_name: "Tags"))
|
363
367
|
CreatePolicyRequest.struct_class = Types::CreatePolicyRequest
|
364
368
|
|
365
369
|
CreatePolicyResponse.add_member(:policy, Shapes::ShapeRef.new(shape: Policy, location_name: "Policy"))
|
@@ -552,6 +556,7 @@ module Aws::Organizations
|
|
552
556
|
|
553
557
|
InviteAccountToOrganizationRequest.add_member(:target, Shapes::ShapeRef.new(shape: HandshakeParty, required: true, location_name: "Target"))
|
554
558
|
InviteAccountToOrganizationRequest.add_member(:notes, Shapes::ShapeRef.new(shape: HandshakeNotes, location_name: "Notes"))
|
559
|
+
InviteAccountToOrganizationRequest.add_member(:tags, Shapes::ShapeRef.new(shape: Tags, location_name: "Tags"))
|
555
560
|
InviteAccountToOrganizationRequest.struct_class = Types::InviteAccountToOrganizationRequest
|
556
561
|
|
557
562
|
InviteAccountToOrganizationResponse.add_member(:handshake, Shapes::ShapeRef.new(shape: Handshake, location_name: "Handshake"))
|
@@ -1322,6 +1327,7 @@ module Aws::Organizations
|
|
1322
1327
|
o.errors << Shapes::ShapeRef.new(shape: ConcurrentModificationException)
|
1323
1328
|
o.errors << Shapes::ShapeRef.new(shape: HandshakeConstraintViolationException)
|
1324
1329
|
o.errors << Shapes::ShapeRef.new(shape: DuplicateHandshakeException)
|
1330
|
+
o.errors << Shapes::ShapeRef.new(shape: ConstraintViolationException)
|
1325
1331
|
o.errors << Shapes::ShapeRef.new(shape: InvalidInputException)
|
1326
1332
|
o.errors << Shapes::ShapeRef.new(shape: FinalizingOrganizationException)
|
1327
1333
|
o.errors << Shapes::ShapeRef.new(shape: ServiceException)
