aws-sdk-organizations 1.52.0 → 1.57.0

data/lib/aws-sdk-organizations/types.rb

@@ -121,12 +121,12 @@ module Aws::Organizations
     #   The Amazon Resource Name (ARN) of the account.
     #
     #   For more information about ARNs in Organizations, see [ARN Formats
-    #   Supported by Organizations][1] in the *AWS Organizations User
-    #   Guide*.
+    #   Supported by Organizations][1] in the *AWS Service Authorization
+    #   Reference*.
     #
     #
     #
-    #   [1]: https://docs.aws.amazon.com/organizations/latest/userguide/orgs_permissions.html#orgs-permissions-arns
+    #   [1]: https://docs.aws.amazon.com/service-authorization/latest/reference/list_awsorganizations.html#awsorganizations-resources-for-iam-policies
     #   @return [String]
     #
     # @!attribute [rw] email
@@ -221,7 +221,7 @@ module Aws::Organizations
     end
 
     # You can't invite an existing account to your organization until you
-    # verify that you own the email address associated with the master
+    # verify that you own the email address associated with the management
     # account. For more information, see [Email Address Verification][1] in
     # the *AWS Organizations User Guide.*
     #
@@ -358,13 +358,13 @@ module Aws::Organizations
     #   The [regex pattern][1] for a child ID string requires one of the
     #   following:
     #
-    #   * Account: A string that consists of exactly 12 digits.
+    #   * **Account** - A string that consists of exactly 12 digits.
     #
-    #   * Organizational unit (OU): A string that begins with "ou-"
-    #     followed by from 4 to 32 lower-case letters or digits (the ID of
+    #   * **Organizational unit (OU)** - A string that begins with "ou-"
+    #     followed by from 4 to 32 lowercase letters or digits (the ID of
     #     the root that contains the OU). This string is followed by a
-    #     second "-" dash and from 8 to 32 additional lower-case letters
-    #     or digits.
+    #     second "-" dash and from 8 to 32 additional lowercase letters or
+    #     digits.
     #
     #
     #
@@ -425,9 +425,9 @@ module Aws::Organizations
     #  </note>
     #
     # * ACCOUNT\_CANNOT\_LEAVE\_ORGANIZAION: You attempted to remove the
-    #   master account from the organization. You can't remove the master
-    #   account. Instead, after you remove all member accounts, delete the
-    #   organization itself.
+    #   management account from the organization. You can't remove the
+    #   management account. Instead, after you remove all member accounts,
+    #   delete the organization itself.
     #
     # * ACCOUNT\_CANNOT\_LEAVE\_WITHOUT\_EULA: You attempted to remove an
     #   account from the organization that doesn't yet have enough
@@ -466,8 +466,8 @@ module Aws::Organizations
     #   Support][2].
     #
     # * CANNOT\_REGISTER\_MASTER\_AS\_DELEGATED\_ADMINISTRATOR: You
-    #   attempted to register the master account of the organization as a
-    #   delegated administrator for an AWS service integrated with
+    #   attempted to register the management account of the organization as
+    #   a delegated administrator for an AWS service integrated with
     #   Organizations. You can designate only a member account as a
     #   delegated administrator.
     #
@@ -496,11 +496,11 @@ module Aws::Organizations
     #
     # * MASTER\_ACCOUNT\_ADDRESS\_DOES\_NOT\_MATCH\_MARKETPLACE: To create
     #   an account in this organization, you first must migrate the
-    #   organization's master account to the marketplace that corresponds
-    #   to the master account's address. For example, accounts with India
-    #   addresses must be associated with the AISPL marketplace. All
-    #   accounts in an organization must be associated with the same
-    #   marketplace.
+    #   organization's management account to the marketplace that
+    #   corresponds to the management account's address. For example,
+    #   accounts with India addresses must be associated with the AISPL
+    #   marketplace. All accounts in an organization must be associated with
+    #   the same marketplace.
     #
     # * MASTER\_ACCOUNT\_MISSING\_BUSINESS\_LICENSE: Applies only to the AWS
     #   Regions in China. To create an organization, the master must have an
@@ -509,16 +509,16 @@ module Aws::Organizations
     #
     # * MASTER\_ACCOUNT\_MISSING\_CONTACT\_INFO: To complete this operation,
     #   you must first provide a valid contact address and phone number for
-    #   the master account. Then try the operation again.
