aws-sdk-organizations 1.6.0 → 1.7.0

checksums.yaml

@@ -1,7 +1,7 @@
 ---
 SHA1:
-  metadata.gz: 7397380856989b10e38314681e051aeebca83d3c
-  data.tar.gz: 87f036cc703cc0a1687e7671cc04c593779c6c12
+  metadata.gz: 123fe21c523cbc15b5c360d09f6286a55f06216f
+  data.tar.gz: d635d0635e107be87df9757c7927fecfd629628f
 SHA512:
-  metadata.gz: 38f5a0a2f9c0c5b963315ef1bd65ff57b5d05fc658f641dcc56bdd47319caadd71aa609af4104222b5ab5d6258f4c7dae2cfe61ffd3aee52b5b06309a12992a8
-  data.tar.gz: 017385a27eada0b82d53b07da8cd6a5d930423260ad735aab54426e6fbc9fe89c7e7d2e28e8dabd9a8c96d4b4d87152f253fe6d068d71af93176bd7e37c09d33
+  metadata.gz: 575453b67aff640922d8553e46e79aa4acfd0bf4faf2a44cb4c2d52798bcf300db9ddbf252a0b79b78e1843f8bdd82dd70f7c5e24123820953c0c2240b4ed392
+  data.tar.gz: 2157e4482100ca6b9c985cb5cdd5d598be062ece620a707537a8dfe98a09663dc57aab030f6230da7379ea59996008a89291a7ae1901b119ad37b3503ffdb69c

data/lib/aws-sdk-organizations.rb

@@ -42,6 +42,6 @@ require_relative 'aws-sdk-organizations/customizations'
 # @service
 module Aws::Organizations
 
-  GEM_VERSION = '1.6.0'
+  GEM_VERSION = '1.7.0'
 
 end

data/lib/aws-sdk-organizations/client.rb

@@ -549,8 +549,8 @@ module Aws::Organizations
     # The user in the master account who calls this API must also have the
     # `iam:CreateRole` permission because AWS Organizations preconfigures
     # the new member account with a role (named
-    # `OrganizationAccountAccessRole`) that grants users in the master
-    # account administrator permissions in the new member account.
+    # `OrganizationAccountAccessRole` by default) that grants users in the
+    # master account administrator permissions in the new member account.
     # Principals in the master account can assume the role. AWS
     # Organizations clones the company name and address information for the
     # new account from the organization's master account.
@@ -583,6 +583,9 @@ module Aws::Organizations
     #
     #  </note>
     #
+    # This operation can be called only from the organization's master
+    # account.
+    #
     # If you get an exception that indicates that you exceeded your account
     # limits for the organization or that you can"t add an account because
     # your organization is still initializing, please contact [ AWS Customer
@@ -1756,6 +1759,65 @@ module Aws::Organizations
       req.send_request(options)
     end
 