|
@@ -597,6 +597,12 @@ module Aws::Organizations
|
|
597
597
|
# account_name: "AccountName", # required
|
598
598
|
# role_name: "RoleName",
|
599
599
|
# iam_user_access_to_billing: "ALLOW", # accepts ALLOW, DENY
|
600
|
+
# tags: [
|
601
|
+
# {
|
602
|
+
# key: "TagKey", # required
|
603
|
+
# value: "TagValue", # required
|
604
|
+
# },
|
605
|
+
# ],
|
600
606
|
# }
|
601
607
|
#
|
602
608
|
# @!attribute [rw] email
|
@@ -660,13 +666,32 @@ module Aws::Organizations
|
|
660
666
|
# [1]: https://docs.aws.amazon.com/awsaccountbilling/latest/aboutv2/grantaccess.html#ControllingAccessWebsite-Activate
|
661
667
|
# @return [String]
|
662
668
|
#
|
669
|
+
# @!attribute [rw] tags
|
670
|
+
# A list of tags that you want to attach to the newly created account.
|
671
|
+
# For each tag in the list, you must specify both a tag key and a
|
672
|
+
# value. You can set the value to an empty string, but you can't set
|
673
|
+
# it to `null`. For more information about tagging, see [Tagging AWS
|
674
|
+
# Organizations resources][1] in the AWS Organizations User Guide.
|
675
|
+
#
|
676
|
+
# <note markdown="1"> If any one of the tags is invalid or if you exceed the allowed
|
677
|
+
# number of tags for an account, then the entire request fails and the
|
678
|
+
# account is not created.
|
679
|
+
#
|
680
|
+
# </note>
|
681
|
+
#
|
682
|
+
#
|
683
|
+
#
|
684
|
+
# [1]: https://docs.aws.amazon.com/organizations/latest/userguide/orgs_tagging.html
|
685
|
+
# @return [Array<Types::Tag>]
|
686
|
+
#
|
663
687
|
# @see http://docs.aws.amazon.com/goto/WebAPI/organizations-2016-11-28/CreateAccountRequest AWS API Documentation
|
664
688
|
#
|
665
689
|
class CreateAccountRequest < Struct.new(
|
666
690
|
:email,
|
667
691
|
:account_name,
|
668
692
|
:role_name,
|
669
|
-
:iam_user_access_to_billing
|
693
|
+
:iam_user_access_to_billing,
|
694
|
+
:tags)
|
670
695
|
SENSITIVE = [:email, :account_name]
|
671
696
|
include Aws::Structure
|
672
697
|
end
|
@@ -819,6 +844,12 @@ module Aws::Organizations
|
|
819
844
|
# account_name: "AccountName", # required
|
820
845
|
# role_name: "RoleName",
|
821
846
|
# iam_user_access_to_billing: "ALLOW", # accepts ALLOW, DENY
|
847
|
+
# tags: [
|
848
|
+
# {
|
849
|
+
# key: "TagKey", # required
|
850
|
+
# value: "TagValue", # required
|
851
|
+
# },
|
852
|
+
# ],
|
822
853
|
# }
|
823
854
|
#
|
824
855
|
# @!attribute [rw] email
|
@@ -885,13 +916,37 @@ module Aws::Organizations
|
|
885
916
|
# [1]: https://docs.aws.amazon.com/awsaccountbilling/latest/aboutv2/grantaccess.html#ControllingAccessWebsite-Activate
|
886
917
|
# @return [String]
|
887
918
|
#
|
919
|
+
# @!attribute [rw] tags
|
920
|
+
# A list of tags that you want to attach to the newly created account.
|
921
|
+
# These tags are attached to the commercial account associated with
|
922
|
+
# the GovCloud account, and not to the GovCloud account itself. To add
|
923
|
+
# tags to the actual GovCloud account, call the TagResource operation
|
924
|
+
# in the GovCloud region after the new GovCloud account exists.
|
925
|
+
#
|
926
|
+
# For each tag in the list, you must specify both a tag key and a
|
927
|
+
# value. You can set the value to an empty string, but you can't set
|
928
|
+
# it to `null`. For more information about tagging, see [Tagging AWS
|
929
|
+
# Organizations resources][1] in the AWS Organizations User Guide.
|
930
|
+
#
|
931
|
+
# <note markdown="1"> If any one of the tags is invalid or if you exceed the allowed
|
932
|
+
# number of tags for an account, then the entire request fails and the
|
933
|
+
# account is not created.
|
934
|
+
#
|
935
|
+
# </note>
|
936
|
+
#
|
937
|
+
#
|
938
|
+
#
|
939
|
+
# [1]: https://docs.aws.amazon.com/organizations/latest/userguide/orgs_tagging.html
|
940
|
+
# @return [Array<Types::Tag>]
|
941
|
+
#
|
888
942
|
# @see http://docs.aws.amazon.com/goto/WebAPI/organizations-2016-11-28/CreateGovCloudAccountRequest AWS API Documentation
|
889
943
|
#
|
890
944
|
class CreateGovCloudAccountRequest < Struct.new(
|
891
945
|
:email,
|
892
946
|
:account_name,
|
893
947
|
:role_name,
|
894
|
-
:iam_user_access_to_billing
|
948
|
+
:iam_user_access_to_billing,
|
949
|
+
:tags)
|
895
950
|
SENSITIVE = [:email, :account_name]
