npm - @aws-sdk/client-organizations - Versions diffs - 3.828.0 → 3.831.0 - Mend

@aws-sdk/client-organizations 3.828.0 → 3.831.0

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (66) hide show

package/dist-types/commands/DisablePolicyTypeCommand.d.ts CHANGED Viewed

@@ -37,7 +37,7 @@ declare const DisablePolicyTypeCommand_base: {
  *             first use <a>ListRoots</a> to see the status of policy types for a specified
  *             root, and then use this operation.</p>
  *          <p>This operation can be called only from the organization's
- * management account or by a member account that is a delegated administrator for an Amazon Web Services service.</p>
+ * management account or by a member account that is a delegated administrator.</p>
  *          <p> To view the status of available policy types in the organization, use <a>DescribeOrganization</a>.</p>
  * @example
  * Use a bare-bones client and the command you need to make an API call.
@@ -47,7 +47,7 @@ declare const DisablePolicyTypeCommand_base: {
  * const client = new OrganizationsClient(config);
  * const input = { // DisablePolicyTypeRequest
  *   RootId: "STRING_VALUE", // required
- *   PolicyType: "SERVICE_CONTROL_POLICY" || "RESOURCE_CONTROL_POLICY" || "TAG_POLICY" || "BACKUP_POLICY" || "AISERVICES_OPT_OUT_POLICY" || "CHATBOT_POLICY" || "DECLARATIVE_POLICY_EC2", // required
+ *   PolicyType: "SERVICE_CONTROL_POLICY" || "RESOURCE_CONTROL_POLICY" || "TAG_POLICY" || "BACKUP_POLICY" || "AISERVICES_OPT_OUT_POLICY" || "CHATBOT_POLICY" || "DECLARATIVE_POLICY_EC2" || "SECURITYHUB_POLICY", // required
  * };
  * const command = new DisablePolicyTypeCommand(input);
  * const response = await client.send(command);
@@ -58,7 +58,7 @@ declare const DisablePolicyTypeCommand_base: {
  * //     Name: "STRING_VALUE",
  * //     PolicyTypes: [ // PolicyTypes
  * //       { // PolicyTypeSummary
- * //         Type: "SERVICE_CONTROL_POLICY" || "RESOURCE_CONTROL_POLICY" || "TAG_POLICY" || "BACKUP_POLICY" || "AISERVICES_OPT_OUT_POLICY" || "CHATBOT_POLICY" || "DECLARATIVE_POLICY_EC2",
+ * //         Type: "SERVICE_CONTROL_POLICY" || "RESOURCE_CONTROL_POLICY" || "TAG_POLICY" || "BACKUP_POLICY" || "AISERVICES_OPT_OUT_POLICY" || "CHATBOT_POLICY" || "DECLARATIVE_POLICY_EC2" || "SECURITYHUB_POLICY",
  * //         Status: "ENABLED" || "PENDING_ENABLE" || "PENDING_DISABLE",
  * //       },
  * //     ],
@@ -136,9 +136,11 @@ declare const DisablePolicyTypeCommand_base: {
  *                </important>
  *             </li>
  *             <li>
- *                <p>ALL_FEATURES_MIGRATION_ORGANIZATION_SIZE_LIMIT_EXCEEDED:
- *                     Your organization has more than 5000 accounts, and you can only use the standard migration process for organizations with less than 5000 accounts.
- *                     Use the assisted migration process to enable all features mode, or create a support case for assistance if you are unable to use assisted migration.</p>
+ *                <p>ALL_FEATURES_MIGRATION_ORGANIZATION_SIZE_LIMIT_EXCEEDED: Your organization has
+ *                     more than 5000 accounts, and you can only use the standard migration process for
+ *                     organizations with less than 5000 accounts. Use the assisted migration process
+ *                     to enable all features mode, or create a support case for assistance if you are
+ *                     unable to use assisted migration.</p>
  *             </li>
  *             <li>
  *                <p>CANNOT_REGISTER_SUSPENDED_ACCOUNT_AS_DELEGATED_ADMINISTRATOR: You cannot
@@ -273,17 +275,32 @@ declare const DisablePolicyTypeCommand_base: {
  *                     that you can have in an organization.</p>
  *             </li>
  *             <li>
- *                <p>SERVICE_ACCESS_NOT_ENABLED: You attempted to register a delegated
- *                     administrator before you enabled service access. Call the
- *                         <code>EnableAWSServiceAccess</code> API first.</p>
+ *                <p>POLICY_TYPE_ENABLED_FOR_THIS_SERVICE: You attempted to disable service access
+ *                     before you disabled the policy type (for example, SECURITYHUB_POLICY). To
+ *                     complete this operation, you must first disable the policy type.</p>
+ *             </li>
+ *             <li>
+ *                <p>SERVICE_ACCESS_NOT_ENABLED:</p>
+ *                <ul>
+ *                   <li>
+ *                      <p>You attempted to register a delegated administrator before you enabled
+ *                             service access. Call the <code>EnableAWSServiceAccess</code> API
+ *                             first.</p>
+ *                   </li>
+ *                   <li>
+ *                      <p>You attempted to enable a policy type before you enabled service
+ *                             access. Call the <code>EnableAWSServiceAccess</code> API first.</p>
+ *                   </li>
+ *                </ul>
  *             </li>
  *             <li>
  *                <p>TAG_POLICY_VIOLATION: You attempted to create or update a resource with tags
  *                     that are not compliant with the tag policy requirements for this account.</p>
  *             </li>
  *             <li>
- *                <p>WAIT_PERIOD_ACTIVE: After you create an Amazon Web Services account, you must wait until at least seven days after the account was created.
