@aws-sdk/client-organizations 3.216.0 → 3.222.0

package/dist-es/endpoint/ruleset.js

@@ -3,7 +3,7 @@ export const ruleSet = {
     parameters: {
         Region: {
             builtIn: "AWS::Region",
-            required: false,
+            required: true,
             documentation: "The AWS region used to dispatch the request.",
             type: "String",
         },
@@ -200,8 +200,8 @@ export const ruleSet = {
                                                     authSchemes: [
                                                         {
                                                             name: "sigv4",
-                                                            signingName: "organizations",
                                                             signingRegion: "us-east-1",
+                                                            signingName: "organizations",
                                                         },
                                                     ],
                                                 },
@@ -260,8 +260,8 @@ export const ruleSet = {
                                                     authSchemes: [
                                                         {
                                                             name: "sigv4",
-                                                            signingName: "organizations",
                                                             signingRegion: "us-east-1",
+                                                            signingName: "organizations",
                                                         },
                                                     ],
                                                 },
@@ -320,8 +320,8 @@ export const ruleSet = {
                                                     authSchemes: [
                                                         {
                                                             name: "sigv4",
-                                                            signingName: "organizations",
                                                             signingRegion: "us-east-1",
+                                                            signingName: "organizations",
                                                         },
                                                     ],
                                                 },
@@ -346,8 +346,8 @@ export const ruleSet = {
                                     authSchemes: [
                                         {
                                             name: "sigv4",
-                                            signingName: "organizations",
                                             signingRegion: "us-east-1",
+                                            signingName: "organizations",
                                         },
                                     ],
                                 },
@@ -443,8 +443,8 @@ export const ruleSet = {
                                                     authSchemes: [
                                                         {
                                                             name: "sigv4",
-                                                            signingName: "organizations",
                                                             signingRegion: "cn-northwest-1",
+                                                            signingName: "organizations",
                                                         },
                                                     ],
                                                 },
@@ -503,8 +503,8 @@ export const ruleSet = {
                                                     authSchemes: [
                                                         {
                                                             name: "sigv4",
-                                                            signingName: "organizations",
                                                             signingRegion: "cn-northwest-1",
+                                                            signingName: "organizations",
                                                         },
                                                     ],
                                                 },
@@ -563,8 +563,8 @@ export const ruleSet = {
                                                     authSchemes: [
                                                         {
                                                             name: "sigv4",
-                                                            signingName: "organizations",
                                                             signingRegion: "cn-northwest-1",
+                                                            signingName: "organizations",
                                                         },
                                                     ],
                                                 },
@@ -589,8 +589,8 @@ export const ruleSet = {
                                     authSchemes: [
                                         {
                                             name: "sigv4",
-                                            signingName: "organizations",
                                             signingRegion: "cn-northwest-1",
+                                            signingName: "organizations",
                                         },
                                     ],
                                 },