+    #   the management account. Then try the operation again.
     #
     # * MASTER\_ACCOUNT\_NOT\_GOVCLOUD\_ENABLED: To complete this operation,
-    #   the master account must have an associated account in the AWS
+    #   the management account must have an associated account in the AWS
     #   GovCloud (US-West) Region. For more information, see [AWS
     #   Organizations][3] in the *AWS GovCloud User Guide.*
     #
     # * MASTER\_ACCOUNT\_PAYMENT\_INSTRUMENT\_REQUIRED: To create an
-    #   organization with this master account, you first must associate a
-    #   valid payment instrument, such as a credit card, with the account.
+    #   organization with this management account, you first must associate
+    #   a valid payment instrument, such as a credit card, with the account.
     #   Follow the steps at [To leave an organization when all required
     #   account information has not yet been provided][4] in the *AWS
     #   Organizations User Guide.*
@@ -621,10 +621,11 @@ module Aws::Organizations
     #   (Optional)
     #
     #   The name of an IAM role that AWS Organizations automatically
-    #   preconfigures in the new member account. This role trusts the master
-    #   account, allowing users in the master account to assume the role, as
-    #   permitted by the master account administrator. The role has
-    #   administrator permissions in the new member account.
+    #   preconfigures in the new member account. This role trusts the
+    #   management account, allowing users in the management account to
+    #   assume the role, as permitted by the management account
+    #   administrator. The role has administrator permissions in the new
+    #   member account.
     #
     #   If you don't specify this parameter, the role name defaults to
     #   `OrganizationAccountAccessRole`.
@@ -730,7 +731,7 @@ module Aws::Organizations
     #   create the account.
     #
     #   The [regex pattern][1] for a create account request ID string
-    #   requires "car-" followed by from 8 to 32 lower-case letters or
+    #   requires "car-" followed by from 8 to 32 lowercase letters or
     #   digits.
     #
     #
@@ -786,10 +787,17 @@ module Aws::Organizations
     #   * EMAIL\_ALREADY\_EXISTS: The account could not be created because
     #     another AWS account with that email address already exists.
     #
+    #   * FAILED\_BUSINESS\_VALIDATION: The AWS account that owns your
+    #     organization failed to receive business license validation.
+    #
     #   * GOVCLOUD\_ACCOUNT\_ALREADY\_EXISTS: The account in the AWS
     #     GovCloud (US) Region could not be created because this Region
     #     already includes an account with that email address.
     #
+    #   * IDENTITY\_INVALID\_BUSINESS\_VALIDATION: The AWS account that owns
+    #     your organization can't complete business license validation
+    #     because it doesn't have valid identity data.
+    #
     #   * INVALID\_ADDRESS: The account could not be created because the
     #     address you provided is not valid.
     #
@@ -803,8 +811,16 @@ module Aws::Organizations
     #   * MISSING\_BUSINESS\_VALIDATION: The AWS account that owns your
     #     organization has not received Business Validation.
     #
-    #   * MISSING\_PAYMENT\_INSTRUMENT: You must configure the master
+    #   * MISSING\_PAYMENT\_INSTRUMENT: You must configure the management
     #     account with a valid payment method, such as a credit card.
+    #
+    #   * PENDING\_BUSINESS\_VALIDATION: The AWS account that owns your
+    #     organization is still in the process of completing business
+    #     license validation.
+    #
+    #   * UNKNOWN\_BUSINESS\_VALIDATION: The AWS account that owns your
+    #     organization has an unknown issue with business license
+    #     validation.
     #   @return [String]
     #
     # @see http://docs.aws.amazon.com/goto/WebAPI/organizations-2016-11-28/CreateAccountStatus AWS API Documentation
@@ -874,9 +890,10 @@ module Aws::Organizations
     #   The name of an IAM role that AWS Organizations automatically
     #   preconfigures in the new member accounts in both the AWS GovCloud
     #   (US) Region and in the commercial Region. This role trusts the
-    #   master account, allowing users in the master account to assume the
-    #   role, as permitted by the master account administrator. The role has
-    #   administrator permissions in the new member account.
