1// Code generated by private/model/cli/gen-api/main.go. DO NOT EDIT. 2 3package organizations 4 5import ( 6 "time" 7 8 "github.com/aws/aws-sdk-go/aws" 9 "github.com/aws/aws-sdk-go/aws/awsutil" 10 "github.com/aws/aws-sdk-go/aws/request" 11 "github.com/aws/aws-sdk-go/private/protocol" 12 "github.com/aws/aws-sdk-go/private/protocol/jsonrpc" 13) 14 15const opAcceptHandshake = "AcceptHandshake" 16 17// AcceptHandshakeRequest generates a "aws/request.Request" representing the 18// client's request for the AcceptHandshake operation. The "output" return 19// value will be populated with the request's response once the request complets 20// successfuly. 21// 22// Use "Send" method on the returned Request to send the API call to the service. 23// the "output" return value is not valid until after Send returns without error. 24// 25// See AcceptHandshake for more information on using the AcceptHandshake 26// API call, and error handling. 27// 28// This method is useful when you want to inject custom logic or configuration 29// into the SDK's request lifecycle. Such as custom headers, or retry logic. 30// 31// 32// // Example sending a request using the AcceptHandshakeRequest method. 33// req, resp := client.AcceptHandshakeRequest(params) 34// 35// err := req.Send() 36// if err == nil { // resp is now filled 37// fmt.Println(resp) 38// } 39// 40// See also, https://docs.aws.amazon.com/goto/WebAPI/organizations-2016-11-28/AcceptHandshake 41func (c *Organizations) AcceptHandshakeRequest(input *AcceptHandshakeInput) (req *request.Request, output *AcceptHandshakeOutput) { 42 op := &request.Operation{ 43 Name: opAcceptHandshake, 44 HTTPMethod: "POST", 45 HTTPPath: "/", 46 } 47 48 if input == nil { 49 input = &AcceptHandshakeInput{} 50 } 51 52 output = &AcceptHandshakeOutput{} 53 req = c.newRequest(op, input, output) 54 return 55} 56 57// AcceptHandshake API operation for AWS Organizations. 58// 59// Sends a response to the originator of a handshake agreeing to the action 60// proposed by the handshake request. 61// 62// This operation can be called only by the following principals when they also 63// have the relevant IAM permissions: 64// 65// * Invitation to join or Approve all features request handshakes: only 66// a principal from the member account. 67// 68// The user who calls the API for an invitation to join must have the organizations:AcceptHandshake 69// permission. If you enabled all features in the organization, then the 70// user must also have the iam:CreateServiceLinkedRole permission so that 71// Organizations can create the required service-linked role named OrgsServiceLinkedRoleName. 72// For more information, see AWS Organizations and Service-Linked Roles (http://docs.aws.amazon.com/organizations/latest/userguide/orgs_integration_services.html#orgs_integration_service-linked-roles) 73// in the AWS Organizations User Guide. 74// 75// * Enable all features final confirmation handshake: only a principal from 76// the master account. 77// 78// For more information about invitations, see Inviting an AWS Account to Join 79// Your Organization (http://docs.aws.amazon.com/organizations/latest/userguide/orgs_manage_accounts_invites.html) 80// in the AWS Organizations User Guide. For more information about requests 81// to enable all features in the organization, see Enabling All Features 82// in Your Organization (http://docs.aws.amazon.com/organizations/latest/userguide/orgs_manage_org_support-all-features.html) 83// in the AWS Organizations User Guide. 84// 85// After you accept a handshake, it continues to appear in the results of relevant 86// APIs for only 30 days. After that it is deleted. 87// 88// Returns awserr.Error for service API and SDK errors. Use runtime type assertions 89// with awserr.Error's Code and Message methods to get detailed information about 90// the error. 91// 92// See the AWS API reference guide for AWS Organizations's 93// API operation AcceptHandshake for usage and error information. 94// 95// Returned Error Codes: 96// * ErrCodeAccessDeniedException "AccessDeniedException" 97// You don't have permissions to perform the requested operation. The user or 98// role that is making the request must have at least one IAM permissions policy 99// attached that grants the required permissions. For more information, see 100// Access Management (http://docs.aws.amazon.com/IAM/latest/UserGuide/access.html) 101// in the IAM User Guide. 102// 103// * ErrCodeAWSOrganizationsNotInUseException "AWSOrganizationsNotInUseException" 104// Your account is not a member of an organization. To make this request, you 105// must use the credentials of an account that belongs to an organization. 106// 107// * ErrCodeHandshakeConstraintViolationException "HandshakeConstraintViolationException" 108// The requested operation would violate the constraint identified in the reason 109// code. 110// 111// Some of the reasons in the following list might not be applicable to this 112// specific API or operation: 113// 114// * ACCOUNT_NUMBER_LIMIT_EXCEEDED: You attempted to exceed the limit on 115// the number of accounts in an organization. Note: deleted and closed accounts 116// still count toward your limit. 117// 118// If you get an exception that indicates that you exceeded your account limits 119// for the organization or that you can"t add an account because your organization 120// is still initializing, please contact AWS Customer Support (https://console.aws.amazon.com/support/home#/). 121// 122// * HANDSHAKE_RATE_LIMIT_EXCEEDED: You attempted to exceed the number of 123// handshakes you can send in one day. 124// 125// * ALREADY_IN_AN_ORGANIZATION: The handshake request is invalid because 126// the invited account is already a member of an organization. 127// 128// * ORGANIZATION_ALREADY_HAS_ALL_FEATURES: The handshake request is invalid 129// because the organization has already enabled all features. 130// 131// * INVITE_DISABLED_DURING_ENABLE_ALL_FEATURES: You cannot issue new invitations 132// to join an organization while it is in the process of enabling all features. 133// You can resume inviting accounts after you finalize the process when all 134// accounts have agreed to the change. 135// 136// * PAYMENT_INSTRUMENT_REQUIRED: You cannot complete the operation with 137// an account that does not have a payment instrument, such as a credit card, 138// associated with it. 139// 140// * ORGANIZATION_FROM_DIFFERENT_SELLER_OF_RECORD: The request failed because 141// the account is from a different marketplace than the accounts in the organization. 142// For example, accounts with India addresses must be associated with the 143// AISPL marketplace. All accounts in an organization must be from the same 144// marketplace. 145// 146// * ORGANIZATION_MEMBERSHIP_CHANGE_RATE_LIMIT_EXCEEDED: You attempted to 147// change the membership of an account too quickly after its previous change. 148// 149// * ErrCodeHandshakeNotFoundException "HandshakeNotFoundException" 150// We can't find a handshake with the HandshakeId that you specified. 151// 152// * ErrCodeInvalidHandshakeTransitionException "InvalidHandshakeTransitionException" 153// You can't perform the operation on the handshake in its current state. For 154// example, you can't cancel a handshake that was already accepted, or accept 155// a handshake that was already declined. 156// 157// * ErrCodeHandshakeAlreadyInStateException "HandshakeAlreadyInStateException" 158// The specified handshake is already in the requested state. For example, you 159// can't accept a handshake that was already accepted. 160// 161// * ErrCodeInvalidInputException "InvalidInputException" 162// The requested operation failed because you provided invalid values for one 163// or more of the request parameters. This exception includes a reason that 164// contains additional information about the violated limit: 165// 166// Some of the reasons in the following list might not be applicable to this 167// specific API or operation: 168// 169// * INVALID_PARTY_TYPE_TARGET: You specified the wrong type of entity (account, 170// organization, or email) as a party. 171// 172// * INVALID_SYNTAX_ORGANIZATION_ARN: You specified an invalid ARN for the 173// organization. 174// 175// * INVALID_SYNTAX_POLICY_ID: You specified an invalid policy ID. 176// 177// * INVALID_ENUM: You specified a value that is not valid for that parameter. 178// 179// * INVALID_FULL_NAME_TARGET: You specified a full name that contains invalid 180// characters. 181// 182// * INVALID_LIST_MEMBER: You provided a list to a parameter that contains 183// at least one invalid value. 184// 185// * MAX_LENGTH_EXCEEDED: You provided a string parameter that is longer 186// than allowed. 187// 188// * MAX_VALUE_EXCEEDED: You provided a numeric parameter that has a larger 189// value than allowed. 190// 191// * MIN_LENGTH_EXCEEDED: You provided a string parameter that is shorter 192// than allowed. 193// 194// * MIN_VALUE_EXCEEDED: You provided a numeric parameter that has a smaller 195// value than allowed. 196// 197// * IMMUTABLE_POLICY: You specified a policy that is managed by AWS and 198// cannot be modified. 199// 200// * INVALID_PATTERN: You provided a value that doesn't match the required 201// pattern. 202// 203// * INVALID_PATTERN_TARGET_ID: You specified a policy target ID that doesn't 204// match the required pattern. 205// 206// * INPUT_REQUIRED: You must include a value for all required parameters. 207// 208// * INVALID_PAGINATION_TOKEN: Get the value for the NextToken parameter 209// from the response to a previous call of the operation. 210// 211// * MAX_FILTER_LIMIT_EXCEEDED: You can specify only one filter parameter 212// for the operation. 213// 214// * MOVING_ACCOUNT_BETWEEN_DIFFERENT_ROOTS: You can move an account only 215// between entities in the same root. 216// 217// * ErrCodeConcurrentModificationException "ConcurrentModificationException" 218// The target of the operation is currently being modified by a different request. 219// Try again later. 220// 221// * ErrCodeServiceException "ServiceException" 222// AWS Organizations can't complete your request because of an internal service 223// error. Try again later. 224// 225// * ErrCodeTooManyRequestsException "TooManyRequestsException" 226// You've sent too many requests in too short a period of time. The limit helps 227// protect against denial-of-service attacks. Try again later. 228// 229// * ErrCodeAccessDeniedForDependencyException "AccessDeniedForDependencyException" 230// The operation you attempted requires you to have the iam:CreateServiceLinkedRole 231// so that Organizations can create the required service-linked role. You do 232// not have that permission. 233// 234// See also, https://docs.aws.amazon.com/goto/WebAPI/organizations-2016-11-28/AcceptHandshake 235func (c *Organizations) AcceptHandshake(input *AcceptHandshakeInput) (*AcceptHandshakeOutput, error) { 236 req, out := c.AcceptHandshakeRequest(input) 237 return out, req.Send() 238} 239 240// AcceptHandshakeWithContext is the same as AcceptHandshake with the addition of 241// the ability to pass a context and additional request options. 242// 243// See AcceptHandshake for details on how to use this API operation. 244// 245// The context must be non-nil and will be used for request cancellation. If 246// the context is nil a panic will occur. In the future the SDK may create 247// sub-contexts for http.Requests. See https://golang.org/pkg/context/ 248// for more information on using Contexts. 249func (c *Organizations) AcceptHandshakeWithContext(ctx aws.Context, input *AcceptHandshakeInput, opts ...request.Option) (*AcceptHandshakeOutput, error) { 250 req, out := c.AcceptHandshakeRequest(input) 251 req.SetContext(ctx) 252 req.ApplyOptions(opts...) 253 return out, req.Send() 254} 255 256const opAttachPolicy = "AttachPolicy" 257 258// AttachPolicyRequest generates a "aws/request.Request" representing the 259// client's request for the AttachPolicy operation. The "output" return 260// value will be populated with the request's response once the request complets 261// successfuly. 262// 263// Use "Send" method on the returned Request to send the API call to the service. 264// the "output" return value is not valid until after Send returns without error. 265// 266// See AttachPolicy for more information on using the AttachPolicy 267// API call, and error handling. 268// 269// This method is useful when you want to inject custom logic or configuration 270// into the SDK's request lifecycle. Such as custom headers, or retry logic. 271// 272// 273// // Example sending a request using the AttachPolicyRequest method. 274// req, resp := client.AttachPolicyRequest(params) 275// 276// err := req.Send() 277// if err == nil { // resp is now filled 278// fmt.Println(resp) 279// } 280// 281// See also, https://docs.aws.amazon.com/goto/WebAPI/organizations-2016-11-28/AttachPolicy 282func (c *Organizations) AttachPolicyRequest(input *AttachPolicyInput) (req *request.Request, output *AttachPolicyOutput) { 283 op := &request.Operation{ 284 Name: opAttachPolicy, 285 HTTPMethod: "POST", 286 HTTPPath: "/", 287 } 288 289 if input == nil { 290 input = &AttachPolicyInput{} 291 } 292 293 output = &AttachPolicyOutput{} 294 req = c.newRequest(op, input, output) 295 req.Handlers.Unmarshal.Remove(jsonrpc.UnmarshalHandler) 296 req.Handlers.Unmarshal.PushBackNamed(protocol.UnmarshalDiscardBodyHandler) 297 return 298} 299 300// AttachPolicy API operation for AWS Organizations. 301// 302// Attaches a policy to a root, an organizational unit, or an individual account. 303// How the policy affects accounts depends on the type of policy: 304// 305// * Service control policy (SCP) - An SCP specifies what permissions can 306// be delegated to users in affected member accounts. The scope of influence 307// for a policy depends on what you attach the policy to: 308// 309// If you attach an SCP to a root, it affects all accounts in the organization. 310// 311// If you attach an SCP to an OU, it affects all accounts in that OU and in 312// any child OUs. 313// 314// If you attach the policy directly to an account, then it affects only that 315// account. 316// 317// SCPs essentially are permission "filters". When you attach one SCP to a higher 318// level root or OU, and you also attach a different SCP to a child OU or 319// to an account, the child policy can further restrict only the permissions 320// that pass through the parent filter and are available to the child. An 321// SCP that is attached to a child cannot grant a permission that is not 322// already granted by the parent. For example, imagine that the parent SCP 323// allows permissions A, B, C, D, and E. The child SCP allows C, D, E, F, 324// and G. The result is that the accounts affected by the child SCP are allowed 325// to use only C, D, and E. They cannot use A or B because they were filtered 326// out by the child OU. They also cannot use F and G because they were filtered 327// out by the parent OU. They cannot be granted back by the child SCP; child 328// SCPs can only filter the permissions they receive from the parent SCP. 329// 330// AWS Organizations attaches a default SCP named "FullAWSAccess to every root, 331// OU, and account. This default SCP allows all services and actions, enabling 332// any new child OU or account to inherit the permissions of the parent root 333// or OU. If you detach the default policy, you must replace it with a policy 334// that specifies the permissions that you want to allow in that OU or account. 335// 336// For more information about how Organizations policies permissions work, see 337// Using Service Control Policies (http://docs.aws.amazon.com/organizations/latest/userguide/orgs_manage_policies_scp.html) 338// in the AWS Organizations User Guide. 339// 340// This operation can be called only from the organization's master account. 341// 342// Returns awserr.Error for service API and SDK errors. Use runtime type assertions 343// with awserr.Error's Code and Message methods to get detailed information about 344// the error. 345// 346// See the AWS API reference guide for AWS Organizations's 347// API operation AttachPolicy for usage and error information. 348// 349// Returned Error Codes: 350// * ErrCodeAccessDeniedException "AccessDeniedException" 351// You don't have permissions to perform the requested operation. The user or 352// role that is making the request must have at least one IAM permissions policy 353// attached that grants the required permissions. For more information, see 354// Access Management (http://docs.aws.amazon.com/IAM/latest/UserGuide/access.html) 355// in the IAM User Guide. 356// 357// * ErrCodeAWSOrganizationsNotInUseException "AWSOrganizationsNotInUseException" 358// Your account is not a member of an organization. To make this request, you 359// must use the credentials of an account that belongs to an organization. 360// 361// * ErrCodeConcurrentModificationException "ConcurrentModificationException" 362// The target of the operation is currently being modified by a different request. 363// Try again later. 364// 365// * ErrCodeConstraintViolationException "ConstraintViolationException" 366// Performing this operation violates a minimum or maximum value limit. For 367// example, attempting to removing the last SCP from an OU or root, inviting 368// or creating too many accounts to the organization, or attaching too many 369// policies to an account, OU, or root. This exception includes a reason that 370// contains additional information about the violated limit: 371// 372// Some of the reasons in the following list might not be applicable to this 373// specific API or operation: 374// 375// ACCOUNT_NUMBER_LIMIT_EXCEEDED: You attempted to exceed the limit on the number 376// of accounts in an organization. If you need more accounts, contact AWS Support 377// to request an increase in your limit. 378// 379// Or, The number of invitations that you tried to send would cause you to exceed 380// the limit of accounts in your organization. Send fewer invitations, or contact 381// AWS Support to request an increase in the number of accounts. 382// 383// Note: deleted and closed accounts still count toward your limit. 384// 385// If you get an exception that indicates that you exceeded your account limits 386// for the organization or that you can"t add an account because your organization 387// is still initializing, please contact AWS Customer Support (https://console.aws.amazon.com/support/home#/). 388// 389// * HANDSHAKE_RATE_LIMIT_EXCEEDED: You attempted to exceed the number of 390// handshakes you can send in one day. 391// 392// * OU_NUMBER_LIMIT_EXCEEDED: You attempted to exceed the number of organizational 393// units you can have in an organization. 394// 395// * OU_DEPTH_LIMIT_EXCEEDED: You attempted to create an organizational unit 396// tree that is too many levels deep. 397// 398// * POLICY_NUMBER_LIMIT_EXCEEDED. You attempted to exceed the number of 399// policies that you can have in an organization. 400// 401// * MAX_POLICY_TYPE_ATTACHMENT_LIMIT_EXCEEDED: You attempted to exceed the 402// number of policies of a certain type that can be attached to an entity 403// at one time. 404// 405// * MIN_POLICY_TYPE_ATTACHMENT_LIMIT_EXCEEDED: You attempted to detach a 406// policy from an entity that would cause the entity to have fewer than the 407// minimum number of policies of a certain type required. 408// 409// * ACCOUNT_CANNOT_LEAVE_WITHOUT_EULA: You attempted to remove an account 410// from the organization that does not yet have enough information to exist 411// as a stand-alone account. This account requires you to first agree to 412// the AWS Customer Agreement. Follow the steps at To leave an organization 413// when all required account information has not yet been provided (http://docs.aws.amazon.com/organizations/latest/userguide/orgs_manage_accounts_remove.html#leave-without-all-info) 414// in the AWS Organizations User Guide. 415// 416// * ACCOUNT_CANNOT_LEAVE_WITHOUT_PHONE_VERIFICATION: You attempted to remove 417// an account from the organization that does not yet have enough information 418// to exist as a stand-alone account. This account requires you to first 419// complete phone verification. Follow the steps at To leave an organization 420// when all required account information has not yet been provided (http://docs.aws.amazon.com/organizations/latest/userguide/orgs_manage_accounts_remove.html#leave-without-all-info) 421// in the AWS Organizations User Guide. 422// 423// * MASTER_ACCOUNT_PAYMENT_INSTRUMENT_REQUIRED: To create an organization 424// with this account, you first must associate a payment instrument, such 425// as a credit card, with the account. Follow the steps at To leave an organization 426// when all required account information has not yet been provided (http://docs.aws.amazon.com/organizations/latest/userguide/orgs_manage_accounts_remove.html#leave-without-all-info) 427// in the AWS Organizations User Guide. 428// 429// * MEMBER_ACCOUNT_PAYMENT_INSTRUMENT_REQUIRED: To complete this operation 430// with this member account, you first must associate a payment instrument, 431// such as a credit card, with the account. Follow the steps at To leave 432// an organization when all required account information has not yet been 433// provided (http://docs.aws.amazon.com/organizations/latest/userguide/orgs_manage_accounts_remove.html#leave-without-all-info) 434// in the AWS Organizations User Guide. 435// 436// * ACCOUNT_CREATION_RATE_LIMIT_EXCEEDED: You attempted to exceed the number 437// of accounts that you can create in one day. 438// 439// * MASTER_ACCOUNT_ADDRESS_DOES_NOT_MATCH_MARKETPLACE: To create an account 440// in this organization, you first must migrate the organization's master 441// account to the marketplace that corresponds to the master account's address. 442// For example, accounts with India addresses must be associated with the 443// AISPL marketplace. All accounts in an organization must be associated 444// with the same marketplace. 445// 446// * MASTER_ACCOUNT_MISSING_CONTACT_INFO: To complete this operation, you 447// must first provide contact a valid address and phone number for the master 448// account. Then try the operation again. 449// 450// * ErrCodeDuplicatePolicyAttachmentException "DuplicatePolicyAttachmentException" 451// The selected policy is already attached to the specified target. 452// 453// * ErrCodeInvalidInputException "InvalidInputException" 454// The requested operation failed because you provided invalid values for one 455// or more of the request parameters. This exception includes a reason that 456// contains additional information about the violated limit: 457// 458// Some of the reasons in the following list might not be applicable to this 459// specific API or operation: 460// 461// * INVALID_PARTY_TYPE_TARGET: You specified the wrong type of entity (account, 462// organization, or email) as a party. 463// 464// * INVALID_SYNTAX_ORGANIZATION_ARN: You specified an invalid ARN for the 465// organization. 466// 467// * INVALID_SYNTAX_POLICY_ID: You specified an invalid policy ID. 468// 469// * INVALID_ENUM: You specified a value that is not valid for that parameter. 470// 471// * INVALID_FULL_NAME_TARGET: You specified a full name that contains invalid 472// characters. 473// 474// * INVALID_LIST_MEMBER: You provided a list to a parameter that contains 475// at least one invalid value. 476// 477// * MAX_LENGTH_EXCEEDED: You provided a string parameter that is longer 478// than allowed. 479// 480// * MAX_VALUE_EXCEEDED: You provided a numeric parameter that has a larger 481// value than allowed. 482// 483// * MIN_LENGTH_EXCEEDED: You provided a string parameter that is shorter 484// than allowed. 485// 486// * MIN_VALUE_EXCEEDED: You provided a numeric parameter that has a smaller 487// value than allowed. 488// 489// * IMMUTABLE_POLICY: You specified a policy that is managed by AWS and 490// cannot be modified. 491// 492// * INVALID_PATTERN: You provided a value that doesn't match the required 493// pattern. 494// 495// * INVALID_PATTERN_TARGET_ID: You specified a policy target ID that doesn't 496// match the required pattern. 497// 498// * INPUT_REQUIRED: You must include a value for all required parameters. 499// 500// * INVALID_PAGINATION_TOKEN: Get the value for the NextToken parameter 501// from the response to a previous call of the operation. 502// 503// * MAX_FILTER_LIMIT_EXCEEDED: You can specify only one filter parameter 504// for the operation. 505// 506// * MOVING_ACCOUNT_BETWEEN_DIFFERENT_ROOTS: You can move an account only 507// between entities in the same root. 508// 509// * ErrCodePolicyNotFoundException "PolicyNotFoundException" 510// We can't find a policy with the PolicyId that you specified. 511// 512// * ErrCodePolicyTypeNotEnabledException "PolicyTypeNotEnabledException" 513// The specified policy type is not currently enabled in this root. You cannot 514// attach policies of the specified type to entities in a root until you enable 515// that type in the root. For more information, see Enabling All Features in 516// Your Organization (http://docs.aws.amazon.com/organizations/latest/userguide/orgs_manage_org_support-all-features.html) 517// in the AWS Organizations User Guide. 518// 519// * ErrCodeServiceException "ServiceException" 520// AWS Organizations can't complete your request because of an internal service 521// error. Try again later. 522// 523// * ErrCodeTargetNotFoundException "TargetNotFoundException" 524// We can't find a root, OU, or account with the TargetId that you specified. 525// 526// * ErrCodeTooManyRequestsException "TooManyRequestsException" 527// You've sent too many requests in too short a period of time. The limit helps 528// protect against denial-of-service attacks. Try again later. 529// 530// See also, https://docs.aws.amazon.com/goto/WebAPI/organizations-2016-11-28/AttachPolicy 531func (c *Organizations) AttachPolicy(input *AttachPolicyInput) (*AttachPolicyOutput, error) { 532 req, out := c.AttachPolicyRequest(input) 533 return out, req.Send() 534} 535 536// AttachPolicyWithContext is the same as AttachPolicy with the addition of 537// the ability to pass a context and additional request options. 538// 539// See AttachPolicy for details on how to use this API operation. 540// 541// The context must be non-nil and will be used for request cancellation. If 542// the context is nil a panic will occur. In the future the SDK may create 543// sub-contexts for http.Requests. See https://golang.org/pkg/context/ 544// for more information on using Contexts. 545func (c *Organizations) AttachPolicyWithContext(ctx aws.Context, input *AttachPolicyInput, opts ...request.Option) (*AttachPolicyOutput, error) { 546 req, out := c.AttachPolicyRequest(input) 547 req.SetContext(ctx) 548 req.ApplyOptions(opts...) 549 return out, req.Send() 550} 551 552const opCancelHandshake = "CancelHandshake" 553 554// CancelHandshakeRequest generates a "aws/request.Request" representing the 555// client's request for the CancelHandshake operation. The "output" return 556// value will be populated with the request's response once the request complets 557// successfuly. 558// 559// Use "Send" method on the returned Request to send the API call to the service. 560// the "output" return value is not valid until after Send returns without error. 561// 562// See CancelHandshake for more information on using the CancelHandshake 563// API call, and error handling. 564// 565// This method is useful when you want to inject custom logic or configuration 566// into the SDK's request lifecycle. Such as custom headers, or retry logic. 567// 568// 569// // Example sending a request using the CancelHandshakeRequest method. 570// req, resp := client.CancelHandshakeRequest(params) 571// 572// err := req.Send() 573// if err == nil { // resp is now filled 574// fmt.Println(resp) 575// } 576// 577// See also, https://docs.aws.amazon.com/goto/WebAPI/organizations-2016-11-28/CancelHandshake 578func (c *Organizations) CancelHandshakeRequest(input *CancelHandshakeInput) (req *request.Request, output *CancelHandshakeOutput) { 579 op := &request.Operation{ 580 Name: opCancelHandshake, 581 HTTPMethod: "POST", 582 HTTPPath: "/", 583 } 584 585 if input == nil { 586 input = &CancelHandshakeInput{} 587 } 588 589 output = &CancelHandshakeOutput{} 590 req = c.newRequest(op, input, output) 591 return 592} 593 594// CancelHandshake API operation for AWS Organizations. 595// 596// Cancels a handshake. Canceling a handshake sets the handshake state to CANCELED. 597// 598// This operation can be called only from the account that originated the handshake. 599// The recipient of the handshake can't cancel it, but can use DeclineHandshake 600// instead. After a handshake is canceled, the recipient can no longer respond 601// to that handshake. 602// 603// After you cancel a handshake, it continues to appear in the results of relevant 604// APIs for only 30 days. After that it is deleted. 605// 606// Returns awserr.Error for service API and SDK errors. Use runtime type assertions 607// with awserr.Error's Code and Message methods to get detailed information about 608// the error. 609// 610// See the AWS API reference guide for AWS Organizations's 611// API operation CancelHandshake for usage and error information. 612// 613// Returned Error Codes: 614// * ErrCodeAccessDeniedException "AccessDeniedException" 615// You don't have permissions to perform the requested operation. The user or 616// role that is making the request must have at least one IAM permissions policy 617// attached that grants the required permissions. For more information, see 618// Access Management (http://docs.aws.amazon.com/IAM/latest/UserGuide/access.html) 619// in the IAM User Guide. 620// 621// * ErrCodeConcurrentModificationException "ConcurrentModificationException" 622// The target of the operation is currently being modified by a different request. 623// Try again later. 624// 625// * ErrCodeHandshakeNotFoundException "HandshakeNotFoundException" 626// We can't find a handshake with the HandshakeId that you specified. 627// 628// * ErrCodeInvalidHandshakeTransitionException "InvalidHandshakeTransitionException" 629// You can't perform the operation on the handshake in its current state. For 630// example, you can't cancel a handshake that was already accepted, or accept 631// a handshake that was already declined. 632// 633// * ErrCodeHandshakeAlreadyInStateException "HandshakeAlreadyInStateException" 634// The specified handshake is already in the requested state. For example, you 635// can't accept a handshake that was already accepted. 636// 637// * ErrCodeInvalidInputException "InvalidInputException" 638// The requested operation failed because you provided invalid values for one 639// or more of the request parameters. This exception includes a reason that 640// contains additional information about the violated limit: 641// 642// Some of the reasons in the following list might not be applicable to this 643// specific API or operation: 644// 645// * INVALID_PARTY_TYPE_TARGET: You specified the wrong type of entity (account, 646// organization, or email) as a party. 647// 648// * INVALID_SYNTAX_ORGANIZATION_ARN: You specified an invalid ARN for the 649// organization. 650// 651// * INVALID_SYNTAX_POLICY_ID: You specified an invalid policy ID. 652// 653// * INVALID_ENUM: You specified a value that is not valid for that parameter. 654// 655// * INVALID_FULL_NAME_TARGET: You specified a full name that contains invalid 656// characters. 657// 658// * INVALID_LIST_MEMBER: You provided a list to a parameter that contains 659// at least one invalid value. 660// 661// * MAX_LENGTH_EXCEEDED: You provided a string parameter that is longer 662// than allowed. 663// 664// * MAX_VALUE_EXCEEDED: You provided a numeric parameter that has a larger 665// value than allowed. 666// 667// * MIN_LENGTH_EXCEEDED: You provided a string parameter that is shorter 668// than allowed. 669// 670// * MIN_VALUE_EXCEEDED: You provided a numeric parameter that has a smaller 671// value than allowed. 672// 673// * IMMUTABLE_POLICY: You specified a policy that is managed by AWS and 674// cannot be modified. 675// 676// * INVALID_PATTERN: You provided a value that doesn't match the required 677// pattern. 678// 679// * INVALID_PATTERN_TARGET_ID: You specified a policy target ID that doesn't 680// match the required pattern. 681// 682// * INPUT_REQUIRED: You must include a value for all required parameters. 683// 684// * INVALID_PAGINATION_TOKEN: Get the value for the NextToken parameter 685// from the response to a previous call of the operation. 686// 687// * MAX_FILTER_LIMIT_EXCEEDED: You can specify only one filter parameter 688// for the operation. 689// 690// * MOVING_ACCOUNT_BETWEEN_DIFFERENT_ROOTS: You can move an account only 691// between entities in the same root. 692// 693// * ErrCodeServiceException "ServiceException" 694// AWS Organizations can't complete your request because of an internal service 695// error. Try again later. 696// 697// * ErrCodeTooManyRequestsException "TooManyRequestsException" 698// You've sent too many requests in too short a period of time. The limit helps 699// protect against denial-of-service attacks. Try again later. 700// 701// See also, https://docs.aws.amazon.com/goto/WebAPI/organizations-2016-11-28/CancelHandshake 702func (c *Organizations) CancelHandshake(input *CancelHandshakeInput) (*CancelHandshakeOutput, error) { 703 req, out := c.CancelHandshakeRequest(input) 704 return out, req.Send() 705} 706 707// CancelHandshakeWithContext is the same as CancelHandshake with the addition of 708// the ability to pass a context and additional request options. 709// 710// See CancelHandshake for details on how to use this API operation. 711// 712// The context must be non-nil and will be used for request cancellation. If 713// the context is nil a panic will occur. In the future the SDK may create 714// sub-contexts for http.Requests. See https://golang.org/pkg/context/ 715// for more information on using Contexts. 716func (c *Organizations) CancelHandshakeWithContext(ctx aws.Context, input *CancelHandshakeInput, opts ...request.Option) (*CancelHandshakeOutput, error) { 717 req, out := c.CancelHandshakeRequest(input) 718 req.SetContext(ctx) 719 req.ApplyOptions(opts...) 720 return out, req.Send() 721} 722 723const opCreateAccount = "CreateAccount" 724 725// CreateAccountRequest generates a "aws/request.Request" representing the 726// client's request for the CreateAccount operation. The "output" return 727// value will be populated with the request's response once the request complets 728// successfuly. 729// 730// Use "Send" method on the returned Request to send the API call to the service. 731// the "output" return value is not valid until after Send returns without error. 732// 733// See CreateAccount for more information on using the CreateAccount 734// API call, and error handling. 735// 736// This method is useful when you want to inject custom logic or configuration 737// into the SDK's request lifecycle. Such as custom headers, or retry logic. 738// 739// 740// // Example sending a request using the CreateAccountRequest method. 741// req, resp := client.CreateAccountRequest(params) 742// 743// err := req.Send() 744// if err == nil { // resp is now filled 745// fmt.Println(resp) 746// } 747// 748// See also, https://docs.aws.amazon.com/goto/WebAPI/organizations-2016-11-28/CreateAccount 749func (c *Organizations) CreateAccountRequest(input *CreateAccountInput) (req *request.Request, output *CreateAccountOutput) { 750 op := &request.Operation{ 751 Name: opCreateAccount, 752 HTTPMethod: "POST", 753 HTTPPath: "/", 754 } 755 756 if input == nil { 757 input = &CreateAccountInput{} 758 } 759 760 output = &CreateAccountOutput{} 761 req = c.newRequest(op, input, output) 762 return 763} 764 765// CreateAccount API operation for AWS Organizations. 766// 767// Creates an AWS account that is automatically a member of the organization 768// whose credentials made the request. This is an asynchronous request that 769// AWS performs in the background. If you want to check the status of the request 770// later, you need the OperationId response element from this operation to provide 771// as a parameter to the DescribeCreateAccountStatus operation. 772// 773// The user who calls the API for an invitation to join must have the organizations:CreateAccount 774// permission. If you enabled all features in the organization, then the user 775// must also have the iam:CreateServiceLinkedRole permission so that Organizations 776// can create the required service-linked role named OrgsServiceLinkedRoleName. 777// For more information, see AWS Organizations and Service-Linked Roles (http://docs.aws.amazon.com/organizations/latest/userguide/orgs_integration_services.html#orgs_integration_service-linked-roles) 778// in the AWS Organizations User Guide. 779// 780// The user in the master account who calls this API must also have the iam:CreateRole 781// permission because AWS Organizations preconfigures the new member account 782// with a role (named OrganizationAccountAccessRole by default) that grants 783// users in the master account administrator permissions in the new member account. 784// Principals in the master account can assume the role. AWS Organizations clones 785// the company name and address information for the new account from the organization's 786// master account. 787// 788// This operation can be called only from the organization's master account. 789// 790// For more information about creating accounts, see Creating an AWS Account 791// in Your Organization (http://docs.aws.amazon.com/organizations/latest/userguide/orgs_manage_accounts_create.html) 792// in the AWS Organizations User Guide. 793// 794// When you create an account in an organization using the AWS Organizations 795// console, API, or CLI commands, the information required for the account to 796// operate as a standalone account, such as a payment method and signing the 797// End User Licence Agreement (EULA) is not automatically collected. If you 798// must remove an account from your organization later, you can do so only after 799// you provide the missing information. Follow the steps at To leave an organization 800// when all required account information has not yet been provided (http://docs.aws.amazon.com/organizations/latest/userguide/orgs_manage_accounts_remove.html#leave-without-all-info) 801// in the AWS Organizations User Guide. 802// 803// When you create a member account with this operation, you can choose whether 804// to create the account with the IAM User and Role Access to Billing Information 805// switch enabled. If you enable it, IAM users and roles that have appropriate 806// permissions can view billing information for the account. If you disable 807// this, then only the account root user can access billing information. For 808// information about how to disable this for an account, see Granting Access 809// to Your Billing Information and Tools (http://docs.aws.amazon.com/awsaccountbilling/latest/aboutv2/grantaccess.html). 810// 811// This operation can be called only from the organization's master account. 812// 813// If you get an exception that indicates that you exceeded your account limits 814// for the organization or that you can"t add an account because your organization 815// is still initializing, please contact AWS Customer Support (https://console.aws.amazon.com/support/home#/). 816// 817// Returns awserr.Error for service API and SDK errors. Use runtime type assertions 818// with awserr.Error's Code and Message methods to get detailed information about 819// the error. 820// 821// See the AWS API reference guide for AWS Organizations's 822// API operation CreateAccount for usage and error information. 823// 824// Returned Error Codes: 825// * ErrCodeAccessDeniedException "AccessDeniedException" 826// You don't have permissions to perform the requested operation. The user or 827// role that is making the request must have at least one IAM permissions policy 828// attached that grants the required permissions. For more information, see 829// Access Management (http://docs.aws.amazon.com/IAM/latest/UserGuide/access.html) 830// in the IAM User Guide. 831// 832// * ErrCodeAWSOrganizationsNotInUseException "AWSOrganizationsNotInUseException" 833// Your account is not a member of an organization. To make this request, you 834// must use the credentials of an account that belongs to an organization. 835// 836// * ErrCodeConcurrentModificationException "ConcurrentModificationException" 837// The target of the operation is currently being modified by a different request. 838// Try again later. 839// 840// * ErrCodeConstraintViolationException "ConstraintViolationException" 841// Performing this operation violates a minimum or maximum value limit. For 842// example, attempting to removing the last SCP from an OU or root, inviting 843// or creating too many accounts to the organization, or attaching too many 844// policies to an account, OU, or root. This exception includes a reason that 845// contains additional information about the violated limit: 846// 847// Some of the reasons in the following list might not be applicable to this 848// specific API or operation: 849// 850// ACCOUNT_NUMBER_LIMIT_EXCEEDED: You attempted to exceed the limit on the number 851// of accounts in an organization. If you need more accounts, contact AWS Support 852// to request an increase in your limit. 853// 854// Or, The number of invitations that you tried to send would cause you to exceed 855// the limit of accounts in your organization. Send fewer invitations, or contact 856// AWS Support to request an increase in the number of accounts. 857// 858// Note: deleted and closed accounts still count toward your limit. 859// 860// If you get an exception that indicates that you exceeded your account limits 861// for the organization or that you can"t add an account because your organization 862// is still initializing, please contact AWS Customer Support (https://console.aws.amazon.com/support/home#/). 863// 864// * HANDSHAKE_RATE_LIMIT_EXCEEDED: You attempted to exceed the number of 865// handshakes you can send in one day. 866// 867// * OU_NUMBER_LIMIT_EXCEEDED: You attempted to exceed the number of organizational 868// units you can have in an organization. 869// 870// * OU_DEPTH_LIMIT_EXCEEDED: You attempted to create an organizational unit 871// tree that is too many levels deep. 872// 873// * POLICY_NUMBER_LIMIT_EXCEEDED. You attempted to exceed the number of 874// policies that you can have in an organization. 875// 876// * MAX_POLICY_TYPE_ATTACHMENT_LIMIT_EXCEEDED: You attempted to exceed the 877// number of policies of a certain type that can be attached to an entity 878// at one time. 879// 880// * MIN_POLICY_TYPE_ATTACHMENT_LIMIT_EXCEEDED: You attempted to detach a 881// policy from an entity that would cause the entity to have fewer than the 882// minimum number of policies of a certain type required. 