@@ -686,8 +686,8 @@ export const ruleSet = {
                                                     authSchemes: [
                                                         {
                                                             name: "sigv4",
-                                                            signingName: "organizations",
                                                             signingRegion: "us-gov-west-1",
+                                                            signingName: "organizations",
                                                         },
                                                     ],
                                                 },
@@ -746,8 +746,8 @@ export const ruleSet = {
                                                     authSchemes: [
                                                         {
                                                             name: "sigv4",
-                                                            signingName: "organizations",
                                                             signingRegion: "us-gov-west-1",
+                                                            signingName: "organizations",
                                                         },
                                                     ],
                                                 },
@@ -806,8 +806,8 @@ export const ruleSet = {
                                                     authSchemes: [
                                                         {
                                                             name: "sigv4",
-                                                            signingName: "organizations",
                                                             signingRegion: "us-gov-west-1",
+                                                            signingName: "organizations",
                                                         },
                                                     ],
                                                 },
@@ -832,8 +832,8 @@ export const ruleSet = {
                                     authSchemes: [
                                         {
                                             name: "sigv4",
-                                            signingName: "organizations",
                                             signingRegion: "us-gov-west-1",
+                                            signingName: "organizations",
                                         },
                                     ],
                                 },
@@ -1089,8 +1089,8 @@ export const ruleSet = {
                                     authSchemes: [
                                         {
                                             name: "sigv4",
-                                            signingName: "organizations",
                                             signingRegion: "us-east-1",
+                                            signingName: "organizations",
                                         },
                                     ],
                                 },
@@ -1116,8 +1116,8 @@ export const ruleSet = {
                                     authSchemes: [
                                         {
                                             name: "sigv4",
-                                            signingName: "organizations",
                                             signingRegion: "cn-northwest-1",
+                                            signingName: "organizations",
                                         },
                                     ],
                                 },
@@ -1143,8 +1143,8 @@ export const ruleSet = {
                                     authSchemes: [
                                         {
                                             name: "sigv4",
-                                            signingName: "organizations",
                                             signingRegion: "us-gov-west-1",
+                                            signingName: "organizations",
                                         },
                                     ],
                                 },

package/dist-es/models/models_0.js

@@ -170,6 +170,7 @@ export var InvalidInputExceptionReason;
     InvalidInputExceptionReason["INVALID_PARTY_TYPE_TARGET"] = "INVALID_PARTY_TYPE_TARGET";
     InvalidInputExceptionReason["INVALID_PATTERN"] = "INVALID_PATTERN";
     InvalidInputExceptionReason["INVALID_PATTERN_TARGET_ID"] = "INVALID_PATTERN_TARGET_ID";
+    InvalidInputExceptionReason["INVALID_RESOURCE_POLICY_JSON"] = "INVALID_RESOURCE_POLICY_JSON";
     InvalidInputExceptionReason["INVALID_ROLE_NAME"] = "INVALID_ROLE_NAME";
     InvalidInputExceptionReason["INVALID_SYNTAX_ORGANIZATION"] = "INVALID_SYNTAX_ORGANIZATION_ARN";
     InvalidInputExceptionReason["INVALID_SYNTAX_POLICY"] = "INVALID_SYNTAX_POLICY_ID";
@@ -182,6 +183,9 @@ export var InvalidInputExceptionReason;
     InvalidInputExceptionReason["MOVING_ACCOUNT_BETWEEN_DIFFERENT_ROOTS"] = "MOVING_ACCOUNT_BETWEEN_DIFFERENT_ROOTS";
     InvalidInputExceptionReason["TARGET_NOT_SUPPORTED"] = "TARGET_NOT_SUPPORTED";
     InvalidInputExceptionReason["UNRECOGNIZED_SERVICE_PRINCIPAL"] = "UNRECOGNIZED_SERVICE_PRINCIPAL";
+    InvalidInputExceptionReason["UNSUPPORTED_ACTION_IN_RESOURCE_POLICY"] = "UNSUPPORTED_ACTION_IN_RESOURCE_POLICY";
+    InvalidInputExceptionReason["UNSUPPORTED_POLICY_TYPE_IN_RESOURCE_POLICY"] = "UNSUPPORTED_POLICY_TYPE_IN_RESOURCE_POLICY";