+    #   management account, allowing users in the management account to
+    #   assume the role, as permitted by the management account
+    #   administrator. The role has administrator permissions in the new
+    #   member account.
     #
     #   If you don't specify this parameter, the role name defaults to
     #   `OrganizationAccountAccessRole`.
@@ -977,7 +994,7 @@ module Aws::Organizations
     #   feature set supports different levels of functionality.
     #
     #   * `CONSOLIDATED_BILLING`\: All member accounts have their bills
-    #     consolidated to and paid by the master account. For more
+    #     consolidated to and paid by the management account. For more
     #     information, see [Consolidated billing][1] in the *AWS
     #     Organizations User Guide.*
     #
@@ -985,7 +1002,7 @@ module Aws::Organizations
     #     organizations in the AWS GovCloud (US) Region.
     #
     #   * `ALL`\: In addition to all the features supported by the
-    #     consolidated billing feature set, the master account can also
+    #     consolidated billing feature set, the management account can also
     #     apply any policy type to any member account in the organization.
     #     For more information, see [All features][2] in the *AWS
     #     Organizations User Guide.*
@@ -1147,10 +1164,10 @@ module Aws::Organizations
     #
     #
     #
-    #   [1]: http://docs.aws.amazon.com/organizations/latest/userguide/orgs_manage_policies_ai-opt-out.html
-    #   [2]: http://docs.aws.amazon.com/organizations/latest/userguide/orgs_manage_policies_backup.html
-    #   [3]: http://docs.aws.amazon.com/organizations/latest/userguide/orgs_manage_policies_scp.html
-    #   [4]: http://docs.aws.amazon.com/organizations/latest/userguide/orgs_manage_policies_tag-policies.html
+    #   [1]: https://docs.aws.amazon.com/organizations/latest/userguide/orgs_manage_policies_ai-opt-out.html
+    #   [2]: https://docs.aws.amazon.com/organizations/latest/userguide/orgs_manage_policies_backup.html
+    #   [3]: https://docs.aws.amazon.com/organizations/latest/userguide/orgs_manage_policies_scp.html
+    #   [4]: https://docs.aws.amazon.com/organizations/latest/userguide/orgs_manage_policies_tag-policies.html
     #   @return [String]
     #
     # @!attribute [rw] tags
@@ -1455,8 +1472,9 @@ module Aws::Organizations
     #       }
     #
     # @!attribute [rw] create_account_request_id
-    #   Specifies the `operationId` that uniquely identifies the request.
-    #   You can get the ID from the response to an earlier CreateAccount
+    #   Specifies the `Id` value that uniquely identifies the
+    #   `CreateAccount` request. You can get the value from the
+    #   `CreateAccountStatus.Id` response in an earlier CreateAccount
     #   request, or from the ListCreateAccountStatus operation.
     #
     #   The [regex pattern][1] for a create account request ID string
@@ -1509,15 +1527,15 @@ module Aws::Organizations
     #
     #
     #
-    #   [1]: http://docs.aws.amazon.com/organizations/latest/userguide/orgs_manage_policies_ai-opt-out.html
-    #   [2]: http://docs.aws.amazon.com/organizations/latest/userguide/orgs_manage_policies_backup.html
-    #   [3]: http://docs.aws.amazon.com/organizations/latest/userguide/orgs_manage_policies_tag-policies.html
+    #   [1]: https://docs.aws.amazon.com/organizations/latest/userguide/orgs_manage_policies_ai-opt-out.html
+    #   [2]: https://docs.aws.amazon.com/organizations/latest/userguide/orgs_manage_policies_backup.html
+    #   [3]: https://docs.aws.amazon.com/organizations/latest/userguide/orgs_manage_policies_tag-policies.html
     #   @return [String]
     #
     # @!attribute [rw] target_id
-    #   When you're signed in as the master account, specify the ID of the
-    #   account that you want details about. Specifying an organization root
-    #   or organizational unit (OU) as the target is not supported.
+    #   When you're signed in as the management account, specify the ID of
+    #   the account that you want details about. Specifying an organization
+    #   root or organizational unit (OU) as the target is not supported.
