npm - @aws-sdk/client-iam - Versions diffs - 3.687.0 → 3.692.0 - Mend

@aws-sdk/client-iam 3.687.0 → 3.692.0

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (63) hide show

package/dist-cjs/index.js CHANGED Viewed

@@ -23,6 +23,7 @@ var src_exports = {};
 __export(src_exports, {
   AccessAdvisorUsageGranularityType: () => AccessAdvisorUsageGranularityType,
   AccessKeyFilterSensitiveLog: () => AccessKeyFilterSensitiveLog,
+  AccountNotManagementOrDelegatedAdministratorException: () => AccountNotManagementOrDelegatedAdministratorException,
   AddClientIDToOpenIDConnectProviderCommand: () => AddClientIDToOpenIDConnectProviderCommand,
   AddRoleToInstanceProfileCommand: () => AddRoleToInstanceProfileCommand,
   AddUserToGroupCommand: () => AddUserToGroupCommand,
@@ -30,6 +31,7 @@ __export(src_exports, {
   AttachGroupPolicyCommand: () => AttachGroupPolicyCommand,
   AttachRolePolicyCommand: () => AttachRolePolicyCommand,
   AttachUserPolicyCommand: () => AttachUserPolicyCommand,
+  CallerIsNotManagementAccountException: () => CallerIsNotManagementAccountException,
   ChangePasswordCommand: () => ChangePasswordCommand,
   ChangePasswordRequestFilterSensitiveLog: () => ChangePasswordRequestFilterSensitiveLog,
   ConcurrentModificationException: () => ConcurrentModificationException,
@@ -84,13 +86,18 @@ __export(src_exports, {
   DetachGroupPolicyCommand: () => DetachGroupPolicyCommand,
   DetachRolePolicyCommand: () => DetachRolePolicyCommand,
   DetachUserPolicyCommand: () => DetachUserPolicyCommand,
+  DisableOrganizationsRootCredentialsManagementCommand: () => DisableOrganizationsRootCredentialsManagementCommand,
+  DisableOrganizationsRootSessionsCommand: () => DisableOrganizationsRootSessionsCommand,
   DuplicateCertificateException: () => DuplicateCertificateException,
   DuplicateSSHPublicKeyException: () => DuplicateSSHPublicKeyException,
   EnableMFADeviceCommand: () => EnableMFADeviceCommand,
+  EnableOrganizationsRootCredentialsManagementCommand: () => EnableOrganizationsRootCredentialsManagementCommand,
+  EnableOrganizationsRootSessionsCommand: () => EnableOrganizationsRootSessionsCommand,
   EncodingType: () => EncodingType,
   EntityAlreadyExistsException: () => EntityAlreadyExistsException,
   EntityTemporarilyUnmodifiableException: () => EntityTemporarilyUnmodifiableException,
   EntityType: () => EntityType,
+  FeatureType: () => FeatureType,
   GenerateCredentialReportCommand: () => GenerateCredentialReportCommand,
   GenerateOrganizationsAccessReportCommand: () => GenerateOrganizationsAccessReportCommand,
   GenerateServiceLastAccessedDetailsCommand: () => GenerateServiceLastAccessedDetailsCommand,
@@ -148,6 +155,7 @@ __export(src_exports, {
   ListMFADevicesCommand: () => ListMFADevicesCommand,
   ListOpenIDConnectProviderTagsCommand: () => ListOpenIDConnectProviderTagsCommand,
   ListOpenIDConnectProvidersCommand: () => ListOpenIDConnectProvidersCommand,
+  ListOrganizationsFeaturesCommand: () => ListOrganizationsFeaturesCommand,
   ListPoliciesCommand: () => ListPoliciesCommand,
   ListPoliciesGrantingServiceAccessCommand: () => ListPoliciesGrantingServiceAccessCommand,
   ListPolicyTagsCommand: () => ListPolicyTagsCommand,
@@ -171,6 +179,8 @@ __export(src_exports, {
   MalformedPolicyDocumentException: () => MalformedPolicyDocumentException,
   NoSuchEntityException: () => NoSuchEntityException,
   OpenIdIdpCommunicationErrorException: () => OpenIdIdpCommunicationErrorException,
+  OrganizationNotFoundException: () => OrganizationNotFoundException,
+  OrganizationNotInAllFeaturesModeException: () => OrganizationNotInAllFeaturesModeException,
   PasswordPolicyViolationException: () => PasswordPolicyViolationException,
   PermissionsBoundaryAttachmentType: () => PermissionsBoundaryAttachmentType,
   PolicyEvaluationDecisionType: () => PolicyEvaluationDecisionType,
@@ -195,6 +205,7 @@ __export(src_exports, {
   ResetServiceSpecificCredentialCommand: () => ResetServiceSpecificCredentialCommand,
   ResetServiceSpecificCredentialResponseFilterSensitiveLog: () => ResetServiceSpecificCredentialResponseFilterSensitiveLog,
   ResyncMFADeviceCommand: () => ResyncMFADeviceCommand,
+  ServiceAccessNotEnabledException: () => ServiceAccessNotEnabledException,
   ServiceFailureException: () => ServiceFailureException,
   ServiceNotSupportedException: () => ServiceNotSupportedException,
   ServiceSpecificCredentialFilterSensitiveLog: () => ServiceSpecificCredentialFilterSensitiveLog,
@@ -463,6 +474,24 @@ var StatusType = {
   Active: "Active",
   Inactive: "Inactive"
 };
+var _AccountNotManagementOrDelegatedAdministratorException = class _AccountNotManagementOrDelegatedAdministratorException extends IAMServiceException {
+  /**
+   * @internal
+   */
+  constructor(opts) {
+    super({
+      name: "AccountNotManagementOrDelegatedAdministratorException",
+      $fault: "client",
+      ...opts
+    });
+    this.name = "AccountNotManagementOrDelegatedAdministratorException";
+    this.$fault = "client";
+    Object.setPrototypeOf(this, _AccountNotManagementOrDelegatedAdministratorException.prototype);
+    this.Message = opts.Message;
+  }
+};
+__name(_AccountNotManagementOrDelegatedAdministratorException, "AccountNotManagementOrDelegatedAdministratorException");