|
896
951
|
include Aws::Structure
|
897
952
|
end
|
@@ -968,6 +1023,12 @@ module Aws::Organizations
|
|
968
1023
|
# {
|
969
1024
|
# parent_id: "ParentId", # required
|
970
1025
|
# name: "OrganizationalUnitName", # required
|
1026
|
+
# tags: [
|
1027
|
+
# {
|
1028
|
+
# key: "TagKey", # required
|
1029
|
+
# value: "TagValue", # required
|
1030
|
+
# },
|
1031
|
+
# ],
|
971
1032
|
# }
|
972
1033
|
#
|
973
1034
|
# @!attribute [rw] parent_id
|
@@ -995,11 +1056,30 @@ module Aws::Organizations
|
|
995
1056
|
# The friendly name to assign to the new OU.
|
996
1057
|
# @return [String]
|
997
1058
|
#
|
1059
|
+
# @!attribute [rw] tags
|
1060
|
+
# A list of tags that you want to attach to the newly created OU. For
|
1061
|
+
# each tag in the list, you must specify both a tag key and a value.
|
1062
|
+
# You can set the value to an empty string, but you can't set it to
|
1063
|
+
# `null`. For more information about tagging, see [Tagging AWS
|
1064
|
+
# Organizations resources][1] in the AWS Organizations User Guide.
|
1065
|
+
#
|
1066
|
+
# <note markdown="1"> If any one of the tags is invalid or if you exceed the allowed
|
1067
|
+
# number of tags for an OU, then the entire request fails and the OU
|
1068
|
+
# is not created.
|
1069
|
+
#
|
1070
|
+
# </note>
|
1071
|
+
#
|
1072
|
+
#
|
1073
|
+
#
|
1074
|
+
# [1]: https://docs.aws.amazon.com/organizations/latest/userguide/orgs_tagging.html
|
1075
|
+
# @return [Array<Types::Tag>]
|
1076
|
+
#
|
998
1077
|
# @see http://docs.aws.amazon.com/goto/WebAPI/organizations-2016-11-28/CreateOrganizationalUnitRequest AWS API Documentation
|
999
1078
|
#
|
1000
1079
|
class CreateOrganizationalUnitRequest < Struct.new(
|
1001
1080
|
:parent_id,
|
1002
|
-
:name
|
1081
|
+
:name,
|
1082
|
+
:tags)
|
1003
1083
|
SENSITIVE = []
|
1004
1084
|
include Aws::Structure
|
1005
1085
|
end
|
@@ -1024,6 +1104,12 @@ module Aws::Organizations
|
|
1024
1104
|
# description: "PolicyDescription", # required
|
1025
1105
|
# name: "PolicyName", # required
|
1026
1106
|
# type: "SERVICE_CONTROL_POLICY", # required, accepts SERVICE_CONTROL_POLICY, TAG_POLICY, BACKUP_POLICY, AISERVICES_OPT_OUT_POLICY
|
1107
|
+
# tags: [
|
1108
|
+
# {
|
1109
|
+
# key: "TagKey", # required
|
1110
|
+
# value: "TagValue", # required
|
1111
|
+
# },
|
1112
|
+
# ],
|
1027
1113
|
# }
|
1028
1114
|
#
|
1029
1115
|
# @!attribute [rw] content
|
@@ -1067,13 +1153,32 @@ module Aws::Organizations
|
|
1067
1153
|
# [4]: http://docs.aws.amazon.com/organizations/latest/userguide/orgs_manage_policies_tag-policies.html
|
1068
1154
|
# @return [String]
|
1069
1155
|
#
|
1156
|
+
# @!attribute [rw] tags
|
1157
|
+
# A list of tags that you want to attach to the newly created policy.
|
1158
|
+
# For each tag in the list, you must specify both a tag key and a
|
1159
|
+
# value. You can set the value to an empty string, but you can't set
|
1160
|
+
# it to `null`. For more information about tagging, see [Tagging AWS
|
1161
|
+
# Organizations resources][1] in the AWS Organizations User Guide.
|
1162
|
+
#
|
1163
|
+
# <note markdown="1"> If any one of the tags is invalid or if you exceed the allowed
|
1164
|
+
# number of tags for a policy, then the entire request fails and the
|
1165
|
+
# policy is not created.
|
1166
|
+
#
|
1167
|
+
# </note>
|
1168
|
+
#
|
1169
|
+
#
|
1170
|
+
#
|
1171
|
+
# [1]: https://docs.aws.amazon.com/organizations/latest/userguide/orgs_tagging.html
|
1172
|
+
# @return [Array<Types::Tag>]
|
1173
|
+
#
|
1070
1174
|
# @see http://docs.aws.amazon.com/goto/WebAPI/organizations-2016-11-28/CreatePolicyRequest AWS API Documentation
|
1071
1175
|
#
|
1072
1176
|
class CreatePolicyRequest < Struct.new(
|
1073
1177
|
:content,
|
1074
1178
|
:description,
|
1075
1179
|
:name,
|
1076
|
-
:type
|
1180
|
+
:type,
|
1181
|
+
:tags)
|
1077
1182
|
SENSITIVE = []