     #   @return [String]
     #
     # @see http://docs.aws.amazon.com/goto/WebAPI/organizations-2016-11-28/DescribeEffectivePolicyRequest AWS API Documentation
@@ -1808,10 +1826,10 @@ module Aws::Organizations
     #
     #
     #
-    #   [1]: http://docs.aws.amazon.com/organizations/latest/userguide/orgs_manage_policies_ai-opt-out.html
-    #   [2]: http://docs.aws.amazon.com/organizations/latest/userguide/orgs_manage_policies_backup.html
-    #   [3]: http://docs.aws.amazon.com/organizations/latest/userguide/orgs_manage_policies_scp.html
-    #   [4]: http://docs.aws.amazon.com/organizations/latest/userguide/orgs_manage_policies_tag-policies.html
+    #   [1]: https://docs.aws.amazon.com/organizations/latest/userguide/orgs_manage_policies_ai-opt-out.html
+    #   [2]: https://docs.aws.amazon.com/organizations/latest/userguide/orgs_manage_policies_backup.html
+    #   [3]: https://docs.aws.amazon.com/organizations/latest/userguide/orgs_manage_policies_scp.html
+    #   [4]: https://docs.aws.amazon.com/organizations/latest/userguide/orgs_manage_policies_tag-policies.html
     #   @return [String]
     #
     # @see http://docs.aws.amazon.com/goto/WebAPI/organizations-2016-11-28/DisablePolicyTypeRequest AWS API Documentation
@@ -1937,8 +1955,8 @@ module Aws::Organizations
       include Aws::Structure
     end
 
-    # If you ran this action on the master account, this policy type is not
-    # enabled. If you ran the action on a member account, the account
+    # If you ran this action on the management account, this policy type is
+    # not enabled. If you ran the action on a member account, the account
     # doesn't have an effective policy of this type. Contact the
     # administrator of your organization about attaching a policy of this
     # type to the account.
@@ -2028,10 +2046,10 @@ module Aws::Organizations
     #
     #
     #
-    #   [1]: http://docs.aws.amazon.com/organizations/latest/userguide/orgs_manage_policies_ai-opt-out.html
-    #   [2]: http://docs.aws.amazon.com/organizations/latest/userguide/orgs_manage_policies_backup.html
-    #   [3]: http://docs.aws.amazon.com/organizations/latest/userguide/orgs_manage_policies_scp.html
-    #   [4]: http://docs.aws.amazon.com/organizations/latest/userguide/orgs_manage_policies_tag-policies.html
+    #   [1]: https://docs.aws.amazon.com/organizations/latest/userguide/orgs_manage_policies_ai-opt-out.html
+    #   [2]: https://docs.aws.amazon.com/organizations/latest/userguide/orgs_manage_policies_backup.html
+    #   [3]: https://docs.aws.amazon.com/organizations/latest/userguide/orgs_manage_policies_scp.html
+    #   [4]: https://docs.aws.amazon.com/organizations/latest/userguide/orgs_manage_policies_tag-policies.html
     #   @return [String]
     #
     # @see http://docs.aws.amazon.com/goto/WebAPI/organizations-2016-11-28/EnablePolicyTypeRequest AWS API Documentation
@@ -2101,9 +2119,10 @@ module Aws::Organizations
 
     # Contains information that must be exchanged to securely establish a
     # relationship between two accounts (an *originator* and a *recipient*).
-    # For example, when a master account (the originator) invites another
-    # account (the recipient) to join its organization, the two accounts
-    # exchange information as a series of handshake requests and responses.
+    # For example, when a management account (the originator) invites
+    # another account (the recipient) to join its organization, the two
+    # accounts exchange information as a series of handshake requests and
+    # responses.
     #
     # **Note:** Handshakes that are CANCELED, ACCEPTED, or DECLINED show up
     # in lists for only 30 days after entering that state After that they
@@ -2114,7 +2133,7 @@ module Aws::Organizations
     #   creates the ID when it initiates the handshake.
     #
     #   The [regex pattern][1] for handshake ID string requires "h-"
-    #   followed by from 8 to 32 lower-case letters or digits.
+    #   followed by from 8 to 32 lowercase letters or digits.