+    # Disables the integration of an AWS service (the service that is
+    # specified by `ServicePrincipal`) with AWS Organizations. When you
+    # disable integration, the specified service no longer can create a
+    # [service-linked role][1] in *new* accounts in your organization. This
+    # means the service can't perform operations on your behalf on any new
+    # accounts in your organization. The service can still perform
+    # operations in older accounts until the service completes its clean-up
+    # from AWS Organizations.
+    #
+    #
+    #
+    # We recommend that you disable integration between AWS Organizations
+    # and the specified AWS service by using the console or commands that
+    # are provided by the specified service. Doing so ensures that the other
+    # service is aware that it can clean up any resources that are required
+    # only for the integration. How the service cleans up its resources in
+    # the organization's accounts depends on that service. For more
+    # information, see the documentation for the other AWS service.
+    #
+    # After you perform the `DisableAWSServiceAccess` operation, the
+    # specified service can no longer perform operations in your
+    # organization's accounts unless the operations are explicitly
+    # permitted by the IAM policies that are attached to your roles.
+    #
+    # For more information about integrating other services with AWS
+    # Organizations, including the list of services that work with
+    # Organizations, see [Integrating AWS Organizations with Other AWS
+    # Services][2] in the *AWS Organizations User Guide*.
+    #
+    # This operation can be called only from the organization's master
+    # account.
+    #
+    #
+    #
+    # [1]: http://docs.aws.amazon.com/IAM/latest/UserGuide/using-service-linked-roles.html
+    # [2]: http://docs.aws.amazon.com/organizations/latest/userguide/orgs_integrate_services.html
+    #
+    # @option params [required, String] :service_principal
+    #   The service principal name of the AWS service for which you want to
+    #   disable integration with your organization. This is typically in the
+    #   form of a URL, such as ` service-abbreviation.amazonaws.com`.
+    #
+    # @return [Struct] Returns an empty {Seahorse::Client::Response response}.
+    #
+    # @example Request syntax with placeholder values
+    #
+    #   resp = client.disable_aws_service_access({
+    #     service_principal: "ServicePrincipal", # required
+    #   })
+    #
+    # @see http://docs.aws.amazon.com/goto/WebAPI/organizations-2016-11-28/DisableAWSServiceAccess AWS API Documentation
+    #
+    # @overload disable_aws_service_access(params = {})
+    # @param [Hash] params ({})
+    def disable_aws_service_access(params = {}, options = {})
+      req = build_request(:disable_aws_service_access, params)
+      req.send_request(options)
+    end
+
     # Disables an organizational control policy type in a root. A policy of
     # a certain type can be attached to entities in a root only if that type
     # is enabled in the root. After you perform this operation, you no
@@ -1831,6 +1893,56 @@ module Aws::Organizations
       req.send_request(options)
     end
 
+    # Enables the integration of an AWS service (the service that is
+    # specified by `ServicePrincipal`) with AWS Organizations. When you
+    # enable integration, you allow the specified service to create a
+    # [service-linked role][1] in all the accounts in your organization.
+    # This allows the service to perform operations on your behalf in your
+    # organization and its accounts.
+    #
+    # We recommend that you enable integration between AWS Organizations and
+    # the specified AWS service by using the console or commands that are
+    # provided by the specified service. Doing so ensures that the service
+    # is aware that it can create the resources that are required for the
+    # integration. How the service creates those resources in the
+    # organization's accounts depends on that service. For more
+    # information, see the documentation for the other AWS service.
+    #
+    # For more information about enabling services to integrate with AWS
+    # Organizations, see [Integrating AWS Organizations with Other AWS
+    # Services][2] in the *AWS Organizations User Guide*.
+    #
+    # This operation can be called only from the organization's master
+    # account and only if the organization has [enabled all features][3].
+    #
+    #
+    #
+    # [1]: http://docs.aws.amazon.com/IAM/latest/UserGuide/using-service-linked-roles.html
+    # [2]: http://docs.aws.amazon.com/organizations/latest/userguide/orgs_integrate_services.html
+    # [3]: http://docs.aws.amazon.com/organizations/latest/userguide/orgs_manage_org_support-all-features.html
+    #
+    # @option params [required, String] :service_principal
+    #   The service principal name of the AWS service for which you want to
+    #   enable integration with your organization. This is typically in the
+    #   form of a URL, such as ` service-abbreviation.amazonaws.com`.
+    #
+    # @return [Struct] Returns an empty {Seahorse::Client::Response response}.
+    #
+    # @example Request syntax with placeholder values
+    #
+    #   resp = client.enable_aws_service_access({
+    #     service_principal: "ServicePrincipal", # required
+    #   })
+    #
+    # @see http://docs.aws.amazon.com/goto/WebAPI/organizations-2016-11-28/EnableAWSServiceAccess AWS API Documentation
+    #
+    # @overload enable_aws_service_access(params = {})
+    # @param [Hash] params ({})
+    def enable_aws_service_access(params = {}, options = {})
+      req = build_request(:enable_aws_service_access, params)
+      req.send_request(options)
+    end
+
     # Enables all features in an organization. This enables the use of
     # organization policies that can restrict the services and actions that
     # can be called in each account. Until you enable all features, you have
@@ -2215,6 +2327,69 @@ module Aws::Organizations
       req.send_request(options)
     end
 