883// 884// * ACCOUNT_CANNOT_LEAVE_WITHOUT_EULA: You attempted to remove an account 885// from the organization that does not yet have enough information to exist 886// as a stand-alone account. This account requires you to first agree to 887// the AWS Customer Agreement. Follow the steps at To leave an organization 888// when all required account information has not yet been provided (http://docs.aws.amazon.com/organizations/latest/userguide/orgs_manage_accounts_remove.html#leave-without-all-info) 889// in the AWS Organizations User Guide. 890// 891// * ACCOUNT_CANNOT_LEAVE_WITHOUT_PHONE_VERIFICATION: You attempted to remove 892// an account from the organization that does not yet have enough information 893// to exist as a stand-alone account. This account requires you to first 894// complete phone verification. Follow the steps at To leave an organization 895// when all required account information has not yet been provided (http://docs.aws.amazon.com/organizations/latest/userguide/orgs_manage_accounts_remove.html#leave-without-all-info) 896// in the AWS Organizations User Guide. 897// 898// * MASTER_ACCOUNT_PAYMENT_INSTRUMENT_REQUIRED: To create an organization 899// with this account, you first must associate a payment instrument, such 900// as a credit card, with the account. Follow the steps at To leave an organization 901// when all required account information has not yet been provided (http://docs.aws.amazon.com/organizations/latest/userguide/orgs_manage_accounts_remove.html#leave-without-all-info) 902// in the AWS Organizations User Guide. 903// 904// * MEMBER_ACCOUNT_PAYMENT_INSTRUMENT_REQUIRED: To complete this operation 905// with this member account, you first must associate a payment instrument, 906// such as a credit card, with the account. Follow the steps at To leave 907// an organization when all required account information has not yet been 908// provided (http://docs.aws.amazon.com/organizations/latest/userguide/orgs_manage_accounts_remove.html#leave-without-all-info) 909// in the AWS Organizations User Guide. 910// 911// * ACCOUNT_CREATION_RATE_LIMIT_EXCEEDED: You attempted to exceed the number 912// of accounts that you can create in one day. 913// 914// * MASTER_ACCOUNT_ADDRESS_DOES_NOT_MATCH_MARKETPLACE: To create an account 915// in this organization, you first must migrate the organization's master 916// account to the marketplace that corresponds to the master account's address. 917// For example, accounts with India addresses must be associated with the 918// AISPL marketplace. All accounts in an organization must be associated 919// with the same marketplace. 920// 921// * MASTER_ACCOUNT_MISSING_CONTACT_INFO: To complete this operation, you 922// must first provide contact a valid address and phone number for the master 923// account. Then try the operation again. 924// 925// * ErrCodeInvalidInputException "InvalidInputException" 926// The requested operation failed because you provided invalid values for one 927// or more of the request parameters. This exception includes a reason that 928// contains additional information about the violated limit: 929// 930// Some of the reasons in the following list might not be applicable to this 931// specific API or operation: 932// 933// * INVALID_PARTY_TYPE_TARGET: You specified the wrong type of entity (account, 934// organization, or email) as a party. 935// 936// * INVALID_SYNTAX_ORGANIZATION_ARN: You specified an invalid ARN for the 937// organization. 938// 939// * INVALID_SYNTAX_POLICY_ID: You specified an invalid policy ID. 940// 941// * INVALID_ENUM: You specified a value that is not valid for that parameter. 942// 943// * INVALID_FULL_NAME_TARGET: You specified a full name that contains invalid 944// characters. 945// 946// * INVALID_LIST_MEMBER: You provided a list to a parameter that contains 947// at least one invalid value. 948// 949// * MAX_LENGTH_EXCEEDED: You provided a string parameter that is longer 950// than allowed. 951// 952// * MAX_VALUE_EXCEEDED: You provided a numeric parameter that has a larger 953// value than allowed. 954// 955// * MIN_LENGTH_EXCEEDED: You provided a string parameter that is shorter 956// than allowed. 957// 958// * MIN_VALUE_EXCEEDED: You provided a numeric parameter that has a smaller 959// value than allowed. 960// 961// * IMMUTABLE_POLICY: You specified a policy that is managed by AWS and 962// cannot be modified. 963// 964// * INVALID_PATTERN: You provided a value that doesn't match the required 965// pattern. 966// 967// * INVALID_PATTERN_TARGET_ID: You specified a policy target ID that doesn't 968// match the required pattern. 969// 970// * INPUT_REQUIRED: You must include a value for all required parameters. 971// 972// * INVALID_PAGINATION_TOKEN: Get the value for the NextToken parameter 973// from the response to a previous call of the operation. 974// 975// * MAX_FILTER_LIMIT_EXCEEDED: You can specify only one filter parameter 976// for the operation. 977// 978// * MOVING_ACCOUNT_BETWEEN_DIFFERENT_ROOTS: You can move an account only 979// between entities in the same root. 980// 981// * ErrCodeFinalizingOrganizationException "FinalizingOrganizationException" 982// AWS Organizations could not finalize the creation of your organization. Try 983// again later. If this persists, contact AWS customer support. 984// 985// * ErrCodeServiceException "ServiceException" 986// AWS Organizations can't complete your request because of an internal service 987// error. Try again later. 988// 989// * ErrCodeTooManyRequestsException "TooManyRequestsException" 990// You've sent too many requests in too short a period of time. The limit helps 991// protect against denial-of-service attacks. Try again later. 992// 993// See also, https://docs.aws.amazon.com/goto/WebAPI/organizations-2016-11-28/CreateAccount 994func (c *Organizations) CreateAccount(input *CreateAccountInput) (*CreateAccountOutput, error) { 995 req, out := c.CreateAccountRequest(input) 996 return out, req.Send() 997} 998 999// CreateAccountWithContext is the same as CreateAccount with the addition of 1000// the ability to pass a context and additional request options. 1001// 1002// See CreateAccount for details on how to use this API operation. 1003// 1004// The context must be non-nil and will be used for request cancellation. If 1005// the context is nil a panic will occur. In the future the SDK may create 1006// sub-contexts for http.Requests. See https://golang.org/pkg/context/ 1007// for more information on using Contexts. 1008func (c *Organizations) CreateAccountWithContext(ctx aws.Context, input *CreateAccountInput, opts ...request.Option) (*CreateAccountOutput, error) { 1009 req, out := c.CreateAccountRequest(input) 1010 req.SetContext(ctx) 1011 req.ApplyOptions(opts...) 1012 return out, req.Send() 1013} 1014 1015const opCreateOrganization = "CreateOrganization" 1016 1017// CreateOrganizationRequest generates a "aws/request.Request" representing the 1018// client's request for the CreateOrganization operation. The "output" return 1019// value will be populated with the request's response once the request complets 1020// successfuly. 1021// 1022// Use "Send" method on the returned Request to send the API call to the service. 1023// the "output" return value is not valid until after Send returns without error. 1024// 1025// See CreateOrganization for more information on using the CreateOrganization 1026// API call, and error handling. 1027// 1028// This method is useful when you want to inject custom logic or configuration 1029// into the SDK's request lifecycle. Such as custom headers, or retry logic. 1030// 1031// 1032// // Example sending a request using the CreateOrganizationRequest method. 1033// req, resp := client.CreateOrganizationRequest(params) 1034// 1035// err := req.Send() 1036// if err == nil { // resp is now filled 1037// fmt.Println(resp) 1038// } 1039// 1040// See also, https://docs.aws.amazon.com/goto/WebAPI/organizations-2016-11-28/CreateOrganization 1041func (c *Organizations) CreateOrganizationRequest(input *CreateOrganizationInput) (req *request.Request, output *CreateOrganizationOutput) { 1042 op := &request.Operation{ 1043 Name: opCreateOrganization, 1044 HTTPMethod: "POST", 1045 HTTPPath: "/", 1046 } 1047 1048 if input == nil { 1049 input = &CreateOrganizationInput{} 1050 } 1051 1052 output = &CreateOrganizationOutput{} 1053 req = c.newRequest(op, input, output) 1054 return 1055} 1056 1057// CreateOrganization API operation for AWS Organizations. 1058// 1059// Creates an AWS organization. The account whose user is calling the CreateOrganization 1060// operation automatically becomes the master account (http://docs.aws.amazon.com/IAM/latest/UserGuide/orgs_getting-started_concepts.html#account) 1061// of the new organization. 1062// 1063// This operation must be called using credentials from the account that is 1064// to become the new organization's master account. The principal must also 1065// have the relevant IAM permissions. 1066// 1067// By default (or if you set the FeatureSet parameter to ALL), the new organization 1068// is created with all features enabled and service control policies automatically 1069// enabled in the root. If you instead choose to create the organization supporting 1070// only the consolidated billing features by setting the FeatureSet parameter 1071// to CONSOLIDATED_BILLING", then no policy types are enabled by default and 1072// you cannot use organization policies. 1073// 1074// Returns awserr.Error for service API and SDK errors. Use runtime type assertions 1075// with awserr.Error's Code and Message methods to get detailed information about 1076// the error. 1077// 1078// See the AWS API reference guide for AWS Organizations's 1079// API operation CreateOrganization for usage and error information. 1080// 1081// Returned Error Codes: 1082// * ErrCodeAccessDeniedException "AccessDeniedException" 1083// You don't have permissions to perform the requested operation. The user or 1084// role that is making the request must have at least one IAM permissions policy 1085// attached that grants the required permissions. For more information, see 1086// Access Management (http://docs.aws.amazon.com/IAM/latest/UserGuide/access.html) 1087// in the IAM User Guide. 1088// 1089// * ErrCodeAlreadyInOrganizationException "AlreadyInOrganizationException" 1090// This account is already a member of an organization. An account can belong 1091// to only one organization at a time. 1092// 1093// * ErrCodeConcurrentModificationException "ConcurrentModificationException" 1094// The target of the operation is currently being modified by a different request. 1095// Try again later. 1096// 1097// * ErrCodeConstraintViolationException "ConstraintViolationException" 1098// Performing this operation violates a minimum or maximum value limit. For 1099// example, attempting to removing the last SCP from an OU or root, inviting 1100// or creating too many accounts to the organization, or attaching too many 1101// policies to an account, OU, or root. This exception includes a reason that 1102// contains additional information about the violated limit: 1103// 1104// Some of the reasons in the following list might not be applicable to this 1105// specific API or operation: 1106// 1107// ACCOUNT_NUMBER_LIMIT_EXCEEDED: You attempted to exceed the limit on the number 1108// of accounts in an organization. If you need more accounts, contact AWS Support 1109// to request an increase in your limit. 1110// 1111// Or, The number of invitations that you tried to send would cause you to exceed 1112// the limit of accounts in your organization. Send fewer invitations, or contact 1113// AWS Support to request an increase in the number of accounts. 1114// 1115// Note: deleted and closed accounts still count toward your limit. 1116// 1117// If you get an exception that indicates that you exceeded your account limits 1118// for the organization or that you can"t add an account because your organization 1119// is still initializing, please contact AWS Customer Support (https://console.aws.amazon.com/support/home#/). 1120// 1121// * HANDSHAKE_RATE_LIMIT_EXCEEDED: You attempted to exceed the number of 1122// handshakes you can send in one day. 1123// 1124// * OU_NUMBER_LIMIT_EXCEEDED: You attempted to exceed the number of organizational 1125// units you can have in an organization. 1126// 1127// * OU_DEPTH_LIMIT_EXCEEDED: You attempted to create an organizational unit 1128// tree that is too many levels deep. 1129// 1130// * POLICY_NUMBER_LIMIT_EXCEEDED. You attempted to exceed the number of 1131// policies that you can have in an organization. 1132// 1133// * MAX_POLICY_TYPE_ATTACHMENT_LIMIT_EXCEEDED: You attempted to exceed the 1134// number of policies of a certain type that can be attached to an entity 1135// at one time. 1136// 1137// * MIN_POLICY_TYPE_ATTACHMENT_LIMIT_EXCEEDED: You attempted to detach a 1138// policy from an entity that would cause the entity to have fewer than the 1139// minimum number of policies of a certain type required. 1140// 1141// * ACCOUNT_CANNOT_LEAVE_WITHOUT_EULA: You attempted to remove an account 1142// from the organization that does not yet have enough information to exist 1143// as a stand-alone account. This account requires you to first agree to 1144// the AWS Customer Agreement. Follow the steps at To leave an organization 1145// when all required account information has not yet been provided (http://docs.aws.amazon.com/organizations/latest/userguide/orgs_manage_accounts_remove.html#leave-without-all-info) 1146// in the AWS Organizations User Guide. 1147// 1148// * ACCOUNT_CANNOT_LEAVE_WITHOUT_PHONE_VERIFICATION: You attempted to remove 1149// an account from the organization that does not yet have enough information 1150// to exist as a stand-alone account. This account requires you to first 1151// complete phone verification. Follow the steps at To leave an organization 1152// when all required account information has not yet been provided (http://docs.aws.amazon.com/organizations/latest/userguide/orgs_manage_accounts_remove.html#leave-without-all-info) 1153// in the AWS Organizations User Guide. 1154// 1155// * MASTER_ACCOUNT_PAYMENT_INSTRUMENT_REQUIRED: To create an organization 1156// with this account, you first must associate a payment instrument, such 1157// as a credit card, with the account. Follow the steps at To leave an organization 1158// when all required account information has not yet been provided (http://docs.aws.amazon.com/organizations/latest/userguide/orgs_manage_accounts_remove.html#leave-without-all-info) 1159// in the AWS Organizations User Guide. 1160// 1161// * MEMBER_ACCOUNT_PAYMENT_INSTRUMENT_REQUIRED: To complete this operation 1162// with this member account, you first must associate a payment instrument, 1163// such as a credit card, with the account. Follow the steps at To leave 1164// an organization when all required account information has not yet been 1165// provided (http://docs.aws.amazon.com/organizations/latest/userguide/orgs_manage_accounts_remove.html#leave-without-all-info) 1166// in the AWS Organizations User Guide. 1167// 1168// * ACCOUNT_CREATION_RATE_LIMIT_EXCEEDED: You attempted to exceed the number 1169// of accounts that you can create in one day. 1170// 1171// * MASTER_ACCOUNT_ADDRESS_DOES_NOT_MATCH_MARKETPLACE: To create an account 1172// in this organization, you first must migrate the organization's master 1173// account to the marketplace that corresponds to the master account's address. 1174// For example, accounts with India addresses must be associated with the 1175// AISPL marketplace. All accounts in an organization must be associated 1176// with the same marketplace. 1177// 1178// * MASTER_ACCOUNT_MISSING_CONTACT_INFO: To complete this operation, you 1179// must first provide contact a valid address and phone number for the master 1180// account. Then try the operation again. 1181// 1182// * ErrCodeInvalidInputException "InvalidInputException" 1183// The requested operation failed because you provided invalid values for one 1184// or more of the request parameters. This exception includes a reason that 1185// contains additional information about the violated limit: 1186// 1187// Some of the reasons in the following list might not be applicable to this 1188// specific API or operation: 1189// 1190// * INVALID_PARTY_TYPE_TARGET: You specified the wrong type of entity (account, 1191// organization, or email) as a party. 1192// 1193// * INVALID_SYNTAX_ORGANIZATION_ARN: You specified an invalid ARN for the 1194// organization. 1195// 1196// * INVALID_SYNTAX_POLICY_ID: You specified an invalid policy ID. 1197// 1198// * INVALID_ENUM: You specified a value that is not valid for that parameter. 1199// 1200// * INVALID_FULL_NAME_TARGET: You specified a full name that contains invalid 1201// characters. 1202// 1203// * INVALID_LIST_MEMBER: You provided a list to a parameter that contains 1204// at least one invalid value. 1205// 1206// * MAX_LENGTH_EXCEEDED: You provided a string parameter that is longer 1207// than allowed. 1208// 1209// * MAX_VALUE_EXCEEDED: You provided a numeric parameter that has a larger 1210// value than allowed. 1211// 1212// * MIN_LENGTH_EXCEEDED: You provided a string parameter that is shorter 1213// than allowed. 1214// 1215// * MIN_VALUE_EXCEEDED: You provided a numeric parameter that has a smaller 1216// value than allowed. 1217// 1218// * IMMUTABLE_POLICY: You specified a policy that is managed by AWS and 1219// cannot be modified. 1220// 1221// * INVALID_PATTERN: You provided a value that doesn't match the required 1222// pattern. 1223// 1224// * INVALID_PATTERN_TARGET_ID: You specified a policy target ID that doesn't 1225// match the required pattern. 1226// 1227// * INPUT_REQUIRED: You must include a value for all required parameters. 1228// 1229// * INVALID_PAGINATION_TOKEN: Get the value for the NextToken parameter 1230// from the response to a previous call of the operation. 1231// 1232// * MAX_FILTER_LIMIT_EXCEEDED: You can specify only one filter parameter 1233// for the operation. 1234// 1235// * MOVING_ACCOUNT_BETWEEN_DIFFERENT_ROOTS: You can move an account only 1236// between entities in the same root. 1237// 1238// * ErrCodeServiceException "ServiceException" 1239// AWS Organizations can't complete your request because of an internal service 1240// error. Try again later. 1241// 1242// * ErrCodeTooManyRequestsException "TooManyRequestsException" 1243// You've sent too many requests in too short a period of time. The limit helps 1244// protect against denial-of-service attacks. Try again later. 1245// 1246// * ErrCodeAccessDeniedForDependencyException "AccessDeniedForDependencyException" 1247// The operation you attempted requires you to have the iam:CreateServiceLinkedRole 1248// so that Organizations can create the required service-linked role. You do 1249// not have that permission. 1250// 1251// See also, https://docs.aws.amazon.com/goto/WebAPI/organizations-2016-11-28/CreateOrganization 1252func (c *Organizations) CreateOrganization(input *CreateOrganizationInput) (*CreateOrganizationOutput, error) { 1253 req, out := c.CreateOrganizationRequest(input) 1254 return out, req.Send() 1255} 1256 1257// CreateOrganizationWithContext is the same as CreateOrganization with the addition of 1258// the ability to pass a context and additional request options. 1259// 1260// See CreateOrganization for details on how to use this API operation. 1261// 1262// The context must be non-nil and will be used for request cancellation. If 1263// the context is nil a panic will occur. In the future the SDK may create 1264// sub-contexts for http.Requests. See https://golang.org/pkg/context/ 1265// for more information on using Contexts. 1266func (c *Organizations) CreateOrganizationWithContext(ctx aws.Context, input *CreateOrganizationInput, opts ...request.Option) (*CreateOrganizationOutput, error) { 1267 req, out := c.CreateOrganizationRequest(input) 1268 req.SetContext(ctx) 1269 req.ApplyOptions(opts...) 1270 return out, req.Send() 1271} 1272 1273const opCreateOrganizationalUnit = "CreateOrganizationalUnit" 1274 1275// CreateOrganizationalUnitRequest generates a "aws/request.Request" representing the 1276// client's request for the CreateOrganizationalUnit operation. The "output" return 1277// value will be populated with the request's response once the request complets 1278// successfuly. 1279// 1280// Use "Send" method on the returned Request to send the API call to the service. 1281// the "output" return value is not valid until after Send returns without error. 1282// 1283// See CreateOrganizationalUnit for more information on using the CreateOrganizationalUnit 1284// API call, and error handling. 1285// 1286// This method is useful when you want to inject custom logic or configuration 1287// into the SDK's request lifecycle. Such as custom headers, or retry logic. 1288// 1289// 1290// // Example sending a request using the CreateOrganizationalUnitRequest method. 1291// req, resp := client.CreateOrganizationalUnitRequest(params) 1292// 1293// err := req.Send() 1294// if err == nil { // resp is now filled 1295// fmt.Println(resp) 1296// } 1297// 1298// See also, https://docs.aws.amazon.com/goto/WebAPI/organizations-2016-11-28/CreateOrganizationalUnit 1299func (c *Organizations) CreateOrganizationalUnitRequest(input *CreateOrganizationalUnitInput) (req *request.Request, output *CreateOrganizationalUnitOutput) { 1300 op := &request.Operation{ 1301 Name: opCreateOrganizationalUnit, 1302 HTTPMethod: "POST", 1303 HTTPPath: "/", 1304 } 1305 1306 if input == nil { 1307 input = &CreateOrganizationalUnitInput{} 1308 } 1309 1310 output = &CreateOrganizationalUnitOutput{} 1311 req = c.newRequest(op, input, output) 1312 return 1313} 1314 1315// CreateOrganizationalUnit API operation for AWS Organizations. 1316// 1317// Creates an organizational unit (OU) within a root or parent OU. An OU is 1318// a container for accounts that enables you to organize your accounts to apply 1319// policies according to your business requirements. The number of levels deep 1320// that you can nest OUs is dependent upon the policy types enabled for that 1321// root. For service control policies, the limit is five. 1322// 1323// For more information about OUs, see Managing Organizational Units (http://docs.aws.amazon.com/organizations/latest/userguide/orgs_manage_ous.html) 1324// in the AWS Organizations User Guide. 1325// 1326// This operation can be called only from the organization's master account. 1327// 1328// Returns awserr.Error for service API and SDK errors. Use runtime type assertions 1329// with awserr.Error's Code and Message methods to get detailed information about 1330// the error. 1331// 1332// See the AWS API reference guide for AWS Organizations's 1333// API operation CreateOrganizationalUnit for usage and error information. 1334// 1335// Returned Error Codes: 1336// * ErrCodeAccessDeniedException "AccessDeniedException" 1337// You don't have permissions to perform the requested operation. The user or 1338// role that is making the request must have at least one IAM permissions policy 1339// attached that grants the required permissions. For more information, see 1340// Access Management (http://docs.aws.amazon.com/IAM/latest/UserGuide/access.html) 1341// in the IAM User Guide. 1342// 1343// * ErrCodeAWSOrganizationsNotInUseException "AWSOrganizationsNotInUseException" 1344// Your account is not a member of an organization. To make this request, you 1345// must use the credentials of an account that belongs to an organization. 1346// 1347// * ErrCodeConcurrentModificationException "ConcurrentModificationException" 1348// The target of the operation is currently being modified by a different request. 1349// Try again later. 1350// 1351// * ErrCodeConstraintViolationException "ConstraintViolationException" 1352// Performing this operation violates a minimum or maximum value limit. For 1353// example, attempting to removing the last SCP from an OU or root, inviting 1354// or creating too many accounts to the organization, or attaching too many 1355// policies to an account, OU, or root. This exception includes a reason that 1356// contains additional information about the violated limit: 1357// 1358// Some of the reasons in the following list might not be applicable to this 1359// specific API or operation: 1360// 1361// ACCOUNT_NUMBER_LIMIT_EXCEEDED: You attempted to exceed the limit on the number 1362// of accounts in an organization. If you need more accounts, contact AWS Support 1363// to request an increase in your limit. 1364// 1365// Or, The number of invitations that you tried to send would cause you to exceed 1366// the limit of accounts in your organization. Send fewer invitations, or contact 1367// AWS Support to request an increase in the number of accounts. 1368// 1369// Note: deleted and closed accounts still count toward your limit. 1370// 1371// If you get an exception that indicates that you exceeded your account limits 1372// for the organization or that you can"t add an account because your organization 1373// is still initializing, please contact AWS Customer Support (https://console.aws.amazon.com/support/home#/). 1374// 1375// * HANDSHAKE_RATE_LIMIT_EXCEEDED: You attempted to exceed the number of 1376// handshakes you can send in one day. 1377// 1378// * OU_NUMBER_LIMIT_EXCEEDED: You attempted to exceed the number of organizational 1379// units you can have in an organization. 1380// 1381// * OU_DEPTH_LIMIT_EXCEEDED: You attempted to create an organizational unit 1382// tree that is too many levels deep. 1383// 1384// * POLICY_NUMBER_LIMIT_EXCEEDED. You attempted to exceed the number of 1385// policies that you can have in an organization. 1386// 1387// * MAX_POLICY_TYPE_ATTACHMENT_LIMIT_EXCEEDED: You attempted to exceed the 1388// number of policies of a certain type that can be attached to an entity 1389// at one time. 1390// 1391// * MIN_POLICY_TYPE_ATTACHMENT_LIMIT_EXCEEDED: You attempted to detach a 1392// policy from an entity that would cause the entity to have fewer than the 1393// minimum number of policies of a certain type required. 1394// 1395// * ACCOUNT_CANNOT_LEAVE_WITHOUT_EULA: You attempted to remove an account 1396// from the organization that does not yet have enough information to exist 1397// as a stand-alone account. This account requires you to first agree to 1398// the AWS Customer Agreement. Follow the steps at To leave an organization 1399// when all required account information has not yet been provided (http://docs.aws.amazon.com/organizations/latest/userguide/orgs_manage_accounts_remove.html#leave-without-all-info) 1400// in the AWS Organizations User Guide. 1401// 1402// * ACCOUNT_CANNOT_LEAVE_WITHOUT_PHONE_VERIFICATION: You attempted to remove 1403// an account from the organization that does not yet have enough information 1404// to exist as a stand-alone account. This account requires you to first 1405// complete phone verification. Follow the steps at To leave an organization 1406// when all required account information has not yet been provided (http://docs.aws.amazon.com/organizations/latest/userguide/orgs_manage_accounts_remove.html#leave-without-all-info) 1407// in the AWS Organizations User Guide. 1408// 1409// * MASTER_ACCOUNT_PAYMENT_INSTRUMENT_REQUIRED: To create an organization 1410// with this account, you first must associate a payment instrument, such 1411// as a credit card, with the account. Follow the steps at To leave an organization 1412// when all required account information has not yet been provided (http://docs.aws.amazon.com/organizations/latest/userguide/orgs_manage_accounts_remove.html#leave-without-all-info) 1413// in the AWS Organizations User Guide. 1414// 1415// * MEMBER_ACCOUNT_PAYMENT_INSTRUMENT_REQUIRED: To complete this operation 1416// with this member account, you first must associate a payment instrument, 1417// such as a credit card, with the account. Follow the steps at To leave 1418// an organization when all required account information has not yet been 1419// provided (http://docs.aws.amazon.com/organizations/latest/userguide/orgs_manage_accounts_remove.html#leave-without-all-info) 1420// in the AWS Organizations User Guide. 1421// 1422// * ACCOUNT_CREATION_RATE_LIMIT_EXCEEDED: You attempted to exceed the number 1423// of accounts that you can create in one day. 1424// 1425// * MASTER_ACCOUNT_ADDRESS_DOES_NOT_MATCH_MARKETPLACE: To create an account 1426// in this organization, you first must migrate the organization's master 1427// account to the marketplace that corresponds to the master account's address. 1428// For example, accounts with India addresses must be associated with the 1429// AISPL marketplace. All accounts in an organization must be associated 1430// with the same marketplace. 1431// 1432// * MASTER_ACCOUNT_MISSING_CONTACT_INFO: To complete this operation, you 1433// must first provide contact a valid address and phone number for the master 1434// account. Then try the operation again. 1435// 1436// * ErrCodeDuplicateOrganizationalUnitException "DuplicateOrganizationalUnitException" 1437// An organizational unit (OU) with the same name already exists. 1438// 1439// * ErrCodeInvalidInputException "InvalidInputException" 1440// The requested operation failed because you provided invalid values for one 1441// or more of the request parameters. This exception includes a reason that 1442// contains additional information about the violated limit: 1443// 1444// Some of the reasons in the following list might not be applicable to this 1445// specific API or operation: 1446// 1447// * INVALID_PARTY_TYPE_TARGET: You specified the wrong type of entity (account, 1448// organization, or email) as a party. 1449// 1450// * INVALID_SYNTAX_ORGANIZATION_ARN: You specified an invalid ARN for the 1451// organization. 1452// 1453// * INVALID_SYNTAX_POLICY_ID: You specified an invalid policy ID. 1454// 1455// * INVALID_ENUM: You specified a value that is not valid for that parameter. 1456// 1457// * INVALID_FULL_NAME_TARGET: You specified a full name that contains invalid 1458// characters. 1459// 1460// * INVALID_LIST_MEMBER: You provided a list to a parameter that contains 1461// at least one invalid value. 1462// 1463// * MAX_LENGTH_EXCEEDED: You provided a string parameter that is longer 1464// than allowed. 1465// 1466// * MAX_VALUE_EXCEEDED: You provided a numeric parameter that has a larger 1467// value than allowed. 1468// 1469// * MIN_LENGTH_EXCEEDED: You provided a string parameter that is shorter 1470// than allowed. 1471// 1472// * MIN_VALUE_EXCEEDED: You provided a numeric parameter that has a smaller 1473// value than allowed. 1474// 1475// * IMMUTABLE_POLICY: You specified a policy that is managed by AWS and 1476// cannot be modified. 1477// 1478// * INVALID_PATTERN: You provided a value that doesn't match the required 1479// pattern. 1480// 1481// * INVALID_PATTERN_TARGET_ID: You specified a policy target ID that doesn't 1482// match the required pattern. 1483// 1484// * INPUT_REQUIRED: You must include a value for all required parameters. 1485// 1486// * INVALID_PAGINATION_TOKEN: Get the value for the NextToken parameter 1487// from the response to a previous call of the operation. 1488// 1489// * MAX_FILTER_LIMIT_EXCEEDED: You can specify only one filter parameter 1490// for the operation. 1491// 1492// * MOVING_ACCOUNT_BETWEEN_DIFFERENT_ROOTS: You can move an account only 1493// between entities in the same root. 1494// 1495// * ErrCodeParentNotFoundException "ParentNotFoundException" 1496// We can't find a root or organizational unit (OU) with the ParentId that you 1497// specified. 1498// 1499// * ErrCodeServiceException "ServiceException" 1500// AWS Organizations can't complete your request because of an internal service 1501// error. Try again later. 1502// 1503// * ErrCodeTooManyRequestsException "TooManyRequestsException" 1504// You've sent too many requests in too short a period of time. The limit helps 1505// protect against denial-of-service attacks. Try again later. 1506// 1507// See also, https://docs.aws.amazon.com/goto/WebAPI/organizations-2016-11-28/CreateOrganizationalUnit 1508func (c *Organizations) CreateOrganizationalUnit(input *CreateOrganizationalUnitInput) (*CreateOrganizationalUnitOutput, error) { 1509 req, out := c.CreateOrganizationalUnitRequest(input) 1510 return out, req.Send() 1511} 1512 1513// CreateOrganizationalUnitWithContext is the same as CreateOrganizationalUnit with the addition of 1514// the ability to pass a context and additional request options. 1515// 1516// See CreateOrganizationalUnit for details on how to use this API operation. 1517// 1518// The context must be non-nil and will be used for request cancellation. If 1519// the context is nil a panic will occur. In the future the SDK may create 1520// sub-contexts for http.Requests. See https://golang.org/pkg/context/ 1521// for more information on using Contexts. 1522func (c *Organizations) CreateOrganizationalUnitWithContext(ctx aws.Context, input *CreateOrganizationalUnitInput, opts ...request.Option) (*CreateOrganizationalUnitOutput, error) { 1523 req, out := c.CreateOrganizationalUnitRequest(input) 1524 req.SetContext(ctx) 1525 req.ApplyOptions(opts...) 1526 return out, req.Send() 1527} 1528 1529const opCreatePolicy = "CreatePolicy" 1530 1531// CreatePolicyRequest generates a "aws/request.Request" representing the 1532// client's request for the CreatePolicy operation. The "output" return 1533// value will be populated with the request's response once the request complets 1534// successfuly. 1535// 1536// Use "Send" method on the returned Request to send the API call to the service. 1537// the "output" return value is not valid until after Send returns without error. 1538// 1539// See CreatePolicy for more information on using the CreatePolicy 1540// API call, and error handling. 1541// 1542// This method is useful when you want to inject custom logic or configuration 1543// into the SDK's request lifecycle. Such as custom headers, or retry logic. 1544// 1545// 1546// // Example sending a request using the CreatePolicyRequest method. 1547// req, resp := client.CreatePolicyRequest(params) 1548// 1549// err := req.Send() 1550// if err == nil { // resp is now filled 1551// fmt.Println(resp) 1552// } 1553// 1554// See also, https://docs.aws.amazon.com/goto/WebAPI/organizations-2016-11-28/CreatePolicy 1555func (c *Organizations) CreatePolicyRequest(input *CreatePolicyInput) (req *request.Request, output *CreatePolicyOutput) { 1556 op := &request.Operation{ 1557 Name: opCreatePolicy, 1558 HTTPMethod: "POST", 1559 HTTPPath: "/", 1560 } 1561 1562 if input == nil { 1563 input = &CreatePolicyInput{} 1564 } 1565 1566 output = &CreatePolicyOutput{} 1567 req = c.newRequest(op, input, output) 1568 return 1569} 1570 1571// CreatePolicy API operation for AWS Organizations. 1572// 1573// Creates a policy of a specified type that you can attach to a root, an organizational 1574// unit (OU), or an individual AWS account. 1575// 1576// For more information about policies and their use, see Managing Organization 1577// Policies (http://docs.aws.amazon.com/organizations/latest/userguide/orgs_manage_policies.html). 1578// 1579// This operation can be called only from the organization's master account. 1580// 1581// Returns awserr.Error for service API and SDK errors. Use runtime type assertions 1582// with awserr.Error's Code and Message methods to get detailed information about 1583// the error. 1584// 1585// See the AWS API reference guide for AWS Organizations's 1586// API operation CreatePolicy for usage and error information. 1587// 1588// Returned Error Codes: 1589// * ErrCodeAccessDeniedException "AccessDeniedException" 1590// You don't have permissions to perform the requested operation. The user or 1591// role that is making the request must have at least one IAM permissions policy 1592// attached that grants the required permissions. For more information, see 1593// Access Management (http://docs.aws.amazon.com/IAM/latest/UserGuide/access.html) 1594// in the IAM User Guide. 1595// 1596// * ErrCodeAWSOrganizationsNotInUseException "AWSOrganizationsNotInUseException" 1597// Your account is not a member of an organization. To make this request, you 1598// must use the credentials of an account that belongs to an organization. 1599// 1600// * ErrCodeConcurrentModificationException "ConcurrentModificationException" 1601// The target of the operation is currently being modified by a different request. 1602// Try again later. 1603// 1604// * ErrCodeConstraintViolationException "ConstraintViolationException" 1605// Performing this operation violates a minimum or maximum value limit. For 1606// example, attempting to removing the last SCP from an OU or root, inviting 1607// or creating too many accounts to the organization, or attaching too many 1608// policies to an account, OU, or root. This exception includes a reason that 1609// contains additional information about the violated limit: 1610// 1611// Some of the reasons in the following list might not be applicable to this 1612// specific API or operation: 1613// 1614// ACCOUNT_NUMBER_LIMIT_EXCEEDED: You attempted to exceed the limit on the number 1615// of accounts in an organization. If you need more accounts, contact AWS Support 1616// to request an increase in your limit. 1617// 1618// Or, The number of invitations that you tried to send would cause you to exceed 1619// the limit of accounts in your organization. Send fewer invitations, or contact 1620// AWS Support to request an increase in the number of accounts. 1621// 1622// Note: deleted and closed accounts still count toward your limit. 1623// 1624// If you get an exception that indicates that you exceeded your account limits 1625// for the organization or that you can"t add an account because your organization 1626// is still initializing, please contact AWS Customer Support (https://console.aws.amazon.com/support/home#/). 1627// 1628// * HANDSHAKE_RATE_LIMIT_EXCEEDED: You attempted to exceed the number of 1629// handshakes you can send in one day. 1630// 1631// * OU_NUMBER_LIMIT_EXCEEDED: You attempted to exceed the number of organizational 1632// units you can have in an organization. 1633// 1634// * OU_DEPTH_LIMIT_EXCEEDED: You attempted to create an organizational unit 1635// tree that is too many levels deep. 1636// 1637// * POLICY_NUMBER_LIMIT_EXCEEDED. You attempted to exceed the number of 1638// policies that you can have in an organization. 1639// 1640// * MAX_POLICY_TYPE_ATTACHMENT_LIMIT_EXCEEDED: You attempted to exceed the 1641// number of policies of a certain type that can be attached to an entity 1642// at one time. 1643// 1644// * MIN_POLICY_TYPE_ATTACHMENT_LIMIT_EXCEEDED: You attempted to detach a 1645// policy from an entity that would cause the entity to have fewer than the 1646// minimum number of policies of a certain type required. 1647// 1648// * ACCOUNT_CANNOT_LEAVE_WITHOUT_EULA: You attempted to remove an account 1649// from the organization that does not yet have enough information to exist 1650// as a stand-alone account. This account requires you to first agree to 1651// the AWS Customer Agreement. Follow the steps at To leave an organization 1652// when all required account information has not yet been provided (http://docs.aws.amazon.com/organizations/latest/userguide/orgs_manage_accounts_remove.html#leave-without-all-info) 1653// in the AWS Organizations User Guide. 1654// 1655// * ACCOUNT_CANNOT_LEAVE_WITHOUT_PHONE_VERIFICATION: You attempted to remove 1656// an account from the organization that does not yet have enough information 1657// to exist as a stand-alone account. This account requires you to first 1658// complete phone verification. Follow the steps at To leave an organization 1659// when all required account information has not yet been provided (http://docs.aws.amazon.com/organizations/latest/userguide/orgs_manage_accounts_remove.html#leave-without-all-info) 1660// in the AWS Organizations User Guide. 1661// 1662// * MASTER_ACCOUNT_PAYMENT_INSTRUMENT_REQUIRED: To create an organization 1663// with this account, you first must associate a payment instrument, such 1664// as a credit card, with the account. Follow the steps at To leave an organization 1665// when all required account information has not yet been provided (http://docs.aws.amazon.com/organizations/latest/userguide/orgs_manage_accounts_remove.html#leave-without-all-info) 1666// in the AWS Organizations User Guide. 1667// 1668// * MEMBER_ACCOUNT_PAYMENT_INSTRUMENT_REQUIRED: To complete this operation 1669// with this member account, you first must associate a payment instrument, 1670// such as a credit card, with the account. Follow the steps at To leave 1671// an organization when all required account information has not yet been 1672// provided (http://docs.aws.amazon.com/organizations/latest/userguide/orgs_manage_accounts_remove.html#leave-without-all-info) 1673// in the AWS Organizations User Guide. 1674// 1675// * ACCOUNT_CREATION_RATE_LIMIT_EXCEEDED: You attempted to exceed the number 1676// of accounts that you can create in one day. 1677// 1678// * MASTER_ACCOUNT_ADDRESS_DOES_NOT_MATCH_MARKETPLACE: To create an account 1679// in this organization, you first must migrate the organization's master 1680// account to the marketplace that corresponds to the master account's address. 1681// For example, accounts with India addresses must be associated with the 1682// AISPL marketplace. All accounts in an organization must be associated 1683// with the same marketplace. 1684// 1685// * MASTER_ACCOUNT_MISSING_CONTACT_INFO: To complete this operation, you 1686// must first provide contact a valid address and phone number for the master 1687// account. Then try the operation again. 1688// 1689// * ErrCodeDuplicatePolicyException "DuplicatePolicyException" 1690// A policy with the same name already exists. 1691// 1692// * ErrCodeInvalidInputException "InvalidInputException" 1693// The requested operation failed because you provided invalid values for one 1694// or more of the request parameters. This exception includes a reason that 1695// contains additional information about the violated limit: 1696// 1697// Some of the reasons in the following list might not be applicable to this 1698// specific API or operation: 1699// 1700// * INVALID_PARTY_TYPE_TARGET: You specified the wrong type of entity (account, 1701// organization, or email) as a party. 1702// 1703// * INVALID_SYNTAX_ORGANIZATION_ARN: You specified an invalid ARN for the 1704// organization. 1705// 1706// * INVALID_SYNTAX_POLICY_ID: You specified an invalid policy ID. 1707// 1708// * INVALID_ENUM: You specified a value that is not valid for that parameter. 1709// 1710// * INVALID_FULL_NAME_TARGET: You specified a full name that contains invalid 1711// characters. 1712// 1713// * INVALID_LIST_MEMBER: You provided a list to a parameter that contains 1714// at least one invalid value. 1715// 1716// * MAX_LENGTH_EXCEEDED: You provided a string parameter that is longer 1717// than allowed. 1718// 1719// * MAX_VALUE_EXCEEDED: You provided a numeric parameter that has a larger 1720// value than allowed. 1721// 1722// * MIN_LENGTH_EXCEEDED: You provided a string parameter that is shorter 1723// than allowed. 1724// 1725// * MIN_VALUE_EXCEEDED: You provided a numeric parameter that has a smaller 1726// value than allowed. 1727// 1728// * IMMUTABLE_POLICY: You specified a policy that is managed by AWS and 1729// cannot be modified. 