aws-sdk-organizations 1.51.0 → 1.56.0
Sign up to get free protection for your applications and to get access to all the features.
- checksums.yaml +4 -4
- data/lib/aws-sdk-organizations.rb +1 -1
- data/lib/aws-sdk-organizations/client.rb +188 -141
- data/lib/aws-sdk-organizations/types.rb +134 -129
- metadata +4 -4
@@ -121,12 +121,12 @@ module Aws::Organizations
|
|
121
121
|
# The Amazon Resource Name (ARN) of the account.
|
122
122
|
#
|
123
123
|
# For more information about ARNs in Organizations, see [ARN Formats
|
124
|
-
# Supported by Organizations][1] in the *AWS
|
125
|
-
#
|
124
|
+
# Supported by Organizations][1] in the *AWS Service Authorization
|
125
|
+
# Reference*.
|
126
126
|
#
|
127
127
|
#
|
128
128
|
#
|
129
|
-
# [1]: https://docs.aws.amazon.com/
|
129
|
+
# [1]: https://docs.aws.amazon.com/service-authorization/latest/reference/list_awsorganizations.html#awsorganizations-resources-for-iam-policies
|
130
130
|
# @return [String]
|
131
131
|
#
|
132
132
|
# @!attribute [rw] email
|
@@ -221,7 +221,7 @@ module Aws::Organizations
|
|
221
221
|
end
|
222
222
|
|
223
223
|
# You can't invite an existing account to your organization until you
|
224
|
-
# verify that you own the email address associated with the
|
224
|
+
# verify that you own the email address associated with the management
|
225
225
|
# account. For more information, see [Email Address Verification][1] in
|
226
226
|
# the *AWS Organizations User Guide.*
|
227
227
|
#
|
@@ -358,13 +358,13 @@ module Aws::Organizations
|
|
358
358
|
# The [regex pattern][1] for a child ID string requires one of the
|
359
359
|
# following:
|
360
360
|
#
|
361
|
-
# * Account
|
361
|
+
# * **Account** - A string that consists of exactly 12 digits.
|
362
362
|
#
|
363
|
-
# * Organizational unit (OU)
|
364
|
-
# followed by from 4 to 32
|
363
|
+
# * **Organizational unit (OU)** - A string that begins with "ou-"
|
364
|
+
# followed by from 4 to 32 lowercase letters or digits (the ID of
|
365
365
|
# the root that contains the OU). This string is followed by a
|
366
|
-
# second "-" dash and from 8 to 32 additional
|
367
|
-
#
|
366
|
+
# second "-" dash and from 8 to 32 additional lowercase letters or
|
367
|
+
# digits.
|
368
368
|
#
|
369
369
|
#
|
370
370
|
#
|
@@ -425,9 +425,9 @@ module Aws::Organizations
|
|
425
425
|
# </note>
|
426
426
|
#
|
427
427
|
# * ACCOUNT\_CANNOT\_LEAVE\_ORGANIZAION: You attempted to remove the
|
428
|
-
#
|
429
|
-
# account. Instead, after you remove all member accounts,
|
430
|
-
# organization itself.
|
428
|
+
# management account from the organization. You can't remove the
|
429
|
+
# management account. Instead, after you remove all member accounts,
|
430
|
+
# delete the organization itself.
|
431
431
|
#
|
432
432
|
# * ACCOUNT\_CANNOT\_LEAVE\_WITHOUT\_EULA: You attempted to remove an
|
433
433
|
# account from the organization that doesn't yet have enough
|
@@ -466,8 +466,8 @@ module Aws::Organizations
|
|
466
466
|
# Support][2].
|
467
467
|
#
|
468
468
|
# * CANNOT\_REGISTER\_MASTER\_AS\_DELEGATED\_ADMINISTRATOR: You
|
469
|
-
# attempted to register the
|
470
|
-
# delegated administrator for an AWS service integrated with
|
469
|
+
# attempted to register the management account of the organization as
|
470
|
+
# a delegated administrator for an AWS service integrated with
|
471
471
|
# Organizations. You can designate only a member account as a
|
472
472
|
# delegated administrator.
|
473
473
|
#
|
@@ -496,11 +496,11 @@ module Aws::Organizations
|
|
496
496
|
#
|
497
497
|
# * MASTER\_ACCOUNT\_ADDRESS\_DOES\_NOT\_MATCH\_MARKETPLACE: To create
|
498
498
|
# an account in this organization, you first must migrate the
|
499
|
-
# organization's
|
500
|
-
# to the
|
501
|
-
# addresses must be associated with the AISPL
|
502
|
-