+    # Returns a list of the AWS services that you enabled to integrate with
+    # your organization. After a service on this list creates the resources
+    # that it requires for the integration, it can perform operations on
+    # your organization and its accounts.
+    #
+    # For more information about integrating other services with AWS
+    # Organizations, including the list of services that currently work with
+    # Organizations, see [Integrating AWS Organizations with Other AWS
+    # Services][1] in the *AWS Organizations User Guide*.
+    #
+    # This operation can be called only from the organization's master
+    # account.
+    #
+    #
+    #
+    # [1]: http://docs.aws.amazon.com/organizations/latest/userguide/orgs_integrate_services.html
+    #
+    # @option params [String] :next_token
+    #   Use this parameter if you receive a `NextToken` response in a previous
+    #   request that indicates that there is more output available. Set it to
+    #   the value of the previous call's `NextToken` response to indicate
+    #   where the output should continue from.
+    #
+    # @option params [Integer] :max_results
+    #   (Optional) Use this to limit the number of results you want included
+    #   in the response. If you do not include this parameter, it defaults to
+    #   a value that is specific to the operation. If additional items exist
+    #   beyond the maximum you specify, the `NextToken` response element is
+    #   present and has a value (is not null). Include that value as the
+    #   `NextToken` request parameter in the next call to the operation to get
+    #   the next part of the results. Note that Organizations might return
+    #   fewer results than the maximum even when there are more results
+    #   available. You should check `NextToken` after every operation to
+    #   ensure that you receive all of the results.
+    #
+    # @return [Types::ListAWSServiceAccessForOrganizationResponse] Returns a {Seahorse::Client::Response response} object which responds to the following methods:
+    #
+    #   * {Types::ListAWSServiceAccessForOrganizationResponse#enabled_service_principals #enabled_service_principals} => Array&lt;Types::EnabledServicePrincipal&gt;
+    #   * {Types::ListAWSServiceAccessForOrganizationResponse#next_token #next_token} => String
+    #
+    # @example Request syntax with placeholder values
+    #
+    #   resp = client.list_aws_service_access_for_organization({
+    #     next_token: "NextToken",
+    #     max_results: 1,
+    #   })
+    #
+    # @example Response structure
+    #
+    #   resp.enabled_service_principals #=> Array
+    #   resp.enabled_service_principals[0].service_principal #=> String
+    #   resp.enabled_service_principals[0].date_enabled #=> Time
+    #   resp.next_token #=> String
+    #
+    # @see http://docs.aws.amazon.com/goto/WebAPI/organizations-2016-11-28/ListAWSServiceAccessForOrganization AWS API Documentation
+    #
+    # @overload list_aws_service_access_for_organization(params = {})
+    # @param [Hash] params ({})
+    def list_aws_service_access_for_organization(params = {}, options = {})
+      req = build_request(:list_aws_service_access_for_organization, params)
+      req.send_request(options)
+    end
+
     # Lists all the accounts in the organization. To request only the
     # accounts in a root or OU, use the ListAccountsForParent operation
     # instead.
@@ -3904,7 +4079,7 @@ module Aws::Organizations
         params: params,
         config: config)
       context[:gem_name] = 'aws-sdk-organizations'
-      context[:gem_version] = '1.6.0'
+      context[:gem_version] = '1.7.0'
       Seahorse::Client::Request.new(handlers, context)
     end
 