1730// 1731// * INVALID_PATTERN: You provided a value that doesn't match the required 1732// pattern. 1733// 1734// * INVALID_PATTERN_TARGET_ID: You specified a policy target ID that doesn't 1735// match the required pattern. 1736// 1737// * INPUT_REQUIRED: You must include a value for all required parameters. 1738// 1739// * INVALID_PAGINATION_TOKEN: Get the value for the NextToken parameter 1740// from the response to a previous call of the operation. 1741// 1742// * MAX_FILTER_LIMIT_EXCEEDED: You can specify only one filter parameter 1743// for the operation. 1744// 1745// * MOVING_ACCOUNT_BETWEEN_DIFFERENT_ROOTS: You can move an account only 1746// between entities in the same root. 1747// 1748// * ErrCodeMalformedPolicyDocumentException "MalformedPolicyDocumentException" 1749// The provided policy document does not meet the requirements of the specified 1750// policy type. For example, the syntax might be incorrect. For details about 1751// service control policy syntax, see Service Control Policy Syntax (http://docs.aws.amazon.com/organizations/latest/userguide/orgs_reference_scp-syntax.html) 1752// in the AWS Organizations User Guide. 1753// 1754// * ErrCodePolicyTypeNotAvailableForOrganizationException "PolicyTypeNotAvailableForOrganizationException" 1755// You can't use the specified policy type with the feature set currently enabled 1756// for this organization. For example, you can enable service control policies 1757// (SCPs) only after you enable all features in the organization. For more information, 1758// see Enabling and Disabling a Policy Type on a Root (http://docs.aws.amazon.com/organizations/latest/userguide/orgs_manage_policies.html#enable_policies_on_root) 1759// in the AWS Organizations User Guide. 1760// 1761// * ErrCodeServiceException "ServiceException" 1762// AWS Organizations can't complete your request because of an internal service 1763// error. Try again later. 1764// 1765// * ErrCodeTooManyRequestsException "TooManyRequestsException" 1766// You've sent too many requests in too short a period of time. The limit helps 1767// protect against denial-of-service attacks. Try again later. 1768// 1769// See also, https://docs.aws.amazon.com/goto/WebAPI/organizations-2016-11-28/CreatePolicy 1770func (c *Organizations) CreatePolicy(input *CreatePolicyInput) (*CreatePolicyOutput, error) { 1771 req, out := c.CreatePolicyRequest(input) 1772 return out, req.Send() 1773} 1774 1775// CreatePolicyWithContext is the same as CreatePolicy with the addition of 1776// the ability to pass a context and additional request options. 1777// 1778// See CreatePolicy for details on how to use this API operation. 1779// 1780// The context must be non-nil and will be used for request cancellation. If 1781// the context is nil a panic will occur. In the future the SDK may create 1782// sub-contexts for http.Requests. See https://golang.org/pkg/context/ 1783// for more information on using Contexts. 1784func (c *Organizations) CreatePolicyWithContext(ctx aws.Context, input *CreatePolicyInput, opts ...request.Option) (*CreatePolicyOutput, error) { 1785 req, out := c.CreatePolicyRequest(input) 1786 req.SetContext(ctx) 1787 req.ApplyOptions(opts...) 1788 return out, req.Send() 1789} 1790 1791const opDeclineHandshake = "DeclineHandshake" 1792 1793// DeclineHandshakeRequest generates a "aws/request.Request" representing the 1794// client's request for the DeclineHandshake operation. The "output" return 1795// value will be populated with the request's response once the request complets 1796// successfuly. 1797// 1798// Use "Send" method on the returned Request to send the API call to the service. 1799// the "output" return value is not valid until after Send returns without error. 1800// 1801// See DeclineHandshake for more information on using the DeclineHandshake 1802// API call, and error handling. 1803// 1804// This method is useful when you want to inject custom logic or configuration 1805// into the SDK's request lifecycle. Such as custom headers, or retry logic. 1806// 1807// 1808// // Example sending a request using the DeclineHandshakeRequest method. 1809// req, resp := client.DeclineHandshakeRequest(params) 1810// 1811// err := req.Send() 1812// if err == nil { // resp is now filled 1813// fmt.Println(resp) 1814// } 1815// 1816// See also, https://docs.aws.amazon.com/goto/WebAPI/organizations-2016-11-28/DeclineHandshake 1817func (c *Organizations) DeclineHandshakeRequest(input *DeclineHandshakeInput) (req *request.Request, output *DeclineHandshakeOutput) { 1818 op := &request.Operation{ 1819 Name: opDeclineHandshake, 1820 HTTPMethod: "POST", 1821 HTTPPath: "/", 1822 } 1823 1824 if input == nil { 1825 input = &DeclineHandshakeInput{} 1826 } 1827 1828 output = &DeclineHandshakeOutput{} 1829 req = c.newRequest(op, input, output) 1830 return 1831} 1832 1833// DeclineHandshake API operation for AWS Organizations. 1834// 1835// Declines a handshake request. This sets the handshake state to DECLINED and 1836// effectively deactivates the request. 1837// 1838// This operation can be called only from the account that received the handshake. 1839// The originator of the handshake can use CancelHandshake instead. The originator 1840// can't reactivate a declined request, but can re-initiate the process with 1841// a new handshake request. 1842// 1843// After you decline a handshake, it continues to appear in the results of relevant 1844// APIs for only 30 days. After that it is deleted. 1845// 1846// Returns awserr.Error for service API and SDK errors. Use runtime type assertions 1847// with awserr.Error's Code and Message methods to get detailed information about 1848// the error. 1849// 1850// See the AWS API reference guide for AWS Organizations's 1851// API operation DeclineHandshake for usage and error information. 1852// 1853// Returned Error Codes: 1854// * ErrCodeAccessDeniedException "AccessDeniedException" 1855// You don't have permissions to perform the requested operation. The user or 1856// role that is making the request must have at least one IAM permissions policy 1857// attached that grants the required permissions. For more information, see 1858// Access Management (http://docs.aws.amazon.com/IAM/latest/UserGuide/access.html) 1859// in the IAM User Guide. 1860// 1861// * ErrCodeConcurrentModificationException "ConcurrentModificationException" 1862// The target of the operation is currently being modified by a different request. 1863// Try again later. 1864// 1865// * ErrCodeHandshakeNotFoundException "HandshakeNotFoundException" 1866// We can't find a handshake with the HandshakeId that you specified. 1867// 1868// * ErrCodeInvalidHandshakeTransitionException "InvalidHandshakeTransitionException" 1869// You can't perform the operation on the handshake in its current state. For 1870// example, you can't cancel a handshake that was already accepted, or accept 1871// a handshake that was already declined. 1872// 1873// * ErrCodeHandshakeAlreadyInStateException "HandshakeAlreadyInStateException" 1874// The specified handshake is already in the requested state. For example, you 1875// can't accept a handshake that was already accepted. 1876// 1877// * ErrCodeInvalidInputException "InvalidInputException" 1878// The requested operation failed because you provided invalid values for one 1879// or more of the request parameters. This exception includes a reason that 1880// contains additional information about the violated limit: 1881// 1882// Some of the reasons in the following list might not be applicable to this 1883// specific API or operation: 1884// 1885// * INVALID_PARTY_TYPE_TARGET: You specified the wrong type of entity (account, 1886// organization, or email) as a party. 1887// 1888// * INVALID_SYNTAX_ORGANIZATION_ARN: You specified an invalid ARN for the 1889// organization. 1890// 1891// * INVALID_SYNTAX_POLICY_ID: You specified an invalid policy ID. 1892// 1893// * INVALID_ENUM: You specified a value that is not valid for that parameter. 1894// 1895// * INVALID_FULL_NAME_TARGET: You specified a full name that contains invalid 1896// characters. 1897// 1898// * INVALID_LIST_MEMBER: You provided a list to a parameter that contains 1899// at least one invalid value. 1900// 1901// * MAX_LENGTH_EXCEEDED: You provided a string parameter that is longer 1902// than allowed. 1903// 1904// * MAX_VALUE_EXCEEDED: You provided a numeric parameter that has a larger 1905// value than allowed. 1906// 1907// * MIN_LENGTH_EXCEEDED: You provided a string parameter that is shorter 1908// than allowed. 1909// 1910// * MIN_VALUE_EXCEEDED: You provided a numeric parameter that has a smaller 1911// value than allowed. 1912// 1913// * IMMUTABLE_POLICY: You specified a policy that is managed by AWS and 1914// cannot be modified. 1915// 1916// * INVALID_PATTERN: You provided a value that doesn't match the required 1917// pattern. 1918// 1919// * INVALID_PATTERN_TARGET_ID: You specified a policy target ID that doesn't 1920// match the required pattern. 1921// 1922// * INPUT_REQUIRED: You must include a value for all required parameters. 1923// 1924// * INVALID_PAGINATION_TOKEN: Get the value for the NextToken parameter 1925// from the response to a previous call of the operation. 1926// 1927// * MAX_FILTER_LIMIT_EXCEEDED: You can specify only one filter parameter 1928// for the operation. 1929// 1930// * MOVING_ACCOUNT_BETWEEN_DIFFERENT_ROOTS: You can move an account only 1931// between entities in the same root. 1932// 1933// * ErrCodeServiceException "ServiceException" 1934// AWS Organizations can't complete your request because of an internal service 1935// error. Try again later. 1936// 1937// * ErrCodeTooManyRequestsException "TooManyRequestsException" 1938// You've sent too many requests in too short a period of time. The limit helps 1939// protect against denial-of-service attacks. Try again later. 1940// 1941// See also, https://docs.aws.amazon.com/goto/WebAPI/organizations-2016-11-28/DeclineHandshake 1942func (c *Organizations) DeclineHandshake(input *DeclineHandshakeInput) (*DeclineHandshakeOutput, error) { 1943 req, out := c.DeclineHandshakeRequest(input) 1944 return out, req.Send() 1945} 1946 1947// DeclineHandshakeWithContext is the same as DeclineHandshake with the addition of 1948// the ability to pass a context and additional request options. 1949// 1950// See DeclineHandshake for details on how to use this API operation. 1951// 1952// The context must be non-nil and will be used for request cancellation. If 1953// the context is nil a panic will occur. In the future the SDK may create 1954// sub-contexts for http.Requests. See https://golang.org/pkg/context/ 1955// for more information on using Contexts. 1956func (c *Organizations) DeclineHandshakeWithContext(ctx aws.Context, input *DeclineHandshakeInput, opts ...request.Option) (*DeclineHandshakeOutput, error) { 1957 req, out := c.DeclineHandshakeRequest(input) 1958 req.SetContext(ctx) 1959 req.ApplyOptions(opts...) 1960 return out, req.Send() 1961} 1962 1963const opDeleteOrganization = "DeleteOrganization" 1964 1965// DeleteOrganizationRequest generates a "aws/request.Request" representing the 1966// client's request for the DeleteOrganization operation. The "output" return 1967// value will be populated with the request's response once the request complets 1968// successfuly. 1969// 1970// Use "Send" method on the returned Request to send the API call to the service. 1971// the "output" return value is not valid until after Send returns without error. 1972// 1973// See DeleteOrganization for more information on using the DeleteOrganization 1974// API call, and error handling. 1975// 1976// This method is useful when you want to inject custom logic or configuration 1977// into the SDK's request lifecycle. Such as custom headers, or retry logic. 1978// 1979// 1980// // Example sending a request using the DeleteOrganizationRequest method. 1981// req, resp := client.DeleteOrganizationRequest(params) 1982// 1983// err := req.Send() 1984// if err == nil { // resp is now filled 1985// fmt.Println(resp) 1986// } 1987// 1988// See also, https://docs.aws.amazon.com/goto/WebAPI/organizations-2016-11-28/DeleteOrganization 1989func (c *Organizations) DeleteOrganizationRequest(input *DeleteOrganizationInput) (req *request.Request, output *DeleteOrganizationOutput) { 1990 op := &request.Operation{ 1991 Name: opDeleteOrganization, 1992 HTTPMethod: "POST", 1993 HTTPPath: "/", 1994 } 1995 1996 if input == nil { 1997 input = &DeleteOrganizationInput{} 1998 } 1999 2000 output = &DeleteOrganizationOutput{} 2001 req = c.newRequest(op, input, output) 2002 req.Handlers.Unmarshal.Remove(jsonrpc.UnmarshalHandler) 2003 req.Handlers.Unmarshal.PushBackNamed(protocol.UnmarshalDiscardBodyHandler) 2004 return 2005} 2006 2007// DeleteOrganization API operation for AWS Organizations. 2008// 2009// Deletes the organization. You can delete an organization only by using credentials 2010// from the master account. The organization must be empty of member accounts, 2011// OUs, and policies. 2012// 2013// Returns awserr.Error for service API and SDK errors. Use runtime type assertions 2014// with awserr.Error's Code and Message methods to get detailed information about 2015// the error. 2016// 2017// See the AWS API reference guide for AWS Organizations's 2018// API operation DeleteOrganization for usage and error information. 2019// 2020// Returned Error Codes: 2021// * ErrCodeAccessDeniedException "AccessDeniedException" 2022// You don't have permissions to perform the requested operation. The user or 2023// role that is making the request must have at least one IAM permissions policy 2024// attached that grants the required permissions. For more information, see 2025// Access Management (http://docs.aws.amazon.com/IAM/latest/UserGuide/access.html) 2026// in the IAM User Guide. 2027// 2028// * ErrCodeAWSOrganizationsNotInUseException "AWSOrganizationsNotInUseException" 2029// Your account is not a member of an organization. To make this request, you 2030// must use the credentials of an account that belongs to an organization. 2031// 2032// * ErrCodeConcurrentModificationException "ConcurrentModificationException" 2033// The target of the operation is currently being modified by a different request. 2034// Try again later. 2035// 2036// * ErrCodeInvalidInputException "InvalidInputException" 2037// The requested operation failed because you provided invalid values for one 2038// or more of the request parameters. This exception includes a reason that 2039// contains additional information about the violated limit: 2040// 2041// Some of the reasons in the following list might not be applicable to this 2042// specific API or operation: 2043// 2044// * INVALID_PARTY_TYPE_TARGET: You specified the wrong type of entity (account, 2045// organization, or email) as a party. 2046// 2047// * INVALID_SYNTAX_ORGANIZATION_ARN: You specified an invalid ARN for the 2048// organization. 2049// 2050// * INVALID_SYNTAX_POLICY_ID: You specified an invalid policy ID. 2051// 2052// * INVALID_ENUM: You specified a value that is not valid for that parameter. 2053// 2054// * INVALID_FULL_NAME_TARGET: You specified a full name that contains invalid 2055// characters. 2056// 2057// * INVALID_LIST_MEMBER: You provided a list to a parameter that contains 2058// at least one invalid value. 2059// 2060// * MAX_LENGTH_EXCEEDED: You provided a string parameter that is longer 2061// than allowed. 2062// 2063// * MAX_VALUE_EXCEEDED: You provided a numeric parameter that has a larger 2064// value than allowed. 2065// 2066// * MIN_LENGTH_EXCEEDED: You provided a string parameter that is shorter 2067// than allowed. 2068// 2069// * MIN_VALUE_EXCEEDED: You provided a numeric parameter that has a smaller 2070// value than allowed. 2071// 2072// * IMMUTABLE_POLICY: You specified a policy that is managed by AWS and 2073// cannot be modified. 2074// 2075// * INVALID_PATTERN: You provided a value that doesn't match the required 2076// pattern. 2077// 2078// * INVALID_PATTERN_TARGET_ID: You specified a policy target ID that doesn't 2079// match the required pattern. 2080// 2081// * INPUT_REQUIRED: You must include a value for all required parameters. 2082// 2083// * INVALID_PAGINATION_TOKEN: Get the value for the NextToken parameter 2084// from the response to a previous call of the operation. 2085// 2086// * MAX_FILTER_LIMIT_EXCEEDED: You can specify only one filter parameter 2087// for the operation. 2088// 2089// * MOVING_ACCOUNT_BETWEEN_DIFFERENT_ROOTS: You can move an account only 2090// between entities in the same root. 2091// 2092// * ErrCodeOrganizationNotEmptyException "OrganizationNotEmptyException" 2093// The organization isn't empty. To delete an organization, you must first remove 2094// all accounts except the master account, delete all organizational units (OUs), 2095// and delete all policies. 2096// 2097// * ErrCodeServiceException "ServiceException" 2098// AWS Organizations can't complete your request because of an internal service 2099// error. Try again later. 2100// 2101// * ErrCodeTooManyRequestsException "TooManyRequestsException" 2102// You've sent too many requests in too short a period of time. The limit helps 2103// protect against denial-of-service attacks. Try again later. 2104// 2105// See also, https://docs.aws.amazon.com/goto/WebAPI/organizations-2016-11-28/DeleteOrganization 2106func (c *Organizations) DeleteOrganization(input *DeleteOrganizationInput) (*DeleteOrganizationOutput, error) { 2107 req, out := c.DeleteOrganizationRequest(input) 2108 return out, req.Send() 2109} 2110 2111// DeleteOrganizationWithContext is the same as DeleteOrganization with the addition of 2112// the ability to pass a context and additional request options. 2113// 2114// See DeleteOrganization for details on how to use this API operation. 2115// 2116// The context must be non-nil and will be used for request cancellation. If 2117// the context is nil a panic will occur. In the future the SDK may create 2118// sub-contexts for http.Requests. See https://golang.org/pkg/context/ 2119// for more information on using Contexts. 2120func (c *Organizations) DeleteOrganizationWithContext(ctx aws.Context, input *DeleteOrganizationInput, opts ...request.Option) (*DeleteOrganizationOutput, error) { 2121 req, out := c.DeleteOrganizationRequest(input) 2122 req.SetContext(ctx) 2123 req.ApplyOptions(opts...) 2124 return out, req.Send() 2125} 2126 2127const opDeleteOrganizationalUnit = "DeleteOrganizationalUnit" 2128 2129// DeleteOrganizationalUnitRequest generates a "aws/request.Request" representing the 2130// client's request for the DeleteOrganizationalUnit operation. The "output" return 2131// value will be populated with the request's response once the request complets 2132// successfuly. 2133// 2134// Use "Send" method on the returned Request to send the API call to the service. 2135// the "output" return value is not valid until after Send returns without error. 2136// 2137// See DeleteOrganizationalUnit for more information on using the DeleteOrganizationalUnit 2138// API call, and error handling. 2139// 2140// This method is useful when you want to inject custom logic or configuration 2141// into the SDK's request lifecycle. Such as custom headers, or retry logic. 2142// 2143// 2144// // Example sending a request using the DeleteOrganizationalUnitRequest method. 2145// req, resp := client.DeleteOrganizationalUnitRequest(params) 2146// 2147// err := req.Send() 2148// if err == nil { // resp is now filled 2149// fmt.Println(resp) 2150// } 2151// 2152// See also, https://docs.aws.amazon.com/goto/WebAPI/organizations-2016-11-28/DeleteOrganizationalUnit 2153func (c *Organizations) DeleteOrganizationalUnitRequest(input *DeleteOrganizationalUnitInput) (req *request.Request, output *DeleteOrganizationalUnitOutput) { 2154 op := &request.Operation{ 2155 Name: opDeleteOrganizationalUnit, 2156 HTTPMethod: "POST", 2157 HTTPPath: "/", 2158 } 2159 2160 if input == nil { 2161 input = &DeleteOrganizationalUnitInput{} 2162 } 2163 2164 output = &DeleteOrganizationalUnitOutput{} 2165 req = c.newRequest(op, input, output) 2166 req.Handlers.Unmarshal.Remove(jsonrpc.UnmarshalHandler) 2167 req.Handlers.Unmarshal.PushBackNamed(protocol.UnmarshalDiscardBodyHandler) 2168 return 2169} 2170 2171// DeleteOrganizationalUnit API operation for AWS Organizations. 2172// 2173// Deletes an organizational unit from a root or another OU. You must first 2174// remove all accounts and child OUs from the OU that you want to delete. 2175// 2176// This operation can be called only from the organization's master account. 2177// 2178// Returns awserr.Error for service API and SDK errors. Use runtime type assertions 2179// with awserr.Error's Code and Message methods to get detailed information about 2180// the error. 2181// 2182// See the AWS API reference guide for AWS Organizations's 2183// API operation DeleteOrganizationalUnit for usage and error information. 2184// 2185// Returned Error Codes: 2186// * ErrCodeAccessDeniedException "AccessDeniedException" 2187// You don't have permissions to perform the requested operation. The user or 2188// role that is making the request must have at least one IAM permissions policy 2189// attached that grants the required permissions. For more information, see 2190// Access Management (http://docs.aws.amazon.com/IAM/latest/UserGuide/access.html) 2191// in the IAM User Guide. 2192// 2193// * ErrCodeAWSOrganizationsNotInUseException "AWSOrganizationsNotInUseException" 2194// Your account is not a member of an organization. To make this request, you 2195// must use the credentials of an account that belongs to an organization. 2196// 2197// * ErrCodeConcurrentModificationException "ConcurrentModificationException" 2198// The target of the operation is currently being modified by a different request. 2199// Try again later. 2200// 2201// * ErrCodeInvalidInputException "InvalidInputException" 2202// The requested operation failed because you provided invalid values for one 2203// or more of the request parameters. This exception includes a reason that 2204// contains additional information about the violated limit: 2205// 2206// Some of the reasons in the following list might not be applicable to this 2207// specific API or operation: 2208// 2209// * INVALID_PARTY_TYPE_TARGET: You specified the wrong type of entity (account, 2210// organization, or email) as a party. 2211// 2212// * INVALID_SYNTAX_ORGANIZATION_ARN: You specified an invalid ARN for the 2213// organization. 2214// 2215// * INVALID_SYNTAX_POLICY_ID: You specified an invalid policy ID. 2216// 2217// * INVALID_ENUM: You specified a value that is not valid for that parameter. 2218// 2219// * INVALID_FULL_NAME_TARGET: You specified a full name that contains invalid 2220// characters. 2221// 2222// * INVALID_LIST_MEMBER: You provided a list to a parameter that contains 2223// at least one invalid value. 2224// 2225// * MAX_LENGTH_EXCEEDED: You provided a string parameter that is longer 2226// than allowed. 2227// 2228// * MAX_VALUE_EXCEEDED: You provided a numeric parameter that has a larger 2229// value than allowed. 2230// 2231// * MIN_LENGTH_EXCEEDED: You provided a string parameter that is shorter 2232// than allowed. 2233// 2234// * MIN_VALUE_EXCEEDED: You provided a numeric parameter that has a smaller 2235// value than allowed. 2236// 2237// * IMMUTABLE_POLICY: You specified a policy that is managed by AWS and 2238// cannot be modified. 2239// 2240// * INVALID_PATTERN: You provided a value that doesn't match the required 2241// pattern. 2242// 2243// * INVALID_PATTERN_TARGET_ID: You specified a policy target ID that doesn't 2244// match the required pattern. 2245// 2246// * INPUT_REQUIRED: You must include a value for all required parameters. 2247// 2248// * INVALID_PAGINATION_TOKEN: Get the value for the NextToken parameter 2249// from the response to a previous call of the operation. 2250// 2251// * MAX_FILTER_LIMIT_EXCEEDED: You can specify only one filter parameter 2252// for the operation. 2253// 2254// * MOVING_ACCOUNT_BETWEEN_DIFFERENT_ROOTS: You can move an account only 2255// between entities in the same root. 2256// 2257// * ErrCodeOrganizationalUnitNotEmptyException "OrganizationalUnitNotEmptyException" 2258// The specified organizational unit (OU) is not empty. Move all accounts to 2259// another root or to other OUs, remove all child OUs, and then try the operation 2260// again. 2261// 2262// * ErrCodeOrganizationalUnitNotFoundException "OrganizationalUnitNotFoundException" 2263// We can't find an organizational unit (OU) with the OrganizationalUnitId that 2264// you specified. 2265// 2266// * ErrCodeServiceException "ServiceException" 2267// AWS Organizations can't complete your request because of an internal service 2268// error. Try again later. 2269// 2270// * ErrCodeTooManyRequestsException "TooManyRequestsException" 2271// You've sent too many requests in too short a period of time. The limit helps 2272// protect against denial-of-service attacks. Try again later. 2273// 2274// See also, https://docs.aws.amazon.com/goto/WebAPI/organizations-2016-11-28/DeleteOrganizationalUnit 2275func (c *Organizations) DeleteOrganizationalUnit(input *DeleteOrganizationalUnitInput) (*DeleteOrganizationalUnitOutput, error) { 2276 req, out := c.DeleteOrganizationalUnitRequest(input) 2277 return out, req.Send() 2278} 2279 2280// DeleteOrganizationalUnitWithContext is the same as DeleteOrganizationalUnit with the addition of 2281// the ability to pass a context and additional request options. 2282// 2283// See DeleteOrganizationalUnit for details on how to use this API operation. 2284// 2285// The context must be non-nil and will be used for request cancellation. If 2286// the context is nil a panic will occur. In the future the SDK may create 2287// sub-contexts for http.Requests. See https://golang.org/pkg/context/ 2288// for more information on using Contexts. 2289func (c *Organizations) DeleteOrganizationalUnitWithContext(ctx aws.Context, input *DeleteOrganizationalUnitInput, opts ...request.Option) (*DeleteOrganizationalUnitOutput, error) { 2290 req, out := c.DeleteOrganizationalUnitRequest(input) 2291 req.SetContext(ctx) 2292 req.ApplyOptions(opts...) 2293 return out, req.Send() 2294} 2295 2296const opDeletePolicy = "DeletePolicy" 2297 2298// DeletePolicyRequest generates a "aws/request.Request" representing the 2299// client's request for the DeletePolicy operation. The "output" return 2300// value will be populated with the request's response once the request complets 2301// successfuly. 2302// 2303// Use "Send" method on the returned Request to send the API call to the service. 2304// the "output" return value is not valid until after Send returns without error. 2305// 2306// See DeletePolicy for more information on using the DeletePolicy 2307// API call, and error handling. 2308// 2309// This method is useful when you want to inject custom logic or configuration 2310// into the SDK's request lifecycle. Such as custom headers, or retry logic. 2311// 2312// 2313// // Example sending a request using the DeletePolicyRequest method. 2314// req, resp := client.DeletePolicyRequest(params) 2315// 2316// err := req.Send() 2317// if err == nil { // resp is now filled 2318// fmt.Println(resp) 2319// } 2320// 2321// See also, https://docs.aws.amazon.com/goto/WebAPI/organizations-2016-11-28/DeletePolicy 2322func (c *Organizations) DeletePolicyRequest(input *DeletePolicyInput) (req *request.Request, output *DeletePolicyOutput) { 2323 op := &request.Operation{ 2324 Name: opDeletePolicy, 2325 HTTPMethod: "POST", 2326 HTTPPath: "/", 2327 } 2328 2329 if input == nil { 2330 input = &DeletePolicyInput{} 2331 } 2332 2333 output = &DeletePolicyOutput{} 2334 req = c.newRequest(op, input, output) 2335 req.Handlers.Unmarshal.Remove(jsonrpc.UnmarshalHandler) 2336 req.Handlers.Unmarshal.PushBackNamed(protocol.UnmarshalDiscardBodyHandler) 2337 return 2338} 2339 2340// DeletePolicy API operation for AWS Organizations. 2341// 2342// Deletes the specified policy from your organization. Before you perform this 2343// operation, you must first detach the policy from all OUs, roots, and accounts. 2344// 2345// This operation can be called only from the organization's master account. 2346// 2347// Returns awserr.Error for service API and SDK errors. Use runtime type assertions 2348// with awserr.Error's Code and Message methods to get detailed information about 2349// the error. 2350// 2351// See the AWS API reference guide for AWS Organizations's 2352// API operation DeletePolicy for usage and error information. 2353// 2354// Returned Error Codes: 2355// * ErrCodeAccessDeniedException "AccessDeniedException" 2356// You don't have permissions to perform the requested operation. The user or 2357// role that is making the request must have at least one IAM permissions policy 2358// attached that grants the required permissions. For more information, see 2359// Access Management (http://docs.aws.amazon.com/IAM/latest/UserGuide/access.html) 2360// in the IAM User Guide. 2361// 2362// * ErrCodeAWSOrganizationsNotInUseException "AWSOrganizationsNotInUseException" 2363// Your account is not a member of an organization. To make this request, you 2364// must use the credentials of an account that belongs to an organization. 2365// 2366// * ErrCodeConcurrentModificationException "ConcurrentModificationException" 2367// The target of the operation is currently being modified by a different request. 2368// Try again later. 2369// 2370// * ErrCodeInvalidInputException "InvalidInputException" 2371// The requested operation failed because you provided invalid values for one 2372// or more of the request parameters. This exception includes a reason that 2373// contains additional information about the violated limit: 2374// 2375// Some of the reasons in the following list might not be applicable to this 2376// specific API or operation: 2377// 2378// * INVALID_PARTY_TYPE_TARGET: You specified the wrong type of entity (account, 2379// organization, or email) as a party. 2380// 2381// * INVALID_SYNTAX_ORGANIZATION_ARN: You specified an invalid ARN for the 2382// organization. 2383// 2384// * INVALID_SYNTAX_POLICY_ID: You specified an invalid policy ID. 2385// 2386// * INVALID_ENUM: You specified a value that is not valid for that parameter. 2387// 2388// * INVALID_FULL_NAME_TARGET: You specified a full name that contains invalid 2389// characters. 2390// 2391// * INVALID_LIST_MEMBER: You provided a list to a parameter that contains 2392// at least one invalid value. 2393// 2394// * MAX_LENGTH_EXCEEDED: You provided a string parameter that is longer 2395// than allowed. 2396// 2397// * MAX_VALUE_EXCEEDED: You provided a numeric parameter that has a larger 2398// value than allowed. 2399// 2400// * MIN_LENGTH_EXCEEDED: You provided a string parameter that is shorter 2401// than allowed. 2402// 2403// * MIN_VALUE_EXCEEDED: You provided a numeric parameter that has a smaller 2404// value than allowed. 2405// 2406// * IMMUTABLE_POLICY: You specified a policy that is managed by AWS and 2407// cannot be modified. 2408// 2409// * INVALID_PATTERN: You provided a value that doesn't match the required 2410// pattern. 2411// 2412// * INVALID_PATTERN_TARGET_ID: You specified a policy target ID that doesn't 2413// match the required pattern. 2414// 2415// * INPUT_REQUIRED: You must include a value for all required parameters. 2416// 2417// * INVALID_PAGINATION_TOKEN: Get the value for the NextToken parameter 2418// from the response to a previous call of the operation. 2419// 2420// * MAX_FILTER_LIMIT_EXCEEDED: You can specify only one filter parameter 2421// for the operation. 2422// 2423// * MOVING_ACCOUNT_BETWEEN_DIFFERENT_ROOTS: You can move an account only 2424// between entities in the same root. 2425// 2426// * ErrCodePolicyInUseException "PolicyInUseException" 2427// The policy is attached to one or more entities. You must detach it from all 2428// roots, organizational units (OUs), and accounts before performing this operation. 2429// 2430// * ErrCodePolicyNotFoundException "PolicyNotFoundException" 2431// We can't find a policy with the PolicyId that you specified. 2432// 2433// * ErrCodeServiceException "ServiceException" 2434// AWS Organizations can't complete your request because of an internal service 2435// error. Try again later. 2436// 2437// * ErrCodeTooManyRequestsException "TooManyRequestsException" 2438// You've sent too many requests in too short a period of time. The limit helps 2439// protect against denial-of-service attacks. Try again later. 2440// 2441// See also, https://docs.aws.amazon.com/goto/WebAPI/organizations-2016-11-28/DeletePolicy 2442func (c *Organizations) DeletePolicy(input *DeletePolicyInput) (*DeletePolicyOutput, error) { 2443 req, out := c.DeletePolicyRequest(input) 2444 return out, req.Send() 2445} 2446 2447// DeletePolicyWithContext is the same as DeletePolicy with the addition of 2448// the ability to pass a context and additional request options. 2449// 2450// See DeletePolicy for details on how to use this API operation. 2451// 2452// The context must be non-nil and will be used for request cancellation. If 2453// the context is nil a panic will occur. In the future the SDK may create 2454// sub-contexts for http.Requests. See https://golang.org/pkg/context/ 2455// for more information on using Contexts. 2456func (c *Organizations) DeletePolicyWithContext(ctx aws.Context, input *DeletePolicyInput, opts ...request.Option) (*DeletePolicyOutput, error) { 2457 req, out := c.DeletePolicyRequest(input) 2458 req.SetContext(ctx) 2459 req.ApplyOptions(opts...) 2460 return out, req.Send() 2461} 2462 2463const opDescribeAccount = "DescribeAccount" 2464 2465// DescribeAccountRequest generates a "aws/request.Request" representing the 2466// client's request for the DescribeAccount operation. The "output" return 2467// value will be populated with the request's response once the request complets 2468// successfuly. 2469// 2470// Use "Send" method on the returned Request to send the API call to the service. 2471// the "output" return value is not valid until after Send returns without error. 2472// 2473// See DescribeAccount for more information on using the DescribeAccount 2474// API call, and error handling. 2475// 2476// This method is useful when you want to inject custom logic or configuration 2477// into the SDK's request lifecycle. Such as custom headers, or retry logic. 2478// 2479// 2480// // Example sending a request using the DescribeAccountRequest method. 2481// req, resp := client.DescribeAccountRequest(params) 2482// 2483// err := req.Send() 2484// if err == nil { // resp is now filled 2485// fmt.Println(resp) 2486// } 2487// 2488// See also, https://docs.aws.amazon.com/goto/WebAPI/organizations-2016-11-28/DescribeAccount 2489func (c *Organizations) DescribeAccountRequest(input *DescribeAccountInput) (req *request.Request, output *DescribeAccountOutput) { 2490 op := &request.Operation{ 2491 Name: opDescribeAccount, 2492 HTTPMethod: "POST", 2493 HTTPPath: "/", 2494 } 2495 2496 if input == nil { 2497 input = &DescribeAccountInput{} 2498 } 2499 2500 output = &DescribeAccountOutput{} 2501 req = c.newRequest(op, input, output) 2502 return 2503} 2504 2505// DescribeAccount API operation for AWS Organizations. 2506// 2507// Retrieves Organizations-related information about the specified account. 2508// 2509// This operation can be called only from the organization's master account. 2510// 2511// Returns awserr.Error for service API and SDK errors. Use runtime type assertions 2512// with awserr.Error's Code and Message methods to get detailed information about 2513// the error. 2514// 2515// See the AWS API reference guide for AWS Organizations's 2516// API operation DescribeAccount for usage and error information. 2517// 2518// Returned Error Codes: 2519// * ErrCodeAccessDeniedException "AccessDeniedException" 2520// You don't have permissions to perform the requested operation. The user or 2521// role that is making the request must have at least one IAM permissions policy 2522// attached that grants the required permissions. For more information, see 2523// Access Management (http://docs.aws.amazon.com/IAM/latest/UserGuide/access.html) 2524// in the IAM User Guide. 2525// 2526// * ErrCodeAccountNotFoundException "AccountNotFoundException" 2527// We can't find an AWS account with the AccountId that you specified, or the 2528// account whose credentials you used to make this request is not a member of 2529// an organization. 2530// 2531// * ErrCodeAWSOrganizationsNotInUseException "AWSOrganizationsNotInUseException" 2532// Your account is not a member of an organization. To make this request, you 2533// must use the credentials of an account that belongs to an organization. 2534// 2535// * ErrCodeInvalidInputException "InvalidInputException" 2536// The requested operation failed because you provided invalid values for one 2537// or more of the request parameters. This exception includes a reason that 2538// contains additional information about the violated limit: 2539// 2540// Some of the reasons in the following list might not be applicable to this 2541// specific API or operation: 2542// 2543// * INVALID_PARTY_TYPE_TARGET: You specified the wrong type of entity (account, 2544// organization, or email) as a party. 2545// 2546// * INVALID_SYNTAX_ORGANIZATION_ARN: You specified an invalid ARN for the 2547// organization. 2548// 2549// * INVALID_SYNTAX_POLICY_ID: You specified an invalid policy ID. 2550// 2551// * INVALID_ENUM: You specified a value that is not valid for that parameter. 2552// 2553// * INVALID_FULL_NAME_TARGET: You specified a full name that contains invalid 2554// characters. 2555// 2556// * INVALID_LIST_MEMBER: You provided a list to a parameter that contains 2557// at least one invalid value. 2558// 2559// * MAX_LENGTH_EXCEEDED: You provided a string parameter that is longer 2560// than allowed. 2561// 2562// * MAX_VALUE_EXCEEDED: You provided a numeric parameter that has a larger 2563// value than allowed. 2564// 2565// * MIN_LENGTH_EXCEEDED: You provided a string parameter that is shorter 2566// than allowed. 2567// 2568// * MIN_VALUE_EXCEEDED: You provided a numeric parameter that has a smaller 2569// value than allowed. 2570// 2571// * IMMUTABLE_POLICY: You specified a policy that is managed by AWS and 2572// cannot be modified. 2573// 2574// * INVALID_PATTERN: You provided a value that doesn't match the required 2575// pattern. 2576// 2577// * INVALID_PATTERN_TARGET_ID: You specified a policy target ID that doesn't 2578// match the required pattern. 2579// 2580// * INPUT_REQUIRED: You must include a value for all required parameters. 2581// 2582// * INVALID_PAGINATION_TOKEN: Get the value for the NextToken parameter 2583// from the response to a previous call of the operation. 2584// 2585// * MAX_FILTER_LIMIT_EXCEEDED: You can specify only one filter parameter 2586// for the operation. 2587// 2588// * MOVING_ACCOUNT_BETWEEN_DIFFERENT_ROOTS: You can move an account only 2589// between entities in the same root. 2590// 2591// * ErrCodeServiceException "ServiceException" 2592// AWS Organizations can't complete your request because of an internal service 2593// error. Try again later. 2594// 2595// * ErrCodeTooManyRequestsException "TooManyRequestsException" 2596// You've sent too many requests in too short a period of time. The limit helps 2597// protect against denial-of-service attacks. Try again later. 2598// 2599// See also, https://docs.aws.amazon.com/goto/WebAPI/organizations-2016-11-28/DescribeAccount 2600func (c *Organizations) DescribeAccount(input *DescribeAccountInput) (*DescribeAccountOutput, error) { 2601 req, out := c.DescribeAccountRequest(input) 2602 return out, req.Send() 2603} 2604 2605// DescribeAccountWithContext is the same as DescribeAccount with the addition of 2606// the ability to pass a context and additional request options. 2607// 2608// See DescribeAccount for details on how to use this API operation. 2609// 2610// The context must be non-nil and will be used for request cancellation. If 2611// the context is nil a panic will occur. In the future the SDK may create 2612// sub-contexts for http.Requests. See https://golang.org/pkg/context/ 2613// for more information on using Contexts. 2614func (c *Organizations) DescribeAccountWithContext(ctx aws.Context, input *DescribeAccountInput, opts ...request.Option) (*DescribeAccountOutput, error) { 2615 req, out := c.DescribeAccountRequest(input) 2616 req.SetContext(ctx) 2617 req.ApplyOptions(opts...) 2618 return out, req.Send() 2619} 2620 2621const opDescribeCreateAccountStatus = "DescribeCreateAccountStatus" 2622 2623// DescribeCreateAccountStatusRequest generates a "aws/request.Request" representing the 2624// client's request for the DescribeCreateAccountStatus operation. The "output" return 2625// value will be populated with the request's response once the request complets 2626// successfuly. 2627// 2628// Use "Send" method on the returned Request to send the API call to the service. 2629// the "output" return value is not valid until after Send returns without error. 2630// 2631// See DescribeCreateAccountStatus for more information on using the DescribeCreateAccountStatus 2632// API call, and error handling. 2633// 2634// This method is useful when you want to inject custom logic or configuration 2635// into the SDK's request lifecycle. Such as custom headers, or retry logic. 2636// 2637// 2638// // Example sending a request using the DescribeCreateAccountStatusRequest method. 2639// req, resp := client.DescribeCreateAccountStatusRequest(params) 2640// 2641// err := req.Send() 2642// if err == nil { // resp is now filled 2643// fmt.Println(resp) 2644// } 2645// 2646// See also, https://docs.aws.amazon.com/goto/WebAPI/organizations-2016-11-28/DescribeCreateAccountStatus 2647func (c *Organizations) DescribeCreateAccountStatusRequest(input *DescribeCreateAccountStatusInput) (req *request.Request, output *DescribeCreateAccountStatusOutput) { 2648 op := &request.Operation{ 2649 Name: opDescribeCreateAccountStatus, 2650 HTTPMethod: "POST", 2651 HTTPPath: "/", 2652 } 2653 2654 if input == nil { 2655 input = &DescribeCreateAccountStatusInput{} 2656 } 2657 2658 output = &DescribeCreateAccountStatusOutput{} 2659 req = c.newRequest(op, input, output) 2660 return 2661} 2662 2663// DescribeCreateAccountStatus API operation for AWS Organizations. 2664// 2665// Retrieves the current status of an asynchronous request to create an account. 2666// 2667// This operation can be called only from the organization's master account. 2668// 2669// Returns awserr.Error for service API and SDK errors. Use runtime type assertions 2670// with awserr.Error's Code and Message methods to get detailed information about 2671// the error. 2672// 2673// See the AWS API reference guide for AWS Organizations's 2674// API operation DescribeCreateAccountStatus for usage and error information. 2675// 2676// Returned Error Codes: 2677// * ErrCodeAccessDeniedException "AccessDeniedException" 2678// You don't have permissions to perform the requested operation. The user or 2679// role that is making the request must have at least one IAM permissions policy 2680// attached that grants the required permissions. For more information, see 2681// Access Management (http://docs.aws.amazon.com/IAM/latest/UserGuide/access.html) 2682// in the IAM User Guide. 