# accounts in an organization must be associated with
|
503
|
-
# marketplace.
|
499
|
+
# organization's management account to the marketplace that
|
500
|
+
# corresponds to the management account's address. For example,
|
501
|
+
# accounts with India addresses must be associated with the AISPL
|
502
|
+
# marketplace. All accounts in an organization must be associated with
|
503
|
+
# the same marketplace.
|
504
504
|
#
|
505
505
|
# * MASTER\_ACCOUNT\_MISSING\_BUSINESS\_LICENSE: Applies only to the AWS
|
506
506
|
# Regions in China. To create an organization, the master must have an
|
@@ -509,16 +509,16 @@ module Aws::Organizations
|
|
509
509
|
#
|
510
510
|
# * MASTER\_ACCOUNT\_MISSING\_CONTACT\_INFO: To complete this operation,
|
511
511
|
# you must first provide a valid contact address and phone number for
|
512
|
-
# the
|
512
|
+
# the management account. Then try the operation again.
|
513
513
|
#
|
514
514
|
# * MASTER\_ACCOUNT\_NOT\_GOVCLOUD\_ENABLED: To complete this operation,
|
515
|
-
# the
|
515
|
+
# the management account must have an associated account in the AWS
|
516
516
|
# GovCloud (US-West) Region. For more information, see [AWS
|
517
517
|
# Organizations][3] in the *AWS GovCloud User Guide.*
|
518
518
|
#
|
519
519
|
# * MASTER\_ACCOUNT\_PAYMENT\_INSTRUMENT\_REQUIRED: To create an
|
520
|
-
# organization with this
|
521
|
-
# valid payment instrument, such as a credit card, with the account.
|
520
|
+
# organization with this management account, you first must associate
|
521
|
+
# a valid payment instrument, such as a credit card, with the account.
|
522
522
|
# Follow the steps at [To leave an organization when all required
|
523
523
|
# account information has not yet been provided][4] in the *AWS
|
524
524
|
# Organizations User Guide.*
|
@@ -621,10 +621,11 @@ module Aws::Organizations
|
|
621
621
|
# (Optional)
|
622
622
|
#
|
623
623
|
# The name of an IAM role that AWS Organizations automatically
|
624
|
-
# preconfigures in the new member account. This role trusts the
|
625
|
-
# account, allowing users in the
|
626
|
-
# permitted by the
|
627
|
-
# administrator permissions in the new
|
624
|
+
# preconfigures in the new member account. This role trusts the
|
625
|
+
# management account, allowing users in the management account to
|
626
|
+
# assume the role, as permitted by the management account
|
627
|
+
# administrator. The role has administrator permissions in the new
|
628
|
+
# member account.
|
628
629
|
#
|
629
630
|
# If you don't specify this parameter, the role name defaults to
|
630
631
|
# `OrganizationAccountAccessRole`.
|
@@ -730,7 +731,7 @@ module Aws::Organizations
|
|
730
731
|
# create the account.
|
731
732
|
#
|
732
733
|
# The [regex pattern][1] for a create account request ID string
|
733
|
-
# requires "car-" followed by from 8 to 32
|
734
|
+
# requires "car-" followed by from 8 to 32 lowercase letters or
|
734
735
|
# digits.
|
735
736
|
#
|
736
737
|
#
|
@@ -803,7 +804,7 @@ module Aws::Organizations
|
|
803
804
|
# * MISSING\_BUSINESS\_VALIDATION: The AWS account that owns your
|
804
805
|
# organization has not received Business Validation.
|
805
806
|
#
|
806
|
-
# * MISSING\_PAYMENT\_INSTRUMENT: You must configure the
|
807
|
+
# * MISSING\_PAYMENT\_INSTRUMENT: You must configure the management
|
807
808
|
# account with a valid payment method, such as a credit card.
|
808
809
|
# @return [String]
|
809
810
|
#
|
@@ -874,9 +875,10 @@ module Aws::Organizations
|
|
874
875
|
# The name of an IAM role that AWS Organizations automatically
|
875
876
|
# preconfigures in the new member accounts in both the AWS GovCloud
|
876
877
|
# (US) Region and in the commercial Region. This role trusts the
|
877
|
-
#
|
878
|
-
# role, as permitted by the
|
879
|
-
# administrator permissions in the new
|
878
|
+