+var AccountNotManagementOrDelegatedAdministratorException = _AccountNotManagementOrDelegatedAdministratorException;
 var _InvalidInputException = class _InvalidInputException extends IAMServiceException {
   /**
    * @internal
@@ -726,6 +755,64 @@ var _DeleteConflictException = class _DeleteConflictException extends IAMService
 };
 __name(_DeleteConflictException, "DeleteConflictException");
 var DeleteConflictException = _DeleteConflictException;
+var FeatureType = {
+  ROOT_CREDENTIALS_MANAGEMENT: "RootCredentialsManagement",
+  ROOT_SESSIONS: "RootSessions"
+};
+var _OrganizationNotFoundException = class _OrganizationNotFoundException extends IAMServiceException {
+  /**
+   * @internal
+   */
+  constructor(opts) {
+    super({
+      name: "OrganizationNotFoundException",
+      $fault: "client",
+      ...opts
+    });
+    this.name = "OrganizationNotFoundException";
+    this.$fault = "client";
+    Object.setPrototypeOf(this, _OrganizationNotFoundException.prototype);
+    this.Message = opts.Message;
+  }
+};
+__name(_OrganizationNotFoundException, "OrganizationNotFoundException");
+var OrganizationNotFoundException = _OrganizationNotFoundException;
+var _OrganizationNotInAllFeaturesModeException = class _OrganizationNotInAllFeaturesModeException extends IAMServiceException {
+  /**
+   * @internal
+   */
+  constructor(opts) {
+    super({
+      name: "OrganizationNotInAllFeaturesModeException",
+      $fault: "client",
+      ...opts
+    });
+    this.name = "OrganizationNotInAllFeaturesModeException";
+    this.$fault = "client";
+    Object.setPrototypeOf(this, _OrganizationNotInAllFeaturesModeException.prototype);
+    this.Message = opts.Message;
+  }
+};
+__name(_OrganizationNotInAllFeaturesModeException, "OrganizationNotInAllFeaturesModeException");
+var OrganizationNotInAllFeaturesModeException = _OrganizationNotInAllFeaturesModeException;
+var _ServiceAccessNotEnabledException = class _ServiceAccessNotEnabledException extends IAMServiceException {
+  /**
+   * @internal
+   */
+  constructor(opts) {
+    super({
+      name: "ServiceAccessNotEnabledException",
+      $fault: "client",
+      ...opts
+    });
+    this.name = "ServiceAccessNotEnabledException";
+    this.$fault = "client";
+    Object.setPrototypeOf(this, _ServiceAccessNotEnabledException.prototype);
+    this.Message = opts.Message;
+  }
+};
+__name(_ServiceAccessNotEnabledException, "ServiceAccessNotEnabledException");
+var ServiceAccessNotEnabledException = _ServiceAccessNotEnabledException;
 var _InvalidAuthenticationCodeException = class _InvalidAuthenticationCodeException extends IAMServiceException {
   /**
    * @internal
@@ -743,6 +830,24 @@ var _InvalidAuthenticationCodeException = class _InvalidAuthenticationCodeExcept
 };
 __name(_InvalidAuthenticationCodeException, "InvalidAuthenticationCodeException");
 var InvalidAuthenticationCodeException = _InvalidAuthenticationCodeException;
+var _CallerIsNotManagementAccountException = class _CallerIsNotManagementAccountException extends IAMServiceException {
+  /**
+   * @internal
+   */
+  constructor(opts) {
+    super({
+      name: "CallerIsNotManagementAccountException",
+      $fault: "client",
+      ...opts
+    });
+    this.name = "CallerIsNotManagementAccountException";
+    this.$fault = "client";
+    Object.setPrototypeOf(this, _CallerIsNotManagementAccountException.prototype);
+    this.Message = opts.Message;
+  }
+};
+__name(_CallerIsNotManagementAccountException, "CallerIsNotManagementAccountException");
+var CallerIsNotManagementAccountException = _CallerIsNotManagementAccountException;
 var ReportStateType = {
   COMPLETE: "COMPLETE",
   INPROGRESS: "INPROGRESS",
@@ -776,6 +881,7 @@ var SummaryKeyType = {
   AccessKeysPerUserQuota: "AccessKeysPerUserQuota",
   AccountAccessKeysPresent: "AccountAccessKeysPresent",
   AccountMFAEnabled: "AccountMFAEnabled",
+  AccountPasswordPresent: "AccountPasswordPresent",
   AccountSigningCertificatesPresent: "AccountSigningCertificatesPresent",
   AttachedPoliciesPerGroupQuota: "AttachedPoliciesPerGroupQuota",
   AttachedPoliciesPerRoleQuota: "AttachedPoliciesPerRoleQuota",
@@ -950,15 +1056,6 @@ var PolicyEvaluationDecisionType = {
   EXPLICIT_DENY: "explicitDeny",
   IMPLICIT_DENY: "implicitDeny"
 };
-var PolicySourceType = {
-  AWS_MANAGED: "aws-managed",
-  GROUP: "group",
-  NONE: "none",
-  RESOURCE: "resource",
-  ROLE: "role",
-  USER: "user",
-  USER_MANAGED: "user-managed"
-};
 var AccessKeyFilterSensitiveLog = /* @__PURE__ */ __name((obj) => ({
   ...obj,
   ...obj.SecretAccessKey && { SecretAccessKey: import_smithy_client.SENSITIVE_STRING }
@@ -1010,6 +1107,15 @@ var ResetServiceSpecificCredentialResponseFilterSensitiveLog = /* @__PURE__ */ _
 // src/models/models_1.ts
+var PolicySourceType = {
+  AWS_MANAGED: "aws-managed",
+  GROUP: "group",
+  NONE: "none",
+  RESOURCE: "resource",
+  ROLE: "role",
+  USER: "user",
+  USER_MANAGED: "user-managed"
+};
 var _KeyPairMismatchException = class _KeyPairMismatchException extends IAMServiceException {
   /**
    * @internal
@@ -1600,6 +1706,26 @@ var se_DetachUserPolicyCommand = /* @__PURE__ */ __name(async (input, context) =
   });
   return buildHttpRpcRequest(context, headers, "/", void 0, body);
 }, "se_DetachUserPolicyCommand");