data/lib/aws-sdk-organizations/client_api.rb

@@ -71,6 +71,7 @@ module Aws::Organizations
     DescribePolicyResponse = Shapes::StructureShape.new(name: 'DescribePolicyResponse')
     DestinationParentNotFoundException = Shapes::StructureShape.new(name: 'DestinationParentNotFoundException')
     DetachPolicyRequest = Shapes::StructureShape.new(name: 'DetachPolicyRequest')
+    DisableAWSServiceAccessRequest = Shapes::StructureShape.new(name: 'DisableAWSServiceAccessRequest')
     DisablePolicyTypeRequest = Shapes::StructureShape.new(name: 'DisablePolicyTypeRequest')
     DisablePolicyTypeResponse = Shapes::StructureShape.new(name: 'DisablePolicyTypeResponse')
     DuplicateAccountException = Shapes::StructureShape.new(name: 'DuplicateAccountException')
@@ -79,10 +80,13 @@ module Aws::Organizations
     DuplicatePolicyAttachmentException = Shapes::StructureShape.new(name: 'DuplicatePolicyAttachmentException')
     DuplicatePolicyException = Shapes::StructureShape.new(name: 'DuplicatePolicyException')
     Email = Shapes::StringShape.new(name: 'Email')
+    EnableAWSServiceAccessRequest = Shapes::StructureShape.new(name: 'EnableAWSServiceAccessRequest')
     EnableAllFeaturesRequest = Shapes::StructureShape.new(name: 'EnableAllFeaturesRequest')
     EnableAllFeaturesResponse = Shapes::StructureShape.new(name: 'EnableAllFeaturesResponse')
     EnablePolicyTypeRequest = Shapes::StructureShape.new(name: 'EnablePolicyTypeRequest')
     EnablePolicyTypeResponse = Shapes::StructureShape.new(name: 'EnablePolicyTypeResponse')
+    EnabledServicePrincipal = Shapes::StructureShape.new(name: 'EnabledServicePrincipal')
+    EnabledServicePrincipals = Shapes::ListShape.new(name: 'EnabledServicePrincipals')
     ExceptionMessage = Shapes::StringShape.new(name: 'ExceptionMessage')
     ExceptionType = Shapes::StringShape.new(name: 'ExceptionType')
     FinalizingOrganizationException = Shapes::StructureShape.new(name: 'FinalizingOrganizationException')
@@ -112,6 +116,8 @@ module Aws::Organizations
     InvalidInputExceptionReason = Shapes::StringShape.new(name: 'InvalidInputExceptionReason')
     InviteAccountToOrganizationRequest = Shapes::StructureShape.new(name: 'InviteAccountToOrganizationRequest')
     InviteAccountToOrganizationResponse = Shapes::StructureShape.new(name: 'InviteAccountToOrganizationResponse')
+    ListAWSServiceAccessForOrganizationRequest = Shapes::StructureShape.new(name: 'ListAWSServiceAccessForOrganizationRequest')
+    ListAWSServiceAccessForOrganizationResponse = Shapes::StructureShape.new(name: 'ListAWSServiceAccessForOrganizationResponse')
     ListAccountsForParentRequest = Shapes::StructureShape.new(name: 'ListAccountsForParentRequest')
     ListAccountsForParentResponse = Shapes::StructureShape.new(name: 'ListAccountsForParentResponse')
     ListAccountsRequest = Shapes::StructureShape.new(name: 'ListAccountsRequest')
@@ -188,6 +194,7 @@ module Aws::Organizations
     RootNotFoundException = Shapes::StructureShape.new(name: 'RootNotFoundException')
     Roots = Shapes::ListShape.new(name: 'Roots')
     ServiceException = Shapes::StructureShape.new(name: 'ServiceException')
+    ServicePrincipal = Shapes::StringShape.new(name: 'ServicePrincipal')
     SourceParentNotFoundException = Shapes::StructureShape.new(name: 'SourceParentNotFoundException')
     TargetName = Shapes::StringShape.new(name: 'TargetName')
     TargetNotFoundException = Shapes::StructureShape.new(name: 'TargetNotFoundException')
@@ -325,6 +332,9 @@ module Aws::Organizations
     DetachPolicyRequest.add_member(:target_id, Shapes::ShapeRef.new(shape: PolicyTargetId, required: true, location_name: "TargetId"))
     DetachPolicyRequest.struct_class = Types::DetachPolicyRequest
 