# management account, allowing users in the management account to
|
879
|
+
# assume the role, as permitted by the management account
|
880
|
+
# administrator. The role has administrator permissions in the new
|
881
|
+
# member account.
|
880
882
|
#
|
881
883
|
# If you don't specify this parameter, the role name defaults to
|
882
884
|
# `OrganizationAccountAccessRole`.
|
@@ -977,7 +979,7 @@ module Aws::Organizations
|
|
977
979
|
# feature set supports different levels of functionality.
|
978
980
|
#
|
979
981
|
# * `CONSOLIDATED_BILLING`\: All member accounts have their bills
|
980
|
-
# consolidated to and paid by the
|
982
|
+
# consolidated to and paid by the management account. For more
|
981
983
|
# information, see [Consolidated billing][1] in the *AWS
|
982
984
|
# Organizations User Guide.*
|
983
985
|
#
|
@@ -985,7 +987,7 @@ module Aws::Organizations
|
|
985
987
|
# organizations in the AWS GovCloud (US) Region.
|
986
988
|
#
|
987
989
|
# * `ALL`\: In addition to all the features supported by the
|
988
|
-
# consolidated billing feature set, the
|
990
|
+
# consolidated billing feature set, the management account can also
|
989
991
|
# apply any policy type to any member account in the organization.
|
990
992
|
# For more information, see [All features][2] in the *AWS
|
991
993
|
# Organizations User Guide.*
|
@@ -1147,10 +1149,10 @@ module Aws::Organizations
|
|
1147
1149
|
#
|
1148
1150
|
#
|
1149
1151
|
#
|
1150
|
-
# [1]:
|
1151
|
-
# [2]:
|
1152
|
-
# [3]:
|
1153
|
-
# [4]:
|
1152
|
+
# [1]: https://docs.aws.amazon.com/organizations/latest/userguide/orgs_manage_policies_ai-opt-out.html
|
1153
|
+
# [2]: https://docs.aws.amazon.com/organizations/latest/userguide/orgs_manage_policies_backup.html
|
1154
|
+
# [3]: https://docs.aws.amazon.com/organizations/latest/userguide/orgs_manage_policies_scp.html
|
1155
|
+
# [4]: https://docs.aws.amazon.com/organizations/latest/userguide/orgs_manage_policies_tag-policies.html
|
1154
1156
|
# @return [String]
|
1155
1157
|
#
|
1156
1158
|
# @!attribute [rw] tags
|
@@ -1455,8 +1457,9 @@ module Aws::Organizations
|
|
1455
1457
|
# }
|
1456
1458
|
#
|
1457
1459
|
# @!attribute [rw] create_account_request_id
|
1458
|
-
# Specifies the `
|
1459
|
-
# You can get the
|
1460
|
+
# Specifies the `Id` value that uniquely identifies the
|
1461
|
+
# `CreateAccount` request. You can get the value from the
|
1462
|
+
# `CreateAccountStatus.Id` response in an earlier CreateAccount
|
1460
1463
|
# request, or from the ListCreateAccountStatus operation.
|
1461
1464
|
#
|
1462
1465
|
# The [regex pattern][1] for a create account request ID string
|
@@ -1509,15 +1512,15 @@ module Aws::Organizations
|
|
1509
1512
|
#
|
1510
1513
|
#
|
1511
1514
|
#
|
1512
|
-
# [1]:
|
1513
|
-
# [2]:
|
1514
|
-
# [3]:
|
1515
|
+
# [1]: https://docs.aws.amazon.com/organizations/latest/userguide/orgs_manage_policies_ai-opt-out.html
|
1516
|
+
# [2]: https://docs.aws.amazon.com/organizations/latest/userguide/orgs_manage_policies_backup.html
|
1517
|
+
# [3]: https://docs.aws.amazon.com/organizations/latest/userguide/orgs_manage_policies_tag-policies.html
|
1515
1518
|
# @return [String]
|
1516
1519
|
#
|
1517
1520
|
# @!attribute [rw] target_id
|
1518
|
-
# When you're signed in as the
|
1519
|
-
# account that you want details about. Specifying an organization
|
1520
|
-
# or organizational unit (OU) as the target is not supported.
|
1521
|
+
# When you're signed in as the management account, specify the ID of
|
1522
|
+
# the account that you want details about. Specifying an organization
|
1523
|
+
# root or organizational unit (OU) as the target is not supported.
|
1521
1524
|
# @return [String]
|
1522
1525
|
#
|
1523
1526
|
# @see http://docs.aws.amazon.com/goto/WebAPI/organizations-2016-11-28/DescribeEffectivePolicyRequest AWS API Documentation