+    InvalidInputExceptionReason["UNSUPPORTED_RESOURCE_IN_RESOURCE_POLICY"] = "UNSUPPORTED_RESOURCE_IN_RESOURCE_POLICY";
 })(InvalidInputExceptionReason || (InvalidInputExceptionReason = {}));
 export class InvalidInputException extends __BaseException {
     constructor(opts) {
@@ -475,6 +479,7 @@ export var CreateAccountFailureReason;
     CreateAccountFailureReason["MISSING_PAYMENT_INSTRUMENT"] = "MISSING_PAYMENT_INSTRUMENT";
     CreateAccountFailureReason["PENDING_BUSINESS_VALIDATIONv"] = "PENDING_BUSINESS_VALIDATION";
     CreateAccountFailureReason["UNKNOWN_BUSINESS_VALIDATION"] = "UNKNOWN_BUSINESS_VALIDATION";
+    CreateAccountFailureReason["UPDATE_EXISTING_RESOURCE_POLICY_WITH_TAGS_NOT_SUPPORTED"] = "UPDATE_EXISTING_RESOURCE_POLICY_WITH_TAGS_NOT_SUPPORTED";
 })(CreateAccountFailureReason || (CreateAccountFailureReason = {}));
 export var CreateAccountState;
 (function (CreateAccountState) {
@@ -630,6 +635,19 @@ export class PolicyInUseException extends __BaseException {
         this.Message = opts.Message;
     }
 }
+export class ResourcePolicyNotFoundException extends __BaseException {
+    constructor(opts) {
+        super({
+            name: "ResourcePolicyNotFoundException",
+            $fault: "client",
+            ...opts,
+        });
+        this.name = "ResourcePolicyNotFoundException";
+        this.$fault = "client";
+        Object.setPrototypeOf(this, ResourcePolicyNotFoundException.prototype);
+        this.Message = opts.Message;
+    }
+}
 export class CreateAccountStatusNotFoundException extends __BaseException {
     constructor(opts) {
         super({
@@ -936,6 +954,15 @@ export const DescribePolicyRequestFilterSensitiveLog = (obj) => ({
 export const DescribePolicyResponseFilterSensitiveLog = (obj) => ({
     ...obj,
 });
+export const ResourcePolicySummaryFilterSensitiveLog = (obj) => ({
+    ...obj,
+});
+export const ResourcePolicyFilterSensitiveLog = (obj) => ({
+    ...obj,
+});
+export const DescribeResourcePolicyResponseFilterSensitiveLog = (obj) => ({
+    ...obj,
+});
 export const DetachPolicyRequestFilterSensitiveLog = (obj) => ({
     ...obj,
 });
@@ -1092,6 +1119,12 @@ export const ListTargetsForPolicyResponseFilterSensitiveLog = (obj) => ({
 export const MoveAccountRequestFilterSensitiveLog = (obj) => ({
     ...obj,
 });
+export const PutResourcePolicyRequestFilterSensitiveLog = (obj) => ({
+    ...obj,
+});
+export const PutResourcePolicyResponseFilterSensitiveLog = (obj) => ({
+    ...obj,
+});
 export const RegisterDelegatedAdministratorRequestFilterSensitiveLog = (obj) => ({
     ...obj,
 });

package/dist-es/protocols/Aws_json1_1.js

@@ -1,6 +1,6 @@
 import { HttpRequest as __HttpRequest } from "@aws-sdk/protocol-http";
 import { decorateServiceException as __decorateServiceException, expectBoolean as __expectBoolean, expectNonNull as __expectNonNull, expectNumber as __expectNumber, expectString as __expectString, parseEpochTimestamp as __parseEpochTimestamp, throwDefaultError, } from "@aws-sdk/smithy-client";
-import { AccessDeniedException, AccessDeniedForDependencyException, AccountAlreadyClosedException, AccountAlreadyRegisteredException, AccountNotFoundException, AccountNotRegisteredException, AccountOwnerNotVerifiedException, AlreadyInOrganizationException, AWSOrganizationsNotInUseException, ChildNotFoundException, ConcurrentModificationException, ConflictException, ConstraintViolationException, CreateAccountStatusNotFoundException, DestinationParentNotFoundException, DuplicateAccountException, DuplicateHandshakeException, DuplicateOrganizationalUnitException, DuplicatePolicyAttachmentException, DuplicatePolicyException, EffectivePolicyNotFoundException, FinalizingOrganizationException, HandshakeAlreadyInStateException, HandshakeConstraintViolationException, HandshakeNotFoundException, InvalidHandshakeTransitionException, InvalidInputException, MalformedPolicyDocumentException, MasterCannotLeaveOrganizationException, OrganizationalUnitNotEmptyException, OrganizationalUnitNotFoundException, OrganizationNotEmptyException, ParentNotFoundException, PolicyChangesInProgressException, PolicyInUseException, PolicyNotAttachedException, PolicyNotFoundException, PolicyTypeAlreadyEnabledException, PolicyTypeNotAvailableForOrganizationException, PolicyTypeNotEnabledException, RootNotFoundException, ServiceException, SourceParentNotFoundException, TargetNotFoundException, TooManyRequestsException, UnsupportedAPIEndpointException, } from "../models/models_0";
+import { AccessDeniedException, AccessDeniedForDependencyException, AccountAlreadyClosedException, AccountAlreadyRegisteredException, AccountNotFoundException, AccountNotRegisteredException, AccountOwnerNotVerifiedException, AlreadyInOrganizationException, AWSOrganizationsNotInUseException, ChildNotFoundException, ConcurrentModificationException, ConflictException, ConstraintViolationException, CreateAccountStatusNotFoundException, DestinationParentNotFoundException, DuplicateAccountException, DuplicateHandshakeException, DuplicateOrganizationalUnitException, DuplicatePolicyAttachmentException, DuplicatePolicyException, EffectivePolicyNotFoundException, FinalizingOrganizationException, HandshakeAlreadyInStateException, HandshakeConstraintViolationException, HandshakeNotFoundException, InvalidHandshakeTransitionException, InvalidInputException, MalformedPolicyDocumentException, MasterCannotLeaveOrganizationException, OrganizationalUnitNotEmptyException, OrganizationalUnitNotFoundException, OrganizationNotEmptyException, ParentNotFoundException, PolicyChangesInProgressException, PolicyInUseException, PolicyNotAttachedException, PolicyNotFoundException, PolicyTypeAlreadyEnabledException, PolicyTypeNotAvailableForOrganizationException, PolicyTypeNotEnabledException, ResourcePolicyNotFoundException, RootNotFoundException, ServiceException, SourceParentNotFoundException, TargetNotFoundException, TooManyRequestsException, UnsupportedAPIEndpointException, } from "../models/models_0";