- *                     Invited accounts aren't subject to this waiting period.</p>
+ *                <p>WAIT_PERIOD_ACTIVE: After you create an Amazon Web Services account, you must wait until at
+ *                     least seven days after the account was created. Invited accounts aren't subject
+ *                     to this waiting period.</p>
  *             </li>
  *          </ul>
  *
@@ -342,7 +359,8 @@ declare const DisablePolicyTypeCommand_base: {
  *                     the required pattern.</p>
  *             </li>
  *             <li>
- *                <p>INVALID_PRINCIPAL: You specified an invalid principal element in the policy.</p>
+ *                <p>INVALID_PRINCIPAL: You specified an invalid principal element in the
+ *                     policy.</p>
  *             </li>
  *             <li>
  *                <p>INVALID_ROLE_NAME: You provided a role name that isn't valid. A role name

package/dist-types/commands/EnableAWSServiceAccessCommand.d.ts CHANGED Viewed

@@ -44,9 +44,7 @@ declare const EnableAWSServiceAccessCommand_base: {
  *          <p>For more information about enabling services to integrate with Organizations, see <a href="https://docs.aws.amazon.com/organizations/latest/userguide/orgs_integrate_services.html">Using
  *                 Organizations with other Amazon Web Services services</a> in the
  *                 <i>Organizations User Guide</i>.</p>
- *          <p>You can only call this operation from the organization's management account and only
- *             if the organization has <a href="https://docs.aws.amazon.com/organizations/latest/userguide/orgs_manage_org_support-all-features.html">enabled all
- *                 features</a>.</p>
+ *          <p>This operation can be called only from the organization's management account.</p>
  * @example
  * Use a bare-bones client and the command you need to make an API call.
  * ```javascript
@@ -131,9 +129,11 @@ declare const EnableAWSServiceAccessCommand_base: {
  *                </important>
  *             </li>
  *             <li>
- *                <p>ALL_FEATURES_MIGRATION_ORGANIZATION_SIZE_LIMIT_EXCEEDED:
- *                     Your organization has more than 5000 accounts, and you can only use the standard migration process for organizations with less than 5000 accounts.
- *                     Use the assisted migration process to enable all features mode, or create a support case for assistance if you are unable to use assisted migration.</p>
+ *                <p>ALL_FEATURES_MIGRATION_ORGANIZATION_SIZE_LIMIT_EXCEEDED: Your organization has
+ *                     more than 5000 accounts, and you can only use the standard migration process for
+ *                     organizations with less than 5000 accounts. Use the assisted migration process
+ *                     to enable all features mode, or create a support case for assistance if you are
+ *                     unable to use assisted migration.</p>
  *             </li>
  *             <li>
  *                <p>CANNOT_REGISTER_SUSPENDED_ACCOUNT_AS_DELEGATED_ADMINISTRATOR: You cannot
@@ -268,17 +268,32 @@ declare const EnableAWSServiceAccessCommand_base: {
  *                     that you can have in an organization.</p>
  *             </li>
  *             <li>
- *                <p>SERVICE_ACCESS_NOT_ENABLED: You attempted to register a delegated
- *                     administrator before you enabled service access. Call the
- *                         <code>EnableAWSServiceAccess</code> API first.</p>
+ *                <p>POLICY_TYPE_ENABLED_FOR_THIS_SERVICE: You attempted to disable service access
+ *                     before you disabled the policy type (for example, SECURITYHUB_POLICY). To
+ *                     complete this operation, you must first disable the policy type.</p>
+ *             </li>
+ *             <li>
+ *                <p>SERVICE_ACCESS_NOT_ENABLED:</p>
+ *                <ul>
+ *                   <li>
+ *                      <p>You attempted to register a delegated administrator before you enabled
+ *                             service access. Call the <code>EnableAWSServiceAccess</code> API
+ *                             first.</p>
+ *                   </li>
+ *                   <li>
+ *                      <p>You attempted to enable a policy type before you enabled service
+ *                             access. Call the <code>EnableAWSServiceAccess</code> API first.</p>
+ *                   </li>
+ *                </ul>
  *             </li>
  *             <li>
  *                <p>TAG_POLICY_VIOLATION: You attempted to create or update a resource with tags
  *                     that are not compliant with the tag policy requirements for this account.</p>
  *             </li>
  *             <li>
- *                <p>WAIT_PERIOD_ACTIVE: After you create an Amazon Web Services account, you must wait until at least seven days after the account was created.