     #
     #
     #
@@ -2125,12 +2144,12 @@ module Aws::Organizations
     #   The Amazon Resource Name (ARN) of a handshake.
     #
     #   For more information about ARNs in Organizations, see [ARN Formats
-    #   Supported by Organizations][1] in the *AWS Organizations User
-    #   Guide*.
+    #   Supported by Organizations][1] in the *AWS Service Authorization
+    #   Reference*.
     #
     #
     #
-    #   [1]: https://docs.aws.amazon.com/organizations/latest/userguide/orgs_permissions.html#orgs-permissions-arns
+    #   [1]: https://docs.aws.amazon.com/service-authorization/latest/reference/list_awsorganizations.html#awsorganizations-resources-for-iam-policies
     #   @return [String]
     #
     # @!attribute [rw] parties
@@ -2183,20 +2202,20 @@ module Aws::Organizations
     #   supported:
     #
     #   * **INVITE**\: This type of handshake represents a request to join
-    #     an organization. It is always sent from the master account to only
-    #     non-member accounts.
+    #     an organization. It is always sent from the management account to
+    #     only non-member accounts.
     #
     #   * **ENABLE\_ALL\_FEATURES**\: This type of handshake represents a
     #     request to enable all features in an organization. It is always
-    #     sent from the master account to only *invited* member accounts.
-    #     Created accounts do not receive this because those accounts were
-    #     created by the organization's master account and approval is
-    #     inferred.
+    #     sent from the management account to only *invited* member
+    #     accounts. Created accounts do not receive this because those
+    #     accounts were created by the organization's management account
+    #     and approval is inferred.
     #
     #   * **APPROVE\_ALL\_FEATURES**\: This type of handshake is sent from
     #     the Organizations service when all member accounts have approved
     #     the `ENABLE_ALL_FEATURES` invitation. It is sent only to the
-    #     master account and signals the master that it can finalize the
+    #     management account and signals the master that it can finalize the
     #     process to enable all features.
     #   @return [String]
     #
@@ -2263,6 +2282,10 @@ module Aws::Organizations
     # * ORGANIZATION\_ALREADY\_HAS\_ALL\_FEATURES: The handshake request is
     #   invalid because the organization has already enabled all features.
     #
+    # * ORGANIZATION\_IS\_ALREADY\_PENDING\_ALL\_FEATURES\_MIGRATION: The
+    #   handshake request is invalid because the organization has already
+    #   started the process to enable all features.
+    #
     # * ORGANIZATION\_FROM\_DIFFERENT\_SELLER\_OF\_RECORD: The request
     #   failed because the account is from a different marketplace than the
     #   accounts in the organization. For example, accounts with India
@@ -2322,7 +2345,7 @@ module Aws::Organizations
     #   `ActionType`.
     #
     #   The [regex pattern][1] for handshake ID string requires "h-"
-    #   followed by from 8 to 32 lower-case letters or digits.
+    #   followed by from 8 to 32 lowercase letters or digits.
     #
     #
     #
@@ -2365,7 +2388,7 @@ module Aws::Organizations
     #   The unique identifier (ID) for the party.
     #
     #   The [regex pattern][1] for handshake ID string requires "h-"
-    #   followed by from 8 to 32 lower-case letters or digits.
+    #   followed by from 8 to 32 lowercase letters or digits.
     #
     #
     #
@@ -2405,9 +2428,9 @@ module Aws::Organizations
     #     account that receives the handshake.
     #
     #   * `OWNER_EMAIL` - Specifies the email address associated with the
-    #     master account. Included as information about an organization.
+    #     management account. Included as information about an organization.
     #
-    #   * `OWNER_NAME` - Specifies the name associated with the master
+    #   * `OWNER_NAME` - Specifies the name associated with the management
     #     account. Included as information about an organization.
     #
     #   * `NOTES` - Additional text provided by the handshake initiator and
@@ -2462,6 +2485,9 @@ module Aws::Organizations
     # * INPUT\_REQUIRED: You must include a value for all required
     #   parameters.
     #
+    # * INVALID\_EMAIL\_ADDRESS\_TARGET: You specified an invalid email
+    #   address for the invited account owner.