 import { OrganizationsServiceException as __BaseException } from "../models/OrganizationsServiceException";
 export const serializeAws_json1_1AcceptHandshakeCommand = async (input, context) => {
     const headers = {
@@ -118,6 +118,14 @@ export const serializeAws_json1_1DeletePolicyCommand = async (input, context) =>
     body = JSON.stringify(serializeAws_json1_1DeletePolicyRequest(input, context));
     return buildHttpRpcRequest(context, headers, "/", undefined, body);
 };
+export const serializeAws_json1_1DeleteResourcePolicyCommand = async (input, context) => {
+    const headers = {
+        "content-type": "application/x-amz-json-1.1",
+        "x-amz-target": "AWSOrganizationsV20161128.DeleteResourcePolicy",
+    };
+    const body = "{}";
+    return buildHttpRpcRequest(context, headers, "/", undefined, body);
+};
 export const serializeAws_json1_1DeregisterDelegatedAdministratorCommand = async (input, context) => {
     const headers = {
         "content-type": "application/x-amz-json-1.1",
@@ -189,6 +197,14 @@ export const serializeAws_json1_1DescribePolicyCommand = async (input, context)
     body = JSON.stringify(serializeAws_json1_1DescribePolicyRequest(input, context));
     return buildHttpRpcRequest(context, headers, "/", undefined, body);
 };
+export const serializeAws_json1_1DescribeResourcePolicyCommand = async (input, context) => {
+    const headers = {
+        "content-type": "application/x-amz-json-1.1",
+        "x-amz-target": "AWSOrganizationsV20161128.DescribeResourcePolicy",
+    };
+    const body = "{}";
+    return buildHttpRpcRequest(context, headers, "/", undefined, body);
+};
 export const serializeAws_json1_1DetachPolicyCommand = async (input, context) => {
     const headers = {
         "content-type": "application/x-amz-json-1.1",
@@ -413,6 +429,15 @@ export const serializeAws_json1_1MoveAccountCommand = async (input, context) =>
     body = JSON.stringify(serializeAws_json1_1MoveAccountRequest(input, context));
     return buildHttpRpcRequest(context, headers, "/", undefined, body);
 };
+export const serializeAws_json1_1PutResourcePolicyCommand = async (input, context) => {
+    const headers = {
+        "content-type": "application/x-amz-json-1.1",
+        "x-amz-target": "AWSOrganizationsV20161128.PutResourcePolicy",
+    };
+    let body;
+    body = JSON.stringify(serializeAws_json1_1PutResourcePolicyRequest(input, context));
+    return buildHttpRpcRequest(context, headers, "/", undefined, body);
+};
 export const serializeAws_json1_1RegisterDelegatedAdministratorCommand = async (input, context) => {
     const headers = {
         "content-type": "application/x-amz-json-1.1",
@@ -1205,6 +1230,57 @@ const deserializeAws_json1_1DeletePolicyCommandError = async (output, context) =
             });
     }
 };
+export const deserializeAws_json1_1DeleteResourcePolicyCommand = async (output, context) => {
+    if (output.statusCode >= 300) {
+        return deserializeAws_json1_1DeleteResourcePolicyCommandError(output, context);
+    }
+    await collectBody(output.body, context);
+    const response = {
+        $metadata: deserializeMetadata(output),
+    };
+    return Promise.resolve(response);
+};
+const deserializeAws_json1_1DeleteResourcePolicyCommandError = async (output, context) => {
+    const parsedOutput = {
+        ...output,
+        body: await parseErrorBody(output.body, context),
+    };
+    const errorCode = loadRestJsonErrorCode(output, parsedOutput.body);
+    switch (errorCode) {
+        case "AWSOrganizationsNotInUseException":
+        case "com.amazonaws.organizations#AWSOrganizationsNotInUseException":
+            throw await deserializeAws_json1_1AWSOrganizationsNotInUseExceptionResponse(parsedOutput, context);
+        case "AccessDeniedException":
+        case "com.amazonaws.organizations#AccessDeniedException":
+            throw await deserializeAws_json1_1AccessDeniedExceptionResponse(parsedOutput, context);
+        case "ConcurrentModificationException":
+        case "com.amazonaws.organizations#ConcurrentModificationException":
+            throw await deserializeAws_json1_1ConcurrentModificationExceptionResponse(parsedOutput, context);
+        case "ConstraintViolationException":
+        case "com.amazonaws.organizations#ConstraintViolationException":
+            throw await deserializeAws_json1_1ConstraintViolationExceptionResponse(parsedOutput, context);
+        case "ResourcePolicyNotFoundException":
+        case "com.amazonaws.organizations#ResourcePolicyNotFoundException":
+            throw await deserializeAws_json1_1ResourcePolicyNotFoundExceptionResponse(parsedOutput, context);
+        case "ServiceException":
+        case "com.amazonaws.organizations#ServiceException":
+            throw await deserializeAws_json1_1ServiceExceptionResponse(parsedOutput, context);
+        case "TooManyRequestsException":
+        case "com.amazonaws.organizations#TooManyRequestsException":
+            throw await deserializeAws_json1_1TooManyRequestsExceptionResponse(parsedOutput, context);
+        case "UnsupportedAPIEndpointException":
+        case "com.amazonaws.organizations#UnsupportedAPIEndpointException":
+            throw await deserializeAws_json1_1UnsupportedAPIEndpointExceptionResponse(parsedOutput, context);