- *                     Invited accounts aren't subject to this waiting period.</p>
+ *                <p>WAIT_PERIOD_ACTIVE: After you create an Amazon Web Services account, you must wait until at
+ *                     least seven days after the account was created. Invited accounts aren't subject
+ *                     to this waiting period.</p>
  *             </li>
  *          </ul>
  *
@@ -337,7 +352,8 @@ declare const EnableAWSServiceAccessCommand_base: {
  *                     the required pattern.</p>
  *             </li>
  *             <li>
- *                <p>INVALID_PRINCIPAL: You specified an invalid principal element in the policy.</p>
+ *                <p>INVALID_PRINCIPAL: You specified an invalid principal element in the
+ *                     policy.</p>
  *             </li>
  *             <li>
  *                <p>INVALID_ROLE_NAME: You provided a role name that isn't valid. A role name

package/dist-types/commands/EnableAllFeaturesCommand.d.ts CHANGED Viewed

@@ -162,9 +162,11 @@ declare const EnableAllFeaturesCommand_base: {
  *                </important>
  *             </li>
  *             <li>
- *                <p>ALL_FEATURES_MIGRATION_ORGANIZATION_SIZE_LIMIT_EXCEEDED:
- *                     Your organization has more than 5000 accounts, and you can only use the standard migration process for organizations with less than 5000 accounts.
- *                     Use the assisted migration process to enable all features mode, or create a support case for assistance if you are unable to use assisted migration.</p>
+ *                <p>ALL_FEATURES_MIGRATION_ORGANIZATION_SIZE_LIMIT_EXCEEDED: Your organization has
+ *                     more than 5000 accounts, and you can only use the standard migration process for
+ *                     organizations with less than 5000 accounts. Use the assisted migration process
+ *                     to enable all features mode, or create a support case for assistance if you are
+ *                     unable to use assisted migration.</p>
  *             </li>
  *             <li>
  *                <p>CANNOT_REGISTER_SUSPENDED_ACCOUNT_AS_DELEGATED_ADMINISTRATOR: You cannot
@@ -299,17 +301,32 @@ declare const EnableAllFeaturesCommand_base: {
  *                     that you can have in an organization.</p>
  *             </li>
  *             <li>
- *                <p>SERVICE_ACCESS_NOT_ENABLED: You attempted to register a delegated
- *                     administrator before you enabled service access. Call the
- *                         <code>EnableAWSServiceAccess</code> API first.</p>
+ *                <p>POLICY_TYPE_ENABLED_FOR_THIS_SERVICE: You attempted to disable service access
+ *                     before you disabled the policy type (for example, SECURITYHUB_POLICY). To
+ *                     complete this operation, you must first disable the policy type.</p>
+ *             </li>
+ *             <li>
+ *                <p>SERVICE_ACCESS_NOT_ENABLED:</p>
+ *                <ul>
+ *                   <li>
+ *                      <p>You attempted to register a delegated administrator before you enabled
+ *                             service access. Call the <code>EnableAWSServiceAccess</code> API
+ *                             first.</p>
+ *                   </li>
+ *                   <li>
+ *                      <p>You attempted to enable a policy type before you enabled service
+ *                             access. Call the <code>EnableAWSServiceAccess</code> API first.</p>
+ *                   </li>
+ *                </ul>
  *             </li>
  *             <li>
  *                <p>TAG_POLICY_VIOLATION: You attempted to create or update a resource with tags
  *                     that are not compliant with the tag policy requirements for this account.</p>
  *             </li>
  *             <li>
- *                <p>WAIT_PERIOD_ACTIVE: After you create an Amazon Web Services account, you must wait until at least seven days after the account was created.
- *                     Invited accounts aren't subject to this waiting period.</p>
+ *                <p>WAIT_PERIOD_ACTIVE: After you create an Amazon Web Services account, you must wait until at
+ *                     least seven days after the account was created. Invited accounts aren't subject
+ *                     to this waiting period.</p>
  *             </li>
  *          </ul>
  *
@@ -357,10 +374,8 @@ declare const EnableAllFeaturesCommand_base: {
  *             </li>
  *             <li>
  *                <p>ORGANIZATION_FROM_DIFFERENT_SELLER_OF_RECORD: The request failed because the
- *                     account is from a different marketplace than the accounts in the organization.