+    DisableAWSServiceAccessRequest.add_member(:service_principal, Shapes::ShapeRef.new(shape: ServicePrincipal, required: true, location_name: "ServicePrincipal"))
+    DisableAWSServiceAccessRequest.struct_class = Types::DisableAWSServiceAccessRequest
+
     DisablePolicyTypeRequest.add_member(:root_id, Shapes::ShapeRef.new(shape: RootId, required: true, location_name: "RootId"))
     DisablePolicyTypeRequest.add_member(:policy_type, Shapes::ShapeRef.new(shape: PolicyType, required: true, location_name: "PolicyType"))
     DisablePolicyTypeRequest.struct_class = Types::DisablePolicyTypeRequest
@@ -332,6 +342,9 @@ module Aws::Organizations
     DisablePolicyTypeResponse.add_member(:root, Shapes::ShapeRef.new(shape: Root, location_name: "Root"))
     DisablePolicyTypeResponse.struct_class = Types::DisablePolicyTypeResponse
 
+    EnableAWSServiceAccessRequest.add_member(:service_principal, Shapes::ShapeRef.new(shape: ServicePrincipal, required: true, location_name: "ServicePrincipal"))
+    EnableAWSServiceAccessRequest.struct_class = Types::EnableAWSServiceAccessRequest
+
     EnableAllFeaturesRequest.struct_class = Types::EnableAllFeaturesRequest
 
     EnableAllFeaturesResponse.add_member(:handshake, Shapes::ShapeRef.new(shape: Handshake, location_name: "Handshake"))
@@ -344,6 +357,12 @@ module Aws::Organizations
     EnablePolicyTypeResponse.add_member(:root, Shapes::ShapeRef.new(shape: Root, location_name: "Root"))
     EnablePolicyTypeResponse.struct_class = Types::EnablePolicyTypeResponse
 
+    EnabledServicePrincipal.add_member(:service_principal, Shapes::ShapeRef.new(shape: ServicePrincipal, location_name: "ServicePrincipal"))
+    EnabledServicePrincipal.add_member(:date_enabled, Shapes::ShapeRef.new(shape: Timestamp, location_name: "DateEnabled"))
+    EnabledServicePrincipal.struct_class = Types::EnabledServicePrincipal
+
+    EnabledServicePrincipals.member = Shapes::ShapeRef.new(shape: EnabledServicePrincipal)
+
     Handshake.add_member(:id, Shapes::ShapeRef.new(shape: HandshakeId, location_name: "Id"))
     Handshake.add_member(:arn, Shapes::ShapeRef.new(shape: HandshakeArn, location_name: "Arn"))
     Handshake.add_member(:parties, Shapes::ShapeRef.new(shape: HandshakeParties, location_name: "Parties"))
@@ -380,6 +399,14 @@ module Aws::Organizations
     InviteAccountToOrganizationResponse.add_member(:handshake, Shapes::ShapeRef.new(shape: Handshake, location_name: "Handshake"))
     InviteAccountToOrganizationResponse.struct_class = Types::InviteAccountToOrganizationResponse
 