+    #
     # * INVALID\_ENUM: You specified an invalid value.
     #
     # * INVALID\_ENUM\_POLICY\_TYPE: You specified an invalid policy type
@@ -3470,10 +3496,10 @@ module Aws::Organizations
     #
     #
     #
-    #   [1]: http://docs.aws.amazon.com/organizations/latest/userguide/orgs_manage_policies_ai-opt-out.html
-    #   [2]: http://docs.aws.amazon.com/organizations/latest/userguide/orgs_manage_policies_backup.html
-    #   [3]: http://docs.aws.amazon.com/organizations/latest/userguide/orgs_manage_policies_scp.html
-    #   [4]: http://docs.aws.amazon.com/organizations/latest/userguide/orgs_manage_policies_tag-policies.html
+    #   [1]: https://docs.aws.amazon.com/organizations/latest/userguide/orgs_manage_policies_ai-opt-out.html
+    #   [2]: https://docs.aws.amazon.com/organizations/latest/userguide/orgs_manage_policies_backup.html
+    #   [3]: https://docs.aws.amazon.com/organizations/latest/userguide/orgs_manage_policies_scp.html
+    #   [4]: https://docs.aws.amazon.com/organizations/latest/userguide/orgs_manage_policies_tag-policies.html
     #   @return [String]
     #
     # @!attribute [rw] next_token
@@ -3552,10 +3578,10 @@ module Aws::Organizations
     #
     #
     #
-    #   [1]: http://docs.aws.amazon.com/organizations/latest/userguide/orgs_manage_policies_ai-opt-out.html
-    #   [2]: http://docs.aws.amazon.com/organizations/latest/userguide/orgs_manage_policies_backup.html
-    #   [3]: http://docs.aws.amazon.com/organizations/latest/userguide/orgs_manage_policies_scp.html
-    #   [4]: http://docs.aws.amazon.com/organizations/latest/userguide/orgs_manage_policies_tag-policies.html
+    #   [1]: https://docs.aws.amazon.com/organizations/latest/userguide/orgs_manage_policies_ai-opt-out.html
+    #   [2]: https://docs.aws.amazon.com/organizations/latest/userguide/orgs_manage_policies_backup.html
+    #   [3]: https://docs.aws.amazon.com/organizations/latest/userguide/orgs_manage_policies_scp.html
+    #   [4]: https://docs.aws.amazon.com/organizations/latest/userguide/orgs_manage_policies_tag-policies.html
     #   @return [String]
     #
     # @!attribute [rw] next_token
@@ -3829,9 +3855,10 @@ module Aws::Organizations
       include Aws::Structure
     end
 
-    # You can't remove a master account from an organization. If you want
-    # the master account to become a member account in another organization,
-    # you must first delete the current organization of the master account.
+    # You can't remove a management account from an organization. If you
+    # want the management account to become a member account in another
+    # organization, you must first delete the current organization of the
+    # management account.
     #
     # @!attribute [rw] message
     #   @return [String]
@@ -3925,7 +3952,7 @@ module Aws::Organizations
     #   The unique identifier (ID) of an organization.
     #
     #   The [regex pattern][1] for an organization ID string requires "o-"
-    #   followed by from 10 to 32 lower-case letters or digits.
+    #   followed by from 10 to 32 lowercase letters or digits.
     #
     #
     #
@@ -3936,12 +3963,12 @@ module Aws::Organizations
     #   The Amazon Resource Name (ARN) of an organization.
     #
     #   For more information about ARNs in Organizations, see [ARN Formats
-    #   Supported by Organizations][1] in the *AWS Organizations User
-    #   Guide*.
+    #   Supported by Organizations][1] in the *AWS Service Authorization
+    #   Reference*.
     #
     #
     #
-    #   [1]: https://docs.aws.amazon.com/organizations/latest/userguide/orgs_permissions.html#orgs-permissions-arns
+    #   [1]: https://docs.aws.amazon.com/service-authorization/latest/reference/list_awsorganizations.html#awsorganizations-resources-for-iam-policies
     #   @return [String]
     #
     # @!attribute [rw] feature_set
@@ -3960,19 +3987,20 @@ module Aws::Organizations
     #
     # @!attribute [rw] master_account_arn
     #   The Amazon Resource Name (ARN) of the account that is designated as
-    #   the master account for the organization.
+    #   the management account for the organization.