- *                     For example, accounts with India addresses must be associated with the AISPL
- *                     marketplace. All accounts in an organization must be from the same
- *                     marketplace.</p>
+ *                     account is from a different marketplace than the accounts in the
+ *                     organization.</p>
  *             </li>
  *             <li>
  *                <p>ORGANIZATION_MEMBERSHIP_CHANGE_RATE_LIMIT_EXCEEDED: You attempted to change
@@ -428,7 +443,8 @@ declare const EnableAllFeaturesCommand_base: {
  *                     the required pattern.</p>
  *             </li>
  *             <li>
- *                <p>INVALID_PRINCIPAL: You specified an invalid principal element in the policy.</p>
+ *                <p>INVALID_PRINCIPAL: You specified an invalid principal element in the
+ *                     policy.</p>
  *             </li>
  *             <li>
  *                <p>INVALID_ROLE_NAME: You provided a role name that isn't valid. A role name

package/dist-types/commands/EnablePolicyTypeCommand.d.ts CHANGED Viewed

@@ -35,7 +35,7 @@ declare const EnablePolicyTypeCommand_base: {
  *             recommends that you first use <a>ListRoots</a> to see the status of policy
  *             types for a specified root, and then use this operation.</p>
  *          <p>This operation can be called only from the organization's
- * management account or by a member account that is a delegated administrator for an Amazon Web Services service.</p>
+ * management account or by a member account that is a delegated administrator.</p>
  *          <p>You can enable a policy type in a root only if that policy type is available in the
  *             organization. To view the status of available policy types in the organization, use
  *                 <a>DescribeOrganization</a>.</p>
@@ -47,7 +47,7 @@ declare const EnablePolicyTypeCommand_base: {
  * const client = new OrganizationsClient(config);
  * const input = { // EnablePolicyTypeRequest
  *   RootId: "STRING_VALUE", // required
- *   PolicyType: "SERVICE_CONTROL_POLICY" || "RESOURCE_CONTROL_POLICY" || "TAG_POLICY" || "BACKUP_POLICY" || "AISERVICES_OPT_OUT_POLICY" || "CHATBOT_POLICY" || "DECLARATIVE_POLICY_EC2", // required
+ *   PolicyType: "SERVICE_CONTROL_POLICY" || "RESOURCE_CONTROL_POLICY" || "TAG_POLICY" || "BACKUP_POLICY" || "AISERVICES_OPT_OUT_POLICY" || "CHATBOT_POLICY" || "DECLARATIVE_POLICY_EC2" || "SECURITYHUB_POLICY", // required
  * };
  * const command = new EnablePolicyTypeCommand(input);
  * const response = await client.send(command);
@@ -58,7 +58,7 @@ declare const EnablePolicyTypeCommand_base: {
  * //     Name: "STRING_VALUE",
  * //     PolicyTypes: [ // PolicyTypes
  * //       { // PolicyTypeSummary
- * //         Type: "SERVICE_CONTROL_POLICY" || "RESOURCE_CONTROL_POLICY" || "TAG_POLICY" || "BACKUP_POLICY" || "AISERVICES_OPT_OUT_POLICY" || "CHATBOT_POLICY" || "DECLARATIVE_POLICY_EC2",
+ * //         Type: "SERVICE_CONTROL_POLICY" || "RESOURCE_CONTROL_POLICY" || "TAG_POLICY" || "BACKUP_POLICY" || "AISERVICES_OPT_OUT_POLICY" || "CHATBOT_POLICY" || "DECLARATIVE_POLICY_EC2" || "SECURITYHUB_POLICY",
  * //         Status: "ENABLED" || "PENDING_ENABLE" || "PENDING_DISABLE",
  * //       },
  * //     ],
@@ -136,9 +136,11 @@ declare const EnablePolicyTypeCommand_base: {
  *                </important>
  *             </li>
  *             <li>
- *                <p>ALL_FEATURES_MIGRATION_ORGANIZATION_SIZE_LIMIT_EXCEEDED:
- *                     Your organization has more than 5000 accounts, and you can only use the standard migration process for organizations with less than 5000 accounts.