|
@@ -1808,10 +1811,10 @@ module Aws::Organizations
|
|
1808
1811
|
#
|
1809
1812
|
#
|
1810
1813
|
#
|
1811
|
-
# [1]:
|
1812
|
-
# [2]:
|
1813
|
-
# [3]:
|
1814
|
-
# [4]:
|
1814
|
+
# [1]: https://docs.aws.amazon.com/organizations/latest/userguide/orgs_manage_policies_ai-opt-out.html
|
1815
|
+
# [2]: https://docs.aws.amazon.com/organizations/latest/userguide/orgs_manage_policies_backup.html
|
1816
|
+
# [3]: https://docs.aws.amazon.com/organizations/latest/userguide/orgs_manage_policies_scp.html
|
1817
|
+
# [4]: https://docs.aws.amazon.com/organizations/latest/userguide/orgs_manage_policies_tag-policies.html
|
1815
1818
|
# @return [String]
|
1816
1819
|
#
|
1817
1820
|
# @see http://docs.aws.amazon.com/goto/WebAPI/organizations-2016-11-28/DisablePolicyTypeRequest AWS API Documentation
|
@@ -1937,8 +1940,8 @@ module Aws::Organizations
|
|
1937
1940
|
include Aws::Structure
|
1938
1941
|
end
|
1939
1942
|
|
1940
|
-
# If you ran this action on the
|
1941
|
-
# enabled. If you ran the action on a member account, the account
|
1943
|
+
# If you ran this action on the management account, this policy type is
|
1944
|
+
# not enabled. If you ran the action on a member account, the account
|
1942
1945
|
# doesn't have an effective policy of this type. Contact the
|
1943
1946
|
# administrator of your organization about attaching a policy of this
|
1944
1947
|
# type to the account.
|
@@ -2028,10 +2031,10 @@ module Aws::Organizations
|
|
2028
2031
|
#
|
2029
2032
|
#
|
2030
2033
|
#
|
2031
|
-
# [1]:
|
2032
|
-
# [2]:
|
2033
|
-
# [3]:
|
2034
|
-
# [4]:
|
2034
|
+
# [1]: https://docs.aws.amazon.com/organizations/latest/userguide/orgs_manage_policies_ai-opt-out.html
|
2035
|
+
# [2]: https://docs.aws.amazon.com/organizations/latest/userguide/orgs_manage_policies_backup.html
|
2036
|
+
# [3]: https://docs.aws.amazon.com/organizations/latest/userguide/orgs_manage_policies_scp.html
|
2037
|
+
# [4]: https://docs.aws.amazon.com/organizations/latest/userguide/orgs_manage_policies_tag-policies.html
|
2035
2038
|
# @return [String]
|
2036
2039
|
#
|
2037
2040
|
# @see http://docs.aws.amazon.com/goto/WebAPI/organizations-2016-11-28/EnablePolicyTypeRequest AWS API Documentation
|
@@ -2101,9 +2104,10 @@ module Aws::Organizations
|
|
2101
2104
|
|
2102
2105
|
# Contains information that must be exchanged to securely establish a
|
2103
2106
|
# relationship between two accounts (an *originator* and a *recipient*).
|
2104
|
-
# For example, when a
|
2105
|
-
# account (the recipient) to join its organization, the two
|
2106
|
-
# exchange information as a series of handshake requests and
|
2107
|
+
# For example, when a management account (the originator) invites
|
2108
|
+
# another account (the recipient) to join its organization, the two
|
2109
|
+
# accounts exchange information as a series of handshake requests and
|
2110
|
+
# responses.
|
2107
2111
|
#
|
2108
2112
|
# **Note:** Handshakes that are CANCELED, ACCEPTED, or DECLINED show up
|
2109
2113
|
# in lists for only 30 days after entering that state After that they
|
@@ -2114,7 +2118,7 @@ module Aws::Organizations
|
|
2114
2118
|
# creates the ID when it initiates the handshake.
|
2115
2119
|
#
|
2116
2120
|
# The [regex pattern][1] for handshake ID string requires "h-"
|
2117
|
-
# followed by from 8 to 32
|
2121
|
+
# followed by from 8 to 32 lowercase letters or digits.
|
2118
2122
|
#
|
2119
2123
|
#
|
2120
2124
|
#
|
@@ -2125,12 +2129,12 @@ module Aws::Organizations
|
|
2125
2129
|
# The Amazon Resource Name (ARN) of a handshake.
|
2126
2130
|
#
|
2127
2131
|
# For more information about ARNs in Organizations, see [ARN Formats
|
2128
|
-
# Supported by Organizations][1] in the *AWS
|
2129
|
-
#
|
2132
|
+
# Supported by Organizations][1] in the *AWS Service Authorization
|
2133
|
+
# Reference*.
|
2130
2134
|
#
|
2131
2135
|
#
|
2132
2136
|
#
|
2133
|
-
# [1]: https://docs.aws.amazon.com/
|
2137
|
+
# [1]: https://docs.aws.amazon.com/service-authorization/latest/reference/list_awsorganizations.html#awsorganizations-resources-for-iam-policies