+var se_DisableOrganizationsRootCredentialsManagementCommand = /* @__PURE__ */ __name(async (input, context) => {
+  const headers = SHARED_HEADERS;
+  let body;
+  body = buildFormUrlencodedString({
+    ...se_DisableOrganizationsRootCredentialsManagementRequest(input, context),
+    [_A]: _DORCM,
+    [_V]: _
+  });
+  return buildHttpRpcRequest(context, headers, "/", void 0, body);
+}, "se_DisableOrganizationsRootCredentialsManagementCommand");
+var se_DisableOrganizationsRootSessionsCommand = /* @__PURE__ */ __name(async (input, context) => {
+  const headers = SHARED_HEADERS;
+  let body;
+  body = buildFormUrlencodedString({
+    ...se_DisableOrganizationsRootSessionsRequest(input, context),
+    [_A]: _DORS,
+    [_V]: _
+  });
+  return buildHttpRpcRequest(context, headers, "/", void 0, body);
+}, "se_DisableOrganizationsRootSessionsCommand");
 var se_EnableMFADeviceCommand = /* @__PURE__ */ __name(async (input, context) => {
   const headers = SHARED_HEADERS;
   let body;
@@ -1610,6 +1736,26 @@ var se_EnableMFADeviceCommand = /* @__PURE__ */ __name(async (input, context) =>
   });
   return buildHttpRpcRequest(context, headers, "/", void 0, body);
 }, "se_EnableMFADeviceCommand");
+var se_EnableOrganizationsRootCredentialsManagementCommand = /* @__PURE__ */ __name(async (input, context) => {
+  const headers = SHARED_HEADERS;
+  let body;
+  body = buildFormUrlencodedString({
+    ...se_EnableOrganizationsRootCredentialsManagementRequest(input, context),
+    [_A]: _EORCM,
+    [_V]: _
+  });
+  return buildHttpRpcRequest(context, headers, "/", void 0, body);
+}, "se_EnableOrganizationsRootCredentialsManagementCommand");
+var se_EnableOrganizationsRootSessionsCommand = /* @__PURE__ */ __name(async (input, context) => {
+  const headers = SHARED_HEADERS;
+  let body;
+  body = buildFormUrlencodedString({
+    ...se_EnableOrganizationsRootSessionsRequest(input, context),
+    [_A]: _EORS,
+    [_V]: _
+  });
+  return buildHttpRpcRequest(context, headers, "/", void 0, body);
+}, "se_EnableOrganizationsRootSessionsCommand");
 var se_GenerateCredentialReportCommand = /* @__PURE__ */ __name(async (input, context) => {
   const headers = SHARED_HEADERS;
   const body = buildFormUrlencodedString({
@@ -2052,6 +2198,16 @@ var se_ListOpenIDConnectProviderTagsCommand = /* @__PURE__ */ __name(async (inpu
   });
   return buildHttpRpcRequest(context, headers, "/", void 0, body);
 }, "se_ListOpenIDConnectProviderTagsCommand");
+var se_ListOrganizationsFeaturesCommand = /* @__PURE__ */ __name(async (input, context) => {
+  const headers = SHARED_HEADERS;
+  let body;
+  body = buildFormUrlencodedString({
+    ...se_ListOrganizationsFeaturesRequest(input, context),
+    [_A]: _LOF,
+    [_V]: _
+  });
+  return buildHttpRpcRequest(context, headers, "/", void 0, body);
+}, "se_ListOrganizationsFeaturesCommand");
 var se_ListPoliciesCommand = /* @__PURE__ */ __name(async (input, context) => {
   const headers = SHARED_HEADERS;
   let body;
@@ -3224,6 +3380,35 @@ var de_DetachUserPolicyCommand = /* @__PURE__ */ __name(async (output, context)
   };
   return response;
 }, "de_DetachUserPolicyCommand");
+var de_DisableOrganizationsRootCredentialsManagementCommand = /* @__PURE__ */ __name(async (output, context) => {
+  if (output.statusCode >= 300) {
+    return de_CommandError(output, context);
+  }
+  const data = await (0, import_core2.parseXmlBody)(output.body, context);
+  let contents = {};
+  contents = de_DisableOrganizationsRootCredentialsManagementResponse(
+    data.DisableOrganizationsRootCredentialsManagementResult,
+    context
+  );
+  const response = {
+    $metadata: deserializeMetadata(output),
+    ...contents
+  };
+  return response;
+}, "de_DisableOrganizationsRootCredentialsManagementCommand");
+var de_DisableOrganizationsRootSessionsCommand = /* @__PURE__ */ __name(async (output, context) => {
+  if (output.statusCode >= 300) {
+    return de_CommandError(output, context);
+  }
+  const data = await (0, import_core2.parseXmlBody)(output.body, context);
+  let contents = {};
+  contents = de_DisableOrganizationsRootSessionsResponse(data.DisableOrganizationsRootSessionsResult, context);
+  const response = {
+    $metadata: deserializeMetadata(output),
+    ...contents
+  };
+  return response;
+}, "de_DisableOrganizationsRootSessionsCommand");
 var de_EnableMFADeviceCommand = /* @__PURE__ */ __name(async (output, context) => {
   if (output.statusCode >= 300) {
     return de_CommandError(output, context);
@@ -3234,6 +3419,35 @@ var de_EnableMFADeviceCommand = /* @__PURE__ */ __name(async (output, context) =
   };
   return response;
 }, "de_EnableMFADeviceCommand");
+var de_EnableOrganizationsRootCredentialsManagementCommand = /* @__PURE__ */ __name(async (output, context) => {
+  if (output.statusCode >= 300) {
+    return de_CommandError(output, context);
+  }
+  const data = await (0, import_core2.parseXmlBody)(output.body, context);
+  let contents = {};
+  contents = de_EnableOrganizationsRootCredentialsManagementResponse(
+    data.EnableOrganizationsRootCredentialsManagementResult,
+    context
+  );
+  const response = {
+    $metadata: deserializeMetadata(output),
+    ...contents
+  };
+  return response;
+}, "de_EnableOrganizationsRootCredentialsManagementCommand");