+        default:
+            const parsedBody = parsedOutput.body;
+            throwDefaultError({
+                output,
+                parsedBody,
+                exceptionCtor: __BaseException,
+                errorCode,
+            });
+    }
+};
 export const deserializeAws_json1_1DeregisterDelegatedAdministratorCommand = async (output, context) => {
     if (output.statusCode >= 300) {
         return deserializeAws_json1_1DeregisterDelegatedAdministratorCommandError(output, context);
@@ -1610,6 +1686,57 @@ const deserializeAws_json1_1DescribePolicyCommandError = async (output, context)
             });
     }
 };
+export const deserializeAws_json1_1DescribeResourcePolicyCommand = async (output, context) => {
+    if (output.statusCode >= 300) {
+        return deserializeAws_json1_1DescribeResourcePolicyCommandError(output, context);
+    }
+    const data = await parseBody(output.body, context);
+    let contents = {};
+    contents = deserializeAws_json1_1DescribeResourcePolicyResponse(data, context);
+    const response = {
+        $metadata: deserializeMetadata(output),
+        ...contents,
+    };
+    return Promise.resolve(response);
+};
+const deserializeAws_json1_1DescribeResourcePolicyCommandError = async (output, context) => {
+    const parsedOutput = {
+        ...output,
+        body: await parseErrorBody(output.body, context),
+    };
+    const errorCode = loadRestJsonErrorCode(output, parsedOutput.body);
+    switch (errorCode) {
+        case "AWSOrganizationsNotInUseException":
+        case "com.amazonaws.organizations#AWSOrganizationsNotInUseException":
+            throw await deserializeAws_json1_1AWSOrganizationsNotInUseExceptionResponse(parsedOutput, context);
+        case "AccessDeniedException":
+        case "com.amazonaws.organizations#AccessDeniedException":
+            throw await deserializeAws_json1_1AccessDeniedExceptionResponse(parsedOutput, context);
+        case "ConstraintViolationException":
+        case "com.amazonaws.organizations#ConstraintViolationException":
+            throw await deserializeAws_json1_1ConstraintViolationExceptionResponse(parsedOutput, context);
+        case "ResourcePolicyNotFoundException":
+        case "com.amazonaws.organizations#ResourcePolicyNotFoundException":
+            throw await deserializeAws_json1_1ResourcePolicyNotFoundExceptionResponse(parsedOutput, context);
+        case "ServiceException":
+        case "com.amazonaws.organizations#ServiceException":
+            throw await deserializeAws_json1_1ServiceExceptionResponse(parsedOutput, context);
+        case "TooManyRequestsException":
+        case "com.amazonaws.organizations#TooManyRequestsException":
+            throw await deserializeAws_json1_1TooManyRequestsExceptionResponse(parsedOutput, context);
+        case "UnsupportedAPIEndpointException":
+        case "com.amazonaws.organizations#UnsupportedAPIEndpointException":
+            throw await deserializeAws_json1_1UnsupportedAPIEndpointExceptionResponse(parsedOutput, context);
+        default:
+            const parsedBody = parsedOutput.body;
+            throwDefaultError({
+                output,
+                parsedBody,
+                exceptionCtor: __BaseException,
+                errorCode,
+            });
+    }
+};
 export const deserializeAws_json1_1DetachPolicyCommand = async (output, context) => {
     if (output.statusCode >= 300) {
         return deserializeAws_json1_1DetachPolicyCommandError(output, context);
@@ -2909,6 +3036,60 @@ const deserializeAws_json1_1MoveAccountCommandError = async (output, context) =>
             });
     }
 };
+export const deserializeAws_json1_1PutResourcePolicyCommand = async (output, context) => {
+    if (output.statusCode >= 300) {
+        return deserializeAws_json1_1PutResourcePolicyCommandError(output, context);
+    }
+    const data = await parseBody(output.body, context);
+    let contents = {};
+    contents = deserializeAws_json1_1PutResourcePolicyResponse(data, context);
+    const response = {
+        $metadata: deserializeMetadata(output),
+        ...contents,
+    };
+    return Promise.resolve(response);
+};
+const deserializeAws_json1_1PutResourcePolicyCommandError = async (output, context) => {
+    const parsedOutput = {
+        ...output,
+        body: await parseErrorBody(output.body, context),
+    };
+    const errorCode = loadRestJsonErrorCode(output, parsedOutput.body);
+    switch (errorCode) {
+        case "AWSOrganizationsNotInUseException":
+        case "com.amazonaws.organizations#AWSOrganizationsNotInUseException":
+            throw await deserializeAws_json1_1AWSOrganizationsNotInUseExceptionResponse(parsedOutput, context);
+        case "AccessDeniedException":
+        case "com.amazonaws.organizations#AccessDeniedException":
+            throw await deserializeAws_json1_1AccessDeniedExceptionResponse(parsedOutput, context);
+        case "ConcurrentModificationException":
+        case "com.amazonaws.organizations#ConcurrentModificationException":
+            throw await deserializeAws_json1_1ConcurrentModificationExceptionResponse(parsedOutput, context);
+        case "ConstraintViolationException":
+        case "com.amazonaws.organizations#ConstraintViolationException":
+            throw await deserializeAws_json1_1ConstraintViolationExceptionResponse(parsedOutput, context);
+        case "InvalidInputException":
+        case "com.amazonaws.organizations#InvalidInputException":
+            throw await deserializeAws_json1_1InvalidInputExceptionResponse(parsedOutput, context);