|
2134
2138
|
# @return [String]
|
2135
2139
|
#
|
2136
2140
|
# @!attribute [rw] parties
|
@@ -2183,20 +2187,20 @@ module Aws::Organizations
|
|
2183
2187
|
# supported:
|
2184
2188
|
#
|
2185
2189
|
# * **INVITE**\: This type of handshake represents a request to join
|
2186
|
-
# an organization. It is always sent from the
|
2187
|
-
# non-member accounts.
|
2190
|
+
# an organization. It is always sent from the management account to
|
2191
|
+
# only non-member accounts.
|
2188
2192
|
#
|
2189
2193
|
# * **ENABLE\_ALL\_FEATURES**\: This type of handshake represents a
|
2190
2194
|
# request to enable all features in an organization. It is always
|
2191
|
-
# sent from the
|
2192
|
-
# Created accounts do not receive this because those
|
2193
|
-
# created by the organization's
|
2194
|
-
# inferred.
|
2195
|
+
# sent from the management account to only *invited* member
|
2196
|
+
# accounts. Created accounts do not receive this because those
|
2197
|
+
# accounts were created by the organization's management account
|
2198
|
+
# and approval is inferred.
|
2195
2199
|
#
|
2196
2200
|
# * **APPROVE\_ALL\_FEATURES**\: This type of handshake is sent from
|
2197
2201
|
# the Organizations service when all member accounts have approved
|
2198
2202
|
# the `ENABLE_ALL_FEATURES` invitation. It is sent only to the
|
2199
|
-
#
|
2203
|
+
# management account and signals the master that it can finalize the
|
2200
2204
|
# process to enable all features.
|
2201
2205
|
# @return [String]
|
2202
2206
|
#
|
@@ -2322,7 +2326,7 @@ module Aws::Organizations
|
|
2322
2326
|
# `ActionType`.
|
2323
2327
|
#
|
2324
2328
|
# The [regex pattern][1] for handshake ID string requires "h-"
|
2325
|
-
# followed by from 8 to 32
|
2329
|
+
# followed by from 8 to 32 lowercase letters or digits.
|
2326
2330
|
#
|
2327
2331
|
#
|
2328
2332
|
#
|
@@ -2365,7 +2369,7 @@ module Aws::Organizations
|
|
2365
2369
|
# The unique identifier (ID) for the party.
|
2366
2370
|
#
|
2367
2371
|
# The [regex pattern][1] for handshake ID string requires "h-"
|
2368
|
-
# followed by from 8 to 32
|
2372
|
+
# followed by from 8 to 32 lowercase letters or digits.
|
2369
2373
|
#
|
2370
2374
|
#
|
2371
2375
|
#
|
@@ -2405,9 +2409,9 @@ module Aws::Organizations
|
|
2405
2409
|
# account that receives the handshake.
|
2406
2410
|
#
|
2407
2411
|
# * `OWNER_EMAIL` - Specifies the email address associated with the
|
2408
|
-
#
|
2412
|
+
# management account. Included as information about an organization.
|
2409
2413
|
#
|
2410
|
-
# * `OWNER_NAME` - Specifies the name associated with the
|
2414
|
+
# * `OWNER_NAME` - Specifies the name associated with the management
|
2411
2415
|
# account. Included as information about an organization.
|
2412
2416
|
#
|
2413
2417
|
# * `NOTES` - Additional text provided by the handshake initiator and
|
@@ -3470,10 +3474,10 @@ module Aws::Organizations
|
|
3470
3474
|
#
|
3471
3475
|
#
|
3472
3476
|
#
|
3473
|
-
# [1]:
|
3474
|
-
# [2]:
|
3475
|
-
# [3]:
|
3476
|
-
# [4]:
|
3477
|
+
# [1]: https://docs.aws.amazon.com/organizations/latest/userguide/orgs_manage_policies_ai-opt-out.html
|
3478
|
+
# [2]: https://docs.aws.amazon.com/organizations/latest/userguide/orgs_manage_policies_backup.html
|
3479
|
+
# [3]: https://docs.aws.amazon.com/organizations/latest/userguide/orgs_manage_policies_scp.html
|
3480
|
+