+var de_EnableOrganizationsRootSessionsCommand = /* @__PURE__ */ __name(async (output, context) => {
+  if (output.statusCode >= 300) {
+    return de_CommandError(output, context);
+  }
+  const data = await (0, import_core2.parseXmlBody)(output.body, context);
+  let contents = {};
+  contents = de_EnableOrganizationsRootSessionsResponse(data.EnableOrganizationsRootSessionsResult, context);
+  const response = {
+    $metadata: deserializeMetadata(output),
+    ...contents
+  };
+  return response;
+}, "de_EnableOrganizationsRootSessionsCommand");
 var de_GenerateCredentialReportCommand = /* @__PURE__ */ __name(async (output, context) => {
   if (output.statusCode >= 300) {
     return de_CommandError(output, context);
@@ -3822,6 +4036,19 @@ var de_ListOpenIDConnectProviderTagsCommand = /* @__PURE__ */ __name(async (outp
   };
   return response;
 }, "de_ListOpenIDConnectProviderTagsCommand");
+var de_ListOrganizationsFeaturesCommand = /* @__PURE__ */ __name(async (output, context) => {
+  if (output.statusCode >= 300) {
+    return de_CommandError(output, context);
+  }
+  const data = await (0, import_core2.parseXmlBody)(output.body, context);
+  let contents = {};
+  contents = de_ListOrganizationsFeaturesResponse(data.ListOrganizationsFeaturesResult, context);
+  const response = {
+    $metadata: deserializeMetadata(output),
+    ...contents
+  };
+  return response;
+}, "de_ListOrganizationsFeaturesCommand");
 var de_ListPoliciesCommand = /* @__PURE__ */ __name(async (output, context) => {
   if (output.statusCode >= 300) {
     return de_CommandError(output, context);
@@ -4605,9 +4832,24 @@ var de_CommandError = /* @__PURE__ */ __name(async (output, context) => {
     case "DeleteConflict":
     case "com.amazonaws.iam#DeleteConflictException":
       throw await de_DeleteConflictExceptionRes(parsedOutput, context);
+    case "AccountNotManagementOrDelegatedAdministratorException":
+    case "com.amazonaws.iam#AccountNotManagementOrDelegatedAdministratorException":
+      throw await de_AccountNotManagementOrDelegatedAdministratorExceptionRes(parsedOutput, context);
+    case "OrganizationNotFoundException":
+    case "com.amazonaws.iam#OrganizationNotFoundException":
+      throw await de_OrganizationNotFoundExceptionRes(parsedOutput, context);
+    case "OrganizationNotInAllFeaturesModeException":
+    case "com.amazonaws.iam#OrganizationNotInAllFeaturesModeException":
+      throw await de_OrganizationNotInAllFeaturesModeExceptionRes(parsedOutput, context);
+    case "ServiceAccessNotEnabledException":
+    case "com.amazonaws.iam#ServiceAccessNotEnabledException":
+      throw await de_ServiceAccessNotEnabledExceptionRes(parsedOutput, context);
     case "InvalidAuthenticationCode":
     case "com.amazonaws.iam#InvalidAuthenticationCodeException":
       throw await de_InvalidAuthenticationCodeExceptionRes(parsedOutput, context);
+    case "CallerIsNotManagementAccountException":
+    case "com.amazonaws.iam#CallerIsNotManagementAccountException":
+      throw await de_CallerIsNotManagementAccountExceptionRes(parsedOutput, context);
     case "ReportGenerationLimitExceeded":
     case "com.amazonaws.iam#ReportGenerationLimitExceededException":
       throw await de_ReportGenerationLimitExceededExceptionRes(parsedOutput, context);
@@ -4653,6 +4895,24 @@ var de_CommandError = /* @__PURE__ */ __name(async (output, context) => {
       });
   }
 }, "de_CommandError");
+var de_AccountNotManagementOrDelegatedAdministratorExceptionRes = /* @__PURE__ */ __name(async (parsedOutput, context) => {
+  const body = parsedOutput.body;
+  const deserialized = de_AccountNotManagementOrDelegatedAdministratorException(body.Error, context);
+  const exception = new AccountNotManagementOrDelegatedAdministratorException({
+    $metadata: deserializeMetadata(parsedOutput),
+    ...deserialized
+  });
+  return (0, import_smithy_client.decorateServiceException)(exception, body);
+}, "de_AccountNotManagementOrDelegatedAdministratorExceptionRes");
+var de_CallerIsNotManagementAccountExceptionRes = /* @__PURE__ */ __name(async (parsedOutput, context) => {
+  const body = parsedOutput.body;
+  const deserialized = de_CallerIsNotManagementAccountException(body.Error, context);
+  const exception = new CallerIsNotManagementAccountException({
+    $metadata: deserializeMetadata(parsedOutput),
+    ...deserialized
+  });
+  return (0, import_smithy_client.decorateServiceException)(exception, body);
+}, "de_CallerIsNotManagementAccountExceptionRes");
 var de_ConcurrentModificationExceptionRes = /* @__PURE__ */ __name(async (parsedOutput, context) => {
   const body = parsedOutput.body;
   const deserialized = de_ConcurrentModificationException(body.Error, context);
@@ -4833,6 +5093,24 @@ var de_OpenIdIdpCommunicationErrorExceptionRes = /* @__PURE__ */ __name(async (p
   });
   return (0, import_smithy_client.decorateServiceException)(exception, body);
 }, "de_OpenIdIdpCommunicationErrorExceptionRes");
+var de_OrganizationNotFoundExceptionRes = /* @__PURE__ */ __name(async (parsedOutput, context) => {
+  const body = parsedOutput.body;
+  const deserialized = de_OrganizationNotFoundException(body.Error, context);
+  const exception = new OrganizationNotFoundException({
+    $metadata: deserializeMetadata(parsedOutput),
+    ...deserialized