+        case "ServiceException":
+        case "com.amazonaws.organizations#ServiceException":
+            throw await deserializeAws_json1_1ServiceExceptionResponse(parsedOutput, context);
+        case "TooManyRequestsException":
+        case "com.amazonaws.organizations#TooManyRequestsException":
+            throw await deserializeAws_json1_1TooManyRequestsExceptionResponse(parsedOutput, context);
+        case "UnsupportedAPIEndpointException":
+        case "com.amazonaws.organizations#UnsupportedAPIEndpointException":
+            throw await deserializeAws_json1_1UnsupportedAPIEndpointExceptionResponse(parsedOutput, context);
+        default:
+            const parsedBody = parsedOutput.body;
+            throwDefaultError({
+                output,
+                parsedBody,
+                exceptionCtor: __BaseException,
+                errorCode,
+            });
+    }
+};
 export const deserializeAws_json1_1RegisterDelegatedAdministratorCommand = async (output, context) => {
     if (output.statusCode >= 300) {
         return deserializeAws_json1_1RegisterDelegatedAdministratorCommandError(output, context);
@@ -3602,6 +3783,15 @@ const deserializeAws_json1_1PolicyTypeNotEnabledExceptionResponse = async (parse
     });
     return __decorateServiceException(exception, body);
 };
+const deserializeAws_json1_1ResourcePolicyNotFoundExceptionResponse = async (parsedOutput, context) => {
+    const body = parsedOutput.body;
+    const deserialized = deserializeAws_json1_1ResourcePolicyNotFoundException(body, context);
+    const exception = new ResourcePolicyNotFoundException({
+        $metadata: deserializeMetadata(parsedOutput),
+        ...deserialized,
+    });
+    return __decorateServiceException(exception, body);
+};
 const deserializeAws_json1_1RootNotFoundExceptionResponse = async (parsedOutput, context) => {
     const body = parsedOutput.body;
     const deserialized = deserializeAws_json1_1RootNotFoundException(body, context);
@@ -3942,6 +4132,12 @@ const serializeAws_json1_1MoveAccountRequest = (input, context) => {
         ...(input.SourceParentId != null && { SourceParentId: input.SourceParentId }),
     };
 };
+const serializeAws_json1_1PutResourcePolicyRequest = (input, context) => {
+    return {
+        ...(input.Content != null && { Content: input.Content }),
+        ...(input.Tags != null && { Tags: serializeAws_json1_1Tags(input.Tags, context) }),
+    };
+};
 const serializeAws_json1_1RegisterDelegatedAdministratorRequest = (input, context) => {
     return {
         ...(input.AccountId != null && { AccountId: input.AccountId }),
@@ -4272,6 +4468,11 @@ const deserializeAws_json1_1DescribePolicyResponse = (output, context) => {
         Policy: output.Policy != null ? deserializeAws_json1_1Policy(output.Policy, context) : undefined,
     };
 };
+const deserializeAws_json1_1DescribeResourcePolicyResponse = (output, context) => {
+    return {
+        ResourcePolicy: output.ResourcePolicy != null ? deserializeAws_json1_1ResourcePolicy(output.ResourcePolicy, context) : undefined,
+    };
+};
 const deserializeAws_json1_1DestinationParentNotFoundException = (output, context) => {
     return {
         Message: __expectString(output.Message),
@@ -4732,6 +4933,30 @@ const deserializeAws_json1_1PolicyTypeSummary = (output, context) => {
         Type: __expectString(output.Type),
     };
 };
+const deserializeAws_json1_1PutResourcePolicyResponse = (output, context) => {
+    return {
+        ResourcePolicy: output.ResourcePolicy != null ? deserializeAws_json1_1ResourcePolicy(output.ResourcePolicy, context) : undefined,
+    };
+};
+const deserializeAws_json1_1ResourcePolicy = (output, context) => {
+    return {
+        Content: __expectString(output.Content),
+        ResourcePolicySummary: output.ResourcePolicySummary != null
+            ? deserializeAws_json1_1ResourcePolicySummary(output.ResourcePolicySummary, context)
+            : undefined,
+    };
+};
+const deserializeAws_json1_1ResourcePolicyNotFoundException = (output, context) => {
+    return {
+        Message: __expectString(output.Message),
+    };
+};
+const deserializeAws_json1_1ResourcePolicySummary = (output, context) => {
+    return {
+        Arn: __expectString(output.Arn),
+        Id: __expectString(output.Id),
+    };
+};
 const deserializeAws_json1_1Root = (output, context) => {
     return {
         Arn: __expectString(output.Arn),

package/dist-types/Organizations.d.ts

@@ -12,6 +12,7 @@ import { DeclineHandshakeCommandInput, DeclineHandshakeCommandOutput } from "./c
 import { DeleteOrganizationalUnitCommandInput, DeleteOrganizationalUnitCommandOutput } from "./commands/DeleteOrganizationalUnitCommand";
 import { DeleteOrganizationCommandInput, DeleteOrganizationCommandOutput } from "./commands/DeleteOrganizationCommand";
 import { DeletePolicyCommandInput, DeletePolicyCommandOutput } from "./commands/DeletePolicyCommand";
+import { DeleteResourcePolicyCommandInput, DeleteResourcePolicyCommandOutput } from "./commands/DeleteResourcePolicyCommand";
 import { DeregisterDelegatedAdministratorCommandInput, DeregisterDelegatedAdministratorCommandOutput } from "./commands/DeregisterDelegatedAdministratorCommand";
 import { DescribeAccountCommandInput, DescribeAccountCommandOutput } from "./commands/DescribeAccountCommand";
 import { DescribeCreateAccountStatusCommandInput, DescribeCreateAccountStatusCommandOutput } from "./commands/DescribeCreateAccountStatusCommand";
@@ -20,6 +21,7 @@ import { DescribeHandshakeCommandInput, DescribeHandshakeCommandOutput } from ".