|
1078
1183
|
include Aws::Structure
|
1079
1184
|
end
|
@@ -2348,6 +2453,9 @@ module Aws::Organizations
|
|
2348
2453
|
#
|
2349
2454
|
# </note>
|
2350
2455
|
#
|
2456
|
+
# * DUPLICATE\_TAG\_KEY: Tag keys must be unique among the tags attached
|
2457
|
+
# to the same entity.
|
2458
|
+
#
|
2351
2459
|
# * IMMUTABLE\_POLICY: You specified a policy that is managed by AWS and
|
2352
2460
|
# can't be modified.
|
2353
2461
|
#
|
@@ -2356,6 +2464,9 @@ module Aws::Organizations
|
|
2356
2464
|
#
|
2357
2465
|
# * INVALID\_ENUM: You specified an invalid value.
|
2358
2466
|
#
|
2467
|
+
# * INVALID\_ENUM\_POLICY\_TYPE: You specified an invalid policy type
|
2468
|
+
# string.
|
2469
|
+
#
|
2359
2470
|
# * INVALID\_FULL\_NAME\_TARGET: You specified a full name that contains
|
2360
2471
|
# invalid characters.
|
2361
2472
|
#
|
@@ -2405,6 +2516,12 @@ module Aws::Organizations
|
|
2405
2516
|
# * MOVING\_ACCOUNT\_BETWEEN\_DIFFERENT\_ROOTS: You can move an account
|
2406
2517
|
# only between entities in the same root.
|
2407
2518
|
#
|
2519
|
+
# * TARGET\_NOT\_SUPPORTED: You can't perform the specified operation
|
2520
|
+
# on that target entity.
|
2521
|
+
#
|
2522
|
+
# * UNRECOGNIZED\_SERVICE\_PRINCIPAL: You specified a service principal
|
2523
|
+
# that isn't recognized.
|
2524
|
+
#
|
2408
2525
|
# @!attribute [rw] message
|
2409
2526
|
# @return [String]
|
2410
2527
|
#
|
@@ -2429,6 +2546,12 @@ module Aws::Organizations
|
|
2429
2546
|
# type: "ACCOUNT", # required, accepts ACCOUNT, ORGANIZATION, EMAIL
|
2430
2547
|
# },
|
2431
2548
|
# notes: "HandshakeNotes",
|
2549
|
+
# tags: [
|
2550
|
+
# {
|
2551
|
+
# key: "TagKey", # required
|
2552
|
+
# value: "TagValue", # required
|
2553
|
+
# },
|
2554
|
+
# ],
|
2432
2555
|
# }
|
2433
2556
|
#
|
2434
2557
|
# @!attribute [rw] target
|
@@ -2455,11 +2578,40 @@ module Aws::Organizations
|
|
2455
2578
|
# email to the recipient account owner.
|
2456
2579
|
# @return [String]
|
2457
2580
|
#
|
2581
|
+
# @!attribute [rw] tags
|
2582
|
+
# A list of tags that you want to attach to the account when it
|
2583
|
+
# becomes a member of the organization. For each tag in the list, you
|
2584
|
+
# must specify both a tag key and a value. You can set the value to an
|
2585
|
+
# empty string, but you can't set it to `null`. For more information
|
2586
|
+
# about tagging, see [Tagging AWS Organizations resources][1] in the
|
2587
|
+
# AWS Organizations User Guide.
|
2588
|
+
#
|
2589
|
+
# Any tags in the request are checked for compliance with any
|
2590
|
+
# applicable tag policies when the request is made. The request is
|
2591
|
+
# rejected if the tags in the request don't match the requirements of
|
2592
|
+
# the policy at that time. Tag policy compliance is <i> <b>not</b>
|
2593
|
+
# </i> checked again when the invitation is accepted and the tags are
|
2594
|
+
# actually attached to the account. That means that if the tag policy
|
2595
|
+
# changes between the invitation and the acceptance, then that tags
|
2596
|
+
# could potentially be non-compliant.
|
2597
|
+
#
|
2598
|
+
# <note markdown="1"> If any one of the tags is invalid or if you exceed the allowed
|
2599
|
+
# number of tags for an account, then the entire request fails and
|
2600
|
+
# invitations are not sent.
|
2601
|
+
#
|
2602
|
+
# </note>
|
2603
|
+
#
|
2604
|
+
#
|
2605
|
+
#
|
2606
|
+
# [1]: https://docs.aws.amazon.com/organizations/latest/userguide/orgs_tagging.html
|
2607
|
+
# @return [Array<Types::Tag>]
|
2608
|
+
#
|
2458
2609
|
# @see http://docs.aws.amazon.com/goto/WebAPI/organizations-2016-11-28/InviteAccountToOrganizationRequest AWS API Documentation
|
2459
2610
|
#
|
2460
2611
|
class InviteAccountToOrganizationRequest < Struct.new(
|
2461
2612
|
:target,
|
2462
|
-
:notes
|
2613
|
+
:notes,
|
2614
|
+
:tags)
|
2463
2615
|
SENSITIVE = [:notes]