- *                     Use the assisted migration process to enable all features mode, or create a support case for assistance if you are unable to use assisted migration.</p>
+ *                <p>ALL_FEATURES_MIGRATION_ORGANIZATION_SIZE_LIMIT_EXCEEDED: Your organization has
+ *                     more than 5000 accounts, and you can only use the standard migration process for
+ *                     organizations with less than 5000 accounts. Use the assisted migration process
+ *                     to enable all features mode, or create a support case for assistance if you are
+ *                     unable to use assisted migration.</p>
  *             </li>
  *             <li>
  *                <p>CANNOT_REGISTER_SUSPENDED_ACCOUNT_AS_DELEGATED_ADMINISTRATOR: You cannot
@@ -273,17 +275,32 @@ declare const EnablePolicyTypeCommand_base: {
  *                     that you can have in an organization.</p>
  *             </li>
  *             <li>
- *                <p>SERVICE_ACCESS_NOT_ENABLED: You attempted to register a delegated
- *                     administrator before you enabled service access. Call the
- *                         <code>EnableAWSServiceAccess</code> API first.</p>
+ *                <p>POLICY_TYPE_ENABLED_FOR_THIS_SERVICE: You attempted to disable service access
+ *                     before you disabled the policy type (for example, SECURITYHUB_POLICY). To
+ *                     complete this operation, you must first disable the policy type.</p>
+ *             </li>
+ *             <li>
+ *                <p>SERVICE_ACCESS_NOT_ENABLED:</p>
+ *                <ul>
+ *                   <li>
+ *                      <p>You attempted to register a delegated administrator before you enabled
+ *                             service access. Call the <code>EnableAWSServiceAccess</code> API
+ *                             first.</p>
+ *                   </li>
+ *                   <li>
+ *                      <p>You attempted to enable a policy type before you enabled service
+ *                             access. Call the <code>EnableAWSServiceAccess</code> API first.</p>
+ *                   </li>
+ *                </ul>
  *             </li>
  *             <li>
  *                <p>TAG_POLICY_VIOLATION: You attempted to create or update a resource with tags
  *                     that are not compliant with the tag policy requirements for this account.</p>
  *             </li>
  *             <li>
- *                <p>WAIT_PERIOD_ACTIVE: After you create an Amazon Web Services account, you must wait until at least seven days after the account was created.
- *                     Invited accounts aren't subject to this waiting period.</p>
+ *                <p>WAIT_PERIOD_ACTIVE: After you create an Amazon Web Services account, you must wait until at
+ *                     least seven days after the account was created. Invited accounts aren't subject
+ *                     to this waiting period.</p>
  *             </li>
  *          </ul>
  *
@@ -342,7 +359,8 @@ declare const EnablePolicyTypeCommand_base: {
  *                     the required pattern.</p>
  *             </li>
  *             <li>
- *                <p>INVALID_PRINCIPAL: You specified an invalid principal element in the policy.</p>
+ *                <p>INVALID_PRINCIPAL: You specified an invalid principal element in the
+ *                     policy.</p>
  *             </li>
  *             <li>
  *                <p>INVALID_ROLE_NAME: You provided a role name that isn't valid. A role name

package/dist-types/commands/InviteAccountToOrganizationCommand.d.ts CHANGED Viewed

@@ -32,23 +32,10 @@ declare const InviteAccountToOrganizationCommand_base: {
  *             other account's owner. The invitation is implemented as a <a>Handshake</a>
  *             whose details are in the response.</p>
  *          <important>
- *             <ul>
- *                <li>
- *                   <p>You can invite Amazon Web Services accounts only from the same seller as the management
- *                         account. For example, if your organization's management account was created
- *                         by Amazon Internet Services Pvt. Ltd (AISPL), an Amazon Web Services seller in India, you
- *                         can invite only other AISPL accounts to your organization. You can't combine
- *                         accounts from AISPL and Amazon Web Services or from any other Amazon Web Services seller. For more
- *                         information, see <a href="https://docs.aws.amazon.com/awsaccountbilling/latest/aboutv2/useconsolidatedbilling-India.html">Consolidated
- *                             billing in India</a>.</p>
- *                </li>
- *                <li>
- *                   <p>If you receive an exception that indicates that you exceeded your account
+ *             <p>If you receive an exception that indicates that you exceeded your account
  *                         limits for the organization or that the operation failed because your
  *                         organization is still initializing, wait one hour and then try again. If the
  *                         error persists after an hour, contact <a href="https://console.aws.amazon.com/support/home#/">Amazon Web Services Support</a>.</p>
- *                </li>
- *             </ul>
  *          </important>
  *          <p>If the request includes tags, then the requester must have the
  *                 <code>organizations:TagResource</code> permission.</p>
@@ -181,9 +168,11 @@ declare const InviteAccountToOrganizationCommand_base: {
  *                </important>
  *             </li>
  *             <li>
- *                <p>ALL_FEATURES_MIGRATION_ORGANIZATION_SIZE_LIMIT_EXCEEDED:
- *                     Your organization has more than 5000 accounts, and you can only use the standard migration process for organizations with less than 5000 accounts.