 import { DescribeOrganizationalUnitCommandInput, DescribeOrganizationalUnitCommandOutput } from "./commands/DescribeOrganizationalUnitCommand";
 import { DescribeOrganizationCommandInput, DescribeOrganizationCommandOutput } from "./commands/DescribeOrganizationCommand";
 import { DescribePolicyCommandInput, DescribePolicyCommandOutput } from "./commands/DescribePolicyCommand";
+import { DescribeResourcePolicyCommandInput, DescribeResourcePolicyCommandOutput } from "./commands/DescribeResourcePolicyCommand";
 import { DetachPolicyCommandInput, DetachPolicyCommandOutput } from "./commands/DetachPolicyCommand";
 import { DisableAWSServiceAccessCommandInput, DisableAWSServiceAccessCommandOutput } from "./commands/DisableAWSServiceAccessCommand";
 import { DisablePolicyTypeCommandInput, DisablePolicyTypeCommandOutput } from "./commands/DisablePolicyTypeCommand";
@@ -45,6 +47,7 @@ import { ListRootsCommandInput, ListRootsCommandOutput } from "./commands/ListRo
 import { ListTagsForResourceCommandInput, ListTagsForResourceCommandOutput } from "./commands/ListTagsForResourceCommand";
 import { ListTargetsForPolicyCommandInput, ListTargetsForPolicyCommandOutput } from "./commands/ListTargetsForPolicyCommand";
 import { MoveAccountCommandInput, MoveAccountCommandOutput } from "./commands/MoveAccountCommand";
+import { PutResourcePolicyCommandInput, PutResourcePolicyCommandOutput } from "./commands/PutResourcePolicyCommand";
 import { RegisterDelegatedAdministratorCommandInput, RegisterDelegatedAdministratorCommandOutput } from "./commands/RegisterDelegatedAdministratorCommand";
 import { RemoveAccountFromOrganizationCommandInput, RemoveAccountFromOrganizationCommandOutput } from "./commands/RemoveAccountFromOrganizationCommand";
 import { TagResourceCommandInput, TagResourceCommandOutput } from "./commands/TagResourceCommand";
@@ -130,7 +133,7 @@ export declare class Organizations extends OrganizationsClient {
     /**
      * <p>Sends a response to the originator of a handshake agreeing to the action proposed by
      *             the handshake request.</p>
-     *         <p>This operation can be called only by the following principals when they also have the
+     *         <p>You can only call this operation by the following principals when they also have the
      *             relevant IAM permissions:</p>
      *         <ul>
      *             <li>
@@ -242,9 +245,9 @@ export declare class Organizations extends OrganizationsClient {
      *                         grace period while the account is in SUSPENDED status. </p>
      *                 </li>
      *                <li>
-     *                     <p>If the Amazon Web Services account you attempt to close is linked to an Amazon Web Services GovCloud (US)
-     *                         account, the <code>CloseAccount</code> request will close both accounts. To
-     *                         learn important pre-closure details, see <a href="https://docs.aws.amazon.com/govcloud-us/latest/UserGuide/Closing-govcloud-account.html">
+     *                     <p>If the Amazon Web Services account you attempt to close is linked to an Amazon Web Services GovCloud
+     *                         (US) account, the <code>CloseAccount</code> request will close both
+     *                         accounts. To learn important pre-closure details, see <a href="https://docs.aws.amazon.com/govcloud-us/latest/UserGuide/Closing-govcloud-account.html">
      *                             Closing an Amazon Web Services GovCloud (US) account</a> in the <i>
      *                             Amazon Web Services GovCloud User Guide</i>.</p>
      *                 </li>
@@ -266,8 +269,8 @@ export declare class Organizations extends OrganizationsClient {
      *             account. To check the status of the request, do one of the following:</p>
      *         <ul>
      *             <li>
-     *                 <p>Use the <code>Id</code> member of the <code>CreateAccountStatus</code>
-     *                     response element from this operation to provide as a parameter to the <a>DescribeCreateAccountStatus</a> operation.</p>
+     *                 <p>Use the <code>Id</code> value of the <code>CreateAccountStatus</code> response
+     *                     element from this operation to provide as a parameter to the <a>DescribeCreateAccountStatus</a> operation.</p>
      *             </li>
      *             <li>
      *                 <p>Check the CloudTrail log for the <code>CreateAccountResult</code> event. For