2683// 2684// * ErrCodeAWSOrganizationsNotInUseException "AWSOrganizationsNotInUseException" 2685// Your account is not a member of an organization. To make this request, you 2686// must use the credentials of an account that belongs to an organization. 2687// 2688// * ErrCodeCreateAccountStatusNotFoundException "CreateAccountStatusNotFoundException" 2689// We can't find an create account request with the CreateAccountRequestId that 2690// you specified. 2691// 2692// * ErrCodeInvalidInputException "InvalidInputException" 2693// The requested operation failed because you provided invalid values for one 2694// or more of the request parameters. This exception includes a reason that 2695// contains additional information about the violated limit: 2696// 2697// Some of the reasons in the following list might not be applicable to this 2698// specific API or operation: 2699// 2700// * INVALID_PARTY_TYPE_TARGET: You specified the wrong type of entity (account, 2701// organization, or email) as a party. 2702// 2703// * INVALID_SYNTAX_ORGANIZATION_ARN: You specified an invalid ARN for the 2704// organization. 2705// 2706// * INVALID_SYNTAX_POLICY_ID: You specified an invalid policy ID. 2707// 2708// * INVALID_ENUM: You specified a value that is not valid for that parameter. 2709// 2710// * INVALID_FULL_NAME_TARGET: You specified a full name that contains invalid 2711// characters. 2712// 2713// * INVALID_LIST_MEMBER: You provided a list to a parameter that contains 2714// at least one invalid value. 2715// 2716// * MAX_LENGTH_EXCEEDED: You provided a string parameter that is longer 2717// than allowed. 2718// 2719// * MAX_VALUE_EXCEEDED: You provided a numeric parameter that has a larger 2720// value than allowed. 2721// 2722// * MIN_LENGTH_EXCEEDED: You provided a string parameter that is shorter 2723// than allowed. 2724// 2725// * MIN_VALUE_EXCEEDED: You provided a numeric parameter that has a smaller 2726// value than allowed. 2727// 2728// * IMMUTABLE_POLICY: You specified a policy that is managed by AWS and 2729// cannot be modified. 2730// 2731// * INVALID_PATTERN: You provided a value that doesn't match the required 2732// pattern. 2733// 2734// * INVALID_PATTERN_TARGET_ID: You specified a policy target ID that doesn't 2735// match the required pattern. 2736// 2737// * INPUT_REQUIRED: You must include a value for all required parameters. 2738// 2739// * INVALID_PAGINATION_TOKEN: Get the value for the NextToken parameter 2740// from the response to a previous call of the operation. 2741// 2742// * MAX_FILTER_LIMIT_EXCEEDED: You can specify only one filter parameter 2743// for the operation. 2744// 2745// * MOVING_ACCOUNT_BETWEEN_DIFFERENT_ROOTS: You can move an account only 2746// between entities in the same root. 2747// 2748// * ErrCodeServiceException "ServiceException" 2749// AWS Organizations can't complete your request because of an internal service 2750// error. Try again later. 2751// 2752// * ErrCodeTooManyRequestsException "TooManyRequestsException" 2753// You've sent too many requests in too short a period of time. The limit helps 2754// protect against denial-of-service attacks. Try again later. 2755// 2756// See also, https://docs.aws.amazon.com/goto/WebAPI/organizations-2016-11-28/DescribeCreateAccountStatus 2757func (c *Organizations) DescribeCreateAccountStatus(input *DescribeCreateAccountStatusInput) (*DescribeCreateAccountStatusOutput, error) { 2758 req, out := c.DescribeCreateAccountStatusRequest(input) 2759 return out, req.Send() 2760} 2761 2762// DescribeCreateAccountStatusWithContext is the same as DescribeCreateAccountStatus with the addition of 2763// the ability to pass a context and additional request options. 2764// 2765// See DescribeCreateAccountStatus for details on how to use this API operation. 2766// 2767// The context must be non-nil and will be used for request cancellation. If 2768// the context is nil a panic will occur. In the future the SDK may create 2769// sub-contexts for http.Requests. See https://golang.org/pkg/context/ 2770// for more information on using Contexts. 2771func (c *Organizations) DescribeCreateAccountStatusWithContext(ctx aws.Context, input *DescribeCreateAccountStatusInput, opts ...request.Option) (*DescribeCreateAccountStatusOutput, error) { 2772 req, out := c.DescribeCreateAccountStatusRequest(input) 2773 req.SetContext(ctx) 2774 req.ApplyOptions(opts...) 2775 return out, req.Send() 2776} 2777 2778const opDescribeHandshake = "DescribeHandshake" 2779 2780// DescribeHandshakeRequest generates a "aws/request.Request" representing the 2781// client's request for the DescribeHandshake operation. The "output" return 2782// value will be populated with the request's response once the request complets 2783// successfuly. 2784// 2785// Use "Send" method on the returned Request to send the API call to the service. 2786// the "output" return value is not valid until after Send returns without error. 2787// 2788// See DescribeHandshake for more information on using the DescribeHandshake 2789// API call, and error handling. 2790// 2791// This method is useful when you want to inject custom logic or configuration 2792// into the SDK's request lifecycle. Such as custom headers, or retry logic. 2793// 2794// 2795// // Example sending a request using the DescribeHandshakeRequest method. 2796// req, resp := client.DescribeHandshakeRequest(params) 2797// 2798// err := req.Send() 2799// if err == nil { // resp is now filled 2800// fmt.Println(resp) 2801// } 2802// 2803// See also, https://docs.aws.amazon.com/goto/WebAPI/organizations-2016-11-28/DescribeHandshake 2804func (c *Organizations) DescribeHandshakeRequest(input *DescribeHandshakeInput) (req *request.Request, output *DescribeHandshakeOutput) { 2805 op := &request.Operation{ 2806 Name: opDescribeHandshake, 2807 HTTPMethod: "POST", 2808 HTTPPath: "/", 2809 } 2810 2811 if input == nil { 2812 input = &DescribeHandshakeInput{} 2813 } 2814 2815 output = &DescribeHandshakeOutput{} 2816 req = c.newRequest(op, input, output) 2817 return 2818} 2819 2820// DescribeHandshake API operation for AWS Organizations. 2821// 2822// Retrieves information about a previously requested handshake. The handshake 2823// ID comes from the response to the original InviteAccountToOrganization operation 2824// that generated the handshake. 2825// 2826// You can access handshakes that are ACCEPTED, DECLINED, or CANCELED for only 2827// 30 days after they change to that state. They are then deleted and no longer 2828// accessible. 2829// 2830// This operation can be called from any account in the organization. 2831// 2832// Returns awserr.Error for service API and SDK errors. Use runtime type assertions 2833// with awserr.Error's Code and Message methods to get detailed information about 2834// the error. 2835// 2836// See the AWS API reference guide for AWS Organizations's 2837// API operation DescribeHandshake for usage and error information. 2838// 2839// Returned Error Codes: 2840// * ErrCodeAccessDeniedException "AccessDeniedException" 2841// You don't have permissions to perform the requested operation. The user or 2842// role that is making the request must have at least one IAM permissions policy 2843// attached that grants the required permissions. For more information, see 2844// Access Management (http://docs.aws.amazon.com/IAM/latest/UserGuide/access.html) 2845// in the IAM User Guide. 2846// 2847// * ErrCodeConcurrentModificationException "ConcurrentModificationException" 2848// The target of the operation is currently being modified by a different request. 2849// Try again later. 2850// 2851// * ErrCodeHandshakeNotFoundException "HandshakeNotFoundException" 2852// We can't find a handshake with the HandshakeId that you specified. 2853// 2854// * ErrCodeInvalidInputException "InvalidInputException" 2855// The requested operation failed because you provided invalid values for one 2856// or more of the request parameters. This exception includes a reason that 2857// contains additional information about the violated limit: 2858// 2859// Some of the reasons in the following list might not be applicable to this 2860// specific API or operation: 2861// 2862// * INVALID_PARTY_TYPE_TARGET: You specified the wrong type of entity (account, 2863// organization, or email) as a party. 2864// 2865// * INVALID_SYNTAX_ORGANIZATION_ARN: You specified an invalid ARN for the 2866// organization. 2867// 2868// * INVALID_SYNTAX_POLICY_ID: You specified an invalid policy ID. 2869// 2870// * INVALID_ENUM: You specified a value that is not valid for that parameter. 2871// 2872// * INVALID_FULL_NAME_TARGET: You specified a full name that contains invalid 2873// characters. 2874// 2875// * INVALID_LIST_MEMBER: You provided a list to a parameter that contains 2876// at least one invalid value. 2877// 2878// * MAX_LENGTH_EXCEEDED: You provided a string parameter that is longer 2879// than allowed. 2880// 2881// * MAX_VALUE_EXCEEDED: You provided a numeric parameter that has a larger 2882// value than allowed. 2883// 2884// * MIN_LENGTH_EXCEEDED: You provided a string parameter that is shorter 2885// than allowed. 2886// 2887// * MIN_VALUE_EXCEEDED: You provided a numeric parameter that has a smaller 2888// value than allowed. 2889// 2890// * IMMUTABLE_POLICY: You specified a policy that is managed by AWS and 2891// cannot be modified. 2892// 2893// * INVALID_PATTERN: You provided a value that doesn't match the required 2894// pattern. 2895// 2896// * INVALID_PATTERN_TARGET_ID: You specified a policy target ID that doesn't 2897// match the required pattern. 2898// 2899// * INPUT_REQUIRED: You must include a value for all required parameters. 2900// 2901// * INVALID_PAGINATION_TOKEN: Get the value for the NextToken parameter 2902// from the response to a previous call of the operation. 2903// 2904// * MAX_FILTER_LIMIT_EXCEEDED: You can specify only one filter parameter 2905// for the operation. 2906// 2907// * MOVING_ACCOUNT_BETWEEN_DIFFERENT_ROOTS: You can move an account only 2908// between entities in the same root. 2909// 2910// * ErrCodeServiceException "ServiceException" 2911// AWS Organizations can't complete your request because of an internal service 2912// error. Try again later. 2913// 2914// * ErrCodeTooManyRequestsException "TooManyRequestsException" 2915// You've sent too many requests in too short a period of time. The limit helps 2916// protect against denial-of-service attacks. Try again later. 2917// 2918// See also, https://docs.aws.amazon.com/goto/WebAPI/organizations-2016-11-28/DescribeHandshake 2919func (c *Organizations) DescribeHandshake(input *DescribeHandshakeInput) (*DescribeHandshakeOutput, error) { 2920 req, out := c.DescribeHandshakeRequest(input) 2921 return out, req.Send() 2922} 2923 2924// DescribeHandshakeWithContext is the same as DescribeHandshake with the addition of 2925// the ability to pass a context and additional request options. 2926// 2927// See DescribeHandshake for details on how to use this API operation. 2928// 2929// The context must be non-nil and will be used for request cancellation. If 2930// the context is nil a panic will occur. In the future the SDK may create 2931// sub-contexts for http.Requests. See https://golang.org/pkg/context/ 2932// for more information on using Contexts. 2933func (c *Organizations) DescribeHandshakeWithContext(ctx aws.Context, input *DescribeHandshakeInput, opts ...request.Option) (*DescribeHandshakeOutput, error) { 2934 req, out := c.DescribeHandshakeRequest(input) 2935 req.SetContext(ctx) 2936 req.ApplyOptions(opts...) 2937 return out, req.Send() 2938} 2939 2940const opDescribeOrganization = "DescribeOrganization" 2941 2942// DescribeOrganizationRequest generates a "aws/request.Request" representing the 2943// client's request for the DescribeOrganization operation. The "output" return 2944// value will be populated with the request's response once the request complets 2945// successfuly. 2946// 2947// Use "Send" method on the returned Request to send the API call to the service. 2948// the "output" return value is not valid until after Send returns without error. 2949// 2950// See DescribeOrganization for more information on using the DescribeOrganization 2951// API call, and error handling. 2952// 2953// This method is useful when you want to inject custom logic or configuration 2954// into the SDK's request lifecycle. Such as custom headers, or retry logic. 2955// 2956// 2957// // Example sending a request using the DescribeOrganizationRequest method. 2958// req, resp := client.DescribeOrganizationRequest(params) 2959// 2960// err := req.Send() 2961// if err == nil { // resp is now filled 2962// fmt.Println(resp) 2963// } 2964// 2965// See also, https://docs.aws.amazon.com/goto/WebAPI/organizations-2016-11-28/DescribeOrganization 2966func (c *Organizations) DescribeOrganizationRequest(input *DescribeOrganizationInput) (req *request.Request, output *DescribeOrganizationOutput) { 2967 op := &request.Operation{ 2968 Name: opDescribeOrganization, 2969 HTTPMethod: "POST", 2970 HTTPPath: "/", 2971 } 2972 2973 if input == nil { 2974 input = &DescribeOrganizationInput{} 2975 } 2976 2977 output = &DescribeOrganizationOutput{} 2978 req = c.newRequest(op, input, output) 2979 return 2980} 2981 2982// DescribeOrganization API operation for AWS Organizations. 2983// 2984// Retrieves information about the organization that the user's account belongs 2985// to. 2986// 2987// This operation can be called from any account in the organization. 2988// 2989// Returns awserr.Error for service API and SDK errors. Use runtime type assertions 2990// with awserr.Error's Code and Message methods to get detailed information about 2991// the error. 2992// 2993// See the AWS API reference guide for AWS Organizations's 2994// API operation DescribeOrganization for usage and error information. 2995// 2996// Returned Error Codes: 2997// * ErrCodeAccessDeniedException "AccessDeniedException" 2998// You don't have permissions to perform the requested operation. The user or 2999// role that is making the request must have at least one IAM permissions policy 3000// attached that grants the required permissions. For more information, see 3001// Access Management (http://docs.aws.amazon.com/IAM/latest/UserGuide/access.html) 3002// in the IAM User Guide. 3003// 3004// * ErrCodeAWSOrganizationsNotInUseException "AWSOrganizationsNotInUseException" 3005// Your account is not a member of an organization. To make this request, you 3006// must use the credentials of an account that belongs to an organization. 3007// 3008// * ErrCodeConcurrentModificationException "ConcurrentModificationException" 3009// The target of the operation is currently being modified by a different request. 3010// Try again later. 3011// 3012// * ErrCodeServiceException "ServiceException" 3013// AWS Organizations can't complete your request because of an internal service 3014// error. Try again later. 3015// 3016// * ErrCodeTooManyRequestsException "TooManyRequestsException" 3017// You've sent too many requests in too short a period of time. The limit helps 3018// protect against denial-of-service attacks. Try again later. 3019// 3020// See also, https://docs.aws.amazon.com/goto/WebAPI/organizations-2016-11-28/DescribeOrganization 3021func (c *Organizations) DescribeOrganization(input *DescribeOrganizationInput) (*DescribeOrganizationOutput, error) { 3022 req, out := c.DescribeOrganizationRequest(input) 3023 return out, req.Send() 3024} 3025 3026// DescribeOrganizationWithContext is the same as DescribeOrganization with the addition of 3027// the ability to pass a context and additional request options. 3028// 3029// See DescribeOrganization for details on how to use this API operation. 3030// 3031// The context must be non-nil and will be used for request cancellation. If 3032// the context is nil a panic will occur. In the future the SDK may create 3033// sub-contexts for http.Requests. See https://golang.org/pkg/context/ 3034// for more information on using Contexts. 3035func (c *Organizations) DescribeOrganizationWithContext(ctx aws.Context, input *DescribeOrganizationInput, opts ...request.Option) (*DescribeOrganizationOutput, error) { 3036 req, out := c.DescribeOrganizationRequest(input) 3037 req.SetContext(ctx) 3038 req.ApplyOptions(opts...) 3039 return out, req.Send() 3040} 3041 3042const opDescribeOrganizationalUnit = "DescribeOrganizationalUnit" 3043 3044// DescribeOrganizationalUnitRequest generates a "aws/request.Request" representing the 3045// client's request for the DescribeOrganizationalUnit operation. The "output" return 3046// value will be populated with the request's response once the request complets 3047// successfuly. 3048// 3049// Use "Send" method on the returned Request to send the API call to the service. 3050// the "output" return value is not valid until after Send returns without error. 3051// 3052// See DescribeOrganizationalUnit for more information on using the DescribeOrganizationalUnit 3053// API call, and error handling. 3054// 3055// This method is useful when you want to inject custom logic or configuration 3056// into the SDK's request lifecycle. Such as custom headers, or retry logic. 3057// 3058// 3059// // Example sending a request using the DescribeOrganizationalUnitRequest method. 3060// req, resp := client.DescribeOrganizationalUnitRequest(params) 3061// 3062// err := req.Send() 3063// if err == nil { // resp is now filled 3064// fmt.Println(resp) 3065// } 3066// 3067// See also, https://docs.aws.amazon.com/goto/WebAPI/organizations-2016-11-28/DescribeOrganizationalUnit 3068func (c *Organizations) DescribeOrganizationalUnitRequest(input *DescribeOrganizationalUnitInput) (req *request.Request, output *DescribeOrganizationalUnitOutput) { 3069 op := &request.Operation{ 3070 Name: opDescribeOrganizationalUnit, 3071 HTTPMethod: "POST", 3072 HTTPPath: "/", 3073 } 3074 3075 if input == nil { 3076 input = &DescribeOrganizationalUnitInput{} 3077 } 3078 3079 output = &DescribeOrganizationalUnitOutput{} 3080 req = c.newRequest(op, input, output) 3081 return 3082} 3083 3084// DescribeOrganizationalUnit API operation for AWS Organizations. 3085// 3086// Retrieves information about an organizational unit (OU). 3087// 3088// This operation can be called only from the organization's master account. 3089// 3090// Returns awserr.Error for service API and SDK errors. Use runtime type assertions 3091// with awserr.Error's Code and Message methods to get detailed information about 3092// the error. 3093// 3094// See the AWS API reference guide for AWS Organizations's 3095// API operation DescribeOrganizationalUnit for usage and error information. 3096// 3097// Returned Error Codes: 3098// * ErrCodeAccessDeniedException "AccessDeniedException" 3099// You don't have permissions to perform the requested operation. The user or 3100// role that is making the request must have at least one IAM permissions policy 3101// attached that grants the required permissions. For more information, see 3102// Access Management (http://docs.aws.amazon.com/IAM/latest/UserGuide/access.html) 3103// in the IAM User Guide. 3104// 3105// * ErrCodeAWSOrganizationsNotInUseException "AWSOrganizationsNotInUseException" 3106// Your account is not a member of an organization. To make this request, you 3107// must use the credentials of an account that belongs to an organization. 3108// 3109// * ErrCodeInvalidInputException "InvalidInputException" 3110// The requested operation failed because you provided invalid values for one 3111// or more of the request parameters. This exception includes a reason that 3112// contains additional information about the violated limit: 3113// 3114// Some of the reasons in the following list might not be applicable to this 3115// specific API or operation: 3116// 3117// * INVALID_PARTY_TYPE_TARGET: You specified the wrong type of entity (account, 3118// organization, or email) as a party. 3119// 3120// * INVALID_SYNTAX_ORGANIZATION_ARN: You specified an invalid ARN for the 3121// organization. 3122// 3123// * INVALID_SYNTAX_POLICY_ID: You specified an invalid policy ID. 3124// 3125// * INVALID_ENUM: You specified a value that is not valid for that parameter. 3126// 3127// * INVALID_FULL_NAME_TARGET: You specified a full name that contains invalid 3128// characters. 3129// 3130// * INVALID_LIST_MEMBER: You provided a list to a parameter that contains 3131// at least one invalid value. 3132// 3133// * MAX_LENGTH_EXCEEDED: You provided a string parameter that is longer 3134// than allowed. 3135// 3136// * MAX_VALUE_EXCEEDED: You provided a numeric parameter that has a larger 3137// value than allowed. 3138// 3139// * MIN_LENGTH_EXCEEDED: You provided a string parameter that is shorter 3140// than allowed. 3141// 3142// * MIN_VALUE_EXCEEDED: You provided a numeric parameter that has a smaller 3143// value than allowed. 3144// 3145// * IMMUTABLE_POLICY: You specified a policy that is managed by AWS and 3146// cannot be modified. 3147// 3148// * INVALID_PATTERN: You provided a value that doesn't match the required 3149// pattern. 3150// 3151// * INVALID_PATTERN_TARGET_ID: You specified a policy target ID that doesn't 3152// match the required pattern. 3153// 3154// * INPUT_REQUIRED: You must include a value for all required parameters. 3155// 3156// * INVALID_PAGINATION_TOKEN: Get the value for the NextToken parameter 3157// from the response to a previous call of the operation. 3158// 3159// * MAX_FILTER_LIMIT_EXCEEDED: You can specify only one filter parameter 3160// for the operation. 3161// 3162// * MOVING_ACCOUNT_BETWEEN_DIFFERENT_ROOTS: You can move an account only 3163// between entities in the same root. 3164// 3165// * ErrCodeOrganizationalUnitNotFoundException "OrganizationalUnitNotFoundException" 3166// We can't find an organizational unit (OU) with the OrganizationalUnitId that 3167// you specified. 3168// 3169// * ErrCodeServiceException "ServiceException" 3170// AWS Organizations can't complete your request because of an internal service 3171// error. Try again later. 3172// 3173// * ErrCodeTooManyRequestsException "TooManyRequestsException" 3174// You've sent too many requests in too short a period of time. The limit helps 3175// protect against denial-of-service attacks. Try again later. 3176// 3177// See also, https://docs.aws.amazon.com/goto/WebAPI/organizations-2016-11-28/DescribeOrganizationalUnit 3178func (c *Organizations) DescribeOrganizationalUnit(input *DescribeOrganizationalUnitInput) (*DescribeOrganizationalUnitOutput, error) { 3179 req, out := c.DescribeOrganizationalUnitRequest(input) 3180 return out, req.Send() 3181} 3182 3183// DescribeOrganizationalUnitWithContext is the same as DescribeOrganizationalUnit with the addition of 3184// the ability to pass a context and additional request options. 3185// 3186// See DescribeOrganizationalUnit for details on how to use this API operation. 3187// 3188// The context must be non-nil and will be used for request cancellation. If 3189// the context is nil a panic will occur. In the future the SDK may create 3190// sub-contexts for http.Requests. See https://golang.org/pkg/context/ 3191// for more information on using Contexts. 3192func (c *Organizations) DescribeOrganizationalUnitWithContext(ctx aws.Context, input *DescribeOrganizationalUnitInput, opts ...request.Option) (*DescribeOrganizationalUnitOutput, error) { 3193 req, out := c.DescribeOrganizationalUnitRequest(input) 3194 req.SetContext(ctx) 3195 req.ApplyOptions(opts...) 3196 return out, req.Send() 3197} 3198 3199const opDescribePolicy = "DescribePolicy" 3200 3201// DescribePolicyRequest generates a "aws/request.Request" representing the 3202// client's request for the DescribePolicy operation. The "output" return 3203// value will be populated with the request's response once the request complets 3204// successfuly. 3205// 3206// Use "Send" method on the returned Request to send the API call to the service. 3207// the "output" return value is not valid until after Send returns without error. 3208// 3209// See DescribePolicy for more information on using the DescribePolicy 3210// API call, and error handling. 3211// 3212// This method is useful when you want to inject custom logic or configuration 3213// into the SDK's request lifecycle. Such as custom headers, or retry logic. 3214// 3215// 3216// // Example sending a request using the DescribePolicyRequest method. 3217// req, resp := client.DescribePolicyRequest(params) 3218// 3219// err := req.Send() 3220// if err == nil { // resp is now filled 3221// fmt.Println(resp) 3222// } 3223// 3224// See also, https://docs.aws.amazon.com/goto/WebAPI/organizations-2016-11-28/DescribePolicy 3225func (c *Organizations) DescribePolicyRequest(input *DescribePolicyInput) (req *request.Request, output *DescribePolicyOutput) { 3226 op := &request.Operation{ 3227 Name: opDescribePolicy, 3228 HTTPMethod: "POST", 3229 HTTPPath: "/", 3230 } 3231 3232 if input == nil { 3233 input = &DescribePolicyInput{} 3234 } 3235 3236 output = &DescribePolicyOutput{} 3237 req = c.newRequest(op, input, output) 3238 return 3239} 3240 3241// DescribePolicy API operation for AWS Organizations. 3242// 3243// Retrieves information about a policy. 3244// 3245// This operation can be called only from the organization's master account. 3246// 3247// Returns awserr.Error for service API and SDK errors. Use runtime type assertions 3248// with awserr.Error's Code and Message methods to get detailed information about 3249// the error. 3250// 3251// See the AWS API reference guide for AWS Organizations's 3252// API operation DescribePolicy for usage and error information. 3253// 3254// Returned Error Codes: 3255// * ErrCodeAccessDeniedException "AccessDeniedException" 3256// You don't have permissions to perform the requested operation. The user or 3257// role that is making the request must have at least one IAM permissions policy 3258// attached that grants the required permissions. For more information, see 3259// Access Management (http://docs.aws.amazon.com/IAM/latest/UserGuide/access.html) 3260// in the IAM User Guide. 3261// 3262// * ErrCodeAWSOrganizationsNotInUseException "AWSOrganizationsNotInUseException" 3263// Your account is not a member of an organization. To make this request, you 3264// must use the credentials of an account that belongs to an organization. 3265// 3266// * ErrCodeInvalidInputException "InvalidInputException" 3267// The requested operation failed because you provided invalid values for one 3268// or more of the request parameters. This exception includes a reason that 3269// contains additional information about the violated limit: 3270// 3271// Some of the reasons in the following list might not be applicable to this 3272// specific API or operation: 3273// 3274// * INVALID_PARTY_TYPE_TARGET: You specified the wrong type of entity (account, 3275// organization, or email) as a party. 3276// 3277// * INVALID_SYNTAX_ORGANIZATION_ARN: You specified an invalid ARN for the 3278// organization. 3279// 3280// * INVALID_SYNTAX_POLICY_ID: You specified an invalid policy ID. 3281// 3282// * INVALID_ENUM: You specified a value that is not valid for that parameter. 3283// 3284// * INVALID_FULL_NAME_TARGET: You specified a full name that contains invalid 3285// characters. 3286// 3287// * INVALID_LIST_MEMBER: You provided a list to a parameter that contains 3288// at least one invalid value. 3289// 3290// * MAX_LENGTH_EXCEEDED: You provided a string parameter that is longer 3291// than allowed. 3292// 3293// * MAX_VALUE_EXCEEDED: You provided a numeric parameter that has a larger 3294// value than allowed. 3295// 3296// * MIN_LENGTH_EXCEEDED: You provided a string parameter that is shorter 3297// than allowed. 3298// 3299// * MIN_VALUE_EXCEEDED: You provided a numeric parameter that has a smaller 3300// value than allowed. 3301// 3302// * IMMUTABLE_POLICY: You specified a policy that is managed by AWS and 3303// cannot be modified. 3304// 3305// * INVALID_PATTERN: You provided a value that doesn't match the required 3306// pattern. 3307// 3308// * INVALID_PATTERN_TARGET_ID: You specified a policy target ID that doesn't 3309// match the required pattern. 3310// 3311// * INPUT_REQUIRED: You must include a value for all required parameters. 3312// 3313// * INVALID_PAGINATION_TOKEN: Get the value for the NextToken parameter 3314// from the response to a previous call of the operation. 3315// 3316// * MAX_FILTER_LIMIT_EXCEEDED: You can specify only one filter parameter 3317// for the operation. 3318// 3319// * MOVING_ACCOUNT_BETWEEN_DIFFERENT_ROOTS: You can move an account only 3320// between entities in the same root. 3321// 3322// * ErrCodePolicyNotFoundException "PolicyNotFoundException" 3323// We can't find a policy with the PolicyId that you specified. 3324// 3325// * ErrCodeServiceException "ServiceException" 3326// AWS Organizations can't complete your request because of an internal service 3327// error. Try again later. 3328// 3329// * ErrCodeTooManyRequestsException "TooManyRequestsException" 3330// You've sent too many requests in too short a period of time. The limit helps 3331// protect against denial-of-service attacks. Try again later. 3332// 3333// See also, https://docs.aws.amazon.com/goto/WebAPI/organizations-2016-11-28/DescribePolicy 3334func (c *Organizations) DescribePolicy(input *DescribePolicyInput) (*DescribePolicyOutput, error) { 3335 req, out := c.DescribePolicyRequest(input) 3336 return out, req.Send() 3337} 3338 3339// DescribePolicyWithContext is the same as DescribePolicy with the addition of 3340// the ability to pass a context and additional request options. 3341// 3342// See DescribePolicy for details on how to use this API operation. 3343// 3344// The context must be non-nil and will be used for request cancellation. If 3345// the context is nil a panic will occur. In the future the SDK may create 3346// sub-contexts for http.Requests. See https://golang.org/pkg/context/ 3347// for more information on using Contexts. 3348func (c *Organizations) DescribePolicyWithContext(ctx aws.Context, input *DescribePolicyInput, opts ...request.Option) (*DescribePolicyOutput, error) { 3349 req, out := c.DescribePolicyRequest(input) 3350 req.SetContext(ctx) 3351 req.ApplyOptions(opts...) 3352 return out, req.Send() 3353} 3354 3355const opDetachPolicy = "DetachPolicy" 3356 3357// DetachPolicyRequest generates a "aws/request.Request" representing the 3358// client's request for the DetachPolicy operation. The "output" return 3359// value will be populated with the request's response once the request complets 3360// successfuly. 3361// 3362// Use "Send" method on the returned Request to send the API call to the service. 3363// the "output" return value is not valid until after Send returns without error. 3364// 3365// See DetachPolicy for more information on using the DetachPolicy 3366// API call, and error handling. 3367// 3368// This method is useful when you want to inject custom logic or configuration 3369// into the SDK's request lifecycle. Such as custom headers, or retry logic. 3370// 3371// 3372// // Example sending a request using the DetachPolicyRequest method. 3373// req, resp := client.DetachPolicyRequest(params) 3374// 3375// err := req.Send() 3376// if err == nil { // resp is now filled 3377// fmt.Println(resp) 3378// } 3379// 3380// See also, https://docs.aws.amazon.com/goto/WebAPI/organizations-2016-11-28/DetachPolicy 3381func (c *Organizations) DetachPolicyRequest(input *DetachPolicyInput) (req *request.Request, output *DetachPolicyOutput) { 3382 op := &request.Operation{ 3383 Name: opDetachPolicy, 3384 HTTPMethod: "POST", 3385 HTTPPath: "/", 3386 } 3387 3388 if input == nil { 3389 input = &DetachPolicyInput{} 3390 } 3391 3392 output = &DetachPolicyOutput{} 3393 req = c.newRequest(op, input, output) 3394 req.Handlers.Unmarshal.Remove(jsonrpc.UnmarshalHandler) 3395 req.Handlers.Unmarshal.PushBackNamed(protocol.UnmarshalDiscardBodyHandler) 3396 return 3397} 3398 3399// DetachPolicy API operation for AWS Organizations. 3400// 3401// Detaches a policy from a target root, organizational unit, or account. If 3402// the policy being detached is a service control policy (SCP), the changes 3403// to permissions for IAM users and roles in affected accounts are immediate. 3404// 3405// Note: Every root, OU, and account must have at least one SCP attached. If 3406// you want to replace the default FullAWSAccess policy with one that limits 3407// the permissions that can be delegated, then you must attach the replacement 3408// policy before you can remove the default one. This is the authorization strategy 3409// of whitelisting (http://docs.aws.amazon.com/organizations/latest/userguide/orgs_manage_policies_about-scps.html#orgs_policies_whitelist). 3410// If you instead attach a second SCP and leave the FullAWSAccess SCP still 3411// attached, and specify "Effect": "Deny" in the second SCP to override the 3412// "Effect": "Allow" in the FullAWSAccess policy (or any other attached SCP), 3413// then you are using the authorization strategy of blacklisting (http://docs.aws.amazon.com/organizations/latest/userguide/orgs_manage_policies_about-scps.html#orgs_policies_blacklist). 3414// 3415// This operation can be called only from the organization's master account. 3416// 3417// Returns awserr.Error for service API and SDK errors. Use runtime type assertions 3418// with awserr.Error's Code and Message methods to get detailed information about 3419// the error. 3420// 3421// See the AWS API reference guide for AWS Organizations's 3422// API operation DetachPolicy for usage and error information. 3423// 3424// Returned Error Codes: 3425// * ErrCodeAccessDeniedException "AccessDeniedException" 3426// You don't have permissions to perform the requested operation. The user or 3427// role that is making the request must have at least one IAM permissions policy 3428// attached that grants the required permissions. For more information, see 3429// Access Management (http://docs.aws.amazon.com/IAM/latest/UserGuide/access.html) 3430// in the IAM User Guide. 3431// 3432// * ErrCodeAWSOrganizationsNotInUseException "AWSOrganizationsNotInUseException" 3433// Your account is not a member of an organization. To make this request, you 3434// must use the credentials of an account that belongs to an organization. 3435// 3436// * ErrCodeConcurrentModificationException "ConcurrentModificationException" 3437// The target of the operation is currently being modified by a different request. 3438// Try again later. 3439// 3440// * ErrCodeConstraintViolationException "ConstraintViolationException" 3441// Performing this operation violates a minimum or maximum value limit. For 3442// example, attempting to removing the last SCP from an OU or root, inviting 3443// or creating too many accounts to the organization, or attaching too many 3444// policies to an account, OU, or root. This exception includes a reason that 3445// contains additional information about the violated limit: 3446// 3447// Some of the reasons in the following list might not be applicable to this 3448// specific API or operation: 3449// 3450// ACCOUNT_NUMBER_LIMIT_EXCEEDED: You attempted to exceed the limit on the number 3451// of accounts in an organization. If you need more accounts, contact AWS Support 3452// to request an increase in your limit. 3453// 3454// Or, The number of invitations that you tried to send would cause you to exceed 3455// the limit of accounts in your organization. Send fewer invitations, or contact 3456// AWS Support to request an increase in the number of accounts. 3457// 3458// Note: deleted and closed accounts still count toward your limit. 3459// 3460// If you get an exception that indicates that you exceeded your account limits 3461// for the organization or that you can"t add an account because your organization 3462// is still initializing, please contact AWS Customer Support (https://console.aws.amazon.com/support/home#/). 3463// 3464// * HANDSHAKE_RATE_LIMIT_EXCEEDED: You attempted to exceed the number of 3465// handshakes you can send in one day. 3466// 3467// * OU_NUMBER_LIMIT_EXCEEDED: You attempted to exceed the number of organizational 3468// units you can have in an organization. 3469// 3470// * OU_DEPTH_LIMIT_EXCEEDED: You attempted to create an organizational unit 3471// tree that is too many levels deep. 3472// 3473// * POLICY_NUMBER_LIMIT_EXCEEDED. You attempted to exceed the number of 3474// policies that you can have in an organization. 3475// 3476// * MAX_POLICY_TYPE_ATTACHMENT_LIMIT_EXCEEDED: You attempted to exceed the 3477// number of policies of a certain type that can be attached to an entity 3478// at one time. 3479// 3480// * MIN_POLICY_TYPE_ATTACHMENT_LIMIT_EXCEEDED: You attempted to detach a 3481// policy from an entity that would cause the entity to have fewer than the 3482// minimum number of policies of a certain type required. 3483// 3484// * ACCOUNT_CANNOT_LEAVE_WITHOUT_EULA: You attempted to remove an account 3485// from the organization that does not yet have enough information to exist 3486// as a stand-alone account. This account requires you to first agree to 3487// the AWS Customer Agreement. Follow the steps at To leave an organization 3488// when all required account information has not yet been provided (http://docs.aws.amazon.com/organizations/latest/userguide/orgs_manage_accounts_remove.html#leave-without-all-info) 3489// in the AWS Organizations User Guide. 3490// 3491// * ACCOUNT_CANNOT_LEAVE_WITHOUT_PHONE_VERIFICATION: You attempted to remove 3492// an account from the organization that does not yet have enough information 3493// to exist as a stand-alone account. This account requires you to first 3494// complete phone verification. Follow the steps at To leave an organization 3495// when all required account information has not yet been provided (http://docs.aws.amazon.com/organizations/latest/userguide/orgs_manage_accounts_remove.html#leave-without-all-info) 3496// in the AWS Organizations User Guide. 3497// 3498// * MASTER_ACCOUNT_PAYMENT_INSTRUMENT_REQUIRED: To create an organization 3499// with this account, you first must associate a payment instrument, such 3500// as a credit card, with the account. Follow the steps at To leave an organization 3501// when all required account information has not yet been provided (http://docs.aws.amazon.com/organizations/latest/userguide/orgs_manage_accounts_remove.html#leave-without-all-info) 3502// in the AWS Organizations User Guide. 3503// 3504// * MEMBER_ACCOUNT_PAYMENT_INSTRUMENT_REQUIRED: To complete this operation 3505// with this member account, you first must associate a payment instrument, 3506// such as a credit card, with the account. Follow the steps at To leave 3507// an organization when all required account information has not yet been 3508// provided (http://docs.aws.amazon.com/organizations/latest/userguide/orgs_manage_accounts_remove.html#leave-without-all-info) 3509// in the AWS Organizations User Guide. 3510// 3511// * ACCOUNT_CREATION_RATE_LIMIT_EXCEEDED: You attempted to exceed the number 3512// of accounts that you can create in one day. 3513// 3514// * MASTER_ACCOUNT_ADDRESS_DOES_NOT_MATCH_MARKETPLACE: To create an account 3515// in this organization, you first must migrate the organization's master 3516// account to the marketplace that corresponds to the master account's address. 3517// For example, accounts with India addresses must be associated with the 3518// AISPL marketplace. All accounts in an organization must be associated 3519// with the same marketplace. 3520// 3521// * MASTER_ACCOUNT_MISSING_CONTACT_INFO: To complete this operation, you 3522// must first provide contact a valid address and phone number for the master 3523// account. Then try the operation again. 3524// 3525// * ErrCodeInvalidInputException "InvalidInputException" 3526// The requested operation failed because you provided invalid values for one 3527// or more of the request parameters. This exception includes a reason that 3528// contains additional information about the violated limit: 3529// 3530// Some of the reasons in the following list might not be applicable to this 3531// specific API or operation: 3532// 3533// * INVALID_PARTY_TYPE_TARGET: You specified the wrong type of entity (account, 3534// organization, or email) as a party. 3535// 3536// * INVALID_SYNTAX_ORGANIZATION_ARN: You specified an invalid ARN for the 3537// organization. 3538// 3539// * INVALID_SYNTAX_POLICY_ID: You specified an invalid policy ID. 3540// 3541// * INVALID_ENUM: You specified a value that is not valid for that parameter. 3542// 3543// * INVALID_FULL_NAME_TARGET: You specified a full name that contains invalid 3544// characters. 3545// 3546// * INVALID_LIST_MEMBER: You provided a list to a parameter that contains 3547// at least one invalid value. 3548// 3549// * MAX_LENGTH_EXCEEDED: You provided a string parameter that is longer 3550// than allowed. 3551// 3552// * MAX_VALUE_EXCEEDED: You provided a numeric parameter that has a larger 3553// value than allowed. 3554// 3555// * MIN_LENGTH_EXCEEDED: You provided a string parameter that is shorter 3556// than allowed. 3557// 3558// * MIN_VALUE_EXCEEDED: You provided a numeric parameter that has a smaller 3559// value than allowed. 3560// 3561// * IMMUTABLE_POLICY: You specified a policy that is managed by AWS and 3562// cannot be modified. 3563// 3564// * INVALID_PATTERN: You provided a value that doesn't match the required 3565// pattern. 3566// 3567// * INVALID_PATTERN_TARGET_ID: You specified a policy target ID that doesn't 3568// match the required pattern. 3569// 3570// * INPUT_REQUIRED: You must include a value for all required parameters. 3571// 3572// * INVALID_PAGINATION_TOKEN: Get the value for the NextToken parameter 3573// from the response to a previous call of the operation. 3574// 3575// * MAX_FILTER_LIMIT_EXCEEDED: You can specify only one filter parameter 3576// for the operation. 3577// 3578// * MOVING_ACCOUNT_BETWEEN_DIFFERENT_ROOTS: You can move an account only 3579// between entities in the same root. 3580// 3581// * ErrCodePolicyNotAttachedException "PolicyNotAttachedException" 3582// The policy isn't attached to the specified target in the specified root. 3583// 3584// * ErrCodePolicyNotFoundException "PolicyNotFoundException" 3585// We can't find a policy with the PolicyId that you specified. 3586// 3587// * ErrCodeServiceException "ServiceException" 3588// AWS Organizations can't complete your request because of an internal service 3589// error. Try again later. 3590// 3591// * ErrCodeTargetNotFoundException "TargetNotFoundException" 3592// We can't find a root, OU, or account with the TargetId that you specified. 3593// 3594// * ErrCodeTooManyRequestsException "TooManyRequestsException" 3595// You've sent too many requests in too short a period of time. The limit helps 3596// protect against denial-of-service attacks. Try again later. 3597// 3598// See also, https://docs.aws.amazon.com/goto/WebAPI/organizations-2016-11-28/DetachPolicy 3599func (c *Organizations) DetachPolicy(input *DetachPolicyInput) (*DetachPolicyOutput, error) { 3600 req, out := c.DetachPolicyRequest(input) 3601 return out, req.Send() 3602} 3603 3604// DetachPolicyWithContext is the same as DetachPolicy with the addition of 3605// the ability to pass a context and additional request options. 