+  });
+  return (0, import_smithy_client.decorateServiceException)(exception, body);
+}, "de_OrganizationNotFoundExceptionRes");
+var de_OrganizationNotInAllFeaturesModeExceptionRes = /* @__PURE__ */ __name(async (parsedOutput, context) => {
+  const body = parsedOutput.body;
+  const deserialized = de_OrganizationNotInAllFeaturesModeException(body.Error, context);
+  const exception = new OrganizationNotInAllFeaturesModeException({
+    $metadata: deserializeMetadata(parsedOutput),
+    ...deserialized
+  });
+  return (0, import_smithy_client.decorateServiceException)(exception, body);
+}, "de_OrganizationNotInAllFeaturesModeExceptionRes");
 var de_PasswordPolicyViolationExceptionRes = /* @__PURE__ */ __name(async (parsedOutput, context) => {
   const body = parsedOutput.body;
   const deserialized = de_PasswordPolicyViolationException(body.Error, context);
@@ -4869,6 +5147,15 @@ var de_ReportGenerationLimitExceededExceptionRes = /* @__PURE__ */ __name(async
   });
   return (0, import_smithy_client.decorateServiceException)(exception, body);
 }, "de_ReportGenerationLimitExceededExceptionRes");
+var de_ServiceAccessNotEnabledExceptionRes = /* @__PURE__ */ __name(async (parsedOutput, context) => {
+  const body = parsedOutput.body;
+  const deserialized = de_ServiceAccessNotEnabledException(body.Error, context);
+  const exception = new ServiceAccessNotEnabledException({
+    $metadata: deserializeMetadata(parsedOutput),
+    ...deserialized
+  });
+  return (0, import_smithy_client.decorateServiceException)(exception, body);
+}, "de_ServiceAccessNotEnabledExceptionRes");
 var de_ServiceFailureExceptionRes = /* @__PURE__ */ __name(async (parsedOutput, context) => {
   const body = parsedOutput.body;
   const deserialized = de_ServiceFailureException(body.Error, context);
@@ -5523,6 +5810,14 @@ var se_DetachUserPolicyRequest = /* @__PURE__ */ __name((input, context) => {
   }
   return entries;
 }, "se_DetachUserPolicyRequest");
+var se_DisableOrganizationsRootCredentialsManagementRequest = /* @__PURE__ */ __name((input, context) => {
+  const entries = {};
+  return entries;
+}, "se_DisableOrganizationsRootCredentialsManagementRequest");
+var se_DisableOrganizationsRootSessionsRequest = /* @__PURE__ */ __name((input, context) => {
+  const entries = {};
+  return entries;
+}, "se_DisableOrganizationsRootSessionsRequest");
 var se_EnableMFADeviceRequest = /* @__PURE__ */ __name((input, context) => {
   const entries = {};
   if (input[_UN] != null) {
@@ -5539,6 +5834,14 @@ var se_EnableMFADeviceRequest = /* @__PURE__ */ __name((input, context) => {
   }
   return entries;
 }, "se_EnableMFADeviceRequest");
+var se_EnableOrganizationsRootCredentialsManagementRequest = /* @__PURE__ */ __name((input, context) => {
+  const entries = {};
+  return entries;
+}, "se_EnableOrganizationsRootCredentialsManagementRequest");
+var se_EnableOrganizationsRootSessionsRequest = /* @__PURE__ */ __name((input, context) => {
+  const entries = {};
+  return entries;
+}, "se_EnableOrganizationsRootSessionsRequest");
 var se_entityListType = /* @__PURE__ */ __name((input, context) => {
   const entries = {};
   let counter = 1;
@@ -6030,6 +6333,10 @@ var se_ListOpenIDConnectProviderTagsRequest = /* @__PURE__ */ __name((input, con
   }
   return entries;
 }, "se_ListOpenIDConnectProviderTagsRequest");
+var se_ListOrganizationsFeaturesRequest = /* @__PURE__ */ __name((input, context) => {
+  const entries = {};
+  return entries;
+}, "se_ListOrganizationsFeaturesRequest");
 var se_ListPoliciesGrantingServiceAccessRequest = /* @__PURE__ */ __name((input, context) => {
   var _a;
   const entries = {};
@@ -7254,6 +7561,13 @@ var de_accountAliasListType = /* @__PURE__ */ __name((output, context) => {
     return (0, import_smithy_client.expectString)(entry);
   });
 }, "de_accountAliasListType");
+var de_AccountNotManagementOrDelegatedAdministratorException = /* @__PURE__ */ __name((output, context) => {
+  const contents = {};
+  if (output[_Me] != null) {
+    contents[_Me] = (0, import_smithy_client.expectString)(output[_Me]);
+  }
+  return contents;
+}, "de_AccountNotManagementOrDelegatedAdministratorException");
 var de_ArnListType = /* @__PURE__ */ __name((output, context) => {
   return (output || []).filter((e) => e != null).map((entry) => {
     return (0, import_smithy_client.expectString)(entry);
@@ -7284,6 +7598,13 @@ var de_AttachedPolicy = /* @__PURE__ */ __name((output, context) => {
   }
   return contents;
 }, "de_AttachedPolicy");
+var de_CallerIsNotManagementAccountException = /* @__PURE__ */ __name((output, context) => {
+  const contents = {};
+  if (output[_Me] != null) {
+    contents[_Me] = (0, import_smithy_client.expectString)(output[_Me]);
+  }
+  return contents;
+}, "de_CallerIsNotManagementAccountException");
 var de_certificateListType = /* @__PURE__ */ __name((output, context) => {
   return (output || []).filter((e) => e != null).map((entry) => {
     return de_SigningCertificate(entry, context);
@@ -7463,6 +7784,30 @@ var de_DeletionTaskFailureReasonType = /* @__PURE__ */ __name((output, context)
   }
   return contents;
 }, "de_DeletionTaskFailureReasonType");
+var de_DisableOrganizationsRootCredentialsManagementResponse = /* @__PURE__ */ __name((output, context) => {
+  const contents = {};