@@ -555,6 +558,13 @@ export declare class Organizations extends OrganizationsClient {
     deletePolicy(args: DeletePolicyCommandInput, options?: __HttpHandlerOptions): Promise<DeletePolicyCommandOutput>;
     deletePolicy(args: DeletePolicyCommandInput, cb: (err: any, data?: DeletePolicyCommandOutput) => void): void;
     deletePolicy(args: DeletePolicyCommandInput, options: __HttpHandlerOptions, cb: (err: any, data?: DeletePolicyCommandOutput) => void): void;
+    /**
+     * <p>Deletes the resource policy from your organization.</p>
+     *         <p>You can only call this operation from the organization's management account.</p>
+     */
+    deleteResourcePolicy(args: DeleteResourcePolicyCommandInput, options?: __HttpHandlerOptions): Promise<DeleteResourcePolicyCommandOutput>;
+    deleteResourcePolicy(args: DeleteResourcePolicyCommandInput, cb: (err: any, data?: DeleteResourcePolicyCommandOutput) => void): void;
+    deleteResourcePolicy(args: DeleteResourcePolicyCommandInput, options: __HttpHandlerOptions, cb: (err: any, data?: DeleteResourcePolicyCommandOutput) => void): void;
     /**
      * <p>Removes the specified member Amazon Web Services account as a delegated administrator for the
      *             specified Amazon Web Services service.</p>
@@ -646,6 +656,13 @@ export declare class Organizations extends OrganizationsClient {
     describePolicy(args: DescribePolicyCommandInput, options?: __HttpHandlerOptions): Promise<DescribePolicyCommandOutput>;
     describePolicy(args: DescribePolicyCommandInput, cb: (err: any, data?: DescribePolicyCommandOutput) => void): void;
     describePolicy(args: DescribePolicyCommandInput, options: __HttpHandlerOptions, cb: (err: any, data?: DescribePolicyCommandOutput) => void): void;
+    /**
+     * <p>Retrieves information about a resource policy.</p>
+     *         <p>You can only call this operation from the organization's management account or by a member account that is a delegated administrator for an AWS service.</p>
+     */
+    describeResourcePolicy(args: DescribeResourcePolicyCommandInput, options?: __HttpHandlerOptions): Promise<DescribeResourcePolicyCommandOutput>;
+    describeResourcePolicy(args: DescribeResourcePolicyCommandInput, cb: (err: any, data?: DescribeResourcePolicyCommandOutput) => void): void;
+    describeResourcePolicy(args: DescribeResourcePolicyCommandInput, options: __HttpHandlerOptions, cb: (err: any, data?: DescribeResourcePolicyCommandOutput) => void): void;
     /**
      * <p>Detaches a policy from a target root, organizational unit (OU), or account.</p>
      *         <important>
@@ -792,7 +809,7 @@ export declare class Organizations extends OrganizationsClient {
      *                 Organizations with Other Amazon Web Services Services</a> in the
      *                 <i>Organizations User Guide.</i>
      *          </p>
-     *         <p>This operation can be called only from the organization's management account and only
+     *         <p>You can only call this operation from the organization's management account and only
      *             if the organization has <a href="https://docs.aws.amazon.com/organizations/latest/userguide/orgs_manage_org_support-all-features.html">enabled all
      *                 features</a>.</p>
      */
@@ -1205,6 +1222,13 @@ export declare class Organizations extends OrganizationsClient {
     moveAccount(args: MoveAccountCommandInput, options?: __HttpHandlerOptions): Promise<MoveAccountCommandOutput>;
     moveAccount(args: MoveAccountCommandInput, cb: (err: any, data?: MoveAccountCommandOutput) => void): void;
     moveAccount(args: MoveAccountCommandInput, options: __HttpHandlerOptions, cb: (err: any, data?: MoveAccountCommandOutput) => void): void;
+    /**
+     * <p>Creates or updates a resource policy.</p>
+     *         <p>You can only call this operation from the organization's management account.</p>
+     */
+    putResourcePolicy(args: PutResourcePolicyCommandInput, options?: __HttpHandlerOptions): Promise<PutResourcePolicyCommandOutput>;
+    putResourcePolicy(args: PutResourcePolicyCommandInput, cb: (err: any, data?: PutResourcePolicyCommandOutput) => void): void;
+    putResourcePolicy(args: PutResourcePolicyCommandInput, options: __HttpHandlerOptions, cb: (err: any, data?: PutResourcePolicyCommandOutput) => void): void;
     /**
      * <p>Enables the specified member account to administer the Organizations features of the specified
      *             Amazon Web Services service. It grants read-only access to Organizations service data. The account still