RubyGems - aws-sdk-organizations - Versions diffs - 1.120.0 → 1.121.0 - Mend

aws-sdk-organizations 1.120.0 → 1.121.0

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (10) hide show

checksums.yaml +4 -4
data/CHANGELOG.md +5 -0
data/VERSION +1 -1
data/lib/aws-sdk-organizations/client.rb +272 -1
data/lib/aws-sdk-organizations/client_api.rb +90 -0
data/lib/aws-sdk-organizations/types.rb +278 -0
data/lib/aws-sdk-organizations.rb +1 -1
data/sig/client.rbs +32 -0
data/sig/types.rbs +40 -0
metadata +1 -1

checksums.yaml CHANGED Viewed

@@ -1,7 +1,7 @@
 ---
 SHA256:
-  metadata.gz: eaced8fff91937c4a84031b98f5d245f4b3720c35ce3ff499a05df3354fa9d60
-  data.tar.gz: 33099cf8c33deb9f9bb1797e7d505aa9da22527270c1431298819f38135c1545
+  metadata.gz: a0fd1ff2d03a9369cc89505feb194bf3020dabede4bb78e0ae4560968bc2bd5a
+  data.tar.gz: 237bb622c4ae05deca4bc3bf6e58a92899a645f4107e933a9c5a6cb92d165263
 SHA512:
-  metadata.gz: f3c1ce33b7ac445fb43990d6b40f0f7b3d5faa34b79a39ad92c96c54b4176f3902df1c2fea46d3e3ecd91a54fb14c6b2f6790bca840853e3c642ef4c616deeba
-  data.tar.gz: cf3759e027534da2891dd744770a1fbf2bb83bc895af031ffe565d95e315f5b7d1b5239231a3426f27c7b94c68dbfead6677f91eaf01411f3beebb1640a302cc
+  metadata.gz: dc5f7eee4e25984503987d0c52e4ebf9f31e35f23e328c2570262e79073d845010f79e7ea7a62e1fae0c5cdf68da1c41e85c24eb6c2a9aeca78a7fa0d602c01b
+  data.tar.gz: c9305d36640ddadedd4eef1a70ccfba988df078990b1249d918ed08724a91e89c224861f27c72db7ca8bb39b83f61c5a6764e8f0e3afe9a3fc48edfddb8c762c

data/CHANGELOG.md CHANGED Viewed

@@ -1,6 +1,11 @@
 Unreleased Changes
 ------------------
+1.121.0 (2025-08-12)
+------------------
+* Feature - This release introduces 2 new APIs in Organizations: 1. ListAccountsWithInvalidEffectivePolicy 2. ListEffectivePolicyValidationErrors
 1.120.0 (2025-08-04)
 ------------------