+  if (output[_OI] != null) {
+    contents[_OI] = (0, import_smithy_client.expectString)(output[_OI]);
+  }
+  if (output.EnabledFeatures === "") {
+    contents[_EFn] = [];
+  } else if (output[_EFn] != null && output[_EFn][_me] != null) {
+    contents[_EFn] = de_FeaturesListType((0, import_smithy_client.getArrayIfSingleItem)(output[_EFn][_me]), context);
+  }
+  return contents;
+}, "de_DisableOrganizationsRootCredentialsManagementResponse");
+var de_DisableOrganizationsRootSessionsResponse = /* @__PURE__ */ __name((output, context) => {
+  const contents = {};
+  if (output[_OI] != null) {
+    contents[_OI] = (0, import_smithy_client.expectString)(output[_OI]);
+  }
+  if (output.EnabledFeatures === "") {
+    contents[_EFn] = [];
+  } else if (output[_EFn] != null && output[_EFn][_me] != null) {
+    contents[_EFn] = de_FeaturesListType((0, import_smithy_client.getArrayIfSingleItem)(output[_EFn][_me]), context);
+  }
+  return contents;
+}, "de_DisableOrganizationsRootSessionsResponse");
 var de_DuplicateCertificateException = /* @__PURE__ */ __name((output, context) => {
   const contents = {};
   if (output[_m] != null) {
@@ -7477,6 +7822,30 @@ var de_DuplicateSSHPublicKeyException = /* @__PURE__ */ __name((output, context)
   }
   return contents;
 }, "de_DuplicateSSHPublicKeyException");
+var de_EnableOrganizationsRootCredentialsManagementResponse = /* @__PURE__ */ __name((output, context) => {
+  const contents = {};
+  if (output[_OI] != null) {
+    contents[_OI] = (0, import_smithy_client.expectString)(output[_OI]);
+  }
+  if (output.EnabledFeatures === "") {
+    contents[_EFn] = [];
+  } else if (output[_EFn] != null && output[_EFn][_me] != null) {
+    contents[_EFn] = de_FeaturesListType((0, import_smithy_client.getArrayIfSingleItem)(output[_EFn][_me]), context);
+  }
+  return contents;
+}, "de_EnableOrganizationsRootCredentialsManagementResponse");
+var de_EnableOrganizationsRootSessionsResponse = /* @__PURE__ */ __name((output, context) => {
+  const contents = {};
+  if (output[_OI] != null) {
+    contents[_OI] = (0, import_smithy_client.expectString)(output[_OI]);
+  }
+  if (output.EnabledFeatures === "") {
+    contents[_EFn] = [];
+  } else if (output[_EFn] != null && output[_EFn][_me] != null) {
+    contents[_EFn] = de_FeaturesListType((0, import_smithy_client.getArrayIfSingleItem)(output[_EFn][_me]), context);
+  }
+  return contents;
+}, "de_EnableOrganizationsRootSessionsResponse");
 var de_EntityAlreadyExistsException = /* @__PURE__ */ __name((output, context) => {
   const contents = {};
   if (output[_m] != null) {
@@ -7588,6 +7957,11 @@ var de_EvaluationResultsListType = /* @__PURE__ */ __name((output, context) => {
     return de_EvaluationResult(entry, context);
   });
 }, "de_EvaluationResultsListType");
+var de_FeaturesListType = /* @__PURE__ */ __name((output, context) => {
+  return (output || []).filter((e) => e != null).map((entry) => {
+    return (0, import_smithy_client.expectString)(entry);
+  });
+}, "de_FeaturesListType");
 var de_GenerateCredentialReportResponse = /* @__PURE__ */ __name((output, context) => {
   const contents = {};
   if (output[_Sta] != null) {
@@ -8354,6 +8728,18 @@ var de_ListOpenIDConnectProviderTagsResponse = /* @__PURE__ */ __name((output, c
   }
   return contents;
 }, "de_ListOpenIDConnectProviderTagsResponse");
+var de_ListOrganizationsFeaturesResponse = /* @__PURE__ */ __name((output, context) => {
+  const contents = {};
+  if (output[_OI] != null) {
+    contents[_OI] = (0, import_smithy_client.expectString)(output[_OI]);
+  }
+  if (output.EnabledFeatures === "") {
+    contents[_EFn] = [];
+  } else if (output[_EFn] != null && output[_EFn][_me] != null) {
+    contents[_EFn] = de_FeaturesListType((0, import_smithy_client.getArrayIfSingleItem)(output[_EFn][_me]), context);
+  }
+  return contents;
+}, "de_ListOrganizationsFeaturesResponse");
 var de_ListPoliciesGrantingServiceAccessEntry = /* @__PURE__ */ __name((output, context) => {
   const contents = {};
   if (output[_SNer] != null) {
@@ -8750,6 +9136,20 @@ var de_OpenIdIdpCommunicationErrorException = /* @__PURE__ */ __name((output, co
   }
   return contents;
 }, "de_OpenIdIdpCommunicationErrorException");
+var de_OrganizationNotFoundException = /* @__PURE__ */ __name((output, context) => {
+  const contents = {};
+  if (output[_Me] != null) {
+    contents[_Me] = (0, import_smithy_client.expectString)(output[_Me]);
+  }
+  return contents;
+}, "de_OrganizationNotFoundException");
+var de_OrganizationNotInAllFeaturesModeException = /* @__PURE__ */ __name((output, context) => {
+  const contents = {};
+  if (output[_Me] != null) {
+    contents[_Me] = (0, import_smithy_client.expectString)(output[_Me]);
+  }
+  return contents;
+}, "de_OrganizationNotInAllFeaturesModeException");
 var de_OrganizationsDecisionDetail = /* @__PURE__ */ __name((output, context) => {
   const contents = {};
   if (output[_ABO] != null) {
@@ -9220,6 +9620,13 @@ var de_serverCertificateMetadataListType = /* @__PURE__ */ __name((output, conte
     return de_ServerCertificateMetadata(entry, context);
   });
 }, "de_serverCertificateMetadataListType");
+var de_ServiceAccessNotEnabledException = /* @__PURE__ */ __name((output, context) => {
+  const contents = {};