+    ListAWSServiceAccessForOrganizationRequest.add_member(:next_token, Shapes::ShapeRef.new(shape: NextToken, location_name: "NextToken"))
+    ListAWSServiceAccessForOrganizationRequest.add_member(:max_results, Shapes::ShapeRef.new(shape: MaxResults, location_name: "MaxResults"))
+    ListAWSServiceAccessForOrganizationRequest.struct_class = Types::ListAWSServiceAccessForOrganizationRequest
+
+    ListAWSServiceAccessForOrganizationResponse.add_member(:enabled_service_principals, Shapes::ShapeRef.new(shape: EnabledServicePrincipals, location_name: "EnabledServicePrincipals"))
+    ListAWSServiceAccessForOrganizationResponse.add_member(:next_token, Shapes::ShapeRef.new(shape: NextToken, location_name: "NextToken"))
+    ListAWSServiceAccessForOrganizationResponse.struct_class = Types::ListAWSServiceAccessForOrganizationResponse
+
     ListAccountsForParentRequest.add_member(:parent_id, Shapes::ShapeRef.new(shape: ParentId, required: true, location_name: "ParentId"))
     ListAccountsForParentRequest.add_member(:next_token, Shapes::ShapeRef.new(shape: NextToken, location_name: "NextToken"))
     ListAccountsForParentRequest.add_member(:max_results, Shapes::ShapeRef.new(shape: MaxResults, location_name: "MaxResults"))
@@ -871,6 +898,21 @@ module Aws::Organizations
         o.errors << Shapes::ShapeRef.new(shape: TooManyRequestsException)
       end)
 
+      api.add_operation(:disable_aws_service_access, Seahorse::Model::Operation.new.tap do |o|
+        o.name = "DisableAWSServiceAccess"
+        o.http_method = "POST"
+        o.http_request_uri = "/"
+        o.input = Shapes::ShapeRef.new(shape: DisableAWSServiceAccessRequest)
+        o.output = Shapes::ShapeRef.new(shape: Shapes::StructureShape.new(struct_class: Aws::EmptyStructure))
+        o.errors << Shapes::ShapeRef.new(shape: AccessDeniedException)
+        o.errors << Shapes::ShapeRef.new(shape: AWSOrganizationsNotInUseException)
+        o.errors << Shapes::ShapeRef.new(shape: ConcurrentModificationException)
+        o.errors << Shapes::ShapeRef.new(shape: ConstraintViolationException)
+        o.errors << Shapes::ShapeRef.new(shape: InvalidInputException)
+        o.errors << Shapes::ShapeRef.new(shape: ServiceException)
+        o.errors << Shapes::ShapeRef.new(shape: TooManyRequestsException)
+      end)
+
       api.add_operation(:disable_policy_type, Seahorse::Model::Operation.new.tap do |o|
         o.name = "DisablePolicyType"
         o.http_method = "POST"
@@ -888,6 +930,21 @@ module Aws::Organizations
         o.errors << Shapes::ShapeRef.new(shape: TooManyRequestsException)
       end)
 
+      api.add_operation(:enable_aws_service_access, Seahorse::Model::Operation.new.tap do |o|
+        o.name = "EnableAWSServiceAccess"
+        o.http_method = "POST"
+        o.http_request_uri = "/"
+        o.input = Shapes::ShapeRef.new(shape: EnableAWSServiceAccessRequest)
+        o.output = Shapes::ShapeRef.new(shape: Shapes::StructureShape.new(struct_class: Aws::EmptyStructure))
+        o.errors << Shapes::ShapeRef.new(shape: AccessDeniedException)
+        o.errors << Shapes::ShapeRef.new(shape: AWSOrganizationsNotInUseException)
+        o.errors << Shapes::ShapeRef.new(shape: ConcurrentModificationException)
+        o.errors << Shapes::ShapeRef.new(shape: ConstraintViolationException)
+        o.errors << Shapes::ShapeRef.new(shape: InvalidInputException)
+        o.errors << Shapes::ShapeRef.new(shape: ServiceException)
+        o.errors << Shapes::ShapeRef.new(shape: TooManyRequestsException)
+      end)
+
       api.add_operation(:enable_all_features, Seahorse::Model::Operation.new.tap do |o|
         o.name = "EnableAllFeatures"
         o.http_method = "POST"
@@ -955,6 +1012,26 @@ module Aws::Organizations
         o.errors << Shapes::ShapeRef.new(shape: TooManyRequestsException)
       end)
 