data/VERSION CHANGED Viewed

	@@ -1 +1 @@
1	- 1.~~120~~.0
1	+ 1.121.0

data/lib/aws-sdk-organizations/client.rb CHANGED Viewed

@@ -3783,6 +3783,137 @@ module Aws::Organizations
       req.send_request(options)
     end
+    # Lists all the accounts in an organization that have invalid effective
+    # policies. An *invalid effective policy* is an [effective policy][1]
+    # that fails validation checks, resulting in the effective policy not
+    # being fully enforced on all the intended accounts within an
+    # organization.
+    #
+    # This operation can be called only from the organization's management
+    # account or by a member account that is a delegated administrator.
+    #
+    #
+    #
+    # [1]: https://docs.aws.amazon.com/organizations/latest/userguide/orgs_manage_policies_effective.html
+    #
+    # @option params [required, String] :policy_type
+    #   The type of policy that you want information about. You can specify
+    #   one of the following values:
+    #
+    #   * [DECLARATIVE\_POLICY\_EC2][1]
+    #
+    #   * [BACKUP\_POLICY][2]
+    #
+    #   * [TAG\_POLICY][3]
+    #
+    #   * [CHATBOT\_POLICY][4]
+    #
+    #   * [AISERVICES\_OPT\_OUT\_POLICY][5]
+    #
+    #   * [SECURITYHUB\_POLICY][6]
+    #
+    #
+    #
+    #   [1]: https://docs.aws.amazon.com/organizations/latest/userguide/orgs_manage_policies_declarative.html
+    #   [2]: https://docs.aws.amazon.com/organizations/latest/userguide/orgs_manage_policies_backup.html
+    #   [3]: https://docs.aws.amazon.com/organizations/latest/userguide/orgs_manage_policies_tag-policies.html
+    #   [4]: https://docs.aws.amazon.com/organizations/latest/userguide/orgs_manage_policies_chatbot.html
+    #   [5]: https://docs.aws.amazon.com/organizations/latest/userguide/orgs_manage_policies_ai-opt-out.html
+    #   [6]: https://docs.aws.amazon.com/organizations/latest/userguide/orgs_manage_policies_security_hub.html
+    #
+    # @option params [String] :next_token
+    #   The parameter for receiving additional results if you receive a
+    #   `NextToken` response in a previous request. A `NextToken` response
+    #   indicates that more output is available. Set this parameter to the
+    #   value of the previous call's `NextToken` response to indicate where
+    #   the output should continue from.
+    #
+    # @option params [Integer] :max_results
+    #   The total number of results that you want included on each page of the
+    #   response. If you do not include this parameter, it defaults to a value
+    #   that is specific to the operation. If additional items exist beyond
+    #   the maximum you specify, the `NextToken` response element is present
+    #   and has a value (is not null). Include that value as the `NextToken`
+    #   request parameter in the next call to the operation to get the next
+    #   part of the results. Note that Organizations might return fewer
+    #   results than the maximum even when there are more results available.
+    #   You should check `NextToken` after every operation to ensure that you
+    #   receive all of the results.
+    #
+    # @return [Types::ListAccountsWithInvalidEffectivePolicyResponse] Returns a {Seahorse::Client::Response response} object which responds to the following methods:
+    #
+    #   * {Types::ListAccountsWithInvalidEffectivePolicyResponse#accounts #accounts} => Array&lt;Types::Account&gt;
+    #   * {Types::ListAccountsWithInvalidEffectivePolicyResponse#policy_type #policy_type} => String
+    #   * {Types::ListAccountsWithInvalidEffectivePolicyResponse#next_token #next_token} => String
+    #
+    # The returned {Seahorse::Client::Response response} is a pageable response and is Enumerable. For details on usage see {Aws::PageableResponse PageableResponse}.
+    #
+    #
+    # @example Example: To list all accounts in an organization with invalid effective policy
+    #
+    #   # The following example shows you how to request a list of the accounts in an organization having invalid effective policy
+    #   # for a policy type:
+    #
+    #   resp = client.list_accounts_with_invalid_effective_policy({
+    #     policy_type: "BACKUP_POLICY",
+    #   })
+    #
+    #   resp.to_h outputs the following:
+    #   {
+    #     accounts: [
+    #       {
+    #         email: "bill@example.com",
+    #         id: "111111111111",
+    #         name: "Management Account",
+    #       },
+    #       {
+    #         email: "alice@example.com",
+    #         id: "222222222222",
+    #         name: "Developer Account",
+    #       },
+    #       {
+    #         email: "juan@example.com",
+    #         id: "333333333333",
+    #         name: "Test Account",
+    #       },
+    #       {
+    #         email: "anika@example.com",
+    #         id: "444444444444",
+    #         name: "Production Account",
+    #       },
+    #     ],
+    #   }
+    #
+    # @example Request syntax with placeholder values
+    #
+    #   resp = client.list_accounts_with_invalid_effective_policy({
+    #     policy_type: "TAG_POLICY", # required, accepts TAG_POLICY, BACKUP_POLICY, AISERVICES_OPT_OUT_POLICY, CHATBOT_POLICY, DECLARATIVE_POLICY_EC2, SECURITYHUB_POLICY
+    #     next_token: "NextToken",
+    #     max_results: 1,
+    #   })
+    #
+    # @example Response structure
+    #
+    #   resp.accounts #=> Array
+    #   resp.accounts[0].id #=> String
+    #   resp.accounts[0].arn #=> String
+    #   resp.accounts[0].email #=> String
+    #   resp.accounts[0].name #=> String
+    #   resp.accounts[0].status #=> String, one of "ACTIVE", "SUSPENDED", "PENDING_CLOSURE"
+    #   resp.accounts[0].joined_method #=> String, one of "INVITED", "CREATED"
+    #   resp.accounts[0].joined_timestamp #=> Time
+    #   resp.policy_type #=> String, one of "TAG_POLICY", "BACKUP_POLICY", "AISERVICES_OPT_OUT_POLICY", "CHATBOT_POLICY", "DECLARATIVE_POLICY_EC2", "SECURITYHUB_POLICY"
+    #   resp.next_token #=> String
+    #
+    # @see http://docs.aws.amazon.com/goto/WebAPI/organizations-2016-11-28/ListAccountsWithInvalidEffectivePolicy AWS API Documentation
+    #
+    # @overload list_accounts_with_invalid_effective_policy(params = {})
+    # @param [Hash] params ({})
+    def list_accounts_with_invalid_effective_policy(params = {}, options = {})
+      req = build_request(:list_accounts_with_invalid_effective_policy, params)
+      req.send_request(options)
+    end
     # Lists all of the organizational units (OUs) or accounts that are
     # contained in the specified parent OU or root. This operation, along
     # with ListParents enables you to traverse the tree structure that makes
@@ -4149,6 +4280,146 @@ module Aws::Organizations
       req.send_request(options)
     end
+    # Lists all the validation errors on an [effective policy][1] for a
+    # specified account and policy type.
+    #
+    # This operation can be called only from the organization's management
+    # account or by a member account that is a delegated administrator.
+    #
+    #
+    #
+    # [1]: https://docs.aws.amazon.com/organizations/latest/userguide/orgs_manage_policies_effective.html