# [4]: https://docs.aws.amazon.com/organizations/latest/userguide/orgs_manage_policies_tag-policies.html
|
3477
3481
|
# @return [String]
|
3478
3482
|
#
|
3479
3483
|
# @!attribute [rw] next_token
|
@@ -3552,10 +3556,10 @@ module Aws::Organizations
|
|
3552
3556
|
#
|
3553
3557
|
#
|
3554
3558
|
#
|
3555
|
-
# [1]:
|
3556
|
-
# [2]:
|
3557
|
-
# [3]:
|
3558
|
-
# [4]:
|
3559
|
+
# [1]: https://docs.aws.amazon.com/organizations/latest/userguide/orgs_manage_policies_ai-opt-out.html
|
3560
|
+
# [2]: https://docs.aws.amazon.com/organizations/latest/userguide/orgs_manage_policies_backup.html
|
3561
|
+
# [3]: https://docs.aws.amazon.com/organizations/latest/userguide/orgs_manage_policies_scp.html
|
3562
|
+
# [4]: https://docs.aws.amazon.com/organizations/latest/userguide/orgs_manage_policies_tag-policies.html
|
3559
3563
|
# @return [String]
|
3560
3564
|
#
|
3561
3565
|
# @!attribute [rw] next_token
|
@@ -3829,9 +3833,10 @@ module Aws::Organizations
|
|
3829
3833
|
include Aws::Structure
|
3830
3834
|
end
|
3831
3835
|
|
3832
|
-
# You can't remove a
|
3833
|
-
# the
|
3834
|
-
# you must first delete the current organization of the
|
3836
|
+
# You can't remove a management account from an organization. If you
|
3837
|
+
# want the management account to become a member account in another
|
3838
|
+
# organization, you must first delete the current organization of the
|
3839
|
+
# management account.
|
3835
3840
|
#
|
3836
3841
|
# @!attribute [rw] message
|
3837
3842
|
# @return [String]
|
@@ -3925,7 +3930,7 @@ module Aws::Organizations
|
|
3925
3930
|
# The unique identifier (ID) of an organization.
|
3926
3931
|
#
|
3927
3932
|
# The [regex pattern][1] for an organization ID string requires "o-"
|
3928
|
-
# followed by from 10 to 32
|
3933
|
+
# followed by from 10 to 32 lowercase letters or digits.
|
3929
3934
|
#
|
3930
3935
|
#
|
3931
3936
|
#
|
@@ -3936,12 +3941,12 @@ module Aws::Organizations
|
|
3936
3941
|
# The Amazon Resource Name (ARN) of an organization.
|
3937
3942
|
#
|
3938
3943
|
# For more information about ARNs in Organizations, see [ARN Formats
|
3939
|
-
# Supported by Organizations][1] in the *AWS
|
3940
|
-
#
|
3944
|
+
# Supported by Organizations][1] in the *AWS Service Authorization
|
3945
|
+
# Reference*.
|
3941
3946
|
#
|
3942
3947
|
#
|
3943
3948
|
#
|
3944
|
-
# [1]: https://docs.aws.amazon.com/
|
3949
|
+
# [1]: https://docs.aws.amazon.com/service-authorization/latest/reference/list_awsorganizations.html#awsorganizations-resources-for-iam-policies
|
3945
3950
|
# @return [String]
|
3946
3951
|
#
|
3947
3952
|
# @!attribute [rw] feature_set
|
@@ -3960,19 +3965,20 @@ module Aws::Organizations
|
|
3960
3965
|
#
|
3961
3966
|
# @!attribute [rw] master_account_arn
|
3962
3967
|
# The Amazon Resource Name (ARN) of the account that is designated as
|
3963
|
-
# the
|
3968
|
+
# the management account for the organization.
|
3964
3969
|
#
|
3965
3970
|
# For more information about ARNs in Organizations, see [ARN Formats
|
3966
|
-
# Supported by Organizations][1] in the *AWS
|
3967
|
-
#
|
3971
|
+
# Supported by Organizations][1] in the *AWS Service Authorization
|
3972
|
+
# Reference*.
|
3968
3973
|
#
|
3969
3974
|
#
|
3970
3975
|
#
|
3971
|
-
# [1]: https://docs.aws.amazon.com/
|
3976
|
+
# [1]: https://docs.aws.amazon.com/service-authorization/latest/reference/list_awsorganizations.html#awsorganizations-resources-for-iam-policies