3606// 3607// See DetachPolicy for details on how to use this API operation. 3608// 3609// The context must be non-nil and will be used for request cancellation. If 3610// the context is nil a panic will occur. In the future the SDK may create 3611// sub-contexts for http.Requests. See https://golang.org/pkg/context/ 3612// for more information on using Contexts. 3613func (c *Organizations) DetachPolicyWithContext(ctx aws.Context, input *DetachPolicyInput, opts ...request.Option) (*DetachPolicyOutput, error) { 3614 req, out := c.DetachPolicyRequest(input) 3615 req.SetContext(ctx) 3616 req.ApplyOptions(opts...) 3617 return out, req.Send() 3618} 3619 3620const opDisableAWSServiceAccess = "DisableAWSServiceAccess" 3621 3622// DisableAWSServiceAccessRequest generates a "aws/request.Request" representing the 3623// client's request for the DisableAWSServiceAccess operation. The "output" return 3624// value will be populated with the request's response once the request complets 3625// successfuly. 3626// 3627// Use "Send" method on the returned Request to send the API call to the service. 3628// the "output" return value is not valid until after Send returns without error. 3629// 3630// See DisableAWSServiceAccess for more information on using the DisableAWSServiceAccess 3631// API call, and error handling. 3632// 3633// This method is useful when you want to inject custom logic or configuration 3634// into the SDK's request lifecycle. Such as custom headers, or retry logic. 3635// 3636// 3637// // Example sending a request using the DisableAWSServiceAccessRequest method. 3638// req, resp := client.DisableAWSServiceAccessRequest(params) 3639// 3640// err := req.Send() 3641// if err == nil { // resp is now filled 3642// fmt.Println(resp) 3643// } 3644// 3645// See also, https://docs.aws.amazon.com/goto/WebAPI/organizations-2016-11-28/DisableAWSServiceAccess 3646func (c *Organizations) DisableAWSServiceAccessRequest(input *DisableAWSServiceAccessInput) (req *request.Request, output *DisableAWSServiceAccessOutput) { 3647 op := &request.Operation{ 3648 Name: opDisableAWSServiceAccess, 3649 HTTPMethod: "POST", 3650 HTTPPath: "/", 3651 } 3652 3653 if input == nil { 3654 input = &DisableAWSServiceAccessInput{} 3655 } 3656 3657 output = &DisableAWSServiceAccessOutput{} 3658 req = c.newRequest(op, input, output) 3659 req.Handlers.Unmarshal.Remove(jsonrpc.UnmarshalHandler) 3660 req.Handlers.Unmarshal.PushBackNamed(protocol.UnmarshalDiscardBodyHandler) 3661 return 3662} 3663 3664// DisableAWSServiceAccess API operation for AWS Organizations. 3665// 3666// Disables the integration of an AWS service (the service that is specified 3667// by ServicePrincipal) with AWS Organizations. When you disable integration, 3668// the specified service no longer can create a service-linked role (http://docs.aws.amazon.com/IAM/latest/UserGuide/using-service-linked-roles.html) 3669// in new accounts in your organization. This means the service can't perform 3670// operations on your behalf on any new accounts in your organization. The service 3671// can still perform operations in older accounts until the service completes 3672// its clean-up from AWS Organizations. 3673// 3674// We recommend that you disable integration between AWS Organizations and the 3675// specified AWS service by using the console or commands that are provided 3676// by the specified service. Doing so ensures that the other service is aware 3677// that it can clean up any resources that are required only for the integration. 3678// How the service cleans up its resources in the organization's accounts depends 3679// on that service. For more information, see the documentation for the other 3680// AWS service. 3681// 3682// After you perform the DisableAWSServiceAccessoperation, the specified service can no longer perform operations in your 3683// organization's accounts unless the operations are explicitly permitted by 3684// the IAM policies that are attached to your roles. 3685// 3686// For more information about integrating other services with AWS Organizations, 3687// including the list of services that work with Organizations, see Integrating 3688// AWS Organizations with Other AWS Services (http://docs.aws.amazon.com/organizations/latest/userguide/orgs_integrate_services.html)in the AWS Organizations User Guide 3689// 3690// Returns awserr.Error for service API and SDK errors. Use runtime type assertions 3691// with awserr.Error's Code and Message methods to get detailed information about 3692// the error. 3693// 3694// See the AWS API reference guide for AWS Organizations's 3695// API operation DisableAWSServiceAccess for usage and error information. 3696// 3697// Returned Error Codes: 3698// * ErrCodeAccessDeniedException "AccessDeniedException" 3699// You don't have permissions to perform the requested operation. The user or 3700// role that is making the request must have at least one IAM permissions policy 3701// attached that grants the required permissions. For more information, see 3702// Access Management (http://docs.aws.amazon.com/IAM/latest/UserGuide/access.html) 3703// in the IAM User Guide. 3704// 3705// * ErrCodeAWSOrganizationsNotInUseException "AWSOrganizationsNotInUseException" 3706// Your account is not a member of an organization. To make this request, you 3707// must use the credentials of an account that belongs to an organization. 3708// 3709// * ErrCodeConcurrentModificationException "ConcurrentModificationException" 3710// The target of the operation is currently being modified by a different request. 3711// Try again later. 3712// 3713// * ErrCodeConstraintViolationException "ConstraintViolationException" 3714// Performing this operation violates a minimum or maximum value limit. For 3715// example, attempting to removing the last SCP from an OU or root, inviting 3716// or creating too many accounts to the organization, or attaching too many 3717// policies to an account, OU, or root. This exception includes a reason that 3718// contains additional information about the violated limit: 3719// 3720// Some of the reasons in the following list might not be applicable to this 3721// specific API or operation: 3722// 3723// ACCOUNT_NUMBER_LIMIT_EXCEEDED: You attempted to exceed the limit on the number 3724// of accounts in an organization. If you need more accounts, contact AWS Support 3725// to request an increase in your limit. 3726// 3727// Or, The number of invitations that you tried to send would cause you to exceed 3728// the limit of accounts in your organization. Send fewer invitations, or contact 3729// AWS Support to request an increase in the number of accounts. 3730// 3731// Note: deleted and closed accounts still count toward your limit. 3732// 3733// If you get an exception that indicates that you exceeded your account limits 3734// for the organization or that you can"t add an account because your organization 3735// is still initializing, please contact AWS Customer Support (https://console.aws.amazon.com/support/home#/). 3736// 3737// * HANDSHAKE_RATE_LIMIT_EXCEEDED: You attempted to exceed the number of 3738// handshakes you can send in one day. 3739// 3740// * OU_NUMBER_LIMIT_EXCEEDED: You attempted to exceed the number of organizational 3741// units you can have in an organization. 3742// 3743// * OU_DEPTH_LIMIT_EXCEEDED: You attempted to create an organizational unit 3744// tree that is too many levels deep. 3745// 3746// * POLICY_NUMBER_LIMIT_EXCEEDED. You attempted to exceed the number of 3747// policies that you can have in an organization. 3748// 3749// * MAX_POLICY_TYPE_ATTACHMENT_LIMIT_EXCEEDED: You attempted to exceed the 3750// number of policies of a certain type that can be attached to an entity 3751// at one time. 3752// 3753// * MIN_POLICY_TYPE_ATTACHMENT_LIMIT_EXCEEDED: You attempted to detach a 3754// policy from an entity that would cause the entity to have fewer than the 3755// minimum number of policies of a certain type required. 3756// 3757// * ACCOUNT_CANNOT_LEAVE_WITHOUT_EULA: You attempted to remove an account 3758// from the organization that does not yet have enough information to exist 3759// as a stand-alone account. This account requires you to first agree to 3760// the AWS Customer Agreement. Follow the steps at To leave an organization 3761// when all required account information has not yet been provided (http://docs.aws.amazon.com/organizations/latest/userguide/orgs_manage_accounts_remove.html#leave-without-all-info) 3762// in the AWS Organizations User Guide. 3763// 3764// * ACCOUNT_CANNOT_LEAVE_WITHOUT_PHONE_VERIFICATION: You attempted to remove 3765// an account from the organization that does not yet have enough information 3766// to exist as a stand-alone account. This account requires you to first 3767// complete phone verification. Follow the steps at To leave an organization 3768// when all required account information has not yet been provided (http://docs.aws.amazon.com/organizations/latest/userguide/orgs_manage_accounts_remove.html#leave-without-all-info) 3769// in the AWS Organizations User Guide. 3770// 3771// * MASTER_ACCOUNT_PAYMENT_INSTRUMENT_REQUIRED: To create an organization 3772// with this account, you first must associate a payment instrument, such 3773// as a credit card, with the account. Follow the steps at To leave an organization 3774// when all required account information has not yet been provided (http://docs.aws.amazon.com/organizations/latest/userguide/orgs_manage_accounts_remove.html#leave-without-all-info) 3775// in the AWS Organizations User Guide. 3776// 3777// * MEMBER_ACCOUNT_PAYMENT_INSTRUMENT_REQUIRED: To complete this operation 3778// with this member account, you first must associate a payment instrument, 3779// such as a credit card, with the account. Follow the steps at To leave 3780// an organization when all required account information has not yet been 3781// provided (http://docs.aws.amazon.com/organizations/latest/userguide/orgs_manage_accounts_remove.html#leave-without-all-info) 3782// in the AWS Organizations User Guide. 3783// 3784// * ACCOUNT_CREATION_RATE_LIMIT_EXCEEDED: You attempted to exceed the number 3785// of accounts that you can create in one day. 3786// 3787// * MASTER_ACCOUNT_ADDRESS_DOES_NOT_MATCH_MARKETPLACE: To create an account 3788// in this organization, you first must migrate the organization's master 3789// account to the marketplace that corresponds to the master account's address. 3790// For example, accounts with India addresses must be associated with the 3791// AISPL marketplace. All accounts in an organization must be associated 3792// with the same marketplace. 3793// 3794// * MASTER_ACCOUNT_MISSING_CONTACT_INFO: To complete this operation, you 3795// must first provide contact a valid address and phone number for the master 3796// account. Then try the operation again. 3797// 3798// * ErrCodeInvalidInputException "InvalidInputException" 3799// The requested operation failed because you provided invalid values for one 3800// or more of the request parameters. This exception includes a reason that 3801// contains additional information about the violated limit: 3802// 3803// Some of the reasons in the following list might not be applicable to this 3804// specific API or operation: 3805// 3806// * INVALID_PARTY_TYPE_TARGET: You specified the wrong type of entity (account, 3807// organization, or email) as a party. 3808// 3809// * INVALID_SYNTAX_ORGANIZATION_ARN: You specified an invalid ARN for the 3810// organization. 3811// 3812// * INVALID_SYNTAX_POLICY_ID: You specified an invalid policy ID. 3813// 3814// * INVALID_ENUM: You specified a value that is not valid for that parameter. 3815// 3816// * INVALID_FULL_NAME_TARGET: You specified a full name that contains invalid 3817// characters. 3818// 3819// * INVALID_LIST_MEMBER: You provided a list to a parameter that contains 3820// at least one invalid value. 3821// 3822// * MAX_LENGTH_EXCEEDED: You provided a string parameter that is longer 3823// than allowed. 3824// 3825// * MAX_VALUE_EXCEEDED: You provided a numeric parameter that has a larger 3826// value than allowed. 3827// 3828// * MIN_LENGTH_EXCEEDED: You provided a string parameter that is shorter 3829// than allowed. 3830// 3831// * MIN_VALUE_EXCEEDED: You provided a numeric parameter that has a smaller 3832// value than allowed. 3833// 3834// * IMMUTABLE_POLICY: You specified a policy that is managed by AWS and 3835// cannot be modified. 3836// 3837// * INVALID_PATTERN: You provided a value that doesn't match the required 3838// pattern. 3839// 3840// * INVALID_PATTERN_TARGET_ID: You specified a policy target ID that doesn't 3841// match the required pattern. 3842// 3843// * INPUT_REQUIRED: You must include a value for all required parameters. 3844// 3845// * INVALID_PAGINATION_TOKEN: Get the value for the NextToken parameter 3846// from the response to a previous call of the operation. 3847// 3848// * MAX_FILTER_LIMIT_EXCEEDED: You can specify only one filter parameter 3849// for the operation. 3850// 3851// * MOVING_ACCOUNT_BETWEEN_DIFFERENT_ROOTS: You can move an account only 3852// between entities in the same root. 3853// 3854// * ErrCodeServiceException "ServiceException" 3855// AWS Organizations can't complete your request because of an internal service 3856// error. Try again later. 3857// 3858// * ErrCodeTooManyRequestsException "TooManyRequestsException" 3859// You've sent too many requests in too short a period of time. The limit helps 3860// protect against denial-of-service attacks. Try again later. 3861// 3862// See also, https://docs.aws.amazon.com/goto/WebAPI/organizations-2016-11-28/DisableAWSServiceAccess 3863func (c *Organizations) DisableAWSServiceAccess(input *DisableAWSServiceAccessInput) (*DisableAWSServiceAccessOutput, error) { 3864 req, out := c.DisableAWSServiceAccessRequest(input) 3865 return out, req.Send() 3866} 3867 3868// DisableAWSServiceAccessWithContext is the same as DisableAWSServiceAccess with the addition of 3869// the ability to pass a context and additional request options. 3870// 3871// See DisableAWSServiceAccess for details on how to use this API operation. 3872// 3873// The context must be non-nil and will be used for request cancellation. If 3874// the context is nil a panic will occur. In the future the SDK may create 3875// sub-contexts for http.Requests. See https://golang.org/pkg/context/ 3876// for more information on using Contexts. 3877func (c *Organizations) DisableAWSServiceAccessWithContext(ctx aws.Context, input *DisableAWSServiceAccessInput, opts ...request.Option) (*DisableAWSServiceAccessOutput, error) { 3878 req, out := c.DisableAWSServiceAccessRequest(input) 3879 req.SetContext(ctx) 3880 req.ApplyOptions(opts...) 3881 return out, req.Send() 3882} 3883 3884const opDisablePolicyType = "DisablePolicyType" 3885 3886// DisablePolicyTypeRequest generates a "aws/request.Request" representing the 3887// client's request for the DisablePolicyType operation. The "output" return 3888// value will be populated with the request's response once the request complets 3889// successfuly. 3890// 3891// Use "Send" method on the returned Request to send the API call to the service. 3892// the "output" return value is not valid until after Send returns without error. 3893// 3894// See DisablePolicyType for more information on using the DisablePolicyType 3895// API call, and error handling. 3896// 3897// This method is useful when you want to inject custom logic or configuration 3898// into the SDK's request lifecycle. Such as custom headers, or retry logic. 3899// 3900// 3901// // Example sending a request using the DisablePolicyTypeRequest method. 3902// req, resp := client.DisablePolicyTypeRequest(params) 3903// 3904// err := req.Send() 3905// if err == nil { // resp is now filled 3906// fmt.Println(resp) 3907// } 3908// 3909// See also, https://docs.aws.amazon.com/goto/WebAPI/organizations-2016-11-28/DisablePolicyType 3910func (c *Organizations) DisablePolicyTypeRequest(input *DisablePolicyTypeInput) (req *request.Request, output *DisablePolicyTypeOutput) { 3911 op := &request.Operation{ 3912 Name: opDisablePolicyType, 3913 HTTPMethod: "POST", 3914 HTTPPath: "/", 3915 } 3916 3917 if input == nil { 3918 input = &DisablePolicyTypeInput{} 3919 } 3920 3921 output = &DisablePolicyTypeOutput{} 3922 req = c.newRequest(op, input, output) 3923 return 3924} 3925 3926// DisablePolicyType API operation for AWS Organizations. 3927// 3928// Disables an organizational control policy type in a root. A policy of a certain 3929// type can be attached to entities in a root only if that type is enabled in 3930// the root. After you perform this operation, you no longer can attach policies 3931// of the specified type to that root or to any OU or account in that root. 3932// You can undo this by using the EnablePolicyType operation. 3933// 3934// This operation can be called only from the organization's master account. 3935// 3936// Returns awserr.Error for service API and SDK errors. Use runtime type assertions 3937// with awserr.Error's Code and Message methods to get detailed information about 3938// the error. 3939// 3940// See the AWS API reference guide for AWS Organizations's 3941// API operation DisablePolicyType for usage and error information. 3942// 3943// Returned Error Codes: 3944// * ErrCodeAccessDeniedException "AccessDeniedException" 3945// You don't have permissions to perform the requested operation. The user or 3946// role that is making the request must have at least one IAM permissions policy 3947// attached that grants the required permissions. For more information, see 3948// Access Management (http://docs.aws.amazon.com/IAM/latest/UserGuide/access.html) 3949// in the IAM User Guide. 3950// 3951// * ErrCodeAWSOrganizationsNotInUseException "AWSOrganizationsNotInUseException" 3952// Your account is not a member of an organization. To make this request, you 3953// must use the credentials of an account that belongs to an organization. 3954// 3955// * ErrCodeConcurrentModificationException "ConcurrentModificationException" 3956// The target of the operation is currently being modified by a different request. 3957// Try again later. 3958// 3959// * ErrCodeConstraintViolationException "ConstraintViolationException" 3960// Performing this operation violates a minimum or maximum value limit. For 3961// example, attempting to removing the last SCP from an OU or root, inviting 3962// or creating too many accounts to the organization, or attaching too many 3963// policies to an account, OU, or root. This exception includes a reason that 3964// contains additional information about the violated limit: 3965// 3966// Some of the reasons in the following list might not be applicable to this 3967// specific API or operation: 3968// 3969// ACCOUNT_NUMBER_LIMIT_EXCEEDED: You attempted to exceed the limit on the number 3970// of accounts in an organization. If you need more accounts, contact AWS Support 3971// to request an increase in your limit. 3972// 3973// Or, The number of invitations that you tried to send would cause you to exceed 3974// the limit of accounts in your organization. Send fewer invitations, or contact 3975// AWS Support to request an increase in the number of accounts. 3976// 3977// Note: deleted and closed accounts still count toward your limit. 3978// 3979// If you get an exception that indicates that you exceeded your account limits 3980// for the organization or that you can"t add an account because your organization 3981// is still initializing, please contact AWS Customer Support (https://console.aws.amazon.com/support/home#/). 3982// 3983// * HANDSHAKE_RATE_LIMIT_EXCEEDED: You attempted to exceed the number of 3984// handshakes you can send in one day. 3985// 3986// * OU_NUMBER_LIMIT_EXCEEDED: You attempted to exceed the number of organizational 3987// units you can have in an organization. 3988// 3989// * OU_DEPTH_LIMIT_EXCEEDED: You attempted to create an organizational unit 3990// tree that is too many levels deep. 3991// 3992// * POLICY_NUMBER_LIMIT_EXCEEDED. You attempted to exceed the number of 3993// policies that you can have in an organization. 3994// 3995// * MAX_POLICY_TYPE_ATTACHMENT_LIMIT_EXCEEDED: You attempted to exceed the 3996// number of policies of a certain type that can be attached to an entity 3997// at one time. 3998// 3999// * MIN_POLICY_TYPE_ATTACHMENT_LIMIT_EXCEEDED: You attempted to detach a 4000// policy from an entity that would cause the entity to have fewer than the 4001// minimum number of policies of a certain type required. 4002// 4003// * ACCOUNT_CANNOT_LEAVE_WITHOUT_EULA: You attempted to remove an account 4004// from the organization that does not yet have enough information to exist 4005// as a stand-alone account. This account requires you to first agree to 4006// the AWS Customer Agreement. Follow the steps at To leave an organization 4007// when all required account information has not yet been provided (http://docs.aws.amazon.com/organizations/latest/userguide/orgs_manage_accounts_remove.html#leave-without-all-info) 4008// in the AWS Organizations User Guide. 4009// 4010// * ACCOUNT_CANNOT_LEAVE_WITHOUT_PHONE_VERIFICATION: You attempted to remove 4011// an account from the organization that does not yet have enough information 4012// to exist as a stand-alone account. This account requires you to first 4013// complete phone verification. Follow the steps at To leave an organization 4014// when all required account information has not yet been provided (http://docs.aws.amazon.com/organizations/latest/userguide/orgs_manage_accounts_remove.html#leave-without-all-info) 4015// in the AWS Organizations User Guide. 4016// 4017// * MASTER_ACCOUNT_PAYMENT_INSTRUMENT_REQUIRED: To create an organization 4018// with this account, you first must associate a payment instrument, such 4019// as a credit card, with the account. Follow the steps at To leave an organization 4020// when all required account information has not yet been provided (http://docs.aws.amazon.com/organizations/latest/userguide/orgs_manage_accounts_remove.html#leave-without-all-info) 4021// in the AWS Organizations User Guide. 4022// 4023// * MEMBER_ACCOUNT_PAYMENT_INSTRUMENT_REQUIRED: To complete this operation 4024// with this member account, you first must associate a payment instrument, 4025// such as a credit card, with the account. Follow the steps at To leave 4026// an organization when all required account information has not yet been 4027// provided (http://docs.aws.amazon.com/organizations/latest/userguide/orgs_manage_accounts_remove.html#leave-without-all-info) 4028// in the AWS Organizations User Guide. 4029// 4030// * ACCOUNT_CREATION_RATE_LIMIT_EXCEEDED: You attempted to exceed the number 4031// of accounts that you can create in one day. 4032// 4033// * MASTER_ACCOUNT_ADDRESS_DOES_NOT_MATCH_MARKETPLACE: To create an account 4034// in this organization, you first must migrate the organization's master 4035// account to the marketplace that corresponds to the master account's address. 4036// For example, accounts with India addresses must be associated with the 4037// AISPL marketplace. All accounts in an organization must be associated 4038// with the same marketplace. 4039// 4040// * MASTER_ACCOUNT_MISSING_CONTACT_INFO: To complete this operation, you 4041// must first provide contact a valid address and phone number for the master 4042// account. Then try the operation again. 4043// 4044// * ErrCodeInvalidInputException "InvalidInputException" 4045// The requested operation failed because you provided invalid values for one 4046// or more of the request parameters. This exception includes a reason that 4047// contains additional information about the violated limit: 4048// 4049// Some of the reasons in the following list might not be applicable to this 4050// specific API or operation: 4051// 4052// * INVALID_PARTY_TYPE_TARGET: You specified the wrong type of entity (account, 4053// organization, or email) as a party. 4054// 4055// * INVALID_SYNTAX_ORGANIZATION_ARN: You specified an invalid ARN for the 4056// organization. 4057// 4058// * INVALID_SYNTAX_POLICY_ID: You specified an invalid policy ID. 4059// 4060// * INVALID_ENUM: You specified a value that is not valid for that parameter. 4061// 4062// * INVALID_FULL_NAME_TARGET: You specified a full name that contains invalid 4063// characters. 4064// 4065// * INVALID_LIST_MEMBER: You provided a list to a parameter that contains 4066// at least one invalid value. 4067// 4068// * MAX_LENGTH_EXCEEDED: You provided a string parameter that is longer 4069// than allowed. 4070// 4071// * MAX_VALUE_EXCEEDED: You provided a numeric parameter that has a larger 4072// value than allowed. 4073// 4074// * MIN_LENGTH_EXCEEDED: You provided a string parameter that is shorter 4075// than allowed. 4076// 4077// * MIN_VALUE_EXCEEDED: You provided a numeric parameter that has a smaller 4078// value than allowed. 4079// 4080// * IMMUTABLE_POLICY: You specified a policy that is managed by AWS and 4081// cannot be modified. 4082// 4083// * INVALID_PATTERN: You provided a value that doesn't match the required 4084// pattern. 4085// 4086// * INVALID_PATTERN_TARGET_ID: You specified a policy target ID that doesn't 4087// match the required pattern. 4088// 4089// * INPUT_REQUIRED: You must include a value for all required parameters. 4090// 4091// * INVALID_PAGINATION_TOKEN: Get the value for the NextToken parameter 4092// from the response to a previous call of the operation. 4093// 4094// * MAX_FILTER_LIMIT_EXCEEDED: You can specify only one filter parameter 4095// for the operation. 4096// 4097// * MOVING_ACCOUNT_BETWEEN_DIFFERENT_ROOTS: You can move an account only 4098// between entities in the same root. 4099// 4100// * ErrCodePolicyTypeNotEnabledException "PolicyTypeNotEnabledException" 4101// The specified policy type is not currently enabled in this root. You cannot 4102// attach policies of the specified type to entities in a root until you enable 4103// that type in the root. For more information, see Enabling All Features in 4104// Your Organization (http://docs.aws.amazon.com/organizations/latest/userguide/orgs_manage_org_support-all-features.html) 4105// in the AWS Organizations User Guide. 4106// 4107// * ErrCodeRootNotFoundException "RootNotFoundException" 4108// We can't find a root with the RootId that you specified. 4109// 4110// * ErrCodeServiceException "ServiceException" 4111// AWS Organizations can't complete your request because of an internal service 4112// error. Try again later. 4113// 4114// * ErrCodeTooManyRequestsException "TooManyRequestsException" 4115// You've sent too many requests in too short a period of time. The limit helps 4116// protect against denial-of-service attacks. Try again later. 4117// 4118// See also, https://docs.aws.amazon.com/goto/WebAPI/organizations-2016-11-28/DisablePolicyType 4119func (c *Organizations) DisablePolicyType(input *DisablePolicyTypeInput) (*DisablePolicyTypeOutput, error) { 4120 req, out := c.DisablePolicyTypeRequest(input) 4121 return out, req.Send() 4122} 4123 4124// DisablePolicyTypeWithContext is the same as DisablePolicyType with the addition of 4125// the ability to pass a context and additional request options. 4126// 4127// See DisablePolicyType for details on how to use this API operation. 4128// 4129// The context must be non-nil and will be used for request cancellation. If 4130// the context is nil a panic will occur. In the future the SDK may create 4131// sub-contexts for http.Requests. See https://golang.org/pkg/context/ 4132// for more information on using Contexts. 4133func (c *Organizations) DisablePolicyTypeWithContext(ctx aws.Context, input *DisablePolicyTypeInput, opts ...request.Option) (*DisablePolicyTypeOutput, error) { 4134 req, out := c.DisablePolicyTypeRequest(input) 4135 req.SetContext(ctx) 4136 req.ApplyOptions(opts...) 4137 return out, req.Send() 4138} 4139 4140const opEnableAWSServiceAccess = "EnableAWSServiceAccess" 4141 4142// EnableAWSServiceAccessRequest generates a "aws/request.Request" representing the 4143// client's request for the EnableAWSServiceAccess operation. The "output" return 4144// value will be populated with the request's response once the request complets 4145// successfuly. 4146// 4147// Use "Send" method on the returned Request to send the API call to the service. 4148// the "output" return value is not valid until after Send returns without error. 4149// 4150// See EnableAWSServiceAccess for more information on using the EnableAWSServiceAccess 4151// API call, and error handling. 4152// 4153// This method is useful when you want to inject custom logic or configuration 4154// into the SDK's request lifecycle. Such as custom headers, or retry logic. 4155// 4156// 4157// // Example sending a request using the EnableAWSServiceAccessRequest method. 4158// req, resp := client.EnableAWSServiceAccessRequest(params) 4159// 4160// err := req.Send() 4161// if err == nil { // resp is now filled 4162// fmt.Println(resp) 4163// } 4164// 4165// See also, https://docs.aws.amazon.com/goto/WebAPI/organizations-2016-11-28/EnableAWSServiceAccess 4166func (c *Organizations) EnableAWSServiceAccessRequest(input *EnableAWSServiceAccessInput) (req *request.Request, output *EnableAWSServiceAccessOutput) { 4167 op := &request.Operation{ 4168 Name: opEnableAWSServiceAccess, 4169 HTTPMethod: "POST", 4170 HTTPPath: "/", 4171 } 4172 4173 if input == nil { 4174 input = &EnableAWSServiceAccessInput{} 4175 } 4176 4177 output = &EnableAWSServiceAccessOutput{} 4178 req = c.newRequest(op, input, output) 4179 req.Handlers.Unmarshal.Remove(jsonrpc.UnmarshalHandler) 4180 req.Handlers.Unmarshal.PushBackNamed(protocol.UnmarshalDiscardBodyHandler) 4181 return 4182} 4183 4184// EnableAWSServiceAccess API operation for AWS Organizations. 4185// 4186// Enables the integration of an AWS service (the service that is specified 4187// by ServicePrincipal) with AWS Organizations. When you enable integration, 4188// you allow the specified service to create a service-linked role (http://docs.aws.amazon.com/IAM/latest/UserGuide/using-service-linked-roles.html) 4189// in all the accounts in your organization. This allows the service to perform 4190// operations on your behalf in your organization and its accounts. 4191// 4192// We recommend that you enable integration between AWS Organizations and the 4193// specified AWS service by using the console or commands that are provided 4194// by the specified service. Doing so ensures that the service is aware that 4195// it can create the resources that are required for the integration. How the 4196// service creates those resources in the organization's accounts depends on 4197// that service. For more information, see the documentation for the other AWS 4198// service. 4199// 4200// For more information about enabling services to integrate with AWS Organizations, 4201// see Integrating AWS Organizations with Other AWS Services (http://docs.aws.amazon.com/organizations/latest/userguide/orgs_integrate_services.html) 4202// in the AWS Organizations User Guide. 4203// 4204// This operation can be called only from the organization's master account 4205// and only if the organization has enabled all features (http://docs.aws.amazon.com/organizations/latest/userguide/orgs_manage_org_support-all-features.html). 4206// 4207// Returns awserr.Error for service API and SDK errors. Use runtime type assertions 4208// with awserr.Error's Code and Message methods to get detailed information about 4209// the error. 4210// 4211// See the AWS API reference guide for AWS Organizations's 4212// API operation EnableAWSServiceAccess for usage and error information. 4213// 4214// Returned Error Codes: 4215// * ErrCodeAccessDeniedException "AccessDeniedException" 4216// You don't have permissions to perform the requested operation. The user or 4217// role that is making the request must have at least one IAM permissions policy 4218// attached that grants the required permissions. For more information, see 4219// Access Management (http://docs.aws.amazon.com/IAM/latest/UserGuide/access.html) 4220// in the IAM User Guide. 4221// 4222// * ErrCodeAWSOrganizationsNotInUseException "AWSOrganizationsNotInUseException" 4223// Your account is not a member of an organization. To make this request, you 4224// must use the credentials of an account that belongs to an organization. 4225// 4226// * ErrCodeConcurrentModificationException "ConcurrentModificationException" 4227// The target of the operation is currently being modified by a different request. 4228// Try again later. 4229// 4230// * ErrCodeConstraintViolationException "ConstraintViolationException" 4231// Performing this operation violates a minimum or maximum value limit. For 4232// example, attempting to removing the last SCP from an OU or root, inviting 4233// or creating too many accounts to the organization, or attaching too many 4234// policies to an account, OU, or root. This exception includes a reason that 4235// contains additional information about the violated limit: 4236// 4237// Some of the reasons in the following list might not be applicable to this 4238// specific API or operation: 4239// 4240// ACCOUNT_NUMBER_LIMIT_EXCEEDED: You attempted to exceed the limit on the number 4241// of accounts in an organization. If you need more accounts, contact AWS Support 4242// to request an increase in your limit. 4243// 4244// Or, The number of invitations that you tried to send would cause you to exceed 4245// the limit of accounts in your organization. Send fewer invitations, or contact 4246// AWS Support to request an increase in the number of accounts. 4247// 4248// Note: deleted and closed accounts still count toward your limit. 4249// 4250// If you get an exception that indicates that you exceeded your account limits 4251// for the organization or that you can"t add an account because your organization 4252// is still initializing, please contact AWS Customer Support (https://console.aws.amazon.com/support/home#/). 4253// 4254// * HANDSHAKE_RATE_LIMIT_EXCEEDED: You attempted to exceed the number of 4255// handshakes you can send in one day. 4256// 4257// * OU_NUMBER_LIMIT_EXCEEDED: You attempted to exceed the number of organizational 4258// units you can have in an organization. 4259// 4260// * OU_DEPTH_LIMIT_EXCEEDED: You attempted to create an organizational unit 4261// tree that is too many levels deep. 4262// 4263// * POLICY_NUMBER_LIMIT_EXCEEDED. You attempted to exceed the number of 4264// policies that you can have in an organization. 4265// 4266// * MAX_POLICY_TYPE_ATTACHMENT_LIMIT_EXCEEDED: You attempted to exceed the 4267// number of policies of a certain type that can be attached to an entity 4268// at one time. 4269// 4270// * MIN_POLICY_TYPE_ATTACHMENT_LIMIT_EXCEEDED: You attempted to detach a 4271// policy from an entity that would cause the entity to have fewer than the 4272// minimum number of policies of a certain type required. 4273// 4274// * ACCOUNT_CANNOT_LEAVE_WITHOUT_EULA: You attempted to remove an account 4275// from the organization that does not yet have enough information to exist 4276// as a stand-alone account. This account requires you to first agree to 4277// the AWS Customer Agreement. Follow the steps at To leave an organization 4278// when all required account information has not yet been provided (http://docs.aws.amazon.com/organizations/latest/userguide/orgs_manage_accounts_remove.html#leave-without-all-info) 4279// in the AWS Organizations User Guide. 4280// 4281// * ACCOUNT_CANNOT_LEAVE_WITHOUT_PHONE_VERIFICATION: You attempted to remove 4282// an account from the organization that does not yet have enough information 4283// to exist as a stand-alone account. This account requires you to first 4284// complete phone verification. Follow the steps at To leave an organization 4285// when all required account information has not yet been provided (http://docs.aws.amazon.com/organizations/latest/userguide/orgs_manage_accounts_remove.html#leave-without-all-info) 4286// in the AWS Organizations User Guide. 4287// 4288// * MASTER_ACCOUNT_PAYMENT_INSTRUMENT_REQUIRED: To create an organization 4289// with this account, you first must associate a payment instrument, such 4290// as a credit card, with the account. Follow the steps at To leave an organization 4291// when all required account information has not yet been provided (http://docs.aws.amazon.com/organizations/latest/userguide/orgs_manage_accounts_remove.html#leave-without-all-info) 4292// in the AWS Organizations User Guide. 4293// 4294// * MEMBER_ACCOUNT_PAYMENT_INSTRUMENT_REQUIRED: To complete this operation 4295// with this member account, you first must associate a payment instrument, 4296// such as a credit card, with the account. Follow the steps at To leave 4297// an organization when all required account information has not yet been 4298// provided (http://docs.aws.amazon.com/organizations/latest/userguide/orgs_manage_accounts_remove.html#leave-without-all-info) 4299// in the AWS Organizations User Guide. 4300// 4301// * ACCOUNT_CREATION_RATE_LIMIT_EXCEEDED: You attempted to exceed the number 4302// of accounts that you can create in one day. 4303// 4304// * MASTER_ACCOUNT_ADDRESS_DOES_NOT_MATCH_MARKETPLACE: To create an account 4305// in this organization, you first must migrate the organization's master 4306// account to the marketplace that corresponds to the master account's address. 4307// For example, accounts with India addresses must be associated with the 4308// AISPL marketplace. All accounts in an organization must be associated 4309// with the same marketplace. 4310// 4311// * MASTER_ACCOUNT_MISSING_CONTACT_INFO: To complete this operation, you 4312// must first provide contact a valid address and phone number for the master 4313// account. Then try the operation again. 4314// 4315// * ErrCodeInvalidInputException "InvalidInputException" 4316// The requested operation failed because you provided invalid values for one 4317// or more of the request parameters. This exception includes a reason that 4318// contains additional information about the violated limit: 4319// 4320// Some of the reasons in the following list might not be applicable to this 4321// specific API or operation: 4322// 4323// * INVALID_PARTY_TYPE_TARGET: You specified the wrong type of entity (account, 4324// organization, or email) as a party. 4325// 4326// * INVALID_SYNTAX_ORGANIZATION_ARN: You specified an invalid ARN for the 4327// organization. 4328// 4329// * INVALID_SYNTAX_POLICY_ID: You specified an invalid policy ID. 4330// 4331// * INVALID_ENUM: You specified a value that is not valid for that parameter. 4332// 4333// * INVALID_FULL_NAME_TARGET: You specified a full name that contains invalid 4334// characters. 4335// 4336// * INVALID_LIST_MEMBER: You provided a list to a parameter that contains 4337// at least one invalid value. 4338// 4339// * MAX_LENGTH_EXCEEDED: You provided a string parameter that is longer 4340// than allowed. 4341// 4342// * MAX_VALUE_EXCEEDED: You provided a numeric parameter that has a larger 4343// value than allowed. 4344// 4345// * MIN_LENGTH_EXCEEDED: You provided a string parameter that is shorter 4346// than allowed. 4347// 4348// * MIN_VALUE_EXCEEDED: You provided a numeric parameter that has a smaller 4349// value than allowed. 4350// 4351// * IMMUTABLE_POLICY: You specified a policy that is managed by AWS and 4352// cannot be modified. 4353// 4354// * INVALID_PATTERN: You provided a value that doesn't match the required 4355// pattern. 4356// 4357// * INVALID_PATTERN_TARGET_ID: You specified a policy target ID that doesn't 4358// match the required pattern. 4359// 4360// * INPUT_REQUIRED: You must include a value for all required parameters. 4361// 4362// * INVALID_PAGINATION_TOKEN: Get the value for the NextToken parameter 4363// from the response to a previous call of the operation. 4364// 4365// * MAX_FILTER_LIMIT_EXCEEDED: You can specify only one filter parameter 4366// for the operation. 4367// 4368// * MOVING_ACCOUNT_BETWEEN_DIFFERENT_ROOTS: You can move an account only 4369// between entities in the same root. 4370// 4371// * ErrCodeServiceException "ServiceException" 4372// AWS Organizations can't complete your request because of an internal service 4373// error. Try again later. 4374// 4375// * ErrCodeTooManyRequestsException "TooManyRequestsException" 4376// You've sent too many requests in too short a period of time. The limit helps 4377// protect against denial-of-service attacks. Try again later. 4378// 4379// See also, https://docs.aws.amazon.com/goto/WebAPI/organizations-2016-11-28/EnableAWSServiceAccess 4380func (c *Organizations) EnableAWSServiceAccess(input *EnableAWSServiceAccessInput) (*EnableAWSServiceAccessOutput, error) { 4381 req, out := c.EnableAWSServiceAccessRequest(input) 4382 return out, req.Send() 4383} 4384 4385// EnableAWSServiceAccessWithContext is the same as EnableAWSServiceAccess with the addition of 4386// the ability to pass a context and additional request options. 4387// 4388// See EnableAWSServiceAccess for details on how to use this API operation. 4389// 4390// The context must be non-nil and will be used for request cancellation. If 4391// the context is nil a panic will occur. In the future the SDK may create 4392// sub-contexts for http.Requests. See https://golang.org/pkg/context/ 4393// for more information on using Contexts. 4394func (c *Organizations) EnableAWSServiceAccessWithContext(ctx aws.Context, input *EnableAWSServiceAccessInput, opts ...request.Option) (*EnableAWSServiceAccessOutput, error) { 4395 req, out := c.EnableAWSServiceAccessRequest(input) 4396 req.SetContext(ctx) 4397 req.ApplyOptions(opts...) 4398 return out, req.Send() 4399} 4400 4401const opEnableAllFeatures = "EnableAllFeatures" 4402 4403// EnableAllFeaturesRequest generates a "aws/request.Request" representing the 4404// client's request for the EnableAllFeatures operation. The "output" return 4405// value will be populated with the request's response once the request complets 4406// successfuly. 4407// 4408// Use "Send" method on the returned Request to send the API call to the service. 4409// the "output" return value is not valid until after Send returns without error. 4410// 4411// See EnableAllFeatures for more information on using the EnableAllFeatures 4412// API call, and error handling. 4413// 4414// This method is useful when you want to inject custom logic or configuration 4415// into the SDK's request lifecycle. Such as custom headers, or retry logic. 4416// 4417// 4418// // Example sending a request using the EnableAllFeaturesRequest method. 4419// req, resp := client.EnableAllFeaturesRequest(params) 4420// 4421// err := req.Send() 4422// if err == nil { // resp is now filled 4423// fmt.Println(resp) 4424// } 4425// 4426// See also, https://docs.aws.amazon.com/goto/WebAPI/organizations-2016-11-28/EnableAllFeatures 4427func (c *Organizations) EnableAllFeaturesRequest(input *EnableAllFeaturesInput) (req *request.Request, output *EnableAllFeaturesOutput) { 4428 op := &request.Operation{ 4429 Name: opEnableAllFeatures, 4430 HTTPMethod: "POST", 4431 HTTPPath: "/", 4432 } 4433 4434 if input == nil { 4435 input = &EnableAllFeaturesInput{} 4436 } 4437 4438 output = &EnableAllFeaturesOutput{} 4439 req = c.newRequest(op, input, output) 4440 return 4441} 4442 4443// EnableAllFeatures API operation for AWS Organizations. 