+    #
+    # @option params [required, String] :account_id
+    #   The ID of the account that you want details about. Specifying an
+    #   organization root or organizational unit (OU) as the target is not
+    #   supported.
+    #
+    # @option params [required, String] :policy_type
+    #   The type of policy that you want information about. You can specify
+    #   one of the following values:
+    #
+    #   * [DECLARATIVE\_POLICY\_EC2][1]
+    #
+    #   * [BACKUP\_POLICY][2]
+    #
+    #   * [TAG\_POLICY][3]
+    #
+    #   * [CHATBOT\_POLICY][4]
+    #
+    #   * [AISERVICES\_OPT\_OUT\_POLICY][5]
+    #
+    #   * [SECURITYHUB\_POLICY][6]
+    #
+    #
+    #
+    #   [1]: https://docs.aws.amazon.com/organizations/latest/userguide/orgs_manage_policies_declarative.html
+    #   [2]: https://docs.aws.amazon.com/organizations/latest/userguide/orgs_manage_policies_backup.html
+    #   [3]: https://docs.aws.amazon.com/organizations/latest/userguide/orgs_manage_policies_tag-policies.html
+    #   [4]: https://docs.aws.amazon.com/organizations/latest/userguide/orgs_manage_policies_chatbot.html
+    #   [5]: https://docs.aws.amazon.com/organizations/latest/userguide/orgs_manage_policies_ai-opt-out.html
+    #   [6]: https://docs.aws.amazon.com/organizations/latest/userguide/orgs_manage_policies_security_hub.html
+    #
+    # @option params [String] :next_token
+    #   The parameter for receiving additional results if you receive a
+    #   `NextToken` response in a previous request. A `NextToken` response
+    #   indicates that more output is available. Set this parameter to the
+    #   value of the previous call's `NextToken` response to indicate where
+    #   the output should continue from.
+    #
+    # @option params [Integer] :max_results
+    #   The total number of results that you want included on each page of the
+    #   response. If you do not include this parameter, it defaults to a value
+    #   that is specific to the operation. If additional items exist beyond
+    #   the maximum you specify, the `NextToken` response element is present
+    #   and has a value (is not null). Include that value as the `NextToken`
+    #   request parameter in the next call to the operation to get the next
+    #   part of the results. Note that Organizations might return fewer
+    #   results than the maximum even when there are more results available.
+    #   You should check `NextToken` after every operation to ensure that you
+    #   receive all of the results.
+    #
+    # @return [Types::ListEffectivePolicyValidationErrorsResponse] Returns a {Seahorse::Client::Response response} object which responds to the following methods:
+    #
+    #   * {Types::ListEffectivePolicyValidationErrorsResponse#account_id #account_id} => String
+    #   * {Types::ListEffectivePolicyValidationErrorsResponse#policy_type #policy_type} => String
+    #   * {Types::ListEffectivePolicyValidationErrorsResponse#path #path} => String
+    #   * {Types::ListEffectivePolicyValidationErrorsResponse#evaluation_timestamp #evaluation_timestamp} => Time
+    #   * {Types::ListEffectivePolicyValidationErrorsResponse#next_token #next_token} => String
+    #   * {Types::ListEffectivePolicyValidationErrorsResponse#effective_policy_validation_errors #effective_policy_validation_errors} => Array&lt;Types::EffectivePolicyValidationError&gt;
+    #
+    # The returned {Seahorse::Client::Response response} is a pageable response and is Enumerable. For details on usage see {Aws::PageableResponse PageableResponse}.
+    #
+    #
+    # @example Example: To list all effective policy validation errors for an account policy type
+    #
+    #   # The following example shows you how to request a list of effective policy validation errors for an account and policy
+    #   # type:
+    #
+    #   resp = client.list_effective_policy_validation_errors({
+    #     account_id: "111111111111",
+    #     policy_type: "BACKUP_POLICY",
+    #   })
+    #
+    #   resp.to_h outputs the following:
+    #   {
+    #     account_id: "111111111111",
+    #     effective_policy_validation_errors: [
+    #       {
+    #         contributing_policies: [
+    #           "p-examplepolicyid111",
+    #         ],
+    #         error_code: "ELEMENTS_TOO_FEW",
+    #         error_message: "tag_value is less than the allowed minimum limit 1",
+    #         path_to_error: "plans/backup_daily/selections/tags/dailydatatype/tag_value",
+    #       },
+    #       {
+    #         contributing_policies: [
+    #           "p-examplepolicyid111",
+    #           "p-examplepolicyid222",
+    #         ],
+    #         error_code: "ELEMENTS_TOO_MANY",
+    #         error_message: "rules exceeds the allowed maximum limit 10",
+    #         path_to_error: "plans/backup_daily/rules",
+    #       },
+    #     ],
+    #     evaluation_timestamp: Time.parse("2024-03-04T19:39:38.376000+00:00"),
+    #     path: "o-exampleorgid/r-examplerootid111/111111111111/",
+    #     policy_type: "BACKUP_POLICY",
+    #   }
+    #
+    # @example Request syntax with placeholder values
+    #
+    #   resp = client.list_effective_policy_validation_errors({
+    #     account_id: "AccountId", # required
+    #     policy_type: "TAG_POLICY", # required, accepts TAG_POLICY, BACKUP_POLICY, AISERVICES_OPT_OUT_POLICY, CHATBOT_POLICY, DECLARATIVE_POLICY_EC2, SECURITYHUB_POLICY
+    #     next_token: "NextToken",
+    #     max_results: 1,
+    #   })
+    #
+    # @example Response structure
+    #
+    #   resp.account_id #=> String
+    #   resp.policy_type #=> String, one of "TAG_POLICY", "BACKUP_POLICY", "AISERVICES_OPT_OUT_POLICY", "CHATBOT_POLICY", "DECLARATIVE_POLICY_EC2", "SECURITYHUB_POLICY"
+    #   resp.path #=> String
+    #   resp.evaluation_timestamp #=> Time
+    #   resp.next_token #=> String
+    #   resp.effective_policy_validation_errors #=> Array
+    #   resp.effective_policy_validation_errors[0].error_code #=> String
+    #   resp.effective_policy_validation_errors[0].error_message #=> String
+    #   resp.effective_policy_validation_errors[0].path_to_error #=> String
+    #   resp.effective_policy_validation_errors[0].contributing_policies #=> Array
+    #   resp.effective_policy_validation_errors[0].contributing_policies[0] #=> String
+    #
+    # @see http://docs.aws.amazon.com/goto/WebAPI/organizations-2016-11-28/ListEffectivePolicyValidationErrors AWS API Documentation
+    #
+    # @overload list_effective_policy_validation_errors(params = {})
+    # @param [Hash] params ({})
+    def list_effective_policy_validation_errors(params = {}, options = {})
+      req = build_request(:list_effective_policy_validation_errors, params)
+      req.send_request(options)
+    end
     # Lists the current handshakes that are associated with the account of
     # the requesting user.
     #
@@ -5876,7 +6147,7 @@ module Aws::Organizations
         tracer: tracer
       )
       context[:gem_name] = 'aws-sdk-organizations'
-      context[:gem_version] = '1.120.0'
+      context[:gem_version] = '1.121.0'
       Seahorse::Client::Request.new(handlers, context)
     end