|
3972
3977
|
# @return [String]
|
3973
3978
|
#
|
3974
3979
|
# @!attribute [rw] master_account_id
|
3975
|
-
# The unique identifier (ID) of the
|
3980
|
+
# The unique identifier (ID) of the management account of an
|
3981
|
+
# organization.
|
3976
3982
|
#
|
3977
3983
|
# The [regex pattern][1] for an account ID string requires exactly 12
|
3978
3984
|
# digits.
|
@@ -3984,7 +3990,7 @@ module Aws::Organizations
|
|
3984
3990
|
#
|
3985
3991
|
# @!attribute [rw] master_account_email
|
3986
3992
|
# The email address that is associated with the AWS account that is
|
3987
|
-
# designated as the
|
3993
|
+
# designated as the management account for the organization.
|
3988
3994
|
# @return [String]
|
3989
3995
|
#
|
3990
3996
|
# @!attribute [rw] available_policy_types
|
@@ -4010,8 +4016,8 @@ module Aws::Organizations
|
|
4010
4016
|
end
|
4011
4017
|
|
4012
4018
|
# The organization isn't empty. To delete an organization, you must
|
4013
|
-
# first remove all accounts except the
|
4014
|
-
# and delete all policies.
|
4019
|
+
# first remove all accounts except the management account, delete all
|
4020
|
+
# OUs, and delete all policies.
|
4015
4021
|
#
|
4016
4022
|
# @!attribute [rw] message
|
4017
4023
|
# @return [String]
|
@@ -4033,9 +4039,9 @@ module Aws::Organizations
|
|
4033
4039
|
# The unique identifier (ID) associated with this OU.
|
4034
4040
|
#
|
4035
4041
|
# The [regex pattern][1] for an organizational unit ID string requires
|
4036
|
-
# "ou-" followed by from 4 to 32
|
4037
|
-
#
|
4038
|
-
# second "-" dash and from 8 to 32 additional
|
4042
|
+
# "ou-" followed by from 4 to 32 lowercase letters or digits (the ID
|
4043
|
+
# of the root that contains the OU). This string is followed by a
|
4044
|
+
# second "-" dash and from 8 to 32 additional lowercase letters or
|
4039
4045
|
# digits.
|
4040
4046
|
#
|
4041
4047
|
#
|
@@ -4047,12 +4053,12 @@ module Aws::Organizations
|
|
4047
4053
|
# The Amazon Resource Name (ARN) of this OU.
|
4048
4054
|
#
|
4049
4055
|
# For more information about ARNs in Organizations, see [ARN Formats
|
4050
|
-
# Supported by Organizations][1] in the *AWS
|
4051
|
-
#
|
4056
|
+
# Supported by Organizations][1] in the *AWS Service Authorization
|
4057
|
+
# Reference*.
|
4052
4058
|
#
|
4053
4059
|
#
|
4054
4060
|
#
|
4055
|
-
# [1]: https://docs.aws.amazon.com/
|
4061
|
+
# [1]: https://docs.aws.amazon.com/service-authorization/latest/reference/list_awsorganizations.html#awsorganizations-resources-for-iam-policies