     #
     #   For more information about ARNs in Organizations, see [ARN Formats
-    #   Supported by Organizations][1] in the *AWS Organizations User
-    #   Guide*.
+    #   Supported by Organizations][1] in the *AWS Service Authorization
+    #   Reference*.
     #
     #
     #
-    #   [1]: https://docs.aws.amazon.com/organizations/latest/userguide/orgs_permissions.html#orgs-permissions-arns
+    #   [1]: https://docs.aws.amazon.com/service-authorization/latest/reference/list_awsorganizations.html#awsorganizations-resources-for-iam-policies
     #   @return [String]
     #
     # @!attribute [rw] master_account_id
-    #   The unique identifier (ID) of the master account of an organization.
+    #   The unique identifier (ID) of the management account of an
+    #   organization.
     #
     #   The [regex pattern][1] for an account ID string requires exactly 12
     #   digits.
@@ -3984,7 +4012,7 @@ module Aws::Organizations
     #
     # @!attribute [rw] master_account_email
     #   The email address that is associated with the AWS account that is
-    #   designated as the master account for the organization.
+    #   designated as the management account for the organization.
     #   @return [String]
     #
     # @!attribute [rw] available_policy_types
@@ -4010,8 +4038,8 @@ module Aws::Organizations
     end
 
     # The organization isn't empty. To delete an organization, you must
-    # first remove all accounts except the master account, delete all OUs,
-    # and delete all policies.
+    # first remove all accounts except the management account, delete all
+    # OUs, and delete all policies.
     #
     # @!attribute [rw] message
     #   @return [String]
@@ -4033,9 +4061,9 @@ module Aws::Organizations
     #   The unique identifier (ID) associated with this OU.
     #
     #   The [regex pattern][1] for an organizational unit ID string requires
-    #   "ou-" followed by from 4 to 32 lower-case letters or digits (the
-    #   ID of the root that contains the OU). This string is followed by a
-    #   second "-" dash and from 8 to 32 additional lower-case letters or
+    #   "ou-" followed by from 4 to 32 lowercase letters or digits (the ID
+    #   of the root that contains the OU). This string is followed by a
+    #   second "-" dash and from 8 to 32 additional lowercase letters or
     #   digits.
     #
     #
@@ -4047,12 +4075,12 @@ module Aws::Organizations
     #   The Amazon Resource Name (ARN) of this OU.
     #
     #   For more information about ARNs in Organizations, see [ARN Formats
-    #   Supported by Organizations][1] in the *AWS Organizations User
-    #   Guide*.
+    #   Supported by Organizations][1] in the *AWS Service Authorization
+    #   Reference*.
     #
     #
     #
-    #   [1]: https://docs.aws.amazon.com/organizations/latest/userguide/orgs_permissions.html#orgs-permissions-arns
+    #   [1]: https://docs.aws.amazon.com/service-authorization/latest/reference/list_awsorganizations.html#awsorganizations-resources-for-iam-policies
     #   @return [String]
     #
     # @!attribute [rw] name
@@ -4113,13 +4141,13 @@ module Aws::Organizations
     #   The [regex pattern][1] for a parent ID string requires one of the
     #   following:
     #
-    #   * Root: A string that begins with "r-" followed by from 4 to 32
-    #     lower-case letters or digits.
+    #   * **Root** - A string that begins with "r-" followed by from 4 to
+    #     32 lowercase letters or digits.
     #
-    #   * Organizational unit (OU): A string that begins with "ou-"
-    #     followed by from 4 to 32 lower-case letters or digits (the ID of
+    #   * **Organizational unit (OU)** - A string that begins with "ou-"
+    #     followed by from 4 to 32 lowercase letters or digits (the ID of
     #     the root that the OU is in). This string is followed by a second
-    #     "-" dash and from 8 to 32 additional lower-case letters or
+    #     "-" dash and from 8 to 32 additional lowercase letters or
     #     digits.
     #
     #
@@ -4236,7 +4264,8 @@ module Aws::Organizations
     #   The unique identifier (ID) of the policy.
     #
     #   The [regex pattern][1] for a policy ID string requires "p-"
-    #   followed by from 8 to 128 lower-case letters or digits.