- *                     Use the assisted migration process to enable all features mode, or create a support case for assistance if you are unable to use assisted migration.</p>
+ *                <p>ALL_FEATURES_MIGRATION_ORGANIZATION_SIZE_LIMIT_EXCEEDED: Your organization has
+ *                     more than 5000 accounts, and you can only use the standard migration process for
+ *                     organizations with less than 5000 accounts. Use the assisted migration process
+ *                     to enable all features mode, or create a support case for assistance if you are
+ *                     unable to use assisted migration.</p>
  *             </li>
  *             <li>
  *                <p>CANNOT_REGISTER_SUSPENDED_ACCOUNT_AS_DELEGATED_ADMINISTRATOR: You cannot
@@ -318,17 +307,32 @@ declare const InviteAccountToOrganizationCommand_base: {
  *                     that you can have in an organization.</p>
  *             </li>
  *             <li>
- *                <p>SERVICE_ACCESS_NOT_ENABLED: You attempted to register a delegated
- *                     administrator before you enabled service access. Call the
- *                         <code>EnableAWSServiceAccess</code> API first.</p>
+ *                <p>POLICY_TYPE_ENABLED_FOR_THIS_SERVICE: You attempted to disable service access
+ *                     before you disabled the policy type (for example, SECURITYHUB_POLICY). To
+ *                     complete this operation, you must first disable the policy type.</p>
+ *             </li>
+ *             <li>
+ *                <p>SERVICE_ACCESS_NOT_ENABLED:</p>
+ *                <ul>
+ *                   <li>
+ *                      <p>You attempted to register a delegated administrator before you enabled
+ *                             service access. Call the <code>EnableAWSServiceAccess</code> API
+ *                             first.</p>
+ *                   </li>
+ *                   <li>
+ *                      <p>You attempted to enable a policy type before you enabled service
+ *                             access. Call the <code>EnableAWSServiceAccess</code> API first.</p>
+ *                   </li>
+ *                </ul>
  *             </li>
  *             <li>
  *                <p>TAG_POLICY_VIOLATION: You attempted to create or update a resource with tags
  *                     that are not compliant with the tag policy requirements for this account.</p>
  *             </li>
  *             <li>
- *                <p>WAIT_PERIOD_ACTIVE: After you create an Amazon Web Services account, you must wait until at least seven days after the account was created.
- *                     Invited accounts aren't subject to this waiting period.</p>
+ *                <p>WAIT_PERIOD_ACTIVE: After you create an Amazon Web Services account, you must wait until at
+ *                     least seven days after the account was created. Invited accounts aren't subject
+ *                     to this waiting period.</p>
  *             </li>
  *          </ul>
  *
@@ -388,10 +392,8 @@ declare const InviteAccountToOrganizationCommand_base: {
  *             </li>
  *             <li>
  *                <p>ORGANIZATION_FROM_DIFFERENT_SELLER_OF_RECORD: The request failed because the
- *                     account is from a different marketplace than the accounts in the organization.
- *                     For example, accounts with India addresses must be associated with the AISPL
- *                     marketplace. All accounts in an organization must be from the same
- *                     marketplace.</p>
+ *                     account is from a different marketplace than the accounts in the
+ *                     organization.</p>
  *             </li>
  *             <li>
  *                <p>ORGANIZATION_MEMBERSHIP_CHANGE_RATE_LIMIT_EXCEEDED: You attempted to change
@@ -459,7 +461,8 @@ declare const InviteAccountToOrganizationCommand_base: {
  *                     the required pattern.</p>
  *             </li>
  *             <li>
- *                <p>INVALID_PRINCIPAL: You specified an invalid principal element in the policy.</p>
+ *                <p>INVALID_PRINCIPAL: You specified an invalid principal element in the
+ *                     policy.</p>
  *             </li>
  *             <li>
  *                <p>INVALID_ROLE_NAME: You provided a role name that isn't valid. A role name

package/dist-types/commands/LeaveOrganizationCommand.d.ts CHANGED Viewed

@@ -72,11 +72,6 @@ declare const LeaveOrganizationCommand_base: {
  *                         organization.</p>
  *                </li>
  *                <li>
- *                   <p>You can leave an organization only after you enable IAM user access to
- *                         billing in your account. For more information, see <a href="https://docs.aws.amazon.com/awsaccountbilling/latest/aboutv2/grantaccess.html#ControllingAccessWebsite-Activate">About IAM access to the Billing and Cost Management console</a> in the
- *                             <i>Amazon Web Services Billing and Cost Management User Guide</i>.</p>
- *                </li>
- *                <li>
  *                   <p>After the account leaves the organization, all tags that were attached to
  *                         the account object in the organization are deleted. Amazon Web Services accounts outside
  *                         of an organization do not support tags.</p>
@@ -180,9 +175,11 @@ declare const LeaveOrganizationCommand_base: {
  *                </important>
  *             </li>
  *             <li>
- *                <p>ALL_FEATURES_MIGRATION_ORGANIZATION_SIZE_LIMIT_EXCEEDED:
- *                     Your organization has more than 5000 accounts, and you can only use the standard migration process for organizations with less than 5000 accounts.