|
4056
4062
|
# @return [String]
|
4057
4063
|
#
|
4058
4064
|
# @!attribute [rw] name
|
@@ -4113,13 +4119,13 @@ module Aws::Organizations
|
|
4113
4119
|
# The [regex pattern][1] for a parent ID string requires one of the
|
4114
4120
|
# following:
|
4115
4121
|
#
|
4116
|
-
# * Root
|
4117
|
-
#
|
4122
|
+
# * **Root** - A string that begins with "r-" followed by from 4 to
|
4123
|
+
# 32 lowercase letters or digits.
|
4118
4124
|
#
|
4119
|
-
# * Organizational unit (OU)
|
4120
|
-
# followed by from 4 to 32
|
4125
|
+
# * **Organizational unit (OU)** - A string that begins with "ou-"
|
4126
|
+
# followed by from 4 to 32 lowercase letters or digits (the ID of
|
4121
4127
|
# the root that the OU is in). This string is followed by a second
|
4122
|
-
# "-" dash and from 8 to 32 additional
|
4128
|
+
# "-" dash and from 8 to 32 additional lowercase letters or
|
4123
4129
|
# digits.
|
4124
4130
|
#
|
4125
4131
|
#
|
@@ -4236,7 +4242,8 @@ module Aws::Organizations
|
|
4236
4242
|
# The unique identifier (ID) of the policy.
|
4237
4243
|
#
|
4238
4244
|
# The [regex pattern][1] for a policy ID string requires "p-"
|
4239
|
-
# followed by from 8 to 128
|
4245
|
+
# followed by from 8 to 128 lowercase or uppercase letters, digits, or
|
4246
|
+
# the underscore character (\_).
|
4240
4247
|
#
|
4241
4248
|
#
|
4242
4249
|
#
|
@@ -4247,12 +4254,12 @@ module Aws::Organizations
|
|
4247
4254
|
# The Amazon Resource Name (ARN) of the policy.
|
4248
4255
|
#
|
4249
4256
|
# For more information about ARNs in Organizations, see [ARN Formats
|
4250
|
-
# Supported by Organizations][1] in the *AWS
|
4251
|
-
#
|
4257
|
+
# Supported by Organizations][1] in the *AWS Service Authorization
|
4258
|
+
# Reference*.
|
4252
4259
|
#
|
4253
4260
|
#
|
4254
4261
|
#
|
4255
|
-
# [1]: https://docs.aws.amazon.com/
|
4262
|
+
# [1]: https://docs.aws.amazon.com/service-authorization/latest/reference/list_awsorganizations.html#awsorganizations-resources-for-iam-policies
|
4256
4263
|
# @return [String]
|
4257
4264
|
#
|
4258
4265
|
# @!attribute [rw] name
|
@@ -4302,15 +4309,15 @@ module Aws::Organizations
|
|
4302
4309
|
# The [regex pattern][1] for a target ID string requires one of the
|
4303
4310
|
# following:
|
4304
4311
|
#
|
4305
|
-
# * Root
|
4306
|
-
#
|
4312
|
+
# * **Root** - A string that begins with "r-" followed by from 4 to
|
4313
|
+
# 32 lowercase letters or digits.
|
4307
4314
|
#
|
4308
|
-
# * Account
|
4315
|
+
# * **Account** - A string that consists of exactly 12 digits.
|
4309
4316
|
#
|
4310
|
-
# * Organizational unit (OU)
|
4311
|
-
# followed by from 4 to 32
|
4317
|
+
# * **Organizational unit (OU)** - A string that begins with "ou-"
|
4318
|
+
# followed by from 4 to 32 lowercase letters or digits (the ID of
|
4312
4319
|
# the root that the OU is in). This string is followed by a second
|
4313
|
-
# "-" dash and from 8 to 32 additional
|
4320
|
+
# "-" dash and from 8 to 32 additional lowercase letters or
|
4314
4321
|
# digits.
|
4315
4322
|
#
|
4316
4323
|
#
|
@@ -4322,12 +4329,12 @@ module Aws::Organizations
|
|
4322
4329
|
# The Amazon Resource Name (ARN) of the policy target.
|
4323
4330
|
#
|
4324
4331
|
# For more information about ARNs in Organizations, see [ARN Formats
|
4325
|
-
# Supported by Organizations][1] in the *AWS
|
4326
|
-
#
|
4332
|
+
# Supported by Organizations][1] in the *AWS Service Authorization
|
4333
|
+
# Reference*.
|
4327
4334
|
#
|
4328
4335
|
#
|
4329
4336
|
#
|
4330
|
-
# [1]: https://docs.aws.amazon.com/
|
4337
|
+
# [1]: https://docs.aws.amazon.com/service-authorization/latest/reference/list_awsorganizations.html#awsorganizations-resources-for-iam-policies
|
4331
4338
|
# @return [String]
|
4332
4339
|
#
|
4333
4340
|
# @!attribute [rw] name
|
@@ -4490,16 +4497,14 @@ module Aws::Organizations
|
|
4490
4497
|
|
4491
4498
|
# Contains details about a root. A root is a top-level parent node in
|
4492
4499
|
# the hierarchy of an organization that can contain organizational units
|
4493
|
-
# (OUs) and accounts.
|
4494
|
-
# organization.
|
4495
|
-
# different way and to have different policy types enabled for use in
|
4496
|
-
# that root.
|
4500
|
+
# (OUs) and accounts. The root contains every AWS account in the
|
4501
|
+
# organization.
|
4497
4502
|
#
|
4498
4503
|
# @!attribute [rw] id
|
4499
4504
|
# The unique identifier (ID) for the root.
|
4500
4505
|
#
|
4501
4506
|
# The [regex pattern][1] for a root ID string requires "r-" followed
|
4502
|
-
# by from 4 to 32
|
4507
|
+
# by from 4 to 32 lowercase letters or digits.
|
4503
4508
|
#
|
4504
4509
|
#
|
4505
4510
|
#
|
@@ -4510,12 +4515,12 @@ module Aws::Organizations
|
|
4510
4515
|
# The Amazon Resource Name (ARN) of the root.
|
4511
4516
|
#
|
4512
4517
|
# For more information about ARNs in Organizations, see [ARN Formats
|
4513
|
-
# Supported by Organizations][1] in the *AWS
|
4514
|
-
#
|
4518
|
+
# Supported by Organizations][1] in the *AWS Service Authorization
|
4519
|
+
# Reference*.
|
4515
4520
|
#
|
4516
4521
|
#
|
4517
4522
|
#
|
4518
|
-
# [1]: https://docs.aws.amazon.com/
|
4523
|
+
# [1]: https://docs.aws.amazon.com/service-authorization/latest/reference/list_awsorganizations.html#awsorganizations-resources-for-iam-policies
|
4519
4524
|
# @return [String]
|
4520
4525
|
#
|
4521
4526
|
# @!attribute [rw] name
|