data/lib/aws-sdk-organizations/client_api.rb CHANGED Viewed

@@ -102,6 +102,8 @@ module Aws::Organizations
     EffectivePolicy = Shapes::StructureShape.new(name: 'EffectivePolicy')
     EffectivePolicyNotFoundException = Shapes::StructureShape.new(name: 'EffectivePolicyNotFoundException')
     EffectivePolicyType = Shapes::StringShape.new(name: 'EffectivePolicyType')
+    EffectivePolicyValidationError = Shapes::StructureShape.new(name: 'EffectivePolicyValidationError')
+    EffectivePolicyValidationErrors = Shapes::ListShape.new(name: 'EffectivePolicyValidationErrors')
     Email = Shapes::StringShape.new(name: 'Email')
     EnableAWSServiceAccessRequest = Shapes::StructureShape.new(name: 'EnableAWSServiceAccessRequest')
     EnableAllFeaturesRequest = Shapes::StructureShape.new(name: 'EnableAllFeaturesRequest')
@@ -110,6 +112,8 @@ module Aws::Organizations
     EnablePolicyTypeResponse = Shapes::StructureShape.new(name: 'EnablePolicyTypeResponse')
     EnabledServicePrincipal = Shapes::StructureShape.new(name: 'EnabledServicePrincipal')
     EnabledServicePrincipals = Shapes::ListShape.new(name: 'EnabledServicePrincipals')
+    ErrorCode = Shapes::StringShape.new(name: 'ErrorCode')
+    ErrorMessage = Shapes::StringShape.new(name: 'ErrorMessage')
     ExceptionMessage = Shapes::StringShape.new(name: 'ExceptionMessage')
     ExceptionType = Shapes::StringShape.new(name: 'ExceptionType')
     FinalizingOrganizationException = Shapes::StructureShape.new(name: 'FinalizingOrganizationException')
@@ -145,6 +149,8 @@ module Aws::Organizations
     ListAccountsForParentResponse = Shapes::StructureShape.new(name: 'ListAccountsForParentResponse')
     ListAccountsRequest = Shapes::StructureShape.new(name: 'ListAccountsRequest')
     ListAccountsResponse = Shapes::StructureShape.new(name: 'ListAccountsResponse')
+    ListAccountsWithInvalidEffectivePolicyRequest = Shapes::StructureShape.new(name: 'ListAccountsWithInvalidEffectivePolicyRequest')
+    ListAccountsWithInvalidEffectivePolicyResponse = Shapes::StructureShape.new(name: 'ListAccountsWithInvalidEffectivePolicyResponse')
     ListChildrenRequest = Shapes::StructureShape.new(name: 'ListChildrenRequest')
     ListChildrenResponse = Shapes::StructureShape.new(name: 'ListChildrenResponse')
     ListCreateAccountStatusRequest = Shapes::StructureShape.new(name: 'ListCreateAccountStatusRequest')
@@ -153,6 +159,8 @@ module Aws::Organizations
     ListDelegatedAdministratorsResponse = Shapes::StructureShape.new(name: 'ListDelegatedAdministratorsResponse')
     ListDelegatedServicesForAccountRequest = Shapes::StructureShape.new(name: 'ListDelegatedServicesForAccountRequest')
     ListDelegatedServicesForAccountResponse = Shapes::StructureShape.new(name: 'ListDelegatedServicesForAccountResponse')
+    ListEffectivePolicyValidationErrorsRequest = Shapes::StructureShape.new(name: 'ListEffectivePolicyValidationErrorsRequest')
+    ListEffectivePolicyValidationErrorsResponse = Shapes::StructureShape.new(name: 'ListEffectivePolicyValidationErrorsResponse')
     ListHandshakesForAccountRequest = Shapes::StructureShape.new(name: 'ListHandshakesForAccountRequest')
     ListHandshakesForAccountResponse = Shapes::StructureShape.new(name: 'ListHandshakesForAccountResponse')
     ListHandshakesForOrganizationRequest = Shapes::StructureShape.new(name: 'ListHandshakesForOrganizationRequest')
@@ -193,6 +201,8 @@ module Aws::Organizations
     ParentNotFoundException = Shapes::StructureShape.new(name: 'ParentNotFoundException')
     ParentType = Shapes::StringShape.new(name: 'ParentType')
     Parents = Shapes::ListShape.new(name: 'Parents')
+    Path = Shapes::StringShape.new(name: 'Path')
+    PathToError = Shapes::StringShape.new(name: 'PathToError')
     Policies = Shapes::ListShape.new(name: 'Policies')
     Policy = Shapes::StructureShape.new(name: 'Policy')
     PolicyArn = Shapes::StringShape.new(name: 'PolicyArn')
@@ -200,6 +210,7 @@ module Aws::Organizations
     PolicyContent = Shapes::StringShape.new(name: 'PolicyContent')
     PolicyDescription = Shapes::StringShape.new(name: 'PolicyDescription')
     PolicyId = Shapes::StringShape.new(name: 'PolicyId')
+    PolicyIds = Shapes::ListShape.new(name: 'PolicyIds')
     PolicyInUseException = Shapes::StructureShape.new(name: 'PolicyInUseException')
     PolicyName = Shapes::StringShape.new(name: 'PolicyName')
     PolicyNotAttachedException = Shapes::StructureShape.new(name: 'PolicyNotAttachedException')
@@ -510,6 +521,14 @@ module Aws::Organizations
     EffectivePolicyNotFoundException.add_member(:message, Shapes::ShapeRef.new(shape: ExceptionMessage, location_name: "Message"))
     EffectivePolicyNotFoundException.struct_class = Types::EffectivePolicyNotFoundException
+    EffectivePolicyValidationError.add_member(:error_code, Shapes::ShapeRef.new(shape: ErrorCode, location_name: "ErrorCode"))
+    EffectivePolicyValidationError.add_member(:error_message, Shapes::ShapeRef.new(shape: ErrorMessage, location_name: "ErrorMessage"))
+    EffectivePolicyValidationError.add_member(:path_to_error, Shapes::ShapeRef.new(shape: PathToError, location_name: "PathToError"))
+    EffectivePolicyValidationError.add_member(:contributing_policies, Shapes::ShapeRef.new(shape: PolicyIds, location_name: "ContributingPolicies"))
+    EffectivePolicyValidationError.struct_class = Types::EffectivePolicyValidationError
+    EffectivePolicyValidationErrors.member = Shapes::ShapeRef.new(shape: EffectivePolicyValidationError)
     EnableAWSServiceAccessRequest.add_member(:service_principal, Shapes::ShapeRef.new(shape: ServicePrincipal, required: true, location_name: "ServicePrincipal"))
     EnableAWSServiceAccessRequest.struct_class = Types::EnableAWSServiceAccessRequest
@@ -613,6 +632,16 @@ module Aws::Organizations
     ListAccountsResponse.add_member(:next_token, Shapes::ShapeRef.new(shape: NextToken, location_name: "NextToken"))
     ListAccountsResponse.struct_class = Types::ListAccountsResponse
+    ListAccountsWithInvalidEffectivePolicyRequest.add_member(:policy_type, Shapes::ShapeRef.new(shape: EffectivePolicyType, required: true, location_name: "PolicyType"))
+    ListAccountsWithInvalidEffectivePolicyRequest.add_member(:next_token, Shapes::ShapeRef.new(shape: NextToken, location_name: "NextToken"))
+    ListAccountsWithInvalidEffectivePolicyRequest.add_member(:max_results, Shapes::ShapeRef.new(shape: MaxResults, location_name: "MaxResults"))
+    ListAccountsWithInvalidEffectivePolicyRequest.struct_class = Types::ListAccountsWithInvalidEffectivePolicyRequest
+    ListAccountsWithInvalidEffectivePolicyResponse.add_member(:accounts, Shapes::ShapeRef.new(shape: Accounts, location_name: "Accounts"))