|
2464
2616
|
include Aws::Structure
|
2465
2617
|
end
|
@@ -3528,7 +3680,20 @@ module Aws::Organizations
|
|
3528
3680
|
# }
|
3529
3681
|
#
|
3530
3682
|
# @!attribute [rw] resource_id
|
3531
|
-
# The ID of the resource
|
3683
|
+
# The ID of the resource with the tags to list.
|
3684
|
+
#
|
3685
|
+
# You can specify any of the following taggable resources.
|
3686
|
+
#
|
3687
|
+
# * AWS account – specify the account ID number.
|
3688
|
+
#
|
3689
|
+
# * Organizational unit – specify the OU ID that begins with `ou-` and
|
3690
|
+
# looks similar to: `ou-1a2b-34uvwxyz `
|
3691
|
+
#
|
3692
|
+
# * Root – specify the root ID that begins with `r-` and looks similar
|
3693
|
+
# to: `r-1a2b `
|
3694
|
+
#
|
3695
|
+
# * Policy – specify the policy ID that begins with `p-` andlooks
|
3696
|
+
# similar to: `p-12abcdefg3 `
|
3532
3697
|
# @return [String]
|
3533
3698
|
#
|
3534
3699
|
# @!attribute [rw] next_token
|
@@ -4428,8 +4593,18 @@ module Aws::Organizations
|
|
4428
4593
|
include Aws::Structure
|
4429
4594
|
end
|
4430
4595
|
|
4431
|
-
# A custom key-value pair associated with a resource
|
4432
|
-
#
|
4596
|
+
# A custom key-value pair associated with a resource within your
|
4597
|
+
# organization.
|
4598
|
+
#
|
4599
|
+
# You can attach tags to any of the following organization resources.
|
4600
|
+
#
|
4601
|
+
# * AWS account
|
4602
|
+
#
|
4603
|
+
# * Organizational unit (OU)
|
4604
|
+
#
|
4605
|
+
# * Organization root
|
4606
|
+
#
|
4607
|
+
# * Policy
|
4433
4608
|
#
|
4434
4609
|
# @note When making an API call, you may pass Tag
|
4435
4610
|
# data as a hash:
|
@@ -4476,9 +4651,30 @@ module Aws::Organizations
|
|
4476
4651
|
# @return [String]
|
4477
4652
|
#
|
4478
4653
|
# @!attribute [rw] tags
|
4479
|
-
#
|
4480
|
-
#
|
4481
|
-
#
|
4654
|
+
# A list of tags to add to the specified resource.
|
4655
|
+
#
|
4656
|
+
# You can specify any of the following taggable resources.
|
4657
|
+
#
|
4658
|
+
# * AWS account – specify the account ID number.
|
4659
|
+
#
|
4660
|
+
# * Organizational unit – specify the OU ID that begins with `ou-` and
|
4661
|
+
# looks similar to: `ou-1a2b-34uvwxyz `
|
4662
|
+
#
|
4663
|
+
# * Root – specify the root ID that begins with `r-` and looks similar
|
4664
|
+
# to: `r-1a2b `
|
4665
|
+
#
|
4666
|
+
# * Policy – specify the policy ID that begins with `p-` andlooks
|
4667
|
+
# similar to: `p-12abcdefg3 `
|
4668
|
+
#
|
4669
|
+
# For each tag in the list, you must specify both a tag key and a
|
4670
|
+
# value. You can set the value to an empty string, but you can't set
|
4671
|
+
# it to `null`.
|
4672
|
+
#
|
4673
|
+
# <note markdown="1"> If any one of the tags is invalid or if you exceed the allowed
|
4674
|
+
# number of tags for an account user, then the entire request fails
|
4675
|
+
# and the account is not created.
|