- *                     Use the assisted migration process to enable all features mode, or create a support case for assistance if you are unable to use assisted migration.</p>
+ *                <p>ALL_FEATURES_MIGRATION_ORGANIZATION_SIZE_LIMIT_EXCEEDED: Your organization has
+ *                     more than 5000 accounts, and you can only use the standard migration process for
+ *                     organizations with less than 5000 accounts. Use the assisted migration process
+ *                     to enable all features mode, or create a support case for assistance if you are
+ *                     unable to use assisted migration.</p>
  *             </li>
  *             <li>
  *                <p>CANNOT_REGISTER_SUSPENDED_ACCOUNT_AS_DELEGATED_ADMINISTRATOR: You cannot
@@ -317,17 +314,32 @@ declare const LeaveOrganizationCommand_base: {
  *                     that you can have in an organization.</p>
  *             </li>
  *             <li>
- *                <p>SERVICE_ACCESS_NOT_ENABLED: You attempted to register a delegated
- *                     administrator before you enabled service access. Call the
- *                         <code>EnableAWSServiceAccess</code> API first.</p>
+ *                <p>POLICY_TYPE_ENABLED_FOR_THIS_SERVICE: You attempted to disable service access
+ *                     before you disabled the policy type (for example, SECURITYHUB_POLICY). To
+ *                     complete this operation, you must first disable the policy type.</p>
+ *             </li>
+ *             <li>
+ *                <p>SERVICE_ACCESS_NOT_ENABLED:</p>
+ *                <ul>
+ *                   <li>
+ *                      <p>You attempted to register a delegated administrator before you enabled
+ *                             service access. Call the <code>EnableAWSServiceAccess</code> API
+ *                             first.</p>
+ *                   </li>
+ *                   <li>
+ *                      <p>You attempted to enable a policy type before you enabled service
+ *                             access. Call the <code>EnableAWSServiceAccess</code> API first.</p>
+ *                   </li>
+ *                </ul>
  *             </li>
  *             <li>
  *                <p>TAG_POLICY_VIOLATION: You attempted to create or update a resource with tags
  *                     that are not compliant with the tag policy requirements for this account.</p>
  *             </li>
  *             <li>
- *                <p>WAIT_PERIOD_ACTIVE: After you create an Amazon Web Services account, you must wait until at least seven days after the account was created.
- *                     Invited accounts aren't subject to this waiting period.</p>
+ *                <p>WAIT_PERIOD_ACTIVE: After you create an Amazon Web Services account, you must wait until at
+ *                     least seven days after the account was created. Invited accounts aren't subject
+ *                     to this waiting period.</p>
  *             </li>
  *          </ul>
  *
@@ -386,7 +398,8 @@ declare const LeaveOrganizationCommand_base: {
  *                     the required pattern.</p>
  *             </li>
  *             <li>
- *                <p>INVALID_PRINCIPAL: You specified an invalid principal element in the policy.</p>
+ *                <p>INVALID_PRINCIPAL: You specified an invalid principal element in the
+ *                     policy.</p>
  *             </li>
  *             <li>
  *                <p>INVALID_ROLE_NAME: You provided a role name that isn't valid. A role name

package/dist-types/commands/ListAWSServiceAccessForOrganizationCommand.d.ts CHANGED Viewed

@@ -34,7 +34,7 @@ declare const ListAWSServiceAccessForOrganizationCommand_base: {
  *             list of services that currently work with Organizations, see <a href="https://docs.aws.amazon.com/organizations/latest/userguide/orgs_integrate_services.html">Using Organizations with other Amazon Web Services
  *                 services</a> in the <i>Organizations User Guide</i>.</p>
  *          <p>This operation can be called only from the organization's
- * management account or by a member account that is a delegated administrator for an Amazon Web Services service.</p>
+ * management account or by a member account that is a delegated administrator.</p>
  * @example
  * Use a bare-bones client and the command you need to make an API call.
  * ```javascript
@@ -124,9 +124,11 @@ declare const ListAWSServiceAccessForOrganizationCommand_base: {
  *                </important>
  *             </li>
  *             <li>
- *                <p>ALL_FEATURES_MIGRATION_ORGANIZATION_SIZE_LIMIT_EXCEEDED:
- *                     Your organization has more than 5000 accounts, and you can only use the standard migration process for organizations with less than 5000 accounts.