+      api.add_operation(:list_aws_service_access_for_organization, Seahorse::Model::Operation.new.tap do |o|
+        o.name = "ListAWSServiceAccessForOrganization"
+        o.http_method = "POST"
+        o.http_request_uri = "/"
+        o.input = Shapes::ShapeRef.new(shape: ListAWSServiceAccessForOrganizationRequest)
+        o.output = Shapes::ShapeRef.new(shape: ListAWSServiceAccessForOrganizationResponse)
+        o.errors << Shapes::ShapeRef.new(shape: AccessDeniedException)
+        o.errors << Shapes::ShapeRef.new(shape: AWSOrganizationsNotInUseException)
+        o.errors << Shapes::ShapeRef.new(shape: ConstraintViolationException)
+        o.errors << Shapes::ShapeRef.new(shape: InvalidInputException)
+        o.errors << Shapes::ShapeRef.new(shape: ServiceException)
+        o.errors << Shapes::ShapeRef.new(shape: TooManyRequestsException)
+        o[:pager] = Aws::Pager.new(
+          limit_key: "max_results",
+          tokens: {
+            "next_token" => "next_token"
+          }
+        )
+      end)
+
       api.add_operation(:list_accounts, Seahorse::Model::Operation.new.tap do |o|
         o.name = "ListAccounts"
         o.http_method = "POST"

data/lib/aws-sdk-organizations/types.rb

@@ -937,6 +937,26 @@ module Aws::Organizations
       include Aws::Structure
     end
 
+    # @note When making an API call, you may pass DisableAWSServiceAccessRequest
+    #   data as a hash:
+    #
+    #       {
+    #         service_principal: "ServicePrincipal", # required
+    #       }
+    #
+    # @!attribute [rw] service_principal
+    #   The service principal name of the AWS service for which you want to
+    #   disable integration with your organization. This is typically in the
+    #   form of a URL, such as ` service-abbreviation.amazonaws.com`.
+    #   @return [String]
+    #
+    # @see http://docs.aws.amazon.com/goto/WebAPI/organizations-2016-11-28/DisableAWSServiceAccessRequest AWS API Documentation
+    #
+    class DisableAWSServiceAccessRequest < Struct.new(
+      :service_principal)
+      include Aws::Structure
+    end
+
     # @note When making an API call, you may pass DisablePolicyTypeRequest
     #   data as a hash:
     #
@@ -981,6 +1001,26 @@ module Aws::Organizations
       include Aws::Structure
     end
 
+    # @note When making an API call, you may pass EnableAWSServiceAccessRequest
+    #   data as a hash:
+    #
+    #       {
+    #         service_principal: "ServicePrincipal", # required
+    #       }
+    #
+    # @!attribute [rw] service_principal
+    #   The service principal name of the AWS service for which you want to
+    #   enable integration with your organization. This is typically in the
+    #   form of a URL, such as ` service-abbreviation.amazonaws.com`.
+    #   @return [String]
+    #
+    # @see http://docs.aws.amazon.com/goto/WebAPI/organizations-2016-11-28/EnableAWSServiceAccessRequest AWS API Documentation
+    #
+    class EnableAWSServiceAccessRequest < Struct.new(
+      :service_principal)
+      include Aws::Structure
+    end
+
     # @api private
     #
     # @see http://docs.aws.amazon.com/goto/WebAPI/organizations-2016-11-28/EnableAllFeaturesRequest AWS API Documentation
@@ -1043,6 +1083,27 @@ module Aws::Organizations
       include Aws::Structure
     end
 