+  if (output[_Me] != null) {
+    contents[_Me] = (0, import_smithy_client.expectString)(output[_Me]);
+  }
+  return contents;
+}, "de_ServiceAccessNotEnabledException");
 var de_ServiceFailureException = /* @__PURE__ */ __name((output, context) => {
   const contents = {};
   if (output[_m] != null) {
@@ -9738,6 +10145,8 @@ var _DIP = "DeleteInstanceProfile";
 var _DLP = "DeleteLoginProfile";
 var _DMFAD = "DeactivateMFADevice";
 var _DOIDCP = "DeleteOpenIDConnectProvider";
+var _DORCM = "DisableOrganizationsRootCredentialsManagement";
+var _DORS = "DisableOrganizationsRootSessions";
 var _DP = "DeletePolicy";
 var _DPV = "DeletePolicyVersion";
 var _DR = "DeleteRole";
@@ -9766,9 +10175,12 @@ var _EDL = "EntityDetailsList";
 var _EDn = "EnableDate";
 var _EDr = "ErrorDetails";
 var _EF = "EntityFilter";
+var _EFn = "EnabledFeatures";
 var _EI = "EntityInfo";
 var _EMFAD = "EnableMFADevice";
 var _EN = "EntityName";
+var _EORCM = "EnableOrganizationsRootCredentialsManagement";
+var _EORS = "EnableOrganizationsRootSessions";
 var _EP = "EntityPath";
 var _EPn = "EndPosition";
 var _EPx = "ExpirePasswords";
@@ -9857,6 +10269,7 @@ var _LIPFR = "ListInstanceProfilesForRole";
 var _LIPT = "ListInstanceProfileTags";
 var _LMFAD = "ListMFADevices";
 var _LMFADT = "ListMFADeviceTags";
+var _LOF = "ListOrganizationsFeatures";
 var _LOIDCP = "ListOpenIDConnectProviders";
 var _LOIDCPT = "ListOpenIDConnectProviderTags";
 var _LP = "ListPolicies";
@@ -9898,6 +10311,7 @@ var _NSCN = "NewServerCertificateName";
 var _NUN = "NewUserName";
 var _OA = "OnlyAttached";
 var _ODD = "OrganizationsDecisionDetail";
+var _OI = "OrganizationId";
 var _OIDCPA = "OpenIDConnectProviderArn";
 var _OIDCPL = "OpenIDConnectProviderList";
 var _OP = "OldPassword";
@@ -10740,6 +11154,34 @@ var _DetachUserPolicyCommand = class _DetachUserPolicyCommand extends import_smi
 __name(_DetachUserPolicyCommand, "DetachUserPolicyCommand");
 var DetachUserPolicyCommand = _DetachUserPolicyCommand;
+// src/commands/DisableOrganizationsRootCredentialsManagementCommand.ts
+var _DisableOrganizationsRootCredentialsManagementCommand = class _DisableOrganizationsRootCredentialsManagementCommand extends import_smithy_client.Command.classBuilder().ep(commonParams).m(function(Command, cs, config, o) {
+  return [
+    (0, import_middleware_serde.getSerdePlugin)(config, this.serialize, this.deserialize),
+    (0, import_middleware_endpoint.getEndpointPlugin)(config, Command.getEndpointParameterInstructions())
+  ];
+}).s("AWSIdentityManagementV20100508", "DisableOrganizationsRootCredentialsManagement", {}).n("IAMClient", "DisableOrganizationsRootCredentialsManagementCommand").f(void 0, void 0).ser(se_DisableOrganizationsRootCredentialsManagementCommand).de(de_DisableOrganizationsRootCredentialsManagementCommand).build() {
+};
+__name(_DisableOrganizationsRootCredentialsManagementCommand, "DisableOrganizationsRootCredentialsManagementCommand");
+var DisableOrganizationsRootCredentialsManagementCommand = _DisableOrganizationsRootCredentialsManagementCommand;
+// src/commands/DisableOrganizationsRootSessionsCommand.ts
+var _DisableOrganizationsRootSessionsCommand = class _DisableOrganizationsRootSessionsCommand extends import_smithy_client.Command.classBuilder().ep(commonParams).m(function(Command, cs, config, o) {
+  return [
+    (0, import_middleware_serde.getSerdePlugin)(config, this.serialize, this.deserialize),
+    (0, import_middleware_endpoint.getEndpointPlugin)(config, Command.getEndpointParameterInstructions())
+  ];
+}).s("AWSIdentityManagementV20100508", "DisableOrganizationsRootSessions", {}).n("IAMClient", "DisableOrganizationsRootSessionsCommand").f(void 0, void 0).ser(se_DisableOrganizationsRootSessionsCommand).de(de_DisableOrganizationsRootSessionsCommand).build() {
+};
+__name(_DisableOrganizationsRootSessionsCommand, "DisableOrganizationsRootSessionsCommand");
+var DisableOrganizationsRootSessionsCommand = _DisableOrganizationsRootSessionsCommand;
 // src/commands/EnableMFADeviceCommand.ts
@@ -10754,6 +11196,34 @@ var _EnableMFADeviceCommand = class _EnableMFADeviceCommand extends import_smith
 __name(_EnableMFADeviceCommand, "EnableMFADeviceCommand");
 var EnableMFADeviceCommand = _EnableMFADeviceCommand;
+// src/commands/EnableOrganizationsRootCredentialsManagementCommand.ts
+var _EnableOrganizationsRootCredentialsManagementCommand = class _EnableOrganizationsRootCredentialsManagementCommand extends import_smithy_client.Command.classBuilder().ep(commonParams).m(function(Command, cs, config, o) {
+  return [
+    (0, import_middleware_serde.getSerdePlugin)(config, this.serialize, this.deserialize),
+    (0, import_middleware_endpoint.getEndpointPlugin)(config, Command.getEndpointParameterInstructions())
+  ];
+}).s("AWSIdentityManagementV20100508", "EnableOrganizationsRootCredentialsManagement", {}).n("IAMClient", "EnableOrganizationsRootCredentialsManagementCommand").f(void 0, void 0).ser(se_EnableOrganizationsRootCredentialsManagementCommand).de(de_EnableOrganizationsRootCredentialsManagementCommand).build() {
+};
+__name(_EnableOrganizationsRootCredentialsManagementCommand, "EnableOrganizationsRootCredentialsManagementCommand");
+var EnableOrganizationsRootCredentialsManagementCommand = _EnableOrganizationsRootCredentialsManagementCommand;