+    ListAccountsWithInvalidEffectivePolicyResponse.add_member(:policy_type, Shapes::ShapeRef.new(shape: EffectivePolicyType, location_name: "PolicyType"))
+    ListAccountsWithInvalidEffectivePolicyResponse.add_member(:next_token, Shapes::ShapeRef.new(shape: NextToken, location_name: "NextToken"))
+    ListAccountsWithInvalidEffectivePolicyResponse.struct_class = Types::ListAccountsWithInvalidEffectivePolicyResponse
     ListChildrenRequest.add_member(:parent_id, Shapes::ShapeRef.new(shape: ParentId, required: true, location_name: "ParentId"))
     ListChildrenRequest.add_member(:child_type, Shapes::ShapeRef.new(shape: ChildType, required: true, location_name: "ChildType"))
     ListChildrenRequest.add_member(:next_token, Shapes::ShapeRef.new(shape: NextToken, location_name: "NextToken"))
@@ -650,6 +679,20 @@ module Aws::Organizations
     ListDelegatedServicesForAccountResponse.add_member(:next_token, Shapes::ShapeRef.new(shape: NextToken, location_name: "NextToken"))
     ListDelegatedServicesForAccountResponse.struct_class = Types::ListDelegatedServicesForAccountResponse
+    ListEffectivePolicyValidationErrorsRequest.add_member(:account_id, Shapes::ShapeRef.new(shape: AccountId, required: true, location_name: "AccountId"))
+    ListEffectivePolicyValidationErrorsRequest.add_member(:policy_type, Shapes::ShapeRef.new(shape: EffectivePolicyType, required: true, location_name: "PolicyType"))
+    ListEffectivePolicyValidationErrorsRequest.add_member(:next_token, Shapes::ShapeRef.new(shape: NextToken, location_name: "NextToken"))
+    ListEffectivePolicyValidationErrorsRequest.add_member(:max_results, Shapes::ShapeRef.new(shape: MaxResults, location_name: "MaxResults"))
+    ListEffectivePolicyValidationErrorsRequest.struct_class = Types::ListEffectivePolicyValidationErrorsRequest
+    ListEffectivePolicyValidationErrorsResponse.add_member(:account_id, Shapes::ShapeRef.new(shape: AccountId, location_name: "AccountId"))
+    ListEffectivePolicyValidationErrorsResponse.add_member(:policy_type, Shapes::ShapeRef.new(shape: EffectivePolicyType, location_name: "PolicyType"))
+    ListEffectivePolicyValidationErrorsResponse.add_member(:path, Shapes::ShapeRef.new(shape: Path, location_name: "Path"))
+    ListEffectivePolicyValidationErrorsResponse.add_member(:evaluation_timestamp, Shapes::ShapeRef.new(shape: Timestamp, location_name: "EvaluationTimestamp"))
+    ListEffectivePolicyValidationErrorsResponse.add_member(:next_token, Shapes::ShapeRef.new(shape: NextToken, location_name: "NextToken"))
+    ListEffectivePolicyValidationErrorsResponse.add_member(:effective_policy_validation_errors, Shapes::ShapeRef.new(shape: EffectivePolicyValidationErrors, location_name: "EffectivePolicyValidationErrors"))
+    ListEffectivePolicyValidationErrorsResponse.struct_class = Types::ListEffectivePolicyValidationErrorsResponse
     ListHandshakesForAccountRequest.add_member(:filter, Shapes::ShapeRef.new(shape: HandshakeFilter, location_name: "Filter"))
     ListHandshakesForAccountRequest.add_member(:next_token, Shapes::ShapeRef.new(shape: NextToken, location_name: "NextToken"))
     ListHandshakesForAccountRequest.add_member(:max_results, Shapes::ShapeRef.new(shape: MaxResults, location_name: "MaxResults"))
@@ -784,6 +827,8 @@ module Aws::Organizations
     PolicyChangesInProgressException.add_member(:message, Shapes::ShapeRef.new(shape: ExceptionMessage, location_name: "Message"))
     PolicyChangesInProgressException.struct_class = Types::PolicyChangesInProgressException
+    PolicyIds.member = Shapes::ShapeRef.new(shape: PolicyId)
     PolicyInUseException.add_member(:message, Shapes::ShapeRef.new(shape: ExceptionMessage, location_name: "Message"))
     PolicyInUseException.struct_class = Types::PolicyInUseException
@@ -1508,6 +1553,28 @@ module Aws::Organizations
         )
       end)
+      api.add_operation(:list_accounts_with_invalid_effective_policy, Seahorse::Model::Operation.new.tap do |o|
+        o.name = "ListAccountsWithInvalidEffectivePolicy"
+        o.http_method = "POST"
+        o.http_request_uri = "/"
+        o.input = Shapes::ShapeRef.new(shape: ListAccountsWithInvalidEffectivePolicyRequest)
+        o.output = Shapes::ShapeRef.new(shape: ListAccountsWithInvalidEffectivePolicyResponse)
+        o.errors << Shapes::ShapeRef.new(shape: AccessDeniedException)
+        o.errors << Shapes::ShapeRef.new(shape: AWSOrganizationsNotInUseException)
+        o.errors << Shapes::ShapeRef.new(shape: ConstraintViolationException)
+        o.errors << Shapes::ShapeRef.new(shape: EffectivePolicyNotFoundException)
+        o.errors << Shapes::ShapeRef.new(shape: ServiceException)
+        o.errors << Shapes::ShapeRef.new(shape: TooManyRequestsException)
+        o.errors << Shapes::ShapeRef.new(shape: InvalidInputException)
+        o.errors << Shapes::ShapeRef.new(shape: UnsupportedAPIEndpointException)
+        o[:pager] = Aws::Pager.new(
+          limit_key: "max_results",
+          tokens: {
+            "next_token" => "next_token"
+          }
+        )
+      end)
       api.add_operation(:list_children, Seahorse::Model::Operation.new.tap do |o|
         o.name = "ListChildren"
         o.http_method = "POST"
@@ -1592,6 +1659,29 @@ module Aws::Organizations
         )
       end)
+      api.add_operation(:list_effective_policy_validation_errors, Seahorse::Model::Operation.new.tap do |o|
+        o.name = "ListEffectivePolicyValidationErrors"
+        o.http_method = "POST"
+        o.http_request_uri = "/"
+        o.input = Shapes::ShapeRef.new(shape: ListEffectivePolicyValidationErrorsRequest)
+        o.output = Shapes::ShapeRef.new(shape: ListEffectivePolicyValidationErrorsResponse)
+        o.errors << Shapes::ShapeRef.new(shape: AccessDeniedException)
+        o.errors << Shapes::ShapeRef.new(shape: AWSOrganizationsNotInUseException)
+        o.errors << Shapes::ShapeRef.new(shape: ConstraintViolationException)
+        o.errors << Shapes::ShapeRef.new(shape: EffectivePolicyNotFoundException)
+        o.errors << Shapes::ShapeRef.new(shape: ServiceException)
+        o.errors << Shapes::ShapeRef.new(shape: TooManyRequestsException)
+        o.errors << Shapes::ShapeRef.new(shape: AccountNotFoundException)
+        o.errors << Shapes::ShapeRef.new(shape: InvalidInputException)
+        o.errors << Shapes::ShapeRef.new(shape: UnsupportedAPIEndpointException)
+        o[:pager] = Aws::Pager.new(
+          limit_key: "max_results",
+          tokens: {
+            "next_token" => "next_token"
+          }
+        )
+      end)
       api.add_operation(:list_handshakes_for_account, Seahorse::Model::Operation.new.tap do |o|
         o.name = "ListHandshakesForAccount"
         o.http_method = "POST"