4444// 4445// Enables all features in an organization. This enables the use of organization 4446// policies that can restrict the services and actions that can be called in 4447// each account. Until you enable all features, you have access only to consolidated 4448// billing, and you can't use any of the advanced account administration features 4449// that AWS Organizations supports. For more information, see Enabling All Features 4450// in Your Organization (http://docs.aws.amazon.com/organizations/latest/userguide/orgs_manage_org_support-all-features.html) 4451// in the AWS Organizations User Guide. 4452// 4453// This operation is required only for organizations that were created explicitly 4454// with only the consolidated billing features enabled, or that were migrated 4455// from a Consolidated Billing account family to Organizations. Calling this 4456// operation sends a handshake to every invited account in the organization. 4457// The feature set change can be finalized and the additional features enabled 4458// only after all administrators in the invited accounts approve the change 4459// by accepting the handshake. 4460// 4461// After all invited member accounts accept the handshake, you finalize the 4462// feature set change by accepting the handshake that contains "Action": "ENABLE_ALL_FEATURES". 4463// This completes the change. 4464// 4465// After you enable all features in your organization, the master account in 4466// the organization can apply policies on all member accounts. These policies 4467// can restrict what users and even administrators in those accounts can do. 4468// The master account can apply policies that prevent accounts from leaving 4469// the organization. Ensure that your account administrators are aware of this. 4470// 4471// This operation can be called only from the organization's master account. 4472// 4473// Returns awserr.Error for service API and SDK errors. Use runtime type assertions 4474// with awserr.Error's Code and Message methods to get detailed information about 4475// the error. 4476// 4477// See the AWS API reference guide for AWS Organizations's 4478// API operation EnableAllFeatures for usage and error information. 4479// 4480// Returned Error Codes: 4481// * ErrCodeAccessDeniedException "AccessDeniedException" 4482// You don't have permissions to perform the requested operation. The user or 4483// role that is making the request must have at least one IAM permissions policy 4484// attached that grants the required permissions. For more information, see 4485// Access Management (http://docs.aws.amazon.com/IAM/latest/UserGuide/access.html) 4486// in the IAM User Guide. 4487// 4488// * ErrCodeAWSOrganizationsNotInUseException "AWSOrganizationsNotInUseException" 4489// Your account is not a member of an organization. To make this request, you 4490// must use the credentials of an account that belongs to an organization. 4491// 4492// * ErrCodeConcurrentModificationException "ConcurrentModificationException" 4493// The target of the operation is currently being modified by a different request. 4494// Try again later. 4495// 4496// * ErrCodeHandshakeConstraintViolationException "HandshakeConstraintViolationException" 4497// The requested operation would violate the constraint identified in the reason 4498// code. 4499// 4500// Some of the reasons in the following list might not be applicable to this 4501// specific API or operation: 4502// 4503// * ACCOUNT_NUMBER_LIMIT_EXCEEDED: You attempted to exceed the limit on 4504// the number of accounts in an organization. Note: deleted and closed accounts 4505// still count toward your limit. 4506// 4507// If you get an exception that indicates that you exceeded your account limits 4508// for the organization or that you can"t add an account because your organization 4509// is still initializing, please contact AWS Customer Support (https://console.aws.amazon.com/support/home#/). 4510// 4511// * HANDSHAKE_RATE_LIMIT_EXCEEDED: You attempted to exceed the number of 4512// handshakes you can send in one day. 4513// 4514// * ALREADY_IN_AN_ORGANIZATION: The handshake request is invalid because 4515// the invited account is already a member of an organization. 4516// 4517// * ORGANIZATION_ALREADY_HAS_ALL_FEATURES: The handshake request is invalid 4518// because the organization has already enabled all features. 4519// 4520// * INVITE_DISABLED_DURING_ENABLE_ALL_FEATURES: You cannot issue new invitations 4521// to join an organization while it is in the process of enabling all features. 4522// You can resume inviting accounts after you finalize the process when all 4523// accounts have agreed to the change. 4524// 4525// * PAYMENT_INSTRUMENT_REQUIRED: You cannot complete the operation with 4526// an account that does not have a payment instrument, such as a credit card, 4527// associated with it. 4528// 4529// * ORGANIZATION_FROM_DIFFERENT_SELLER_OF_RECORD: The request failed because 4530// the account is from a different marketplace than the accounts in the organization. 4531// For example, accounts with India addresses must be associated with the 4532// AISPL marketplace. All accounts in an organization must be from the same 4533// marketplace. 4534// 4535// * ORGANIZATION_MEMBERSHIP_CHANGE_RATE_LIMIT_EXCEEDED: You attempted to 4536// change the membership of an account too quickly after its previous change. 4537// 4538// * ErrCodeInvalidInputException "InvalidInputException" 4539// The requested operation failed because you provided invalid values for one 4540// or more of the request parameters. This exception includes a reason that 4541// contains additional information about the violated limit: 4542// 4543// Some of the reasons in the following list might not be applicable to this 4544// specific API or operation: 4545// 4546// * INVALID_PARTY_TYPE_TARGET: You specified the wrong type of entity (account, 4547// organization, or email) as a party. 4548// 4549// * INVALID_SYNTAX_ORGANIZATION_ARN: You specified an invalid ARN for the 4550// organization. 4551// 4552// * INVALID_SYNTAX_POLICY_ID: You specified an invalid policy ID. 4553// 4554// * INVALID_ENUM: You specified a value that is not valid for that parameter. 4555// 4556// * INVALID_FULL_NAME_TARGET: You specified a full name that contains invalid 4557// characters. 4558// 4559// * INVALID_LIST_MEMBER: You provided a list to a parameter that contains 4560// at least one invalid value. 4561// 4562// * MAX_LENGTH_EXCEEDED: You provided a string parameter that is longer 4563// than allowed. 4564// 4565// * MAX_VALUE_EXCEEDED: You provided a numeric parameter that has a larger 4566// value than allowed. 4567// 4568// * MIN_LENGTH_EXCEEDED: You provided a string parameter that is shorter 4569// than allowed. 4570// 4571// * MIN_VALUE_EXCEEDED: You provided a numeric parameter that has a smaller 4572// value than allowed. 4573// 4574// * IMMUTABLE_POLICY: You specified a policy that is managed by AWS and 4575// cannot be modified. 4576// 4577// * INVALID_PATTERN: You provided a value that doesn't match the required 4578// pattern. 4579// 4580// * INVALID_PATTERN_TARGET_ID: You specified a policy target ID that doesn't 4581// match the required pattern. 4582// 4583// * INPUT_REQUIRED: You must include a value for all required parameters. 4584// 4585// * INVALID_PAGINATION_TOKEN: Get the value for the NextToken parameter 4586// from the response to a previous call of the operation. 4587// 4588// * MAX_FILTER_LIMIT_EXCEEDED: You can specify only one filter parameter 4589// for the operation. 4590// 4591// * MOVING_ACCOUNT_BETWEEN_DIFFERENT_ROOTS: You can move an account only 4592// between entities in the same root. 4593// 4594// * ErrCodeServiceException "ServiceException" 4595// AWS Organizations can't complete your request because of an internal service 4596// error. Try again later. 4597// 4598// * ErrCodeTooManyRequestsException "TooManyRequestsException" 4599// You've sent too many requests in too short a period of time. The limit helps 4600// protect against denial-of-service attacks. Try again later. 4601// 4602// See also, https://docs.aws.amazon.com/goto/WebAPI/organizations-2016-11-28/EnableAllFeatures 4603func (c *Organizations) EnableAllFeatures(input *EnableAllFeaturesInput) (*EnableAllFeaturesOutput, error) { 4604 req, out := c.EnableAllFeaturesRequest(input) 4605 return out, req.Send() 4606} 4607 4608// EnableAllFeaturesWithContext is the same as EnableAllFeatures with the addition of 4609// the ability to pass a context and additional request options. 4610// 4611// See EnableAllFeatures for details on how to use this API operation. 4612// 4613// The context must be non-nil and will be used for request cancellation. If 4614// the context is nil a panic will occur. In the future the SDK may create 4615// sub-contexts for http.Requests. See https://golang.org/pkg/context/ 4616// for more information on using Contexts. 4617func (c *Organizations) EnableAllFeaturesWithContext(ctx aws.Context, input *EnableAllFeaturesInput, opts ...request.Option) (*EnableAllFeaturesOutput, error) { 4618 req, out := c.EnableAllFeaturesRequest(input) 4619 req.SetContext(ctx) 4620 req.ApplyOptions(opts...) 4621 return out, req.Send() 4622} 4623 4624const opEnablePolicyType = "EnablePolicyType" 4625 4626// EnablePolicyTypeRequest generates a "aws/request.Request" representing the 4627// client's request for the EnablePolicyType operation. The "output" return 4628// value will be populated with the request's response once the request complets 4629// successfuly. 4630// 4631// Use "Send" method on the returned Request to send the API call to the service. 4632// the "output" return value is not valid until after Send returns without error. 4633// 4634// See EnablePolicyType for more information on using the EnablePolicyType 4635// API call, and error handling. 4636// 4637// This method is useful when you want to inject custom logic or configuration 4638// into the SDK's request lifecycle. Such as custom headers, or retry logic. 4639// 4640// 4641// // Example sending a request using the EnablePolicyTypeRequest method. 4642// req, resp := client.EnablePolicyTypeRequest(params) 4643// 4644// err := req.Send() 4645// if err == nil { // resp is now filled 4646// fmt.Println(resp) 4647// } 4648// 4649// See also, https://docs.aws.amazon.com/goto/WebAPI/organizations-2016-11-28/EnablePolicyType 4650func (c *Organizations) EnablePolicyTypeRequest(input *EnablePolicyTypeInput) (req *request.Request, output *EnablePolicyTypeOutput) { 4651 op := &request.Operation{ 4652 Name: opEnablePolicyType, 4653 HTTPMethod: "POST", 4654 HTTPPath: "/", 4655 } 4656 4657 if input == nil { 4658 input = &EnablePolicyTypeInput{} 4659 } 4660 4661 output = &EnablePolicyTypeOutput{} 4662 req = c.newRequest(op, input, output) 4663 return 4664} 4665 4666// EnablePolicyType API operation for AWS Organizations. 4667// 4668// Enables a policy type in a root. After you enable a policy type in a root, 4669// you can attach policies of that type to the root, any OU, or account in that 4670// root. You can undo this by using the DisablePolicyType operation. 4671// 4672// This operation can be called only from the organization's master account. 4673// 4674// Returns awserr.Error for service API and SDK errors. Use runtime type assertions 4675// with awserr.Error's Code and Message methods to get detailed information about 4676// the error. 4677// 4678// See the AWS API reference guide for AWS Organizations's 4679// API operation EnablePolicyType for usage and error information. 4680// 4681// Returned Error Codes: 4682// * ErrCodeAccessDeniedException "AccessDeniedException" 4683// You don't have permissions to perform the requested operation. The user or 4684// role that is making the request must have at least one IAM permissions policy 4685// attached that grants the required permissions. For more information, see 4686// Access Management (http://docs.aws.amazon.com/IAM/latest/UserGuide/access.html) 4687// in the IAM User Guide. 4688// 4689// * ErrCodeAWSOrganizationsNotInUseException "AWSOrganizationsNotInUseException" 4690// Your account is not a member of an organization. To make this request, you 4691// must use the credentials of an account that belongs to an organization. 4692// 4693// * ErrCodeConcurrentModificationException "ConcurrentModificationException" 4694// The target of the operation is currently being modified by a different request. 4695// Try again later. 4696// 4697// * ErrCodeConstraintViolationException "ConstraintViolationException" 4698// Performing this operation violates a minimum or maximum value limit. For 4699// example, attempting to removing the last SCP from an OU or root, inviting 4700// or creating too many accounts to the organization, or attaching too many 4701// policies to an account, OU, or root. This exception includes a reason that 4702// contains additional information about the violated limit: 4703// 4704// Some of the reasons in the following list might not be applicable to this 4705// specific API or operation: 4706// 4707// ACCOUNT_NUMBER_LIMIT_EXCEEDED: You attempted to exceed the limit on the number 4708// of accounts in an organization. If you need more accounts, contact AWS Support 4709// to request an increase in your limit. 4710// 4711// Or, The number of invitations that you tried to send would cause you to exceed 4712// the limit of accounts in your organization. Send fewer invitations, or contact 4713// AWS Support to request an increase in the number of accounts. 4714// 4715// Note: deleted and closed accounts still count toward your limit. 4716// 4717// If you get an exception that indicates that you exceeded your account limits 4718// for the organization or that you can"t add an account because your organization 4719// is still initializing, please contact AWS Customer Support (https://console.aws.amazon.com/support/home#/). 4720// 4721// * HANDSHAKE_RATE_LIMIT_EXCEEDED: You attempted to exceed the number of 4722// handshakes you can send in one day. 4723// 4724// * OU_NUMBER_LIMIT_EXCEEDED: You attempted to exceed the number of organizational 4725// units you can have in an organization. 4726// 4727// * OU_DEPTH_LIMIT_EXCEEDED: You attempted to create an organizational unit 4728// tree that is too many levels deep. 4729// 4730// * POLICY_NUMBER_LIMIT_EXCEEDED. You attempted to exceed the number of 4731// policies that you can have in an organization. 4732// 4733// * MAX_POLICY_TYPE_ATTACHMENT_LIMIT_EXCEEDED: You attempted to exceed the 4734// number of policies of a certain type that can be attached to an entity 4735// at one time. 4736// 4737// * MIN_POLICY_TYPE_ATTACHMENT_LIMIT_EXCEEDED: You attempted to detach a 4738// policy from an entity that would cause the entity to have fewer than the 4739// minimum number of policies of a certain type required. 4740// 4741// * ACCOUNT_CANNOT_LEAVE_WITHOUT_EULA: You attempted to remove an account 4742// from the organization that does not yet have enough information to exist 4743// as a stand-alone account. This account requires you to first agree to 4744// the AWS Customer Agreement. Follow the steps at To leave an organization 4745// when all required account information has not yet been provided (http://docs.aws.amazon.com/organizations/latest/userguide/orgs_manage_accounts_remove.html#leave-without-all-info) 4746// in the AWS Organizations User Guide. 4747// 4748// * ACCOUNT_CANNOT_LEAVE_WITHOUT_PHONE_VERIFICATION: You attempted to remove 4749// an account from the organization that does not yet have enough information 4750// to exist as a stand-alone account. This account requires you to first 4751// complete phone verification. Follow the steps at To leave an organization 4752// when all required account information has not yet been provided (http://docs.aws.amazon.com/organizations/latest/userguide/orgs_manage_accounts_remove.html#leave-without-all-info) 4753// in the AWS Organizations User Guide. 4754// 4755// * MASTER_ACCOUNT_PAYMENT_INSTRUMENT_REQUIRED: To create an organization 4756// with this account, you first must associate a payment instrument, such 4757// as a credit card, with the account. Follow the steps at To leave an organization 4758// when all required account information has not yet been provided (http://docs.aws.amazon.com/organizations/latest/userguide/orgs_manage_accounts_remove.html#leave-without-all-info) 4759// in the AWS Organizations User Guide. 4760// 4761// * MEMBER_ACCOUNT_PAYMENT_INSTRUMENT_REQUIRED: To complete this operation 4762// with this member account, you first must associate a payment instrument, 4763// such as a credit card, with the account. Follow the steps at To leave 4764// an organization when all required account information has not yet been 4765// provided (http://docs.aws.amazon.com/organizations/latest/userguide/orgs_manage_accounts_remove.html#leave-without-all-info) 4766// in the AWS Organizations User Guide. 4767// 4768// * ACCOUNT_CREATION_RATE_LIMIT_EXCEEDED: You attempted to exceed the number 4769// of accounts that you can create in one day. 4770// 4771// * MASTER_ACCOUNT_ADDRESS_DOES_NOT_MATCH_MARKETPLACE: To create an account 4772// in this organization, you first must migrate the organization's master 4773// account to the marketplace that corresponds to the master account's address. 4774// For example, accounts with India addresses must be associated with the 4775// AISPL marketplace. All accounts in an organization must be associated 4776// with the same marketplace. 4777// 4778// * MASTER_ACCOUNT_MISSING_CONTACT_INFO: To complete this operation, you 4779// must first provide contact a valid address and phone number for the master 4780// account. Then try the operation again. 4781// 4782// * ErrCodeInvalidInputException "InvalidInputException" 4783// The requested operation failed because you provided invalid values for one 4784// or more of the request parameters. This exception includes a reason that 4785// contains additional information about the violated limit: 4786// 4787// Some of the reasons in the following list might not be applicable to this 4788// specific API or operation: 4789// 4790// * INVALID_PARTY_TYPE_TARGET: You specified the wrong type of entity (account, 4791// organization, or email) as a party. 4792// 4793// * INVALID_SYNTAX_ORGANIZATION_ARN: You specified an invalid ARN for the 4794// organization. 4795// 4796// * INVALID_SYNTAX_POLICY_ID: You specified an invalid policy ID. 4797// 4798// * INVALID_ENUM: You specified a value that is not valid for that parameter. 4799// 4800// * INVALID_FULL_NAME_TARGET: You specified a full name that contains invalid 4801// characters. 4802// 4803// * INVALID_LIST_MEMBER: You provided a list to a parameter that contains 4804// at least one invalid value. 4805// 4806// * MAX_LENGTH_EXCEEDED: You provided a string parameter that is longer 4807// than allowed. 4808// 4809// * MAX_VALUE_EXCEEDED: You provided a numeric parameter that has a larger 4810// value than allowed. 4811// 4812// * MIN_LENGTH_EXCEEDED: You provided a string parameter that is shorter 4813// than allowed. 4814// 4815// * MIN_VALUE_EXCEEDED: You provided a numeric parameter that has a smaller 4816// value than allowed. 4817// 4818// * IMMUTABLE_POLICY: You specified a policy that is managed by AWS and 4819// cannot be modified. 4820// 4821// * INVALID_PATTERN: You provided a value that doesn't match the required 4822// pattern. 4823// 4824// * INVALID_PATTERN_TARGET_ID: You specified a policy target ID that doesn't 4825// match the required pattern. 4826// 4827// * INPUT_REQUIRED: You must include a value for all required parameters. 4828// 4829// * INVALID_PAGINATION_TOKEN: Get the value for the NextToken parameter 4830// from the response to a previous call of the operation. 4831// 4832// * MAX_FILTER_LIMIT_EXCEEDED: You can specify only one filter parameter 4833// for the operation. 4834// 4835// * MOVING_ACCOUNT_BETWEEN_DIFFERENT_ROOTS: You can move an account only 4836// between entities in the same root. 4837// 4838// * ErrCodePolicyTypeAlreadyEnabledException "PolicyTypeAlreadyEnabledException" 4839// The specified policy type is already enabled in the specified root. 4840// 4841// * ErrCodeRootNotFoundException "RootNotFoundException" 4842// We can't find a root with the RootId that you specified. 4843// 4844// * ErrCodeServiceException "ServiceException" 4845// AWS Organizations can't complete your request because of an internal service 4846// error. Try again later. 4847// 4848// * ErrCodeTooManyRequestsException "TooManyRequestsException" 4849// You've sent too many requests in too short a period of time. The limit helps 4850// protect against denial-of-service attacks. Try again later. 4851// 4852// * ErrCodePolicyTypeNotAvailableForOrganizationException "PolicyTypeNotAvailableForOrganizationException" 4853// You can't use the specified policy type with the feature set currently enabled 4854// for this organization. For example, you can enable service control policies 4855// (SCPs) only after you enable all features in the organization. For more information, 4856// see Enabling and Disabling a Policy Type on a Root (http://docs.aws.amazon.com/organizations/latest/userguide/orgs_manage_policies.html#enable_policies_on_root) 4857// in the AWS Organizations User Guide. 4858// 4859// See also, https://docs.aws.amazon.com/goto/WebAPI/organizations-2016-11-28/EnablePolicyType 4860func (c *Organizations) EnablePolicyType(input *EnablePolicyTypeInput) (*EnablePolicyTypeOutput, error) { 4861 req, out := c.EnablePolicyTypeRequest(input) 4862 return out, req.Send() 4863} 4864 4865// EnablePolicyTypeWithContext is the same as EnablePolicyType with the addition of 4866// the ability to pass a context and additional request options. 4867// 4868// See EnablePolicyType for details on how to use this API operation. 4869// 4870// The context must be non-nil and will be used for request cancellation. If 4871// the context is nil a panic will occur. In the future the SDK may create 4872// sub-contexts for http.Requests. See https://golang.org/pkg/context/ 4873// for more information on using Contexts. 4874func (c *Organizations) EnablePolicyTypeWithContext(ctx aws.Context, input *EnablePolicyTypeInput, opts ...request.Option) (*EnablePolicyTypeOutput, error) { 4875 req, out := c.EnablePolicyTypeRequest(input) 4876 req.SetContext(ctx) 4877 req.ApplyOptions(opts...) 4878 return out, req.Send() 4879} 4880 4881const opInviteAccountToOrganization = "InviteAccountToOrganization" 4882 4883// InviteAccountToOrganizationRequest generates a "aws/request.Request" representing the 4884// client's request for the InviteAccountToOrganization operation. The "output" return 4885// value will be populated with the request's response once the request complets 4886// successfuly. 4887// 4888// Use "Send" method on the returned Request to send the API call to the service. 4889// the "output" return value is not valid until after Send returns without error. 4890// 4891// See InviteAccountToOrganization for more information on using the InviteAccountToOrganization 4892// API call, and error handling. 4893// 4894// This method is useful when you want to inject custom logic or configuration 4895// into the SDK's request lifecycle. Such as custom headers, or retry logic. 4896// 4897// 4898// // Example sending a request using the InviteAccountToOrganizationRequest method. 4899// req, resp := client.InviteAccountToOrganizationRequest(params) 4900// 4901// err := req.Send() 4902// if err == nil { // resp is now filled 4903// fmt.Println(resp) 4904// } 4905// 4906// See also, https://docs.aws.amazon.com/goto/WebAPI/organizations-2016-11-28/InviteAccountToOrganization 4907func (c *Organizations) InviteAccountToOrganizationRequest(input *InviteAccountToOrganizationInput) (req *request.Request, output *InviteAccountToOrganizationOutput) { 4908 op := &request.Operation{ 4909 Name: opInviteAccountToOrganization, 4910 HTTPMethod: "POST", 4911 HTTPPath: "/", 4912 } 4913 4914 if input == nil { 4915 input = &InviteAccountToOrganizationInput{} 4916 } 4917 4918 output = &InviteAccountToOrganizationOutput{} 4919 req = c.newRequest(op, input, output) 4920 return 4921} 4922 4923// InviteAccountToOrganization API operation for AWS Organizations. 4924// 4925// Sends an invitation to another account to join your organization as a member 4926// account. Organizations sends email on your behalf to the email address that 4927// is associated with the other account's owner. The invitation is implemented 4928// as a Handshake whose details are in the response. 4929// 4930// You can invite AWS accounts only from the same seller as the master account. 4931// For example, if your organization's master account was created by Amazon 4932// Internet Services Pvt. Ltd (AISPL), an AWS seller in India, then you can 4933// only invite other AISPL accounts to your organization. You can't combine 4934// accounts from AISPL and AWS, or any other AWS seller. For more information, 4935// see Consolidated Billing in India (http://docs.aws.amazon.com/awsaccountbilling/latest/aboutv2/useconsolidatedbilliing-India.html). 4936// 4937// This operation can be called only from the organization's master account. 4938// 4939// If you get an exception that indicates that you exceeded your account limits 4940// for the organization or that you can"t add an account because your organization 4941// is still initializing, please contact AWS Customer Support (https://console.aws.amazon.com/support/home#/). 4942// 4943// Returns awserr.Error for service API and SDK errors. Use runtime type assertions 4944// with awserr.Error's Code and Message methods to get detailed information about 4945// the error. 4946// 4947// See the AWS API reference guide for AWS Organizations's 4948// API operation InviteAccountToOrganization for usage and error information. 4949// 4950// Returned Error Codes: 4951// * ErrCodeAccessDeniedException "AccessDeniedException" 4952// You don't have permissions to perform the requested operation. The user or 4953// role that is making the request must have at least one IAM permissions policy 4954// attached that grants the required permissions. For more information, see 4955// Access Management (http://docs.aws.amazon.com/IAM/latest/UserGuide/access.html) 4956// in the IAM User Guide. 4957// 4958// * ErrCodeAWSOrganizationsNotInUseException "AWSOrganizationsNotInUseException" 4959// Your account is not a member of an organization. To make this request, you 4960// must use the credentials of an account that belongs to an organization. 4961// 4962// * ErrCodeConcurrentModificationException "ConcurrentModificationException" 4963// The target of the operation is currently being modified by a different request. 4964// Try again later. 4965// 4966// * ErrCodeHandshakeConstraintViolationException "HandshakeConstraintViolationException" 4967// The requested operation would violate the constraint identified in the reason 4968// code. 4969// 4970// Some of the reasons in the following list might not be applicable to this 4971// specific API or operation: 4972// 4973// * ACCOUNT_NUMBER_LIMIT_EXCEEDED: You attempted to exceed the limit on 4974// the number of accounts in an organization. Note: deleted and closed accounts 4975// still count toward your limit. 4976// 4977// If you get an exception that indicates that you exceeded your account limits 4978// for the organization or that you can"t add an account because your organization 4979// is still initializing, please contact AWS Customer Support (https://console.aws.amazon.com/support/home#/). 4980// 4981// * HANDSHAKE_RATE_LIMIT_EXCEEDED: You attempted to exceed the number of 4982// handshakes you can send in one day. 4983// 4984// * ALREADY_IN_AN_ORGANIZATION: The handshake request is invalid because 4985// the invited account is already a member of an organization. 4986// 4987// * ORGANIZATION_ALREADY_HAS_ALL_FEATURES: The handshake request is invalid 4988// because the organization has already enabled all features. 4989// 4990// * INVITE_DISABLED_DURING_ENABLE_ALL_FEATURES: You cannot issue new invitations 4991// to join an organization while it is in the process of enabling all features. 4992// You can resume inviting accounts after you finalize the process when all 4993// accounts have agreed to the change. 4994// 4995// * PAYMENT_INSTRUMENT_REQUIRED: You cannot complete the operation with 4996// an account that does not have a payment instrument, such as a credit card, 4997// associated with it. 4998// 4999// * ORGANIZATION_FROM_DIFFERENT_SELLER_OF_RECORD: The request failed because 5000// the account is from a different marketplace than the accounts in the organization. 5001// For example, accounts with India addresses must be associated with the 5002// AISPL marketplace. All accounts in an organization must be from the same 5003// marketplace. 5004// 5005// * ORGANIZATION_MEMBERSHIP_CHANGE_RATE_LIMIT_EXCEEDED: You attempted to 5006// change the membership of an account too quickly after its previous change. 5007// 5008// * ErrCodeDuplicateHandshakeException "DuplicateHandshakeException" 5009// A handshake with the same action and target already exists. For example, 5010// if you invited an account to join your organization, the invited account 5011// might already have a pending invitation from this organization. If you intend 5012// to resend an invitation to an account, ensure that existing handshakes that 5013// might be considered duplicates are canceled or declined. 5014// 5015// * ErrCodeInvalidInputException "InvalidInputException" 5016// The requested operation failed because you provided invalid values for one 5017// or more of the request parameters. This exception includes a reason that 5018// contains additional information about the violated limit: 5019// 5020// Some of the reasons in the following list might not be applicable to this 5021// specific API or operation: 5022// 5023// * INVALID_PARTY_TYPE_TARGET: You specified the wrong type of entity (account, 5024// organization, or email) as a party. 5025// 5026// * INVALID_SYNTAX_ORGANIZATION_ARN: You specified an invalid ARN for the 5027// organization. 5028// 5029// * INVALID_SYNTAX_POLICY_ID: You specified an invalid policy ID. 5030// 5031// * INVALID_ENUM: You specified a value that is not valid for that parameter. 5032// 5033// * INVALID_FULL_NAME_TARGET: You specified a full name that contains invalid 5034// characters. 5035// 5036// * INVALID_LIST_MEMBER: You provided a list to a parameter that contains 5037// at least one invalid value. 5038// 5039// * MAX_LENGTH_EXCEEDED: You provided a string parameter that is longer 5040// than allowed. 5041// 5042// * MAX_VALUE_EXCEEDED: You provided a numeric parameter that has a larger 5043// value than allowed. 5044// 5045// * MIN_LENGTH_EXCEEDED: You provided a string parameter that is shorter 5046// than allowed. 5047// 5048// * MIN_VALUE_EXCEEDED: You provided a numeric parameter that has a smaller 5049// value than allowed. 5050// 5051// * IMMUTABLE_POLICY: You specified a policy that is managed by AWS and 5052// cannot be modified. 5053// 5054// * INVALID_PATTERN: You provided a value that doesn't match the required 5055// pattern. 5056// 5057// * INVALID_PATTERN_TARGET_ID: You specified a policy target ID that doesn't 5058// match the required pattern. 5059// 5060// * INPUT_REQUIRED: You must include a value for all required parameters. 5061// 5062// * INVALID_PAGINATION_TOKEN: Get the value for the NextToken parameter 5063// from the response to a previous call of the operation. 5064// 5065// * MAX_FILTER_LIMIT_EXCEEDED: You can specify only one filter parameter 5066// for the operation. 5067// 5068// * MOVING_ACCOUNT_BETWEEN_DIFFERENT_ROOTS: You can move an account only 5069// between entities in the same root. 5070// 5071// * ErrCodeFinalizingOrganizationException "FinalizingOrganizationException" 5072// AWS Organizations could not finalize the creation of your organization. Try 5073// again later. If this persists, contact AWS customer support. 5074// 5075// * ErrCodeServiceException "ServiceException" 5076// AWS Organizations can't complete your request because of an internal service 5077// error. Try again later. 5078// 5079// * ErrCodeTooManyRequestsException "TooManyRequestsException" 5080// You've sent too many requests in too short a period of time. The limit helps 5081// protect against denial-of-service attacks. Try again later. 5082// 5083// See also, https://docs.aws.amazon.com/goto/WebAPI/organizations-2016-11-28/InviteAccountToOrganization 5084func (c *Organizations) InviteAccountToOrganization(input *InviteAccountToOrganizationInput) (*InviteAccountToOrganizationOutput, error) { 5085 req, out := c.InviteAccountToOrganizationRequest(input) 5086 return out, req.Send() 5087} 5088 5089// InviteAccountToOrganizationWithContext is the same as InviteAccountToOrganization with the addition of 5090// the ability to pass a context and additional request options. 5091// 5092// See InviteAccountToOrganization for details on how to use this API operation. 5093// 5094// The context must be non-nil and will be used for request cancellation. If 5095// the context is nil a panic will occur. In the future the SDK may create 5096// sub-contexts for http.Requests. See https://golang.org/pkg/context/ 5097// for more information on using Contexts. 5098func (c *Organizations) InviteAccountToOrganizationWithContext(ctx aws.Context, input *InviteAccountToOrganizationInput, opts ...request.Option) (*InviteAccountToOrganizationOutput, error) { 5099 req, out := c.InviteAccountToOrganizationRequest(input) 5100 req.SetContext(ctx) 5101 req.ApplyOptions(opts...) 5102 return out, req.Send() 5103} 5104 5105const opLeaveOrganization = "LeaveOrganization" 5106 5107// LeaveOrganizationRequest generates a "aws/request.Request" representing the 5108// client's request for the LeaveOrganization operation. The "output" return 5109// value will be populated with the request's response once the request complets 5110// successfuly. 5111// 5112// Use "Send" method on the returned Request to send the API call to the service. 5113// the "output" return value is not valid until after Send returns without error. 5114// 5115// See LeaveOrganization for more information on using the LeaveOrganization 5116// API call, and error handling. 5117// 5118// This method is useful when you want to inject custom logic or configuration 5119// into the SDK's request lifecycle. Such as custom headers, or retry logic. 5120// 5121// 5122// // Example sending a request using the LeaveOrganizationRequest method. 5123// req, resp := client.LeaveOrganizationRequest(params) 5124// 5125// err := req.Send() 5126// if err == nil { // resp is now filled 5127// fmt.Println(resp) 5128// } 5129// 5130// See also, https://docs.aws.amazon.com/goto/WebAPI/organizations-2016-11-28/LeaveOrganization 5131func (c *Organizations) LeaveOrganizationRequest(input *LeaveOrganizationInput) (req *request.Request, output *LeaveOrganizationOutput) { 5132 op := &request.Operation{ 5133 Name: opLeaveOrganization, 5134 HTTPMethod: "POST", 5135 HTTPPath: "/", 5136 } 5137 5138 if input == nil { 5139 input = &LeaveOrganizationInput{} 5140 } 5141 5142 output = &LeaveOrganizationOutput{} 5143 req = c.newRequest(op, input, output) 5144 req.Handlers.Unmarshal.Remove(jsonrpc.UnmarshalHandler) 5145 req.Handlers.Unmarshal.PushBackNamed(protocol.UnmarshalDiscardBodyHandler) 5146 return 5147} 5148 5149// LeaveOrganization API operation for AWS Organizations. 5150// 5151// Removes a member account from its parent organization. This version of the 5152// operation is performed by the account that wants to leave. To remove a member 5153// account as a user in the master account, use RemoveAccountFromOrganization 5154// instead. 5155// 5156// This operation can be called only from a member account in the organization. 5157// 5158// The master account in an organization with all features enabled can set service 5159// control policies (SCPs) that can restrict what administrators of member accounts 5160// can do, including preventing them from successfully calling LeaveOrganization 5161// and leaving the organization. 5162// 5163// You can leave an organization as a member account only if the account is 5164// configured with the information required to operate as a standalone account. 5165// When you create an account in an organization using the AWS Organizations 5166// console, API, or CLI commands, the information required of standalone accounts 5167// is not automatically collected. For each account that you want to make standalone, 5168// you must accept the End User License Agreement (EULA), choose a support plan, 5169// provide and verify the required contact information, and provide a current 5170// payment method. AWS uses the payment method to charge for any billable (not 5171// free tier) AWS activity that occurs while the account is not attached to 5172// an organization. Follow the steps at To leave an organization when all required 5173// account information has not yet been provided (http://docs.aws.amazon.com/organizations/latest/userguide/orgs_manage_accounts_remove.html#leave-without-all-info) 5174// in the AWS Organizations User Guide. 5175// 5176// You can leave an organization only after you enable IAM user access to billing 5177// in your account. For more information, see Activating Access to the Billing 5178// and Cost Management Console (http://docs.aws.amazon.com/awsaccountbilling/latest/aboutv2/grantaccess.html#ControllingAccessWebsite-Activate) 5179// in the AWS Billing and Cost Management User Guide. 5180// 5181// Returns awserr.Error for service API and SDK errors. Use runtime type assertions 5182// with awserr.Error's Code and Message methods to get detailed information about 5183// the error. 5184// 5185// See the AWS API reference guide for AWS Organizations's 5186// API operation LeaveOrganization for usage and error information. 5187// 5188// Returned Error Codes: 5189// * ErrCodeAccessDeniedException "AccessDeniedException" 5190// You don't have permissions to perform the requested operation. The user or 5191// role that is making the request must have at least one IAM permissions policy 5192// attached that grants the required permissions. For more information, see 5193// Access Management (http://docs.aws.amazon.com/IAM/latest/UserGuide/access.html) 5194// in the IAM User Guide. 5195// 5196// * ErrCodeAccountNotFoundException "AccountNotFoundException" 5197// We can't find an AWS account with the AccountId that you specified, or the 5198// account whose credentials you used to make this request is not a member of 5199// an organization. 5200// 5201// * ErrCodeAWSOrganizationsNotInUseException "AWSOrganizationsNotInUseException" 5202// Your account is not a member of an organization. To make this request, you 5203// must use the credentials of an account that belongs to an organization. 5204// 5205// * ErrCodeConcurrentModificationException "ConcurrentModificationException" 5206// The target of the operation is currently being modified by a different request. 5207// Try again later. 5208// 5209// * ErrCodeConstraintViolationException "ConstraintViolationException" 5210// Performing this operation violates a minimum or maximum value limit. For 5211// example, attempting to removing the last SCP from an OU or root, inviting 5212// or creating too many accounts to the organization, or attaching too many 5213// policies to an account, OU, or root. This exception includes a reason that 5214// contains additional information about the violated limit: 5215// 5216// Some of the reasons in the following list might not be applicable to this 5217// specific API or operation: 5218// 5219// ACCOUNT_NUMBER_LIMIT_EXCEEDED: You attempted to exceed the limit on the number 5220// of accounts in an organization. If you need more accounts, contact AWS Support 5221// to request an increase in your limit. 5222// 5223// Or, The number of invitations that you tried to send would cause you to exceed 5224// the limit of accounts in your organization. Send fewer invitations, or contact 5225// AWS Support to request an increase in the number of accounts. 5226// 5227// Note: deleted and closed accounts still count toward your limit. 5228// 5229// If you get an exception that indicates that you exceeded your account limits 5230// for the organization or that you can"t add an account because your organization 5231// is still initializing, please contact AWS Customer Support (https://console.aws.amazon.com/support/home#/). 5232// 5233// * HANDSHAKE_RATE_LIMIT_EXCEEDED: You attempted to exceed the number of 5234// handshakes you can send in one day. 5235// 5236// * OU_NUMBER_LIMIT_EXCEEDED: You attempted to exceed the number of organizational 5237// units you can have in an organization. 5238// 5239// * OU_DEPTH_LIMIT_EXCEEDED: You attempted to create an organizational unit 5240// tree that is too many levels deep. 5241// 5242// * POLICY_NUMBER_LIMIT_EXCEEDED. You attempted to exceed the number of 5243// policies that you can have in an organization. 5244// 5245// * MAX_POLICY_TYPE_ATTACHMENT_LIMIT_EXCEEDED: You attempted to exceed the 5246// number of policies of a certain type that can be attached to an entity 5247// at one time. 5248// 5249// * MIN_POLICY_TYPE_ATTACHMENT_LIMIT_EXCEEDED: You attempted to detach a 5250// policy from an entity that would cause the entity to have fewer than the 5251// minimum number of policies of a certain type required. 5252// 5253// * ACCOUNT_CANNOT_LEAVE_WITHOUT_EULA: You attempted to remove an account 5254// from the organization that does not yet have enough information to exist 5255// as a stand-alone account. This account requires you to first agree to 5256// the AWS Customer Agreement. Follow the steps at To leave an organization 5257// when all required account information has not yet been provided (http://docs.aws.amazon.com/organizations/latest/userguide/orgs_manage_accounts_remove.html#leave-without-all-info) 5258// in the AWS Organizations User Guide. 5259// 5260// * ACCOUNT_CANNOT_LEAVE_WITHOUT_PHONE_VERIFICATION: You attempted to remove 5261// an account from the organization that does not yet have enough information 5262// to exist as a stand-alone account. This account requires you to first 5263// complete phone verification. Follow the steps at To leave an organization 5264// when all required account information has not yet been provided (http://docs.aws.amazon.com/organizations/latest/userguide/orgs_manage_accounts_remove.html#leave-without-all-info) 5265// in the AWS Organizations User Guide. 5266// 5267// * MASTER_ACCOUNT_PAYMENT_INSTRUMENT_REQUIRED: To create an organization 5268// with this account, you first must associate a payment instrument, such 5269// as a credit card, with the account. Follow the steps at To leave an organization 5270// when all required account information has not yet been provided (http://docs.aws.amazon.com/organizations/latest/userguide/orgs_manage_accounts_remove.html#leave-without-all-info) 5271// in the AWS Organizations User Guide. 