4676
|
+
#
|
4677
|
+
# </note>
|
4482
4678
|
# @return [Array<Types::Tag>]
|
4483
4679
|
#
|
4484
4680
|
# @see http://docs.aws.amazon.com/goto/WebAPI/organizations-2016-11-28/TagResourceRequest AWS API Documentation
|
@@ -4490,8 +4686,8 @@ module Aws::Organizations
|
|
4490
4686
|
include Aws::Structure
|
4491
4687
|
end
|
4492
4688
|
|
4493
|
-
# We can't find a root, OU, or
|
4494
|
-
# specified.
|
4689
|
+
# We can't find a root, OU, account, or policy with the `TargetId` that
|
4690
|
+
# you specified.
|
4495
4691
|
#
|
4496
4692
|
# @!attribute [rw] message
|
4497
4693
|
# @return [String]
|
@@ -4553,11 +4749,24 @@ module Aws::Organizations
|
|
4553
4749
|
# }
|
4554
4750
|
#
|
4555
4751
|
# @!attribute [rw] resource_id
|
4556
|
-
# The ID of the resource to remove
|
4752
|
+
# The ID of the resource to remove a tag from.
|
4753
|
+
#
|
4754
|
+
# You can specify any of the following taggable resources.
|
4755
|
+
#
|
4756
|
+
# * AWS account – specify the account ID number.
|
4757
|
+
#
|
4758
|
+
# * Organizational unit – specify the OU ID that begins with `ou-` and
|
4759
|
+
# looks similar to: `ou-1a2b-34uvwxyz `
|
4760
|
+
#
|
4761
|
+
# * Root – specify the root ID that begins with `r-` and looks similar
|
4762
|
+
# to: `r-1a2b `
|
4763
|
+
#
|
4764
|
+
# * Policy – specify the policy ID that begins with `p-` andlooks
|
4765
|
+
# similar to: `p-12abcdefg3 `
|
4557
4766
|
# @return [String]
|
4558
4767
|
#
|
4559
4768
|
# @!attribute [rw] tag_keys
|
4560
|
-
# The
|
4769
|
+
# The list of keys for tags to remove from the specified resource.
|
4561
4770
|
# @return [Array<String>]
|
4562
4771
|
#
|
4563
4772
|
# @see http://docs.aws.amazon.com/goto/WebAPI/organizations-2016-11-28/UntagResourceRequest AWS API Documentation
|
metadata
CHANGED
@@ -1,14 +1,14 @@
|
|
1
1
|
--- !ruby/object:Gem::Specification
|
2
2
|
name: aws-sdk-organizations
|
3
3
|
version: !ruby/object:Gem::Version
|
4
|
-
version: 1.
|
4
|
+
version: 1.52.0
|
5
5
|
platform: ruby
|
6
6
|
authors:
|
7
7
|
- Amazon Web Services
|
8
8
|
autorequire:
|
9
9
|
bindir: bin
|
10
10
|
cert_chain: []
|
11
|
-
date: 2020-
|
11
|
+
date: 2020-09-30 00:00:00.000000000 Z
|
12
12
|
dependencies:
|
13
13
|
- !ruby/object:Gem::Dependency
|
14
14
|
name: aws-sdk-core
|
@@ -19,7 +19,7 @@ dependencies:
|
|
19
19
|
version: '3'
|
20
20
|
- - ">="
|
21
21
|
- !ruby/object:Gem::Version
|
22
|
-
version: 3.
|
22
|
+
version: 3.109.0
|
23
23
|
type: :runtime
|
24
24
|
prerelease: false
|
25
25
|
version_requirements: !ruby/object:Gem::Requirement
|
@@ -29,7 +29,7 @@ dependencies:
|
|
29
29
|
version: '3'
|
30
30
|
- - ">="
|
31
31
|
- !ruby/object:Gem::Version
|
32
|
-
version: 3.
|
32
|
+
version: 3.109.0
|
33
33
|
- !ruby/object:Gem::Dependency
|
34
34
|
name: aws-sigv4
|
35
35
|
requirement: !ruby/object:Gem::Requirement
|