data/lib/aws-sdk-organizations/types.rb CHANGED Viewed

@@ -1991,6 +1991,49 @@ module Aws::Organizations
       include Aws::Structure
     end
+    # Contains details about the validation errors that occurred when
+    # generating or enforcing an [effective policy][1], such as which
+    # policies contributed to the error and location of the error.
+    #
+    #
+    #
+    # [1]: https://docs.aws.amazon.com/organizations/latest/userguide/orgs_manage_policies_effective.html
+    #
+    # @!attribute [rw] error_code
+    #   The error code for the validation error. For example,
+    #   `ELEMENTS_TOO_MANY`.
+    #   @return [String]
+    #
+    # @!attribute [rw] error_message
+    #   The error message for the validation error.
+    #   @return [String]
+    #
+    # @!attribute [rw] path_to_error
+    #   The path within the effective policy where the validation error
+    #   occurred.
+    #   @return [String]
+    #
+    # @!attribute [rw] contributing_policies
+    #   The individual policies [inherited][1] and [attached][2] to the
+    #   account which contributed to the validation error.
+    #
+    #
+    #
+    #   [1]: https://docs.aws.amazon.com/organizations/latest/userguide/orgs_manage_policies_inheritance_mgmt.html
+    #   [2]: https://docs.aws.amazon.com/organizations/latest/userguide/orgs_policies_attach.html
+    #   @return [Array<String>]
+    #
+    # @see http://docs.aws.amazon.com/goto/WebAPI/organizations-2016-11-28/EffectivePolicyValidationError AWS API Documentation
+    #
+    class EffectivePolicyValidationError < Struct.new(
+      :error_code,
+      :error_message,
+      :path_to_error,
+      :contributing_policies)
+      SENSITIVE = []
+      include Aws::Structure
+    end
     # @!attribute [rw] service_principal
     #   The service principal name of the Amazon Web Services service for
     #   which you want to enable integration with your organization. This is
@@ -2807,6 +2850,111 @@ module Aws::Organizations
       include Aws::Structure
     end
+    # @!attribute [rw] policy_type
+    #   The type of policy that you want information about. You can specify
+    #   one of the following values:
+    #
+    #   * [DECLARATIVE\_POLICY\_EC2][1]
+    #
+    #   * [BACKUP\_POLICY][2]
+    #
+    #   * [TAG\_POLICY][3]
+    #
+    #   * [CHATBOT\_POLICY][4]
+    #
+    #   * [AISERVICES\_OPT\_OUT\_POLICY][5]
+    #
+    #   * [SECURITYHUB\_POLICY][6]
+    #
+    #
+    #
+    #   [1]: https://docs.aws.amazon.com/organizations/latest/userguide/orgs_manage_policies_declarative.html
+    #   [2]: https://docs.aws.amazon.com/organizations/latest/userguide/orgs_manage_policies_backup.html
+    #   [3]: https://docs.aws.amazon.com/organizations/latest/userguide/orgs_manage_policies_tag-policies.html
+    #   [4]: https://docs.aws.amazon.com/organizations/latest/userguide/orgs_manage_policies_chatbot.html
+    #   [5]: https://docs.aws.amazon.com/organizations/latest/userguide/orgs_manage_policies_ai-opt-out.html
+    #   [6]: https://docs.aws.amazon.com/organizations/latest/userguide/orgs_manage_policies_security_hub.html
+    #   @return [String]
+    #
+    # @!attribute [rw] next_token
+    #   The parameter for receiving additional results if you receive a
+    #   `NextToken` response in a previous request. A `NextToken` response
+    #   indicates that more output is available. Set this parameter to the
+    #   value of the previous call's `NextToken` response to indicate where
+    #   the output should continue from.
+    #   @return [String]
+    #
+    # @!attribute [rw] max_results
+    #   The total number of results that you want included on each page of
+    #   the response. If you do not include this parameter, it defaults to a
+    #   value that is specific to the operation. If additional items exist
+    #   beyond the maximum you specify, the `NextToken` response element is
+    #   present and has a value (is not null). Include that value as the
+    #   `NextToken` request parameter in the next call to the operation to
+    #   get the next part of the results. Note that Organizations might
+    #   return fewer results than the maximum even when there are more
+    #   results available. You should check `NextToken` after every
+    #   operation to ensure that you receive all of the results.
+    #   @return [Integer]
+    #
+    # @see http://docs.aws.amazon.com/goto/WebAPI/organizations-2016-11-28/ListAccountsWithInvalidEffectivePolicyRequest AWS API Documentation
+    #
+    class ListAccountsWithInvalidEffectivePolicyRequest < Struct.new(
+      :policy_type,
+      :next_token,
+      :max_results)
+      SENSITIVE = []
+      include Aws::Structure
+    end
+    # @!attribute [rw] accounts
+    #   The accounts in the organization which have an invalid effective
+    #   policy for the specified policy type.
+    #   @return [Array<Types::Account>]
+    #
+    # @!attribute [rw] policy_type
+    #   The specified policy type. One of the following values:
+    #
+    #   * [DECLARATIVE\_POLICY\_EC2][1]
+    #
+    #   * [BACKUP\_POLICY][2]
+    #
+    #   * [TAG\_POLICY][3]
+    #
+    #   * [CHATBOT\_POLICY][4]
+    #
+    #   * [AISERVICES\_OPT\_OUT\_POLICY][5]
+    #
+    #   * [SECURITYHUB\_POLICY][6]
+    #
+    #
+    #
+    #   [1]: https://docs.aws.amazon.com/organizations/latest/userguide/orgs_manage_policies_declarative.html
+    #   [2]: https://docs.aws.amazon.com/organizations/latest/userguide/orgs_manage_policies_backup.html
+    #   [3]: https://docs.aws.amazon.com/organizations/latest/userguide/orgs_manage_policies_tag-policies.html
+    #   [4]: https://docs.aws.amazon.com/organizations/latest/userguide/orgs_manage_policies_chatbot.html
+    #   [5]: https://docs.aws.amazon.com/organizations/latest/userguide/orgs_manage_policies_ai-opt-out.html
+    #   [6]: https://docs.aws.amazon.com/organizations/latest/userguide/orgs_manage_policies_security_hub.html
+    #   @return [String]
+    #
+    # @!attribute [rw] next_token
+    #   If present, indicates that more output is available than is included
+    #   in the current response. Use this value in the `NextToken` request
+    #   parameter in a subsequent call to the operation to get the next part
+    #   of the output. You should repeat this until the `NextToken` response
+    #   element comes back as `null`.
+    #   @return [String]
+    #