+// src/commands/EnableOrganizationsRootSessionsCommand.ts
+var _EnableOrganizationsRootSessionsCommand = class _EnableOrganizationsRootSessionsCommand extends import_smithy_client.Command.classBuilder().ep(commonParams).m(function(Command, cs, config, o) {
+  return [
+    (0, import_middleware_serde.getSerdePlugin)(config, this.serialize, this.deserialize),
+    (0, import_middleware_endpoint.getEndpointPlugin)(config, Command.getEndpointParameterInstructions())
+  ];
+}).s("AWSIdentityManagementV20100508", "EnableOrganizationsRootSessions", {}).n("IAMClient", "EnableOrganizationsRootSessionsCommand").f(void 0, void 0).ser(se_EnableOrganizationsRootSessionsCommand).de(de_EnableOrganizationsRootSessionsCommand).build() {
+};
+__name(_EnableOrganizationsRootSessionsCommand, "EnableOrganizationsRootSessionsCommand");
+var EnableOrganizationsRootSessionsCommand = _EnableOrganizationsRootSessionsCommand;
 // src/commands/GenerateCredentialReportCommand.ts
@@ -11384,6 +11854,20 @@ var _ListOpenIDConnectProviderTagsCommand = class _ListOpenIDConnectProviderTags
 __name(_ListOpenIDConnectProviderTagsCommand, "ListOpenIDConnectProviderTagsCommand");
 var ListOpenIDConnectProviderTagsCommand = _ListOpenIDConnectProviderTagsCommand;
+// src/commands/ListOrganizationsFeaturesCommand.ts
+var _ListOrganizationsFeaturesCommand = class _ListOrganizationsFeaturesCommand extends import_smithy_client.Command.classBuilder().ep(commonParams).m(function(Command, cs, config, o) {
+  return [
+    (0, import_middleware_serde.getSerdePlugin)(config, this.serialize, this.deserialize),
+    (0, import_middleware_endpoint.getEndpointPlugin)(config, Command.getEndpointParameterInstructions())
+  ];
+}).s("AWSIdentityManagementV20100508", "ListOrganizationsFeatures", {}).n("IAMClient", "ListOrganizationsFeaturesCommand").f(void 0, void 0).ser(se_ListOrganizationsFeaturesCommand).de(de_ListOrganizationsFeaturesCommand).build() {
+};
+__name(_ListOrganizationsFeaturesCommand, "ListOrganizationsFeaturesCommand");
+var ListOrganizationsFeaturesCommand = _ListOrganizationsFeaturesCommand;
 // src/commands/ListPoliciesCommand.ts
@@ -12344,7 +12828,11 @@ var commands = {
   DetachGroupPolicyCommand,
   DetachRolePolicyCommand,
   DetachUserPolicyCommand,
+  DisableOrganizationsRootCredentialsManagementCommand,
+  DisableOrganizationsRootSessionsCommand,
   EnableMFADeviceCommand,
+  EnableOrganizationsRootCredentialsManagementCommand,
+  EnableOrganizationsRootSessionsCommand,
   GenerateCredentialReportCommand,
   GenerateOrganizationsAccessReportCommand,
   GenerateServiceLastAccessedDetailsCommand,
@@ -12390,6 +12878,7 @@ var commands = {
   ListMFADeviceTagsCommand,
   ListOpenIDConnectProvidersCommand,
   ListOpenIDConnectProviderTagsCommand,
+  ListOrganizationsFeaturesCommand,
   ListPoliciesCommand,
   ListPoliciesGrantingServiceAccessCommand,
   ListPolicyTagsCommand,
@@ -12757,7 +13246,11 @@ var waitUntilUserExists = /* @__PURE__ */ __name(async (params, input) => {
   DetachGroupPolicyCommand,
   DetachRolePolicyCommand,
   DetachUserPolicyCommand,
+  DisableOrganizationsRootCredentialsManagementCommand,
+  DisableOrganizationsRootSessionsCommand,
   EnableMFADeviceCommand,
+  EnableOrganizationsRootCredentialsManagementCommand,
+  EnableOrganizationsRootSessionsCommand,
   GenerateCredentialReportCommand,
   GenerateOrganizationsAccessReportCommand,
   GenerateServiceLastAccessedDetailsCommand,
@@ -12803,6 +13296,7 @@ var waitUntilUserExists = /* @__PURE__ */ __name(async (params, input) => {
   ListMFADevicesCommand,
   ListOpenIDConnectProviderTagsCommand,
   ListOpenIDConnectProvidersCommand,
+  ListOrganizationsFeaturesCommand,
   ListPoliciesCommand,
   ListPoliciesGrantingServiceAccessCommand,
   ListPolicyTagsCommand,
@@ -12912,6 +13406,7 @@ var waitUntilUserExists = /* @__PURE__ */ __name(async (params, input) => {
   waitUntilUserExists,
   AccessAdvisorUsageGranularityType,
   StatusType,
+  AccountNotManagementOrDelegatedAdministratorException,
   InvalidInputException,
   LimitExceededException,
   NoSuchEntityException,
@@ -12929,7 +13424,12 @@ var waitUntilUserExists = /* @__PURE__ */ __name(async (params, input) => {
   MalformedPolicyDocumentException,
   ServiceNotSupportedException,
   DeleteConflictException,
+  FeatureType,
+  OrganizationNotFoundException,
+  OrganizationNotInAllFeaturesModeException,
+  ServiceAccessNotEnabledException,
   InvalidAuthenticationCodeException,
+  CallerIsNotManagementAccountException,
   ReportStateType,
   ReportGenerationLimitExceededException,
   EntityType,
@@ -12951,7 +13451,6 @@ var waitUntilUserExists = /* @__PURE__ */ __name(async (params, input) => {
   PolicyEvaluationException,
   ContextKeyTypeEnum,
   PolicyEvaluationDecisionType,
-  PolicySourceType,
   AccessKeyFilterSensitiveLog,
   ChangePasswordRequestFilterSensitiveLog,
   CreateAccessKeyResponseFilterSensitiveLog,
@@ -12962,6 +13461,7 @@ var waitUntilUserExists = /* @__PURE__ */ __name(async (params, input) => {
   CreateVirtualMFADeviceResponseFilterSensitiveLog,
   ListVirtualMFADevicesResponseFilterSensitiveLog,
   ResetServiceSpecificCredentialResponseFilterSensitiveLog,
+  PolicySourceType,
   KeyPairMismatchException,
   MalformedCertificateException,
   DuplicateCertificateException,