- *                     Use the assisted migration process to enable all features mode, or create a support case for assistance if you are unable to use assisted migration.</p>
+ *                <p>ALL_FEATURES_MIGRATION_ORGANIZATION_SIZE_LIMIT_EXCEEDED: Your organization has
+ *                     more than 5000 accounts, and you can only use the standard migration process for
+ *                     organizations with less than 5000 accounts. Use the assisted migration process
+ *                     to enable all features mode, or create a support case for assistance if you are
+ *                     unable to use assisted migration.</p>
  *             </li>
  *             <li>
  *                <p>CANNOT_REGISTER_SUSPENDED_ACCOUNT_AS_DELEGATED_ADMINISTRATOR: You cannot
@@ -261,17 +263,32 @@ declare const ListAWSServiceAccessForOrganizationCommand_base: {
  *                     that you can have in an organization.</p>
  *             </li>
  *             <li>
- *                <p>SERVICE_ACCESS_NOT_ENABLED: You attempted to register a delegated
- *                     administrator before you enabled service access. Call the
- *                         <code>EnableAWSServiceAccess</code> API first.</p>
+ *                <p>POLICY_TYPE_ENABLED_FOR_THIS_SERVICE: You attempted to disable service access
+ *                     before you disabled the policy type (for example, SECURITYHUB_POLICY). To
+ *                     complete this operation, you must first disable the policy type.</p>
+ *             </li>
+ *             <li>
+ *                <p>SERVICE_ACCESS_NOT_ENABLED:</p>
+ *                <ul>
+ *                   <li>
+ *                      <p>You attempted to register a delegated administrator before you enabled
+ *                             service access. Call the <code>EnableAWSServiceAccess</code> API
+ *                             first.</p>
+ *                   </li>
+ *                   <li>
+ *                      <p>You attempted to enable a policy type before you enabled service
+ *                             access. Call the <code>EnableAWSServiceAccess</code> API first.</p>
+ *                   </li>
+ *                </ul>
  *             </li>
  *             <li>
  *                <p>TAG_POLICY_VIOLATION: You attempted to create or update a resource with tags
  *                     that are not compliant with the tag policy requirements for this account.</p>
  *             </li>
  *             <li>
- *                <p>WAIT_PERIOD_ACTIVE: After you create an Amazon Web Services account, you must wait until at least seven days after the account was created.
- *                     Invited accounts aren't subject to this waiting period.</p>
+ *                <p>WAIT_PERIOD_ACTIVE: After you create an Amazon Web Services account, you must wait until at
+ *                     least seven days after the account was created. Invited accounts aren't subject
+ *                     to this waiting period.</p>
  *             </li>
  *          </ul>
  *
@@ -330,7 +347,8 @@ declare const ListAWSServiceAccessForOrganizationCommand_base: {
  *                     the required pattern.</p>
  *             </li>
  *             <li>
- *                <p>INVALID_PRINCIPAL: You specified an invalid principal element in the policy.</p>
+ *                <p>INVALID_PRINCIPAL: You specified an invalid principal element in the
+ *                     policy.</p>
  *             </li>
  *             <li>
  *                <p>INVALID_ROLE_NAME: You provided a role name that isn't valid. A role name

package/dist-types/commands/ListAccountsCommand.d.ts CHANGED Viewed

@@ -38,7 +38,7 @@ declare const ListAccountsCommand_base: {
  * when there are no more results to display.</p>
  *          </note>
  *          <p>This operation can be called only from the organization's
- * management account or by a member account that is a delegated administrator for an Amazon Web Services service.</p>
+ * management account or by a member account that is a delegated administrator.</p>
  * @example
  * Use a bare-bones client and the command you need to make an API call.
  * ```javascript
@@ -139,7 +139,8 @@ declare const ListAccountsCommand_base: {
  *                     the required pattern.</p>
  *             </li>
  *             <li>
- *                <p>INVALID_PRINCIPAL: You specified an invalid principal element in the policy.</p>
+ *                <p>INVALID_PRINCIPAL: You specified an invalid principal element in the
+ *                     policy.</p>
  *             </li>
  *             <li>
  *                <p>INVALID_ROLE_NAME: You provided a role name that isn't valid. A role name

package/dist-types/commands/ListAccountsForParentCommand.d.ts CHANGED Viewed

@@ -41,7 +41,7 @@ declare const ListAccountsForParentCommand_base: {
  * when there are no more results to display.</p>
  *          </note>
  *          <p>This operation can be called only from the organization's
- * management account or by a member account that is a delegated administrator for an Amazon Web Services service.</p>
+ * management account or by a member account that is a delegated administrator.</p>
  * @example
  * Use a bare-bones client and the command you need to make an API call.
  * ```javascript
@@ -143,7 +143,8 @@ declare const ListAccountsForParentCommand_base: {
  *                     the required pattern.</p>
  *             </li>
  *             <li>
- *                <p>INVALID_PRINCIPAL: You specified an invalid principal element in the policy.</p>
+ *                <p>INVALID_PRINCIPAL: You specified an invalid principal element in the
+ *                     policy.</p>
  *             </li>
  *             <li>
  *                <p>INVALID_ROLE_NAME: You provided a role name that isn't valid. A role name