+    # @see http://docs.aws.amazon.com/goto/WebAPI/organizations-2016-11-28/ListAccountsWithInvalidEffectivePolicyResponse AWS API Documentation
+    #
+    class ListAccountsWithInvalidEffectivePolicyResponse < Struct.new(
+      :accounts,
+      :policy_type,
+      :next_token)
+      SENSITIVE = []
+      include Aws::Structure
+    end
     # @!attribute [rw] parent_id
     #   The unique identifier (ID) for the parent root or OU whose children
     #   you want to list.
@@ -3062,6 +3210,136 @@ module Aws::Organizations
       include Aws::Structure
     end
+    # @!attribute [rw] account_id
+    #   The ID of the account that you want details about. Specifying an
+    #   organization root or organizational unit (OU) as the target is not
+    #   supported.
+    #   @return [String]
+    #
+    # @!attribute [rw] policy_type
+    #   The type of policy that you want information about. You can specify
+    #   one of the following values:
+    #
+    #   * [DECLARATIVE\_POLICY\_EC2][1]
+    #
+    #   * [BACKUP\_POLICY][2]
+    #
+    #   * [TAG\_POLICY][3]
+    #
+    #   * [CHATBOT\_POLICY][4]
+    #
+    #   * [AISERVICES\_OPT\_OUT\_POLICY][5]
+    #
+    #   * [SECURITYHUB\_POLICY][6]
+    #
+    #
+    #
+    #   [1]: https://docs.aws.amazon.com/organizations/latest/userguide/orgs_manage_policies_declarative.html
+    #   [2]: https://docs.aws.amazon.com/organizations/latest/userguide/orgs_manage_policies_backup.html
+    #   [3]: https://docs.aws.amazon.com/organizations/latest/userguide/orgs_manage_policies_tag-policies.html
+    #   [4]: https://docs.aws.amazon.com/organizations/latest/userguide/orgs_manage_policies_chatbot.html
+    #   [5]: https://docs.aws.amazon.com/organizations/latest/userguide/orgs_manage_policies_ai-opt-out.html
+    #   [6]: https://docs.aws.amazon.com/organizations/latest/userguide/orgs_manage_policies_security_hub.html
+    #   @return [String]
+    #
+    # @!attribute [rw] next_token
+    #   The parameter for receiving additional results if you receive a
+    #   `NextToken` response in a previous request. A `NextToken` response
+    #   indicates that more output is available. Set this parameter to the
+    #   value of the previous call's `NextToken` response to indicate where
+    #   the output should continue from.
+    #   @return [String]
+    #
+    # @!attribute [rw] max_results
+    #   The total number of results that you want included on each page of
+    #   the response. If you do not include this parameter, it defaults to a
+    #   value that is specific to the operation. If additional items exist
+    #   beyond the maximum you specify, the `NextToken` response element is
+    #   present and has a value (is not null). Include that value as the
+    #   `NextToken` request parameter in the next call to the operation to
+    #   get the next part of the results. Note that Organizations might
+    #   return fewer results than the maximum even when there are more
+    #   results available. You should check `NextToken` after every
+    #   operation to ensure that you receive all of the results.
+    #   @return [Integer]
+    #
+    # @see http://docs.aws.amazon.com/goto/WebAPI/organizations-2016-11-28/ListEffectivePolicyValidationErrorsRequest AWS API Documentation
+    #
+    class ListEffectivePolicyValidationErrorsRequest < Struct.new(
+      :account_id,
+      :policy_type,
+      :next_token,
+      :max_results)
+      SENSITIVE = []
+      include Aws::Structure
+    end
+    # @!attribute [rw] account_id
+    #   The ID of the specified account.
+    #   @return [String]
+    #
+    # @!attribute [rw] policy_type
+    #   The specified policy type. One of the following values:
+    #
+    #   * [DECLARATIVE\_POLICY\_EC2][1]
+    #
+    #   * [BACKUP\_POLICY][2]
+    #
+    #   * [TAG\_POLICY][3]
+    #
+    #   * [CHATBOT\_POLICY][4]
+    #
+    #   * [AISERVICES\_OPT\_OUT\_POLICY][5]
+    #
+    #   * [SECURITYHUB\_POLICY][6]
+    #
+    #
+    #
+    #   [1]: https://docs.aws.amazon.com/organizations/latest/userguide/orgs_manage_policies_declarative.html
+    #   [2]: https://docs.aws.amazon.com/organizations/latest/userguide/orgs_manage_policies_backup.html
+    #   [3]: https://docs.aws.amazon.com/organizations/latest/userguide/orgs_manage_policies_tag-policies.html
+    #   [4]: https://docs.aws.amazon.com/organizations/latest/userguide/orgs_manage_policies_chatbot.html
+    #   [5]: https://docs.aws.amazon.com/organizations/latest/userguide/orgs_manage_policies_ai-opt-out.html
+    #   [6]: https://docs.aws.amazon.com/organizations/latest/userguide/orgs_manage_policies_security_hub.html
+    #   @return [String]
+    #
+    # @!attribute [rw] path
+    #   The path in the organization where the specified account exists.
+    #   @return [String]
+    #
+    # @!attribute [rw] evaluation_timestamp
+    #   The time when the latest effective policy was generated for the
+    #   specified account.
+    #   @return [Time]
+    #
+    # @!attribute [rw] next_token
+    #   If present, indicates that more output is available than is included
+    #   in the current response. Use this value in the `NextToken` request
+    #   parameter in a subsequent call to the operation to get the next part
+    #   of the output. You should repeat this until the `NextToken` response
+    #   element comes back as `null`.
+    #   @return [String]
+    #
+    # @!attribute [rw] effective_policy_validation_errors
+    #   The `EffectivePolicyValidationError` object contains details about
+    #   the validation errors that occurred when generating or enforcing an
+    #   effective policy, such as which policies contributed to the error
+    #   and location of the error.
+    #   @return [Array<Types::EffectivePolicyValidationError>]
+    #
+    # @see http://docs.aws.amazon.com/goto/WebAPI/organizations-2016-11-28/ListEffectivePolicyValidationErrorsResponse AWS API Documentation
+    #
+    class ListEffectivePolicyValidationErrorsResponse < Struct.new(
+      :account_id,
+      :policy_type,
+      :path,
+      :evaluation_timestamp,
+      :next_token,
+      :effective_policy_validation_errors)
+      SENSITIVE = []
+      include Aws::Structure
+    end
     # @!attribute [rw] filter
     #   Filters the handshakes that you want included in the response. The
     #   default is all types. Use the `ActionType` element to limit the