5272// 5273// * MEMBER_ACCOUNT_PAYMENT_INSTRUMENT_REQUIRED: To complete this operation 5274// with this member account, you first must associate a payment instrument, 5275// such as a credit card, with the account. Follow the steps at To leave 5276// an organization when all required account information has not yet been 5277// provided (http://docs.aws.amazon.com/organizations/latest/userguide/orgs_manage_accounts_remove.html#leave-without-all-info) 5278// in the AWS Organizations User Guide. 5279// 5280// * ACCOUNT_CREATION_RATE_LIMIT_EXCEEDED: You attempted to exceed the number 5281// of accounts that you can create in one day. 5282// 5283// * MASTER_ACCOUNT_ADDRESS_DOES_NOT_MATCH_MARKETPLACE: To create an account 5284// in this organization, you first must migrate the organization's master 5285// account to the marketplace that corresponds to the master account's address. 5286// For example, accounts with India addresses must be associated with the 5287// AISPL marketplace. All accounts in an organization must be associated 5288// with the same marketplace. 5289// 5290// * MASTER_ACCOUNT_MISSING_CONTACT_INFO: To complete this operation, you 5291// must first provide contact a valid address and phone number for the master 5292// account. Then try the operation again. 5293// 5294// * ErrCodeInvalidInputException "InvalidInputException" 5295// The requested operation failed because you provided invalid values for one 5296// or more of the request parameters. This exception includes a reason that 5297// contains additional information about the violated limit: 5298// 5299// Some of the reasons in the following list might not be applicable to this 5300// specific API or operation: 5301// 5302// * INVALID_PARTY_TYPE_TARGET: You specified the wrong type of entity (account, 5303// organization, or email) as a party. 5304// 5305// * INVALID_SYNTAX_ORGANIZATION_ARN: You specified an invalid ARN for the 5306// organization. 5307// 5308// * INVALID_SYNTAX_POLICY_ID: You specified an invalid policy ID. 5309// 5310// * INVALID_ENUM: You specified a value that is not valid for that parameter. 5311// 5312// * INVALID_FULL_NAME_TARGET: You specified a full name that contains invalid 5313// characters. 5314// 5315// * INVALID_LIST_MEMBER: You provided a list to a parameter that contains 5316// at least one invalid value. 5317// 5318// * MAX_LENGTH_EXCEEDED: You provided a string parameter that is longer 5319// than allowed. 5320// 5321// * MAX_VALUE_EXCEEDED: You provided a numeric parameter that has a larger 5322// value than allowed. 5323// 5324// * MIN_LENGTH_EXCEEDED: You provided a string parameter that is shorter 5325// than allowed. 5326// 5327// * MIN_VALUE_EXCEEDED: You provided a numeric parameter that has a smaller 5328// value than allowed. 5329// 5330// * IMMUTABLE_POLICY: You specified a policy that is managed by AWS and 5331// cannot be modified. 5332// 5333// * INVALID_PATTERN: You provided a value that doesn't match the required 5334// pattern. 5335// 5336// * INVALID_PATTERN_TARGET_ID: You specified a policy target ID that doesn't 5337// match the required pattern. 5338// 5339// * INPUT_REQUIRED: You must include a value for all required parameters. 5340// 5341// * INVALID_PAGINATION_TOKEN: Get the value for the NextToken parameter 5342// from the response to a previous call of the operation. 5343// 5344// * MAX_FILTER_LIMIT_EXCEEDED: You can specify only one filter parameter 5345// for the operation. 5346// 5347// * MOVING_ACCOUNT_BETWEEN_DIFFERENT_ROOTS: You can move an account only 5348// between entities in the same root. 5349// 5350// * ErrCodeMasterCannotLeaveOrganizationException "MasterCannotLeaveOrganizationException" 5351// You can't remove a master account from an organization. If you want the master 5352// account to become a member account in another organization, you must first 5353// delete the current organization of the master account. 5354// 5355// * ErrCodeServiceException "ServiceException" 5356// AWS Organizations can't complete your request because of an internal service 5357// error. Try again later. 5358// 5359// * ErrCodeTooManyRequestsException "TooManyRequestsException" 5360// You've sent too many requests in too short a period of time. The limit helps 5361// protect against denial-of-service attacks. Try again later. 5362// 5363// See also, https://docs.aws.amazon.com/goto/WebAPI/organizations-2016-11-28/LeaveOrganization 5364func (c *Organizations) LeaveOrganization(input *LeaveOrganizationInput) (*LeaveOrganizationOutput, error) { 5365 req, out := c.LeaveOrganizationRequest(input) 5366 return out, req.Send() 5367} 5368 5369// LeaveOrganizationWithContext is the same as LeaveOrganization with the addition of 5370// the ability to pass a context and additional request options. 5371// 5372// See LeaveOrganization for details on how to use this API operation. 5373// 5374// The context must be non-nil and will be used for request cancellation. If 5375// the context is nil a panic will occur. In the future the SDK may create 5376// sub-contexts for http.Requests. See https://golang.org/pkg/context/ 5377// for more information on using Contexts. 5378func (c *Organizations) LeaveOrganizationWithContext(ctx aws.Context, input *LeaveOrganizationInput, opts ...request.Option) (*LeaveOrganizationOutput, error) { 5379 req, out := c.LeaveOrganizationRequest(input) 5380 req.SetContext(ctx) 5381 req.ApplyOptions(opts...) 5382 return out, req.Send() 5383} 5384 5385const opListAWSServiceAccessForOrganization = "ListAWSServiceAccessForOrganization" 5386 5387// ListAWSServiceAccessForOrganizationRequest generates a "aws/request.Request" representing the 5388// client's request for the ListAWSServiceAccessForOrganization operation. The "output" return 5389// value will be populated with the request's response once the request complets 5390// successfuly. 5391// 5392// Use "Send" method on the returned Request to send the API call to the service. 5393// the "output" return value is not valid until after Send returns without error. 5394// 5395// See ListAWSServiceAccessForOrganization for more information on using the ListAWSServiceAccessForOrganization 5396// API call, and error handling. 5397// 5398// This method is useful when you want to inject custom logic or configuration 5399// into the SDK's request lifecycle. Such as custom headers, or retry logic. 5400// 5401// 5402// // Example sending a request using the ListAWSServiceAccessForOrganizationRequest method. 5403// req, resp := client.ListAWSServiceAccessForOrganizationRequest(params) 5404// 5405// err := req.Send() 5406// if err == nil { // resp is now filled 5407// fmt.Println(resp) 5408// } 5409// 5410// See also, https://docs.aws.amazon.com/goto/WebAPI/organizations-2016-11-28/ListAWSServiceAccessForOrganization 5411func (c *Organizations) ListAWSServiceAccessForOrganizationRequest(input *ListAWSServiceAccessForOrganizationInput) (req *request.Request, output *ListAWSServiceAccessForOrganizationOutput) { 5412 op := &request.Operation{ 5413 Name: opListAWSServiceAccessForOrganization, 5414 HTTPMethod: "POST", 5415 HTTPPath: "/", 5416 Paginator: &request.Paginator{ 5417 InputTokens: []string{"NextToken"}, 5418 OutputTokens: []string{"NextToken"}, 5419 LimitToken: "MaxResults", 5420 TruncationToken: "", 5421 }, 5422 } 5423 5424 if input == nil { 5425 input = &ListAWSServiceAccessForOrganizationInput{} 5426 } 5427 5428 output = &ListAWSServiceAccessForOrganizationOutput{} 5429 req = c.newRequest(op, input, output) 5430 return 5431} 5432 5433// ListAWSServiceAccessForOrganization API operation for AWS Organizations. 5434// 5435// Returns a list of the AWS services that you enabled to integrate with your 5436// organization. After a service on this list creates the resources that it 5437// requires for the integration, it can perform operations on your organization 5438// and its accounts. 5439// 5440// For more information about integrating other services with AWS Organizations, 5441// including the list of services that currently work with Organizations, see 5442// Integrating AWS Organizations with Other AWS Services (http://docs.aws.amazon.com/organizations/latest/userguide/orgs_integrate_services.html) 5443// in the AWS Organizations User Guide. 5444// 5445// This operation can be called only from the organization's master account. 5446// 5447// Returns awserr.Error for service API and SDK errors. Use runtime type assertions 5448// with awserr.Error's Code and Message methods to get detailed information about 5449// the error. 5450// 5451// See the AWS API reference guide for AWS Organizations's 5452// API operation ListAWSServiceAccessForOrganization for usage and error information. 5453// 5454// Returned Error Codes: 5455// * ErrCodeAccessDeniedException "AccessDeniedException" 5456// You don't have permissions to perform the requested operation. The user or 5457// role that is making the request must have at least one IAM permissions policy 5458// attached that grants the required permissions. For more information, see 5459// Access Management (http://docs.aws.amazon.com/IAM/latest/UserGuide/access.html) 5460// in the IAM User Guide. 5461// 5462// * ErrCodeAWSOrganizationsNotInUseException "AWSOrganizationsNotInUseException" 5463// Your account is not a member of an organization. To make this request, you 5464// must use the credentials of an account that belongs to an organization. 5465// 5466// * ErrCodeConstraintViolationException "ConstraintViolationException" 5467// Performing this operation violates a minimum or maximum value limit. For 5468// example, attempting to removing the last SCP from an OU or root, inviting 5469// or creating too many accounts to the organization, or attaching too many 5470// policies to an account, OU, or root. This exception includes a reason that 5471// contains additional information about the violated limit: 5472// 5473// Some of the reasons in the following list might not be applicable to this 5474// specific API or operation: 5475// 5476// ACCOUNT_NUMBER_LIMIT_EXCEEDED: You attempted to exceed the limit on the number 5477// of accounts in an organization. If you need more accounts, contact AWS Support 5478// to request an increase in your limit. 5479// 5480// Or, The number of invitations that you tried to send would cause you to exceed 5481// the limit of accounts in your organization. Send fewer invitations, or contact 5482// AWS Support to request an increase in the number of accounts. 5483// 5484// Note: deleted and closed accounts still count toward your limit. 5485// 5486// If you get an exception that indicates that you exceeded your account limits 5487// for the organization or that you can"t add an account because your organization 5488// is still initializing, please contact AWS Customer Support (https://console.aws.amazon.com/support/home#/). 5489// 5490// * HANDSHAKE_RATE_LIMIT_EXCEEDED: You attempted to exceed the number of 5491// handshakes you can send in one day. 5492// 5493// * OU_NUMBER_LIMIT_EXCEEDED: You attempted to exceed the number of organizational 5494// units you can have in an organization. 5495// 5496// * OU_DEPTH_LIMIT_EXCEEDED: You attempted to create an organizational unit 5497// tree that is too many levels deep. 5498// 5499// * POLICY_NUMBER_LIMIT_EXCEEDED. You attempted to exceed the number of 5500// policies that you can have in an organization. 5501// 5502// * MAX_POLICY_TYPE_ATTACHMENT_LIMIT_EXCEEDED: You attempted to exceed the 5503// number of policies of a certain type that can be attached to an entity 5504// at one time. 5505// 5506// * MIN_POLICY_TYPE_ATTACHMENT_LIMIT_EXCEEDED: You attempted to detach a 5507// policy from an entity that would cause the entity to have fewer than the 5508// minimum number of policies of a certain type required. 5509// 5510// * ACCOUNT_CANNOT_LEAVE_WITHOUT_EULA: You attempted to remove an account 5511// from the organization that does not yet have enough information to exist 5512// as a stand-alone account. This account requires you to first agree to 5513// the AWS Customer Agreement. Follow the steps at To leave an organization 5514// when all required account information has not yet been provided (http://docs.aws.amazon.com/organizations/latest/userguide/orgs_manage_accounts_remove.html#leave-without-all-info) 5515// in the AWS Organizations User Guide. 5516// 5517// * ACCOUNT_CANNOT_LEAVE_WITHOUT_PHONE_VERIFICATION: You attempted to remove 5518// an account from the organization that does not yet have enough information 5519// to exist as a stand-alone account. This account requires you to first 5520// complete phone verification. Follow the steps at To leave an organization 5521// when all required account information has not yet been provided (http://docs.aws.amazon.com/organizations/latest/userguide/orgs_manage_accounts_remove.html#leave-without-all-info) 5522// in the AWS Organizations User Guide. 5523// 5524// * MASTER_ACCOUNT_PAYMENT_INSTRUMENT_REQUIRED: To create an organization 5525// with this account, you first must associate a payment instrument, such 5526// as a credit card, with the account. Follow the steps at To leave an organization 5527// when all required account information has not yet been provided (http://docs.aws.amazon.com/organizations/latest/userguide/orgs_manage_accounts_remove.html#leave-without-all-info) 5528// in the AWS Organizations User Guide. 5529// 5530// * MEMBER_ACCOUNT_PAYMENT_INSTRUMENT_REQUIRED: To complete this operation 5531// with this member account, you first must associate a payment instrument, 5532// such as a credit card, with the account. Follow the steps at To leave 5533// an organization when all required account information has not yet been 5534// provided (http://docs.aws.amazon.com/organizations/latest/userguide/orgs_manage_accounts_remove.html#leave-without-all-info) 5535// in the AWS Organizations User Guide. 5536// 5537// * ACCOUNT_CREATION_RATE_LIMIT_EXCEEDED: You attempted to exceed the number 5538// of accounts that you can create in one day. 5539// 5540// * MASTER_ACCOUNT_ADDRESS_DOES_NOT_MATCH_MARKETPLACE: To create an account 5541// in this organization, you first must migrate the organization's master 5542// account to the marketplace that corresponds to the master account's address. 5543// For example, accounts with India addresses must be associated with the 5544// AISPL marketplace. All accounts in an organization must be associated 5545// with the same marketplace. 5546// 5547// * MASTER_ACCOUNT_MISSING_CONTACT_INFO: To complete this operation, you 5548// must first provide contact a valid address and phone number for the master 5549// account. Then try the operation again. 5550// 5551// * ErrCodeInvalidInputException "InvalidInputException" 5552// The requested operation failed because you provided invalid values for one 5553// or more of the request parameters. This exception includes a reason that 5554// contains additional information about the violated limit: 5555// 5556// Some of the reasons in the following list might not be applicable to this 5557// specific API or operation: 5558// 5559// * INVALID_PARTY_TYPE_TARGET: You specified the wrong type of entity (account, 5560// organization, or email) as a party. 5561// 5562// * INVALID_SYNTAX_ORGANIZATION_ARN: You specified an invalid ARN for the 5563// organization. 5564// 5565// * INVALID_SYNTAX_POLICY_ID: You specified an invalid policy ID. 5566// 5567// * INVALID_ENUM: You specified a value that is not valid for that parameter. 5568// 5569// * INVALID_FULL_NAME_TARGET: You specified a full name that contains invalid 5570// characters. 5571// 5572// * INVALID_LIST_MEMBER: You provided a list to a parameter that contains 5573// at least one invalid value. 5574// 5575// * MAX_LENGTH_EXCEEDED: You provided a string parameter that is longer 5576// than allowed. 5577// 5578// * MAX_VALUE_EXCEEDED: You provided a numeric parameter that has a larger 5579// value than allowed. 5580// 5581// * MIN_LENGTH_EXCEEDED: You provided a string parameter that is shorter 5582// than allowed. 5583// 5584// * MIN_VALUE_EXCEEDED: You provided a numeric parameter that has a smaller 5585// value than allowed. 5586// 5587// * IMMUTABLE_POLICY: You specified a policy that is managed by AWS and 5588// cannot be modified. 5589// 5590// * INVALID_PATTERN: You provided a value that doesn't match the required 5591// pattern. 5592// 5593// * INVALID_PATTERN_TARGET_ID: You specified a policy target ID that doesn't 5594// match the required pattern. 5595// 5596// * INPUT_REQUIRED: You must include a value for all required parameters. 5597// 5598// * INVALID_PAGINATION_TOKEN: Get the value for the NextToken parameter 5599// from the response to a previous call of the operation. 5600// 5601// * MAX_FILTER_LIMIT_EXCEEDED: You can specify only one filter parameter 5602// for the operation. 5603// 5604// * MOVING_ACCOUNT_BETWEEN_DIFFERENT_ROOTS: You can move an account only 5605// between entities in the same root. 5606// 5607// * ErrCodeServiceException "ServiceException" 5608// AWS Organizations can't complete your request because of an internal service 5609// error. Try again later. 5610// 5611// * ErrCodeTooManyRequestsException "TooManyRequestsException" 5612// You've sent too many requests in too short a period of time. The limit helps 5613// protect against denial-of-service attacks. Try again later. 5614// 5615// See also, https://docs.aws.amazon.com/goto/WebAPI/organizations-2016-11-28/ListAWSServiceAccessForOrganization 5616func (c *Organizations) ListAWSServiceAccessForOrganization(input *ListAWSServiceAccessForOrganizationInput) (*ListAWSServiceAccessForOrganizationOutput, error) { 5617 req, out := c.ListAWSServiceAccessForOrganizationRequest(input) 5618 return out, req.Send() 5619} 5620 5621// ListAWSServiceAccessForOrganizationWithContext is the same as ListAWSServiceAccessForOrganization with the addition of 5622// the ability to pass a context and additional request options. 5623// 5624// See ListAWSServiceAccessForOrganization for details on how to use this API operation. 5625// 5626// The context must be non-nil and will be used for request cancellation. If 5627// the context is nil a panic will occur. In the future the SDK may create 5628// sub-contexts for http.Requests. See https://golang.org/pkg/context/ 5629// for more information on using Contexts. 5630func (c *Organizations) ListAWSServiceAccessForOrganizationWithContext(ctx aws.Context, input *ListAWSServiceAccessForOrganizationInput, opts ...request.Option) (*ListAWSServiceAccessForOrganizationOutput, error) { 5631 req, out := c.ListAWSServiceAccessForOrganizationRequest(input) 5632 req.SetContext(ctx) 5633 req.ApplyOptions(opts...) 5634 return out, req.Send() 5635} 5636 5637// ListAWSServiceAccessForOrganizationPages iterates over the pages of a ListAWSServiceAccessForOrganization operation, 5638// calling the "fn" function with the response data for each page. To stop 5639// iterating, return false from the fn function. 5640// 5641// See ListAWSServiceAccessForOrganization method for more information on how to use this operation. 5642// 5643// Note: This operation can generate multiple requests to a service. 5644// 5645// // Example iterating over at most 3 pages of a ListAWSServiceAccessForOrganization operation. 5646// pageNum := 0 5647// err := client.ListAWSServiceAccessForOrganizationPages(params, 5648// func(page *ListAWSServiceAccessForOrganizationOutput, lastPage bool) bool { 5649// pageNum++ 5650// fmt.Println(page) 5651// return pageNum <= 3 5652// }) 5653// 5654func (c *Organizations) ListAWSServiceAccessForOrganizationPages(input *ListAWSServiceAccessForOrganizationInput, fn func(*ListAWSServiceAccessForOrganizationOutput, bool) bool) error { 5655 return c.ListAWSServiceAccessForOrganizationPagesWithContext(aws.BackgroundContext(), input, fn) 5656} 5657 5658// ListAWSServiceAccessForOrganizationPagesWithContext same as ListAWSServiceAccessForOrganizationPages except 5659// it takes a Context and allows setting request options on the pages. 5660// 5661// The context must be non-nil and will be used for request cancellation. If 5662// the context is nil a panic will occur. In the future the SDK may create 5663// sub-contexts for http.Requests. See https://golang.org/pkg/context/ 5664// for more information on using Contexts. 5665func (c *Organizations) ListAWSServiceAccessForOrganizationPagesWithContext(ctx aws.Context, input *ListAWSServiceAccessForOrganizationInput, fn func(*ListAWSServiceAccessForOrganizationOutput, bool) bool, opts ...request.Option) error { 5666 p := request.Pagination{ 5667 NewRequest: func() (*request.Request, error) { 5668 var inCpy *ListAWSServiceAccessForOrganizationInput 5669 if input != nil { 5670 tmp := *input 5671 inCpy = &tmp 5672 } 5673 req, _ := c.ListAWSServiceAccessForOrganizationRequest(inCpy) 5674 req.SetContext(ctx) 5675 req.ApplyOptions(opts...) 5676 return req, nil 5677 }, 5678 } 5679 5680 cont := true 5681 for p.Next() && cont { 5682 cont = fn(p.Page().(*ListAWSServiceAccessForOrganizationOutput), !p.HasNextPage()) 5683 } 5684 return p.Err() 5685} 5686 5687const opListAccounts = "ListAccounts" 5688 5689// ListAccountsRequest generates a "aws/request.Request" representing the 5690// client's request for the ListAccounts operation. The "output" return 5691// value will be populated with the request's response once the request complets 5692// successfuly. 5693// 5694// Use "Send" method on the returned Request to send the API call to the service. 5695// the "output" return value is not valid until after Send returns without error. 5696// 5697// See ListAccounts for more information on using the ListAccounts 5698// API call, and error handling. 5699// 5700// This method is useful when you want to inject custom logic or configuration 5701// into the SDK's request lifecycle. Such as custom headers, or retry logic. 5702// 5703// 5704// // Example sending a request using the ListAccountsRequest method. 5705// req, resp := client.ListAccountsRequest(params) 5706// 5707// err := req.Send() 5708// if err == nil { // resp is now filled 5709// fmt.Println(resp) 5710// } 5711// 5712// See also, https://docs.aws.amazon.com/goto/WebAPI/organizations-2016-11-28/ListAccounts 5713func (c *Organizations) ListAccountsRequest(input *ListAccountsInput) (req *request.Request, output *ListAccountsOutput) { 5714 op := &request.Operation{ 5715 Name: opListAccounts, 5716 HTTPMethod: "POST", 5717 HTTPPath: "/", 5718 Paginator: &request.Paginator{ 5719 InputTokens: []string{"NextToken"}, 5720 OutputTokens: []string{"NextToken"}, 5721 LimitToken: "MaxResults", 5722 TruncationToken: "", 5723 }, 5724 } 5725 5726 if input == nil { 5727 input = &ListAccountsInput{} 5728 } 5729 5730 output = &ListAccountsOutput{} 5731 req = c.newRequest(op, input, output) 5732 return 5733} 5734 5735// ListAccounts API operation for AWS Organizations. 5736// 5737// Lists all the accounts in the organization. To request only the accounts 5738// in a root or OU, use the ListAccountsForParent operation instead. 5739// 5740// This operation can be called only from the organization's master account. 5741// 5742// Returns awserr.Error for service API and SDK errors. Use runtime type assertions 5743// with awserr.Error's Code and Message methods to get detailed information about 5744// the error. 5745// 5746// See the AWS API reference guide for AWS Organizations's 5747// API operation ListAccounts for usage and error information. 5748// 5749// Returned Error Codes: 5750// * ErrCodeAccessDeniedException "AccessDeniedException" 5751// You don't have permissions to perform the requested operation. The user or 5752// role that is making the request must have at least one IAM permissions policy 5753// attached that grants the required permissions. For more information, see 5754// Access Management (http://docs.aws.amazon.com/IAM/latest/UserGuide/access.html) 5755// in the IAM User Guide. 5756// 5757// * ErrCodeAWSOrganizationsNotInUseException "AWSOrganizationsNotInUseException" 5758// Your account is not a member of an organization. To make this request, you 5759// must use the credentials of an account that belongs to an organization. 5760// 5761// * ErrCodeInvalidInputException "InvalidInputException" 5762// The requested operation failed because you provided invalid values for one 5763// or more of the request parameters. This exception includes a reason that 5764// contains additional information about the violated limit: 5765// 5766// Some of the reasons in the following list might not be applicable to this 5767// specific API or operation: 5768// 5769// * INVALID_PARTY_TYPE_TARGET: You specified the wrong type of entity (account, 5770// organization, or email) as a party. 5771// 5772// * INVALID_SYNTAX_ORGANIZATION_ARN: You specified an invalid ARN for the 5773// organization. 5774// 5775// * INVALID_SYNTAX_POLICY_ID: You specified an invalid policy ID. 5776// 5777// * INVALID_ENUM: You specified a value that is not valid for that parameter. 5778// 5779// * INVALID_FULL_NAME_TARGET: You specified a full name that contains invalid 5780// characters. 5781// 5782// * INVALID_LIST_MEMBER: You provided a list to a parameter that contains 5783// at least one invalid value. 5784// 5785// * MAX_LENGTH_EXCEEDED: You provided a string parameter that is longer 5786// than allowed. 5787// 5788// * MAX_VALUE_EXCEEDED: You provided a numeric parameter that has a larger 5789// value than allowed. 5790// 5791// * MIN_LENGTH_EXCEEDED: You provided a string parameter that is shorter 5792// than allowed. 5793// 5794// * MIN_VALUE_EXCEEDED: You provided a numeric parameter that has a smaller 5795// value than allowed. 5796// 5797// * IMMUTABLE_POLICY: You specified a policy that is managed by AWS and 5798// cannot be modified. 5799// 5800// * INVALID_PATTERN: You provided a value that doesn't match the required 5801// pattern. 5802// 5803// * INVALID_PATTERN_TARGET_ID: You specified a policy target ID that doesn't 5804// match the required pattern. 5805// 5806// * INPUT_REQUIRED: You must include a value for all required parameters. 5807// 5808// * INVALID_PAGINATION_TOKEN: Get the value for the NextToken parameter 5809// from the response to a previous call of the operation. 5810// 5811// * MAX_FILTER_LIMIT_EXCEEDED: You can specify only one filter parameter 5812// for the operation. 5813// 5814// * MOVING_ACCOUNT_BETWEEN_DIFFERENT_ROOTS: You can move an account only 5815// between entities in the same root. 5816// 5817// * ErrCodeServiceException "ServiceException" 5818// AWS Organizations can't complete your request because of an internal service 5819// error. Try again later. 5820// 5821// * ErrCodeTooManyRequestsException "TooManyRequestsException" 5822// You've sent too many requests in too short a period of time. The limit helps 5823// protect against denial-of-service attacks. Try again later. 5824// 5825// See also, https://docs.aws.amazon.com/goto/WebAPI/organizations-2016-11-28/ListAccounts 5826func (c *Organizations) ListAccounts(input *ListAccountsInput) (*ListAccountsOutput, error) { 5827 req, out := c.ListAccountsRequest(input) 5828 return out, req.Send() 5829} 5830 5831// ListAccountsWithContext is the same as ListAccounts with the addition of 5832// the ability to pass a context and additional request options. 5833// 5834// See ListAccounts for details on how to use this API operation. 5835// 5836// The context must be non-nil and will be used for request cancellation. If 5837// the context is nil a panic will occur. In the future the SDK may create 5838// sub-contexts for http.Requests. See https://golang.org/pkg/context/ 5839// for more information on using Contexts. 5840func (c *Organizations) ListAccountsWithContext(ctx aws.Context, input *ListAccountsInput, opts ...request.Option) (*ListAccountsOutput, error) { 5841 req, out := c.ListAccountsRequest(input) 5842 req.SetContext(ctx) 5843 req.ApplyOptions(opts...) 5844 return out, req.Send() 5845} 5846 5847// ListAccountsPages iterates over the pages of a ListAccounts operation, 5848// calling the "fn" function with the response data for each page. To stop 5849// iterating, return false from the fn function. 5850// 5851// See ListAccounts method for more information on how to use this operation. 5852// 5853// Note: This operation can generate multiple requests to a service. 5854// 5855// // Example iterating over at most 3 pages of a ListAccounts operation. 5856// pageNum := 0 5857// err := client.ListAccountsPages(params, 5858// func(page *ListAccountsOutput, lastPage bool) bool { 5859// pageNum++ 5860// fmt.Println(page) 5861// return pageNum <= 3 5862// }) 5863// 5864func (c *Organizations) ListAccountsPages(input *ListAccountsInput, fn func(*ListAccountsOutput, bool) bool) error { 5865 return c.ListAccountsPagesWithContext(aws.BackgroundContext(), input, fn) 5866} 5867 5868// ListAccountsPagesWithContext same as ListAccountsPages except 5869// it takes a Context and allows setting request options on the pages. 5870// 5871// The context must be non-nil and will be used for request cancellation. If 5872// the context is nil a panic will occur. In the future the SDK may create 5873// sub-contexts for http.Requests. See https://golang.org/pkg/context/ 5874// for more information on using Contexts. 5875func (c *Organizations) ListAccountsPagesWithContext(ctx aws.Context, input *ListAccountsInput, fn func(*ListAccountsOutput, bool) bool, opts ...request.Option) error { 5876 p := request.Pagination{ 5877 NewRequest: func() (*request.Request, error) { 5878 var inCpy *ListAccountsInput 5879 if input != nil { 5880 tmp := *input 5881 inCpy = &tmp 5882 } 5883 req, _ := c.ListAccountsRequest(inCpy) 5884 req.SetContext(ctx) 5885 req.ApplyOptions(opts...) 5886 return req, nil 5887 }, 5888 } 5889 5890 cont := true 5891 for p.Next() && cont { 5892 cont = fn(p.Page().(*ListAccountsOutput), !p.HasNextPage()) 5893 } 5894 return p.Err() 5895} 5896 5897const opListAccountsForParent = "ListAccountsForParent" 5898 5899// ListAccountsForParentRequest generates a "aws/request.Request" representing the 5900// client's request for the ListAccountsForParent operation. The "output" return 5901// value will be populated with the request's response once the request complets 5902// successfuly. 5903// 5904// Use "Send" method on the returned Request to send the API call to the service. 5905// the "output" return value is not valid until after Send returns without error. 5906// 5907// See ListAccountsForParent for more information on using the ListAccountsForParent 5908// API call, and error handling. 5909// 5910// This method is useful when you want to inject custom logic or configuration 5911// into the SDK's request lifecycle. Such as custom headers, or retry logic. 5912// 5913// 5914// // Example sending a request using the ListAccountsForParentRequest method. 5915// req, resp := client.ListAccountsForParentRequest(params) 5916// 5917// err := req.Send() 5918// if err == nil { // resp is now filled 5919// fmt.Println(resp) 5920// } 5921// 5922// See also, https://docs.aws.amazon.com/goto/WebAPI/organizations-2016-11-28/ListAccountsForParent 5923func (c *Organizations) ListAccountsForParentRequest(input *ListAccountsForParentInput) (req *request.Request, output *ListAccountsForParentOutput) { 5924 op := &request.Operation{ 5925 Name: opListAccountsForParent, 5926 HTTPMethod: "POST", 5927 HTTPPath: "/", 5928 Paginator: &request.Paginator{ 5929 InputTokens: []string{"NextToken"}, 5930 OutputTokens: []string{"NextToken"}, 5931 LimitToken: "MaxResults", 5932 TruncationToken: "", 5933 }, 5934 } 5935 5936 if input == nil { 5937 input = &ListAccountsForParentInput{} 5938 } 5939 5940 output = &ListAccountsForParentOutput{} 5941 req = c.newRequest(op, input, output) 5942 return 5943} 5944 5945// ListAccountsForParent API operation for AWS Organizations. 5946// 5947// Lists the accounts in an organization that are contained by the specified 5948// target root or organizational unit (OU). If you specify the root, you get 5949// a list of all the accounts that are not in any OU. If you specify an OU, 5950// you get a list of all the accounts in only that OU, and not in any child 5951// OUs. To get a list of all accounts in the organization, use the ListAccounts 5952// operation. 5953// 5954// This operation can be called only from the organization's master account. 5955// 5956// Returns awserr.Error for service API and SDK errors. Use runtime type assertions 5957// with awserr.Error's Code and Message methods to get detailed information about 5958// the error. 5959// 5960// See the AWS API reference guide for AWS Organizations's 5961// API operation ListAccountsForParent for usage and error information. 5962// 5963// Returned Error Codes: 5964// * ErrCodeAccessDeniedException "AccessDeniedException" 5965// You don't have permissions to perform the requested operation. The user or 5966// role that is making the request must have at least one IAM permissions policy 5967// attached that grants the required permissions. For more information, see 5968// Access Management (http://docs.aws.amazon.com/IAM/latest/UserGuide/access.html) 5969// in the IAM User Guide. 5970// 5971// * ErrCodeAWSOrganizationsNotInUseException "AWSOrganizationsNotInUseException" 5972// Your account is not a member of an organization. To make this request, you 5973// must use the credentials of an account that belongs to an organization. 5974// 5975// * ErrCodeInvalidInputException "InvalidInputException" 5976// The requested operation failed because you provided invalid values for one 5977// or more of the request parameters. This exception includes a reason that 5978// contains additional information about the violated limit: 5979// 5980// Some of the reasons in the following list might not be applicable to this 5981// specific API or operation: 5982// 5983// * INVALID_PARTY_TYPE_TARGET: You specified the wrong type of entity (account, 5984// organization, or email) as a party. 5985// 5986// * INVALID_SYNTAX_ORGANIZATION_ARN: You specified an invalid ARN for the 5987// organization. 5988// 5989// * INVALID_SYNTAX_POLICY_ID: You specified an invalid policy ID. 5990// 5991// * INVALID_ENUM: You specified a value that is not valid for that parameter. 5992// 5993// * INVALID_FULL_NAME_TARGET: You specified a full name that contains invalid 5994// characters. 5995// 5996// * INVALID_LIST_MEMBER: You provided a list to a parameter that contains 5997// at least one invalid value. 5998// 5999// * MAX_LENGTH_EXCEEDED: You provided a string parameter that is longer 6000// than allowed. 6001// 6002// * MAX_VALUE_EXCEEDED: You provided a numeric parameter that has a larger 6003// value than allowed. 6004// 6005// * MIN_LENGTH_EXCEEDED: You provided a string parameter that is shorter 6006// than allowed. 6007// 6008// * MIN_VALUE_EXCEEDED: You provided a numeric parameter that has a smaller 6009// value than allowed. 6010// 6011// * IMMUTABLE_POLICY: You specified a policy that is managed by AWS and 6012// cannot be modified. 6013// 6014// * INVALID_PATTERN: You provided a value that doesn't match the required 6015// pattern. 6016// 6017// * INVALID_PATTERN_TARGET_ID: You specified a policy target ID that doesn't 6018// match the required pattern. 6019// 6020// * INPUT_REQUIRED: You must include a value for all required parameters. 6021// 6022// * INVALID_PAGINATION_TOKEN: Get the value for the NextToken parameter 6023// from the response to a previous call of the operation. 6024// 6025// * MAX_FILTER_LIMIT_EXCEEDED: You can specify only one filter parameter 6026// for the operation. 6027// 6028// * MOVING_ACCOUNT_BETWEEN_DIFFERENT_ROOTS: You can move an account only 6029// between entities in the same root. 6030// 6031// * ErrCodeParentNotFoundException "ParentNotFoundException" 6032// We can't find a root or organizational unit (OU) with the ParentId that you 6033// specified. 6034// 6035// * ErrCodeServiceException "ServiceException" 6036// AWS Organizations can't complete your request because of an internal service 6037// error. Try again later. 6038// 6039// * ErrCodeTooManyRequestsException "TooManyRequestsException" 6040// You've sent too many requests in too short a period of time. The limit helps 6041// protect against denial-of-service attacks. Try again later. 6042// 6043// See also, https://docs.aws.amazon.com/goto/WebAPI/organizations-2016-11-28/ListAccountsForParent 6044func (c *Organizations) ListAccountsForParent(input *ListAccountsForParentInput) (*ListAccountsForParentOutput, error) { 6045 req, out := c.ListAccountsForParentRequest(input) 6046 return out, req.Send() 6047} 6048 6049// ListAccountsForParentWithContext is the same as ListAccountsForParent with the addition of 6050// the ability to pass a context and additional request options. 6051// 6052// See ListAccountsForParent for details on how to use this API operation. 6053// 6054// The context must be non-nil and will be used for request cancellation. If 6055// the context is nil a panic will occur. In the future the SDK may create 6056// sub-contexts for http.Requests. See https://golang.org/pkg/context/ 6057// for more information on using Contexts. 6058func (c *Organizations) ListAccountsForParentWithContext(ctx aws.Context, input *ListAccountsForParentInput, opts ...request.Option) (*ListAccountsForParentOutput, error) { 6059 req, out := c.ListAccountsForParentRequest(input) 6060 req.SetContext(ctx) 6061 req.ApplyOptions(opts...) 6062 return out, req.Send() 6063} 6064 6065// ListAccountsForParentPages iterates over the pages of a ListAccountsForParent operation, 6066// calling the "fn" function with the response data for each page. To stop 6067// iterating, return false from the fn function. 6068// 6069// See ListAccountsForParent method for more information on how to use this operation. 6070// 6071// Note: This operation can generate multiple requests to a service. 6072// 6073// // Example iterating over at most 3 pages of a ListAccountsForParent operation. 6074// pageNum := 0 6075// err := client.ListAccountsForParentPages(params, 6076// func(page *ListAccountsForParentOutput, lastPage bool) bool { 6077// pageNum++ 6078// fmt.Println(page) 6079// return pageNum <= 3 6080// }) 6081// 6082func (c *Organizations) ListAccountsForParentPages(input *ListAccountsForParentInput, fn func(*ListAccountsForParentOutput, bool) bool) error { 6083 return c.ListAccountsForParentPagesWithContext(aws.BackgroundContext(), input, fn) 6084} 6085 6086// ListAccountsForParentPagesWithContext same as ListAccountsForParentPages except 6087// it takes a Context and allows setting request options on the pages. 6088// 6089// The context must be non-nil and will be used for request cancellation. If 6090// the context is nil a panic will occur. In the future the SDK may create 6091// sub-contexts for http.Requests. See https://golang.org/pkg/context/ 6092// for more information on using Contexts. 6093func (c *Organizations) ListAccountsForParentPagesWithContext(ctx aws.Context, input *ListAccountsForParentInput, fn func(*ListAccountsForParentOutput, bool) bool, opts ...request.Option) error { 6094 p := request.Pagination{ 6095 NewRequest: func() (*request.Request, error) { 6096 var inCpy *ListAccountsForParentInput 6097 if input != nil { 6098 tmp := *input 6099 inCpy = &tmp 6100 } 6101 req, _ := c.ListAccountsForParentRequest(inCpy) 6102 req.SetContext(ctx) 6103 req.ApplyOptions(opts...) 6104 return req, nil 6105 }, 6106 } 6107 6108 cont := true 6109 for p.Next() && cont { 6110 cont = fn(p.Page().(*ListAccountsForParentOutput), !p.HasNextPage()) 6111 } 6112 return p.Err() 6113} 6114 6115const opListChildren = "ListChildren" 6116 6117// ListChildrenRequest generates a "aws/request.Request" representing the 6118// client's request for the ListChildren operation. The "output" return 6119// value will be populated with the request's response once the request complets 6120// successfuly. 6121// 6122// Use "Send" method on the returned Request to send the API call to the service. 6123// the "output" return value is not valid until after Send returns without error. 6124// 6125// See ListChildren for more information on using the ListChildren 6126// API call, and error handling. 6127// 6128// This method is useful when you want to inject custom logic or configuration 6129// into the SDK's request lifecycle. Such as custom headers, or retry logic. 6130// 6131// 6132// // Example sending a request using the ListChildrenRequest method. 6133// req, resp := client.ListChildrenRequest(params) 6134// 6135// err := req.Send() 6136// if err == nil { // resp is now filled 6137// fmt.Println(resp) 6138// } 6139// 6140// See also, https://docs.aws.amazon.com/goto/WebAPI/organizations-2016-11-28/ListChildren 6141func (c *Organizations) ListChildrenRequest(input *ListChildrenInput) (req *request.Request, output *ListChildrenOutput) { 6142 op := &request.Operation{ 6143 Name: opListChildren, 6144 HTTPMethod: "POST", 6145 HTTPPath: "/", 6146 Paginator: &request.Paginator{ 6147 InputTokens: []string{"NextToken"}, 6148 OutputTokens: []string{"NextToken"}, 6149 LimitToken: "MaxResults", 6150 TruncationToken: "", 6151 }, 6152 } 6153 6154 if input == nil { 6155 input = &ListChildrenInput{} 6156 } 6157 6158 output = &ListChildrenOutput{} 6159 req = c.newRequest(op, input, output) 6160 return 6161} 6162 6163// ListChildren API operation for AWS Organizations. 6164// 6165// Lists all of the OUs or accounts that are contained in the specified parent 6166// OU or root. This operation, along with ListParents enables you to traverse 6167// the tree structure that makes up this root. 6168// 6169// This operation can be called only from the organization's master account. 6170// 6171// Returns awserr.Error for service API and SDK errors. Use runtime type assertions 6172// with awserr.Error's Code and Message methods to get detailed information about 6173// the error. 6174// 6175// See the AWS API reference guide for AWS Organizations's 6176// API operation ListChildren for usage and error information. 6177// 6178// Returned Error Codes: 6179// * ErrCodeAccessDeniedException "AccessDeniedException" 6180// You don't have permissions to perform the requested operation. The user or 6181// role that is making the request must have at least one IAM permissions policy 6182// attached that grants the required permissions. For more information, see 6183// Access Management (http://docs.aws.amazon.com/IAM/latest/UserGuide/access.html) 6184// in the IAM User Guide. 6185// 6186// * ErrCodeAWSOrganizationsNotInUseException "AWSOrganizationsNotInUseException" 6187// Your account is not a member of an organization. To make this request, you 6188// must use the credentials of an account that belongs to an organization. 6189// 6190// * ErrCodeInvalidInputException "InvalidInputException" 6191// The requested operation failed because you provided invalid values for one 6192// or more of the request parameters. This exception includes a reason that 6193// contains additional information about the violated limit: 6194// 6195// Some of the reasons in the following list might not be applicable to this 6196// specific API or operation: 6197// 6198// * INVALID_PARTY_TYPE_TARGET: You specified the wrong type of entity (account, 6199// organization, or email) as a party. 