+    # A structure that contains details of a service principal that is
+    # enabled to integrate with AWS Organizations.
+    #
+    # @!attribute [rw] service_principal
+    #   The name of the service principal. This is typically in the form of
+    #   a URL, such as: ` servicename.amazonaws.com`.
+    #   @return [String]
+    #
+    # @!attribute [rw] date_enabled
+    #   The date that the service principal was enabled for integration with
+    #   AWS Organizations.
+    #   @return [Time]
+    #
+    # @see http://docs.aws.amazon.com/goto/WebAPI/organizations-2016-11-28/EnabledServicePrincipal AWS API Documentation
+    #
+    class EnabledServicePrincipal < Struct.new(
+      :service_principal,
+      :date_enabled)
+      include Aws::Structure
+    end
+
     # Contains information that must be exchanged to securely establish a
     # relationship between two accounts (an *originator* and a *recipient*).
     # For example, when a master account (the originator) invites another
@@ -1335,6 +1396,65 @@ module Aws::Organizations
       include Aws::Structure
     end
 
+    # @note When making an API call, you may pass ListAWSServiceAccessForOrganizationRequest
+    #   data as a hash:
+    #
+    #       {
+    #         next_token: "NextToken",
+    #         max_results: 1,
+    #       }
+    #
+    # @!attribute [rw] next_token
+    #   Use this parameter if you receive a `NextToken` response in a
+    #   previous request that indicates that there is more output available.
+    #   Set it to the value of the previous call's `NextToken` response to
+    #   indicate where the output should continue from.
+    #   @return [String]
+    #
+    # @!attribute [rw] max_results
+    #   (Optional) Use this to limit the number of results you want included
+    #   in the response. If you do not include this parameter, it defaults
+    #   to a value that is specific to the operation. If additional items
+    #   exist beyond the maximum you specify, the `NextToken` response
+    #   element is present and has a value (is not null). Include that value
+    #   as the `NextToken` request parameter in the next call to the
+    #   operation to get the next part of the results. Note that
+    #   Organizations might return fewer results than the maximum even when
+    #   there are more results available. You should check `NextToken` after
+    #   every operation to ensure that you receive all of the results.
+    #   @return [Integer]
+    #
+    # @see http://docs.aws.amazon.com/goto/WebAPI/organizations-2016-11-28/ListAWSServiceAccessForOrganizationRequest AWS API Documentation
+    #
+    class ListAWSServiceAccessForOrganizationRequest < Struct.new(
+      :next_token,
+      :max_results)
+      include Aws::Structure
+    end
+
+    # @!attribute [rw] enabled_service_principals
+    #   A list of the service principals for the services that are enabled
+    #   to integrate with your organization. Each principal is a structure
+    #   that includes the name and the date that it was enabled for
+    #   integration with AWS Organizations.
+    #   @return [Array<Types::EnabledServicePrincipal>]
+    #
+    # @!attribute [rw] next_token
+    #   If present, this value indicates that there is more output available
+    #   than is included in the current response. Use this value in the
+    #   `NextToken` request parameter in a subsequent call to the operation
+    #   to get the next part of the output. You should repeat this until the
+    #   `NextToken` response element comes back as `null`.
+    #   @return [String]
+    #
+    # @see http://docs.aws.amazon.com/goto/WebAPI/organizations-2016-11-28/ListAWSServiceAccessForOrganizationResponse AWS API Documentation
+    #
+    class ListAWSServiceAccessForOrganizationResponse < Struct.new(
+      :enabled_service_principals,
+      :next_token)
+      include Aws::Structure
+    end
+
     # @note When making an API call, you may pass ListAccountsForParentRequest
     #   data as a hash:
     #

metadata

@@ -1,14 +1,14 @@
 --- !ruby/object:Gem::Specification
 name: aws-sdk-organizations
 version: !ruby/object:Gem::Version
-  version: 1.6.0
+  version: 1.7.0
 platform: ruby
 authors:
 - Amazon Web Services
 autorequire: 
 bindir: bin
 cert_chain: []
-date: 2017-11-07 00:00:00.000000000 Z
+date: 2017-11-16 00:00:00.000000000 Z
 dependencies:
 - !ruby/object:Gem::Dependency
   name: aws-sdk-core