data/lib/aws-sdk-organizations.rb CHANGED Viewed

@@ -54,7 +54,7 @@ module Aws::Organizations
   autoload :EndpointProvider, 'aws-sdk-organizations/endpoint_provider'
   autoload :Endpoints, 'aws-sdk-organizations/endpoints'
-  GEM_VERSION = '1.120.0'
+  GEM_VERSION = '1.121.0'
 end

data/sig/client.rbs CHANGED Viewed

@@ -421,6 +421,20 @@ module Aws
                                     ) -> _ListAccountsForParentResponseSuccess
                                   | (Hash[Symbol, untyped] params, ?Hash[Symbol, untyped] options) -> _ListAccountsForParentResponseSuccess
+      interface _ListAccountsWithInvalidEffectivePolicyResponseSuccess
+        include ::Seahorse::Client::_ResponseSuccess[Types::ListAccountsWithInvalidEffectivePolicyResponse]
+        def accounts: () -> ::Array[Types::Account]
+        def policy_type: () -> ("TAG_POLICY" | "BACKUP_POLICY" | "AISERVICES_OPT_OUT_POLICY" | "CHATBOT_POLICY" | "DECLARATIVE_POLICY_EC2" | "SECURITYHUB_POLICY")
+        def next_token: () -> ::String
+      end
+      # https://docs.aws.amazon.com/sdk-for-ruby/v3/api/Aws/Organizations/Client.html#list_accounts_with_invalid_effective_policy-instance_method
+      def list_accounts_with_invalid_effective_policy: (
+                                                         policy_type: ("TAG_POLICY" | "BACKUP_POLICY" | "AISERVICES_OPT_OUT_POLICY" | "CHATBOT_POLICY" | "DECLARATIVE_POLICY_EC2" | "SECURITYHUB_POLICY"),
+                                                         ?next_token: ::String,
+                                                         ?max_results: ::Integer
+                                                       ) -> _ListAccountsWithInvalidEffectivePolicyResponseSuccess
+                                                     | (Hash[Symbol, untyped] params, ?Hash[Symbol, untyped] options) -> _ListAccountsWithInvalidEffectivePolicyResponseSuccess
       interface _ListChildrenResponseSuccess
         include ::Seahorse::Client::_ResponseSuccess[Types::ListChildrenResponse]
         def children: () -> ::Array[Types::Child]
@@ -474,6 +488,24 @@ module Aws
                                                ) -> _ListDelegatedServicesForAccountResponseSuccess
                                              | (Hash[Symbol, untyped] params, ?Hash[Symbol, untyped] options) -> _ListDelegatedServicesForAccountResponseSuccess
+      interface _ListEffectivePolicyValidationErrorsResponseSuccess
+        include ::Seahorse::Client::_ResponseSuccess[Types::ListEffectivePolicyValidationErrorsResponse]
+        def account_id: () -> ::String
+        def policy_type: () -> ("TAG_POLICY" | "BACKUP_POLICY" | "AISERVICES_OPT_OUT_POLICY" | "CHATBOT_POLICY" | "DECLARATIVE_POLICY_EC2" | "SECURITYHUB_POLICY")
+        def path: () -> ::String
+        def evaluation_timestamp: () -> ::Time
+        def next_token: () -> ::String
+        def effective_policy_validation_errors: () -> ::Array[Types::EffectivePolicyValidationError]
+      end
+      # https://docs.aws.amazon.com/sdk-for-ruby/v3/api/Aws/Organizations/Client.html#list_effective_policy_validation_errors-instance_method
+      def list_effective_policy_validation_errors: (
+                                                     account_id: ::String,
+                                                     policy_type: ("TAG_POLICY" | "BACKUP_POLICY" | "AISERVICES_OPT_OUT_POLICY" | "CHATBOT_POLICY" | "DECLARATIVE_POLICY_EC2" | "SECURITYHUB_POLICY"),
+                                                     ?next_token: ::String,
+                                                     ?max_results: ::Integer
+                                                   ) -> _ListEffectivePolicyValidationErrorsResponseSuccess
+                                                 | (Hash[Symbol, untyped] params, ?Hash[Symbol, untyped] options) -> _ListEffectivePolicyValidationErrorsResponseSuccess
       interface _ListHandshakesForAccountResponseSuccess
         include ::Seahorse::Client::_ResponseSuccess[Types::ListHandshakesForAccountResponse]
         def handshakes: () -> ::Array[Types::Handshake]

data/sig/types.rbs CHANGED Viewed

@@ -384,6 +384,14 @@ module Aws::Organizations
       SENSITIVE: []
     end
+    class EffectivePolicyValidationError
+      attr_accessor error_code: ::String
+      attr_accessor error_message: ::String
+      attr_accessor path_to_error: ::String
+      attr_accessor contributing_policies: ::Array[::String]
+      SENSITIVE: []
+    end
     class EnableAWSServiceAccessRequest
       attr_accessor service_principal: ::String
       SENSITIVE: []
@@ -526,6 +534,20 @@ module Aws::Organizations
       SENSITIVE: []
     end
+    class ListAccountsWithInvalidEffectivePolicyRequest
+      attr_accessor policy_type: ("TAG_POLICY" | "BACKUP_POLICY" | "AISERVICES_OPT_OUT_POLICY" | "CHATBOT_POLICY" | "DECLARATIVE_POLICY_EC2" | "SECURITYHUB_POLICY")
+      attr_accessor next_token: ::String
+      attr_accessor max_results: ::Integer
+      SENSITIVE: []
+    end
+    class ListAccountsWithInvalidEffectivePolicyResponse
+      attr_accessor accounts: ::Array[Types::Account]
+      attr_accessor policy_type: ("TAG_POLICY" | "BACKUP_POLICY" | "AISERVICES_OPT_OUT_POLICY" | "CHATBOT_POLICY" | "DECLARATIVE_POLICY_EC2" | "SECURITYHUB_POLICY")
+      attr_accessor next_token: ::String
+      SENSITIVE: []
+    end
     class ListChildrenRequest
       attr_accessor parent_id: ::String
       attr_accessor child_type: ("ACCOUNT" | "ORGANIZATIONAL_UNIT")
@@ -579,6 +601,24 @@ module Aws::Organizations
       SENSITIVE: []
     end
+    class ListEffectivePolicyValidationErrorsRequest
+      attr_accessor account_id: ::String
+      attr_accessor policy_type: ("TAG_POLICY" | "BACKUP_POLICY" | "AISERVICES_OPT_OUT_POLICY" | "CHATBOT_POLICY" | "DECLARATIVE_POLICY_EC2" | "SECURITYHUB_POLICY")
+      attr_accessor next_token: ::String
+      attr_accessor max_results: ::Integer
+      SENSITIVE: []
+    end
+    class ListEffectivePolicyValidationErrorsResponse
+      attr_accessor account_id: ::String
+      attr_accessor policy_type: ("TAG_POLICY" | "BACKUP_POLICY" | "AISERVICES_OPT_OUT_POLICY" | "CHATBOT_POLICY" | "DECLARATIVE_POLICY_EC2" | "SECURITYHUB_POLICY")
+      attr_accessor path: ::String
+      attr_accessor evaluation_timestamp: ::Time
+      attr_accessor next_token: ::String
+      attr_accessor effective_policy_validation_errors: ::Array[Types::EffectivePolicyValidationError]
+      SENSITIVE: []
+    end
     class ListHandshakesForAccountRequest
       attr_accessor filter: Types::HandshakeFilter
       attr_accessor next_token: ::String

metadata CHANGED Viewed

@@ -1,7 +1,7 @@
 --- !ruby/object:Gem::Specification
 name: aws-sdk-organizations
 version: !ruby/object:Gem::Version
-  version: 1.120.0
+  version: 1.121.0
 platform: ruby
 authors:
 - Amazon Web Services