+    #   followed by from 8 to 128 lowercase or uppercase letters, digits, or
+    #   the underscore character (\_).
     #
     #
     #
@@ -4247,12 +4276,12 @@ module Aws::Organizations
     #   The Amazon Resource Name (ARN) of the policy.
     #
     #   For more information about ARNs in Organizations, see [ARN Formats
-    #   Supported by Organizations][1] in the *AWS Organizations User
-    #   Guide*.
+    #   Supported by Organizations][1] in the *AWS Service Authorization
+    #   Reference*.
     #
     #
     #
-    #   [1]: https://docs.aws.amazon.com/organizations/latest/userguide/orgs_permissions.html#orgs-permissions-arns
+    #   [1]: https://docs.aws.amazon.com/service-authorization/latest/reference/list_awsorganizations.html#awsorganizations-resources-for-iam-policies
     #   @return [String]
     #
     # @!attribute [rw] name
@@ -4302,15 +4331,15 @@ module Aws::Organizations
     #   The [regex pattern][1] for a target ID string requires one of the
     #   following:
     #
-    #   * Root: A string that begins with "r-" followed by from 4 to 32
-    #     lower-case letters or digits.
+    #   * **Root** - A string that begins with "r-" followed by from 4 to
+    #     32 lowercase letters or digits.
     #
-    #   * Account: A string that consists of exactly 12 digits.
+    #   * **Account** - A string that consists of exactly 12 digits.
     #
-    #   * Organizational unit (OU): A string that begins with "ou-"
-    #     followed by from 4 to 32 lower-case letters or digits (the ID of
+    #   * **Organizational unit (OU)** - A string that begins with "ou-"
+    #     followed by from 4 to 32 lowercase letters or digits (the ID of
     #     the root that the OU is in). This string is followed by a second
-    #     "-" dash and from 8 to 32 additional lower-case letters or
+    #     "-" dash and from 8 to 32 additional lowercase letters or
     #     digits.
     #
     #
@@ -4322,12 +4351,12 @@ module Aws::Organizations
     #   The Amazon Resource Name (ARN) of the policy target.
     #
     #   For more information about ARNs in Organizations, see [ARN Formats
-    #   Supported by Organizations][1] in the *AWS Organizations User
-    #   Guide*.
+    #   Supported by Organizations][1] in the *AWS Service Authorization
+    #   Reference*.
     #
     #
     #
-    #   [1]: https://docs.aws.amazon.com/organizations/latest/userguide/orgs_permissions.html#orgs-permissions-arns
+    #   [1]: https://docs.aws.amazon.com/service-authorization/latest/reference/list_awsorganizations.html#awsorganizations-resources-for-iam-policies
     #   @return [String]
     #
     # @!attribute [rw] name
@@ -4490,16 +4519,14 @@ module Aws::Organizations
 
     # Contains details about a root. A root is a top-level parent node in
     # the hierarchy of an organization that can contain organizational units
-    # (OUs) and accounts. Every root contains every AWS account in the
-    # organization. Each root enables the accounts to be organized in a
-    # different way and to have different policy types enabled for use in
-    # that root.
+    # (OUs) and accounts. The root contains every AWS account in the
+    # organization.
     #
     # @!attribute [rw] id
     #   The unique identifier (ID) for the root.
     #
     #   The [regex pattern][1] for a root ID string requires "r-" followed
-    #   by from 4 to 32 lower-case letters or digits.
+    #   by from 4 to 32 lowercase letters or digits.
     #
     #
     #
@@ -4510,12 +4537,12 @@ module Aws::Organizations
     #   The Amazon Resource Name (ARN) of the root.
     #
     #   For more information about ARNs in Organizations, see [ARN Formats
-    #   Supported by Organizations][1] in the *AWS Organizations User
-    #   Guide*.
+    #   Supported by Organizations][1] in the *AWS Service Authorization
+    #   Reference*.
     #
     #
     #
-    #   [1]: https://docs.aws.amazon.com/organizations/latest/userguide/orgs_permissions.html#orgs-permissions-arns
+    #   [1]: https://docs.aws.amazon.com/service-authorization/latest/reference/list_awsorganizations.html#awsorganizations-resources-for-iam-policies
     #   @return [String]
     #
     # @!attribute [rw] name