6200// 6201// * INVALID_SYNTAX_ORGANIZATION_ARN: You specified an invalid ARN for the 6202// organization. 6203// 6204// * INVALID_SYNTAX_POLICY_ID: You specified an invalid policy ID. 6205// 6206// * INVALID_ENUM: You specified a value that is not valid for that parameter. 6207// 6208// * INVALID_FULL_NAME_TARGET: You specified a full name that contains invalid 6209// characters. 6210// 6211// * INVALID_LIST_MEMBER: You provided a list to a parameter that contains 6212// at least one invalid value. 6213// 6214// * MAX_LENGTH_EXCEEDED: You provided a string parameter that is longer 6215// than allowed. 6216// 6217// * MAX_VALUE_EXCEEDED: You provided a numeric parameter that has a larger 6218// value than allowed. 6219// 6220// * MIN_LENGTH_EXCEEDED: You provided a string parameter that is shorter 6221// than allowed. 6222// 6223// * MIN_VALUE_EXCEEDED: You provided a numeric parameter that has a smaller 6224// value than allowed. 6225// 6226// * IMMUTABLE_POLICY: You specified a policy that is managed by AWS and 6227// cannot be modified. 6228// 6229// * INVALID_PATTERN: You provided a value that doesn't match the required 6230// pattern. 6231// 6232// * INVALID_PATTERN_TARGET_ID: You specified a policy target ID that doesn't 6233// match the required pattern. 6234// 6235// * INPUT_REQUIRED: You must include a value for all required parameters. 6236// 6237// * INVALID_PAGINATION_TOKEN: Get the value for the NextToken parameter 6238// from the response to a previous call of the operation. 6239// 6240// * MAX_FILTER_LIMIT_EXCEEDED: You can specify only one filter parameter 6241// for the operation. 6242// 6243// * MOVING_ACCOUNT_BETWEEN_DIFFERENT_ROOTS: You can move an account only 6244// between entities in the same root. 6245// 6246// * ErrCodeParentNotFoundException "ParentNotFoundException" 6247// We can't find a root or organizational unit (OU) with the ParentId that you 6248// specified. 6249// 6250// * ErrCodeServiceException "ServiceException" 6251// AWS Organizations can't complete your request because of an internal service 6252// error. Try again later. 6253// 6254// * ErrCodeTooManyRequestsException "TooManyRequestsException" 6255// You've sent too many requests in too short a period of time. The limit helps 6256// protect against denial-of-service attacks. Try again later. 6257// 6258// See also, https://docs.aws.amazon.com/goto/WebAPI/organizations-2016-11-28/ListChildren 6259func (c *Organizations) ListChildren(input *ListChildrenInput) (*ListChildrenOutput, error) { 6260 req, out := c.ListChildrenRequest(input) 6261 return out, req.Send() 6262} 6263 6264// ListChildrenWithContext is the same as ListChildren with the addition of 6265// the ability to pass a context and additional request options. 6266// 6267// See ListChildren for details on how to use this API operation. 6268// 6269// The context must be non-nil and will be used for request cancellation. If 6270// the context is nil a panic will occur. In the future the SDK may create 6271// sub-contexts for http.Requests. See https://golang.org/pkg/context/ 6272// for more information on using Contexts. 6273func (c *Organizations) ListChildrenWithContext(ctx aws.Context, input *ListChildrenInput, opts ...request.Option) (*ListChildrenOutput, error) { 6274 req, out := c.ListChildrenRequest(input) 6275 req.SetContext(ctx) 6276 req.ApplyOptions(opts...) 6277 return out, req.Send() 6278} 6279 6280// ListChildrenPages iterates over the pages of a ListChildren operation, 6281// calling the "fn" function with the response data for each page. To stop 6282// iterating, return false from the fn function. 6283// 6284// See ListChildren method for more information on how to use this operation. 6285// 6286// Note: This operation can generate multiple requests to a service. 6287// 6288// // Example iterating over at most 3 pages of a ListChildren operation. 6289// pageNum := 0 6290// err := client.ListChildrenPages(params, 6291// func(page *ListChildrenOutput, lastPage bool) bool { 6292// pageNum++ 6293// fmt.Println(page) 6294// return pageNum <= 3 6295// }) 6296// 6297func (c *Organizations) ListChildrenPages(input *ListChildrenInput, fn func(*ListChildrenOutput, bool) bool) error { 6298 return c.ListChildrenPagesWithContext(aws.BackgroundContext(), input, fn) 6299} 6300 6301// ListChildrenPagesWithContext same as ListChildrenPages except 6302// it takes a Context and allows setting request options on the pages. 6303// 6304// The context must be non-nil and will be used for request cancellation. If 6305// the context is nil a panic will occur. In the future the SDK may create 6306// sub-contexts for http.Requests. See https://golang.org/pkg/context/ 6307// for more information on using Contexts. 6308func (c *Organizations) ListChildrenPagesWithContext(ctx aws.Context, input *ListChildrenInput, fn func(*ListChildrenOutput, bool) bool, opts ...request.Option) error { 6309 p := request.Pagination{ 6310 NewRequest: func() (*request.Request, error) { 6311 var inCpy *ListChildrenInput 6312 if input != nil { 6313 tmp := *input 6314 inCpy = &tmp 6315 } 6316 req, _ := c.ListChildrenRequest(inCpy) 6317 req.SetContext(ctx) 6318 req.ApplyOptions(opts...) 6319 return req, nil 6320 }, 6321 } 6322 6323 cont := true 6324 for p.Next() && cont { 6325 cont = fn(p.Page().(*ListChildrenOutput), !p.HasNextPage()) 6326 } 6327 return p.Err() 6328} 6329 6330const opListCreateAccountStatus = "ListCreateAccountStatus" 6331 6332// ListCreateAccountStatusRequest generates a "aws/request.Request" representing the 6333// client's request for the ListCreateAccountStatus operation. The "output" return 6334// value will be populated with the request's response once the request complets 6335// successfuly. 6336// 6337// Use "Send" method on the returned Request to send the API call to the service. 6338// the "output" return value is not valid until after Send returns without error. 6339// 6340// See ListCreateAccountStatus for more information on using the ListCreateAccountStatus 6341// API call, and error handling. 6342// 6343// This method is useful when you want to inject custom logic or configuration 6344// into the SDK's request lifecycle. Such as custom headers, or retry logic. 6345// 6346// 6347// // Example sending a request using the ListCreateAccountStatusRequest method. 6348// req, resp := client.ListCreateAccountStatusRequest(params) 6349// 6350// err := req.Send() 6351// if err == nil { // resp is now filled 6352// fmt.Println(resp) 6353// } 6354// 6355// See also, https://docs.aws.amazon.com/goto/WebAPI/organizations-2016-11-28/ListCreateAccountStatus 6356func (c *Organizations) ListCreateAccountStatusRequest(input *ListCreateAccountStatusInput) (req *request.Request, output *ListCreateAccountStatusOutput) { 6357 op := &request.Operation{ 6358 Name: opListCreateAccountStatus, 6359 HTTPMethod: "POST", 6360 HTTPPath: "/", 6361 Paginator: &request.Paginator{ 6362 InputTokens: []string{"NextToken"}, 6363 OutputTokens: []string{"NextToken"}, 6364 LimitToken: "MaxResults", 6365 TruncationToken: "", 6366 }, 6367 } 6368 6369 if input == nil { 6370 input = &ListCreateAccountStatusInput{} 6371 } 6372 6373 output = &ListCreateAccountStatusOutput{} 6374 req = c.newRequest(op, input, output) 6375 return 6376} 6377 6378// ListCreateAccountStatus API operation for AWS Organizations. 6379// 6380// Lists the account creation requests that match the specified status that 6381// is currently being tracked for the organization. 6382// 6383// This operation can be called only from the organization's master account. 6384// 6385// Returns awserr.Error for service API and SDK errors. Use runtime type assertions 6386// with awserr.Error's Code and Message methods to get detailed information about 6387// the error. 6388// 6389// See the AWS API reference guide for AWS Organizations's 6390// API operation ListCreateAccountStatus for usage and error information. 6391// 6392// Returned Error Codes: 6393// * ErrCodeAccessDeniedException "AccessDeniedException" 6394// You don't have permissions to perform the requested operation. The user or 6395// role that is making the request must have at least one IAM permissions policy 6396// attached that grants the required permissions. For more information, see 6397// Access Management (http://docs.aws.amazon.com/IAM/latest/UserGuide/access.html) 6398// in the IAM User Guide. 6399// 6400// * ErrCodeAWSOrganizationsNotInUseException "AWSOrganizationsNotInUseException" 6401// Your account is not a member of an organization. To make this request, you 6402// must use the credentials of an account that belongs to an organization. 6403// 6404// * ErrCodeInvalidInputException "InvalidInputException" 6405// The requested operation failed because you provided invalid values for one 6406// or more of the request parameters. This exception includes a reason that 6407// contains additional information about the violated limit: 6408// 6409// Some of the reasons in the following list might not be applicable to this 6410// specific API or operation: 6411// 6412// * INVALID_PARTY_TYPE_TARGET: You specified the wrong type of entity (account, 6413// organization, or email) as a party. 6414// 6415// * INVALID_SYNTAX_ORGANIZATION_ARN: You specified an invalid ARN for the 6416// organization. 6417// 6418// * INVALID_SYNTAX_POLICY_ID: You specified an invalid policy ID. 6419// 6420// * INVALID_ENUM: You specified a value that is not valid for that parameter. 6421// 6422// * INVALID_FULL_NAME_TARGET: You specified a full name that contains invalid 6423// characters. 6424// 6425// * INVALID_LIST_MEMBER: You provided a list to a parameter that contains 6426// at least one invalid value. 6427// 6428// * MAX_LENGTH_EXCEEDED: You provided a string parameter that is longer 6429// than allowed. 6430// 6431// * MAX_VALUE_EXCEEDED: You provided a numeric parameter that has a larger 6432// value than allowed. 6433// 6434// * MIN_LENGTH_EXCEEDED: You provided a string parameter that is shorter 6435// than allowed. 6436// 6437// * MIN_VALUE_EXCEEDED: You provided a numeric parameter that has a smaller 6438// value than allowed. 6439// 6440// * IMMUTABLE_POLICY: You specified a policy that is managed by AWS and 6441// cannot be modified. 6442// 6443// * INVALID_PATTERN: You provided a value that doesn't match the required 6444// pattern. 6445// 6446// * INVALID_PATTERN_TARGET_ID: You specified a policy target ID that doesn't 6447// match the required pattern. 6448// 6449// * INPUT_REQUIRED: You must include a value for all required parameters. 6450// 6451// * INVALID_PAGINATION_TOKEN: Get the value for the NextToken parameter 6452// from the response to a previous call of the operation. 6453// 6454// * MAX_FILTER_LIMIT_EXCEEDED: You can specify only one filter parameter 6455// for the operation. 6456// 6457// * MOVING_ACCOUNT_BETWEEN_DIFFERENT_ROOTS: You can move an account only 6458// between entities in the same root. 6459// 6460// * ErrCodeServiceException "ServiceException" 6461// AWS Organizations can't complete your request because of an internal service 6462// error. Try again later. 6463// 6464// * ErrCodeTooManyRequestsException "TooManyRequestsException" 6465// You've sent too many requests in too short a period of time. The limit helps 6466// protect against denial-of-service attacks. Try again later. 6467// 6468// See also, https://docs.aws.amazon.com/goto/WebAPI/organizations-2016-11-28/ListCreateAccountStatus 6469func (c *Organizations) ListCreateAccountStatus(input *ListCreateAccountStatusInput) (*ListCreateAccountStatusOutput, error) { 6470 req, out := c.ListCreateAccountStatusRequest(input) 6471 return out, req.Send() 6472} 6473 6474// ListCreateAccountStatusWithContext is the same as ListCreateAccountStatus with the addition of 6475// the ability to pass a context and additional request options. 6476// 6477// See ListCreateAccountStatus for details on how to use this API operation. 6478// 6479// The context must be non-nil and will be used for request cancellation. If 6480// the context is nil a panic will occur. In the future the SDK may create 6481// sub-contexts for http.Requests. See https://golang.org/pkg/context/ 6482// for more information on using Contexts. 6483func (c *Organizations) ListCreateAccountStatusWithContext(ctx aws.Context, input *ListCreateAccountStatusInput, opts ...request.Option) (*ListCreateAccountStatusOutput, error) { 6484 req, out := c.ListCreateAccountStatusRequest(input) 6485 req.SetContext(ctx) 6486 req.ApplyOptions(opts...) 6487 return out, req.Send() 6488} 6489 6490// ListCreateAccountStatusPages iterates over the pages of a ListCreateAccountStatus operation, 6491// calling the "fn" function with the response data for each page. To stop 6492// iterating, return false from the fn function. 6493// 6494// See ListCreateAccountStatus method for more information on how to use this operation. 6495// 6496// Note: This operation can generate multiple requests to a service. 6497// 6498// // Example iterating over at most 3 pages of a ListCreateAccountStatus operation. 6499// pageNum := 0 6500// err := client.ListCreateAccountStatusPages(params, 6501// func(page *ListCreateAccountStatusOutput, lastPage bool) bool { 6502// pageNum++ 6503// fmt.Println(page) 6504// return pageNum <= 3 6505// }) 6506// 6507func (c *Organizations) ListCreateAccountStatusPages(input *ListCreateAccountStatusInput, fn func(*ListCreateAccountStatusOutput, bool) bool) error { 6508 return c.ListCreateAccountStatusPagesWithContext(aws.BackgroundContext(), input, fn) 6509} 6510 6511// ListCreateAccountStatusPagesWithContext same as ListCreateAccountStatusPages except 6512// it takes a Context and allows setting request options on the pages. 6513// 6514// The context must be non-nil and will be used for request cancellation. If 6515// the context is nil a panic will occur. In the future the SDK may create 6516// sub-contexts for http.Requests. See https://golang.org/pkg/context/ 6517// for more information on using Contexts. 6518func (c *Organizations) ListCreateAccountStatusPagesWithContext(ctx aws.Context, input *ListCreateAccountStatusInput, fn func(*ListCreateAccountStatusOutput, bool) bool, opts ...request.Option) error { 6519 p := request.Pagination{ 6520 NewRequest: func() (*request.Request, error) { 6521 var inCpy *ListCreateAccountStatusInput 6522 if input != nil { 6523 tmp := *input 6524 inCpy = &tmp 6525 } 6526 req, _ := c.ListCreateAccountStatusRequest(inCpy) 6527 req.SetContext(ctx) 6528 req.ApplyOptions(opts...) 6529 return req, nil 6530 }, 6531 } 6532 6533 cont := true 6534 for p.Next() && cont { 6535 cont = fn(p.Page().(*ListCreateAccountStatusOutput), !p.HasNextPage()) 6536 } 6537 return p.Err() 6538} 6539 6540const opListHandshakesForAccount = "ListHandshakesForAccount" 6541 6542// ListHandshakesForAccountRequest generates a "aws/request.Request" representing the 6543// client's request for the ListHandshakesForAccount operation. The "output" return 6544// value will be populated with the request's response once the request complets 6545// successfuly. 6546// 6547// Use "Send" method on the returned Request to send the API call to the service. 6548// the "output" return value is not valid until after Send returns without error. 6549// 6550// See ListHandshakesForAccount for more information on using the ListHandshakesForAccount 6551// API call, and error handling. 6552// 6553// This method is useful when you want to inject custom logic or configuration 6554// into the SDK's request lifecycle. Such as custom headers, or retry logic. 6555// 6556// 6557// // Example sending a request using the ListHandshakesForAccountRequest method. 6558// req, resp := client.ListHandshakesForAccountRequest(params) 6559// 6560// err := req.Send() 6561// if err == nil { // resp is now filled 6562// fmt.Println(resp) 6563// } 6564// 6565// See also, https://docs.aws.amazon.com/goto/WebAPI/organizations-2016-11-28/ListHandshakesForAccount 6566func (c *Organizations) ListHandshakesForAccountRequest(input *ListHandshakesForAccountInput) (req *request.Request, output *ListHandshakesForAccountOutput) { 6567 op := &request.Operation{ 6568 Name: opListHandshakesForAccount, 6569 HTTPMethod: "POST", 6570 HTTPPath: "/", 6571 Paginator: &request.Paginator{ 6572 InputTokens: []string{"NextToken"}, 6573 OutputTokens: []string{"NextToken"}, 6574 LimitToken: "MaxResults", 6575 TruncationToken: "", 6576 }, 6577 } 6578 6579 if input == nil { 6580 input = &ListHandshakesForAccountInput{} 6581 } 6582 6583 output = &ListHandshakesForAccountOutput{} 6584 req = c.newRequest(op, input, output) 6585 return 6586} 6587 6588// ListHandshakesForAccount API operation for AWS Organizations. 6589// 6590// Lists the current handshakes that are associated with the account of the 6591// requesting user. 6592// 6593// Handshakes that are ACCEPTED, DECLINED, or CANCELED appear in the results 6594// of this API for only 30 days after changing to that state. After that they 6595// are deleted and no longer accessible. 6596// 6597// This operation can be called from any account in the organization. 6598// 6599// Returns awserr.Error for service API and SDK errors. Use runtime type assertions 6600// with awserr.Error's Code and Message methods to get detailed information about 6601// the error. 6602// 6603// See the AWS API reference guide for AWS Organizations's 6604// API operation ListHandshakesForAccount for usage and error information. 6605// 6606// Returned Error Codes: 6607// * ErrCodeAccessDeniedException "AccessDeniedException" 6608// You don't have permissions to perform the requested operation. The user or 6609// role that is making the request must have at least one IAM permissions policy 6610// attached that grants the required permissions. For more information, see 6611// Access Management (http://docs.aws.amazon.com/IAM/latest/UserGuide/access.html) 6612// in the IAM User Guide. 6613// 6614// * ErrCodeConcurrentModificationException "ConcurrentModificationException" 6615// The target of the operation is currently being modified by a different request. 6616// Try again later. 6617// 6618// * ErrCodeInvalidInputException "InvalidInputException" 6619// The requested operation failed because you provided invalid values for one 6620// or more of the request parameters. This exception includes a reason that 6621// contains additional information about the violated limit: 6622// 6623// Some of the reasons in the following list might not be applicable to this 6624// specific API or operation: 6625// 6626// * INVALID_PARTY_TYPE_TARGET: You specified the wrong type of entity (account, 6627// organization, or email) as a party. 6628// 6629// * INVALID_SYNTAX_ORGANIZATION_ARN: You specified an invalid ARN for the 6630// organization. 6631// 6632// * INVALID_SYNTAX_POLICY_ID: You specified an invalid policy ID. 6633// 6634// * INVALID_ENUM: You specified a value that is not valid for that parameter. 6635// 6636// * INVALID_FULL_NAME_TARGET: You specified a full name that contains invalid 6637// characters. 6638// 6639// * INVALID_LIST_MEMBER: You provided a list to a parameter that contains 6640// at least one invalid value. 6641// 6642// * MAX_LENGTH_EXCEEDED: You provided a string parameter that is longer 6643// than allowed. 6644// 6645// * MAX_VALUE_EXCEEDED: You provided a numeric parameter that has a larger 6646// value than allowed. 6647// 6648// * MIN_LENGTH_EXCEEDED: You provided a string parameter that is shorter 6649// than allowed. 6650// 6651// * MIN_VALUE_EXCEEDED: You provided a numeric parameter that has a smaller 6652// value than allowed. 6653// 6654// * IMMUTABLE_POLICY: You specified a policy that is managed by AWS and 6655// cannot be modified. 6656// 6657// * INVALID_PATTERN: You provided a value that doesn't match the required 6658// pattern. 6659// 6660// * INVALID_PATTERN_TARGET_ID: You specified a policy target ID that doesn't 6661// match the required pattern. 6662// 6663// * INPUT_REQUIRED: You must include a value for all required parameters. 6664// 6665// * INVALID_PAGINATION_TOKEN: Get the value for the NextToken parameter 6666// from the response to a previous call of the operation. 6667// 6668// * MAX_FILTER_LIMIT_EXCEEDED: You can specify only one filter parameter 6669// for the operation. 6670// 6671// * MOVING_ACCOUNT_BETWEEN_DIFFERENT_ROOTS: You can move an account only 6672// between entities in the same root. 6673// 6674// * ErrCodeServiceException "ServiceException" 6675// AWS Organizations can't complete your request because of an internal service 6676// error. Try again later. 6677// 6678// * ErrCodeTooManyRequestsException "TooManyRequestsException" 6679// You've sent too many requests in too short a period of time. The limit helps 6680// protect against denial-of-service attacks. Try again later. 6681// 6682// See also, https://docs.aws.amazon.com/goto/WebAPI/organizations-2016-11-28/ListHandshakesForAccount 6683func (c *Organizations) ListHandshakesForAccount(input *ListHandshakesForAccountInput) (*ListHandshakesForAccountOutput, error) { 6684 req, out := c.ListHandshakesForAccountRequest(input) 6685 return out, req.Send() 6686} 6687 6688// ListHandshakesForAccountWithContext is the same as ListHandshakesForAccount with the addition of 6689// the ability to pass a context and additional request options. 6690// 6691// See ListHandshakesForAccount for details on how to use this API operation. 6692// 6693// The context must be non-nil and will be used for request cancellation. If 6694// the context is nil a panic will occur. In the future the SDK may create 6695// sub-contexts for http.Requests. See https://golang.org/pkg/context/ 6696// for more information on using Contexts. 6697func (c *Organizations) ListHandshakesForAccountWithContext(ctx aws.Context, input *ListHandshakesForAccountInput, opts ...request.Option) (*ListHandshakesForAccountOutput, error) { 6698 req, out := c.ListHandshakesForAccountRequest(input) 6699 req.SetContext(ctx) 6700 req.ApplyOptions(opts...) 6701 return out, req.Send() 6702} 6703 6704// ListHandshakesForAccountPages iterates over the pages of a ListHandshakesForAccount operation, 6705// calling the "fn" function with the response data for each page. To stop 6706// iterating, return false from the fn function. 6707// 6708// See ListHandshakesForAccount method for more information on how to use this operation. 6709// 6710// Note: This operation can generate multiple requests to a service. 6711// 6712// // Example iterating over at most 3 pages of a ListHandshakesForAccount operation. 6713// pageNum := 0 6714// err := client.ListHandshakesForAccountPages(params, 6715// func(page *ListHandshakesForAccountOutput, lastPage bool) bool { 6716// pageNum++ 6717// fmt.Println(page) 6718// return pageNum <= 3 6719// }) 6720// 6721func (c *Organizations) ListHandshakesForAccountPages(input *ListHandshakesForAccountInput, fn func(*ListHandshakesForAccountOutput, bool) bool) error { 6722 return c.ListHandshakesForAccountPagesWithContext(aws.BackgroundContext(), input, fn) 6723} 6724 6725// ListHandshakesForAccountPagesWithContext same as ListHandshakesForAccountPages except 6726// it takes a Context and allows setting request options on the pages. 6727// 6728// The context must be non-nil and will be used for request cancellation. If 6729// the context is nil a panic will occur. In the future the SDK may create 6730// sub-contexts for http.Requests. See https://golang.org/pkg/context/ 6731// for more information on using Contexts. 6732func (c *Organizations) ListHandshakesForAccountPagesWithContext(ctx aws.Context, input *ListHandshakesForAccountInput, fn func(*ListHandshakesForAccountOutput, bool) bool, opts ...request.Option) error { 6733 p := request.Pagination{ 6734 NewRequest: func() (*request.Request, error) { 6735 var inCpy *ListHandshakesForAccountInput 6736 if input != nil { 6737 tmp := *input 6738 inCpy = &tmp 6739 } 6740 req, _ := c.ListHandshakesForAccountRequest(inCpy) 6741 req.SetContext(ctx) 6742 req.ApplyOptions(opts...) 6743 return req, nil 6744 }, 6745 } 6746 6747 cont := true 6748 for p.Next() && cont { 6749 cont = fn(p.Page().(*ListHandshakesForAccountOutput), !p.HasNextPage()) 6750 } 6751 return p.Err() 6752} 6753 6754const opListHandshakesForOrganization = "ListHandshakesForOrganization" 6755 6756// ListHandshakesForOrganizationRequest generates a "aws/request.Request" representing the 6757// client's request for the ListHandshakesForOrganization operation. The "output" return 6758// value will be populated with the request's response once the request complets 6759// successfuly. 6760// 6761// Use "Send" method on the returned Request to send the API call to the service. 6762// the "output" return value is not valid until after Send returns without error. 6763// 6764// See ListHandshakesForOrganization for more information on using the ListHandshakesForOrganization 6765// API call, and error handling. 6766// 6767// This method is useful when you want to inject custom logic or configuration 6768// into the SDK's request lifecycle. Such as custom headers, or retry logic. 6769// 6770// 6771// // Example sending a request using the ListHandshakesForOrganizationRequest method. 6772// req, resp := client.ListHandshakesForOrganizationRequest(params) 6773// 6774// err := req.Send() 6775// if err == nil { // resp is now filled 6776// fmt.Println(resp) 6777// } 6778// 6779// See also, https://docs.aws.amazon.com/goto/WebAPI/organizations-2016-11-28/ListHandshakesForOrganization 6780func (c *Organizations) ListHandshakesForOrganizationRequest(input *ListHandshakesForOrganizationInput) (req *request.Request, output *ListHandshakesForOrganizationOutput) { 6781 op := &request.Operation{ 6782 Name: opListHandshakesForOrganization, 6783 HTTPMethod: "POST", 6784 HTTPPath: "/", 6785 Paginator: &request.Paginator{ 6786 InputTokens: []string{"NextToken"}, 6787 OutputTokens: []string{"NextToken"}, 6788 LimitToken: "MaxResults", 6789 TruncationToken: "", 6790 }, 6791 } 6792 6793 if input == nil { 6794 input = &ListHandshakesForOrganizationInput{} 6795 } 6796 6797 output = &ListHandshakesForOrganizationOutput{} 6798 req = c.newRequest(op, input, output) 6799 return 6800} 6801 6802// ListHandshakesForOrganization API operation for AWS Organizations. 6803// 6804// Lists the handshakes that are associated with the organization that the requesting 6805// user is part of. The ListHandshakesForOrganization operation returns a list 6806// of handshake structures. Each structure contains details and status about 6807// a handshake. 6808// 6809// Handshakes that are ACCEPTED, DECLINED, or CANCELED appear in the results 6810// of this API for only 30 days after changing to that state. After that they 6811// are deleted and no longer accessible. 6812// 6813// This operation can be called only from the organization's master account. 6814// 6815// Returns awserr.Error for service API and SDK errors. Use runtime type assertions 6816// with awserr.Error's Code and Message methods to get detailed information about 6817// the error. 6818// 6819// See the AWS API reference guide for AWS Organizations's 6820// API operation ListHandshakesForOrganization for usage and error information. 6821// 6822// Returned Error Codes: 6823// * ErrCodeAccessDeniedException "AccessDeniedException" 6824// You don't have permissions to perform the requested operation. The user or 6825// role that is making the request must have at least one IAM permissions policy 6826// attached that grants the required permissions. For more information, see 6827// Access Management (http://docs.aws.amazon.com/IAM/latest/UserGuide/access.html) 6828// in the IAM User Guide. 6829// 6830// * ErrCodeAWSOrganizationsNotInUseException "AWSOrganizationsNotInUseException" 6831// Your account is not a member of an organization. To make this request, you 6832// must use the credentials of an account that belongs to an organization. 6833// 6834// * ErrCodeConcurrentModificationException "ConcurrentModificationException" 6835// The target of the operation is currently being modified by a different request. 6836// Try again later. 6837// 6838// * ErrCodeInvalidInputException "InvalidInputException" 6839// The requested operation failed because you provided invalid values for one 6840// or more of the request parameters. This exception includes a reason that 6841// contains additional information about the violated limit: 6842// 6843// Some of the reasons in the following list might not be applicable to this 6844// specific API or operation: 6845// 6846// * INVALID_PARTY_TYPE_TARGET: You specified the wrong type of entity (account, 6847// organization, or email) as a party. 6848// 6849// * INVALID_SYNTAX_ORGANIZATION_ARN: You specified an invalid ARN for the 6850// organization. 6851// 6852// * INVALID_SYNTAX_POLICY_ID: You specified an invalid policy ID. 6853// 6854// * INVALID_ENUM: You specified a value that is not valid for that parameter. 6855// 6856// * INVALID_FULL_NAME_TARGET: You specified a full name that contains invalid 6857// characters. 6858// 6859// * INVALID_LIST_MEMBER: You provided a list to a parameter that contains 6860// at least one invalid value. 6861// 6862// * MAX_LENGTH_EXCEEDED: You provided a string parameter that is longer 6863// than allowed. 6864// 6865// * MAX_VALUE_EXCEEDED: You provided a numeric parameter that has a larger 6866// value than allowed. 6867// 6868// * MIN_LENGTH_EXCEEDED: You provided a string parameter that is shorter 6869// than allowed. 6870// 6871// * MIN_VALUE_EXCEEDED: You provided a numeric parameter that has a smaller 6872// value than allowed. 6873// 6874// * IMMUTABLE_POLICY: You specified a policy that is managed by AWS and 6875// cannot be modified. 6876// 6877// * INVALID_PATTERN: You provided a value that doesn't match the required 6878// pattern. 6879// 6880// * INVALID_PATTERN_TARGET_ID: You specified a policy target ID that doesn't 6881// match the required pattern. 6882// 6883// * INPUT_REQUIRED: You must include a value for all required parameters. 6884// 6885// * INVALID_PAGINATION_TOKEN: Get the value for the NextToken parameter 6886// from the response to a previous call of the operation. 6887// 6888// * MAX_FILTER_LIMIT_EXCEEDED: You can specify only one filter parameter 6889// for the operation. 6890// 6891// * MOVING_ACCOUNT_BETWEEN_DIFFERENT_ROOTS: You can move an account only 6892// between entities in the same root. 6893// 6894// * ErrCodeServiceException "ServiceException" 6895// AWS Organizations can't complete your request because of an internal service 6896// error. Try again later. 6897// 6898// * ErrCodeTooManyRequestsException "TooManyRequestsException" 6899// You've sent too many requests in too short a period of time. The limit helps 6900// protect against denial-of-service attacks. Try again later. 6901// 6902// See also, https://docs.aws.amazon.com/goto/WebAPI/organizations-2016-11-28/ListHandshakesForOrganization 6903func (c *Organizations) ListHandshakesForOrganization(input *ListHandshakesForOrganizationInput) (*ListHandshakesForOrganizationOutput, error) { 6904 req, out := c.ListHandshakesForOrganizationRequest(input) 6905 return out, req.Send() 6906} 6907 6908// ListHandshakesForOrganizationWithContext is the same as ListHandshakesForOrganization with the addition of 6909// the ability to pass a context and additional request options. 6910// 6911// See ListHandshakesForOrganization for details on how to use this API operation. 6912// 6913// The context must be non-nil and will be used for request cancellation. If 6914// the context is nil a panic will occur. In the future the SDK may create 6915// sub-contexts for http.Requests. See https://golang.org/pkg/context/ 6916// for more information on using Contexts. 6917func (c *Organizations) ListHandshakesForOrganizationWithContext(ctx aws.Context, input *ListHandshakesForOrganizationInput, opts ...request.Option) (*ListHandshakesForOrganizationOutput, error) { 6918 req, out := c.ListHandshakesForOrganizationRequest(input) 6919 req.SetContext(ctx) 6920 req.ApplyOptions(opts...) 6921 return out, req.Send() 6922} 6923 6924// ListHandshakesForOrganizationPages iterates over the pages of a ListHandshakesForOrganization operation, 6925// calling the "fn" function with the response data for each page. To stop 6926// iterating, return false from the fn function. 6927// 6928// See ListHandshakesForOrganization method for more information on how to use this operation. 6929// 6930// Note: This operation can generate multiple requests to a service. 6931// 6932// // Example iterating over at most 3 pages of a ListHandshakesForOrganization operation. 6933// pageNum := 0 6934// err := client.ListHandshakesForOrganizationPages(params, 6935// func(page *ListHandshakesForOrganizationOutput, lastPage bool) bool { 6936// pageNum++ 6937// fmt.Println(page) 6938// return pageNum <= 3 6939// }) 6940// 6941func (c *Organizations) ListHandshakesForOrganizationPages(input *ListHandshakesForOrganizationInput, fn func(*ListHandshakesForOrganizationOutput, bool) bool) error { 6942 return c.ListHandshakesForOrganizationPagesWithContext(aws.BackgroundContext(), input, fn) 6943} 6944 6945// ListHandshakesForOrganizationPagesWithContext same as ListHandshakesForOrganizationPages except 6946// it takes a Context and allows setting request options on the pages. 6947// 6948// The context must be non-nil and will be used for request cancellation. If 6949// the context is nil a panic will occur. In the future the SDK may create 6950// sub-contexts for http.Requests. See https://golang.org/pkg/context/ 6951// for more information on using Contexts. 6952func (c *Organizations) ListHandshakesForOrganizationPagesWithContext(ctx aws.Context, input *ListHandshakesForOrganizationInput, fn func(*ListHandshakesForOrganizationOutput, bool) bool, opts ...request.Option) error { 6953 p := request.Pagination{ 6954 NewRequest: func() (*request.Request, error) { 6955 var inCpy *ListHandshakesForOrganizationInput 6956 if input != nil { 6957 tmp := *input 6958 inCpy = &tmp 6959 } 6960 req, _ := c.ListHandshakesForOrganizationRequest(inCpy) 6961 req.SetContext(ctx) 6962 req.ApplyOptions(opts...) 6963 return req, nil 6964 }, 6965 } 6966 6967 cont := true 6968 for p.Next() && cont { 6969 cont = fn(p.Page().(*ListHandshakesForOrganizationOutput), !p.HasNextPage()) 6970 } 6971 return p.Err() 6972} 6973 6974const opListOrganizationalUnitsForParent = "ListOrganizationalUnitsForParent" 6975 6976// ListOrganizationalUnitsForParentRequest generates a "aws/request.Request" representing the 6977// client's request for the ListOrganizationalUnitsForParent operation. The "output" return 6978// value will be populated with the request's response once the request complets 6979// successfuly. 6980// 6981// Use "Send" method on the returned Request to send the API call to the service. 6982// the "output" return value is not valid until after Send returns without error. 6983// 6984// See ListOrganizationalUnitsForParent for more information on using the ListOrganizationalUnitsForParent 6985// API call, and error handling. 6986// 6987// This method is useful when you want to inject custom logic or configuration 6988// into the SDK's request lifecycle. Such as custom headers, or retry logic. 6989// 6990// 6991// // Example sending a request using the ListOrganizationalUnitsForParentRequest method. 6992// req, resp := client.ListOrganizationalUnitsForParentRequest(params) 6993// 6994// err := req.Send() 6995// if err == nil { // resp is now filled 6996// fmt.Println(resp) 6997// } 6998// 6999// See also, https://docs.aws.amazon.com/goto/WebAPI/organizations-2016-11-28/ListOrganizationalUnitsForParent 7000func (c *Organizations) ListOrganizationalUnitsForParentRequest(input *ListOrganizationalUnitsForParentInput) (req *request.Request, output *ListOrganizationalUnitsForParentOutput) { 7001 op := &request.Operation{ 7002 Name: opListOrganizationalUnitsForParent, 7003 HTTPMethod: "POST", 7004 HTTPPath: "/", 7005 Paginator: &request.Paginator{ 7006 InputTokens: []string{"NextToken"}, 7007 OutputTokens: []string{"NextToken"}, 7008 LimitToken: "MaxResults", 7009 TruncationToken: "", 7010 }, 7011 } 7012 7013 if input == nil { 7014 input = &ListOrganizationalUnitsForParentInput{} 7015 } 7016 7017 output = &ListOrganizationalUnitsForParentOutput{} 7018 req = c.newRequest(op, input, output) 7019 return 7020} 7021 7022// ListOrganizationalUnitsForParent API operation for AWS Organizations. 7023// 7024// Lists the organizational units (OUs) in a parent organizational unit or root. 7025// 7026// This operation can be called only from the organization's master account. 7027// 7028// Returns awserr.Error for service API and SDK errors. Use runtime type assertions 7029// with awserr.Error's Code and Message methods to get detailed information about 7030// the error. 7031// 7032// See the AWS API reference guide for AWS Organizations's 7033// API operation ListOrganizationalUnitsForParent for usage and error information. 7034// 7035// Returned Error Codes: 7036// * ErrCodeAccessDeniedException "AccessDeniedException" 7037// You don't have permissions to perform the requested operation. The user or 7038// role that is making the request must have at least one IAM permissions policy 7039// attached that grants the required permissions. For more information, see 7040// Access Management (http://docs.aws.amazon.com/IAM/latest/UserGuide/access.html) 7041// in the IAM User Guide. 7042// 7043// * ErrCodeAWSOrganizationsNotInUseException "AWSOrganizationsNotInUseException" 7044// Your account is not a member of an organization. To make this request, you 7045// must use the credentials of an account that belongs to an organization. 7046// 7047// * ErrCodeInvalidInputException "InvalidInputException" 7048// The requested operation failed because you provided invalid values for one 7049// or more of the request parameters. This exception includes a reason that 7050// contains additional information about the violated limit: 7051// 7052// Some of the reasons in the following list might not be applicable to this 7053// specific API or operation: 7054// 7055// * INVALID_PARTY_TYPE_TARGET: You specified the wrong type of entity (account, 7056// organization, or email) as a party. 7057// 7058// * INVALID_SYNTAX_ORGANIZATION_ARN: You specified an invalid ARN for the 7059// organization. 7060// 7061// * INVALID_SYNTAX_POLICY_ID: You specified an invalid policy ID. 7062// 7063// * INVALID_ENUM: You specified a value that is not valid for that parameter. 7064// 7065// * INVALID_FULL_NAME_TARGET: You specified a full name that contains invalid 7066// characters. 7067// 7068// * INVALID_LIST_MEMBER: You provided a list to a parameter that contains 7069// at least one invalid value. 7070// 7071// * MAX_LENGTH_EXCEEDED: You provided a string parameter that is longer 7072// than allowed. 7073// 7074// * MAX_VALUE_EXCEEDED: You provided a numeric parameter that has a larger 7075// value than allowed. 7076// 7077// * MIN_LENGTH_EXCEEDED: You provided a string parameter that is shorter 7078// than allowed. 7079// 7080// * MIN_VALUE_EXCEEDED: You provided a numeric parameter that has a smaller 7081// value than allowed. 7082// 7083// * IMMUTABLE_POLICY: You specified a policy that is managed by AWS and 7084// cannot be modified. 7085// 7086// * INVALID_PATTERN: You provided a value that doesn't match the required 7087// pattern. 7088// 7089// * INVALID_PATTERN_TARGET_ID: You specified a policy target ID that doesn't 7090// match the required pattern. 7091// 7092// * INPUT_REQUIRED: You must include a value for all required parameters. 7093// 7094// * INVALID_PAGINATION_TOKEN: Get the value for the NextToken parameter 7095// from the response to a previous call of the operation. 7096// 7097// * MAX_FILTER_LIMIT_EXCEEDED: You can specify only one filter parameter 7098// for the operation. 7099// 7100// * MOVING_ACCOUNT_BETWEEN_DIFFERENT_ROOTS: You can move an account only 7101// between entities in the same root. 7102// 7103// * ErrCodeParentNotFoundException "ParentNotFoundException" 7104// We can't find a root or organizational unit (OU) with the ParentId that you 7105// specified. 7106// 7107// * ErrCodeServiceException "ServiceException" 7108// AWS Organizations can't complete your request because of an internal service 7109// error. Try again later. 7110// 7111// * ErrCodeTooManyRequestsException "TooManyRequestsException" 7112// You've sent too many requests in too short a period of time. The limit helps 7113// protect against denial-of-service attacks. Try again later. 7114// 7115// See also, https://docs.aws.amazon.com/goto/WebAPI/organizations-2016-11-28/ListOrganizationalUnitsForParent 7116func (c *Organizations) ListOrganizationalUnitsForParent(input *ListOrganizationalUnitsForParentInput) (*ListOrganizationalUnitsForParentOutput, error) { 7117 req, out := c.ListOrganizationalUnitsForParentRequest(input) 7118 return out, req.Send() 7119} 7120 7121// ListOrganizationalUnitsForParentWithContext is the same as ListOrganizationalUnitsForParent with the addition of 7122// the ability to pass a context and additional request options. 7123// 7124// See ListOrganizationalUnitsForParent for details on how to use this API operation. 7125// 7126// The context must be non-nil and will be used for request cancellation. If 7127// the context is nil a panic will occur. In the future the SDK may create 7128// sub-contexts for http.Requests. See https://golang.org/pkg/context/ 7129// for more information on using Contexts. 7130func (c *Organizations) ListOrganizationalUnitsForParentWithContext(ctx aws.Context, input *ListOrganizationalUnitsForParentInput, opts ...request.Option) (*ListOrganizationalUnitsForParentOutput, error) { 7131 req, out := c.ListOrganizationalUnitsForParentRequest(input) 7132 req.SetContext(ctx) 7133 req.ApplyOptions(opts...) 7134 return out, req.Send() 7135} 7136 7137// ListOrganizationalUnitsForParentPages iterates over the pages of a ListOrganizationalUnitsForParent operation, 7138// calling the "fn" function with the response data for each page. To stop 7139// iterating, return false from the fn function. 7140// 7141// See ListOrganizationalUnitsForParent method for more information on how to use this operation. 7142// 7143// Note: This operation can generate multiple requests to a service. 7144// 7145// // Example iterating over at most 3 pages of a ListOrganizationalUnitsForParent operation. 7146// pageNum := 0 7147// err := client.ListOrganizationalUnitsForParentPages(params, 7148// func(page *ListOrganizationalUnitsForParentOutput, lastPage bool) bool { 7149// pageNum++ 7150// fmt.Println(page) 7151// return pageNum <= 3 7152// }) 7153// 7154func (c *Organizations) ListOrganizationalUnitsForParentPages(input *ListOrganizationalUnitsForParentInput, fn func(*ListOrganizationalUnitsForParentOutput, bool) bool) error { 7155 return c.ListOrganizationalUnitsForParentPagesWithContext(aws.BackgroundContext(), input, fn) 7156} 7157 7158// ListOrganizationalUnitsForParentPagesWithContext same as ListOrganizationalUnitsForParentPages except 7159// it takes a Context and allows setting request options on the pages. 7160// 7161// The context must be non-nil and will be used for request cancellation. If 7162// the context is nil a panic will occur. In the future the SDK may create 7163// sub-contexts for http.Requests. See https://golang.org/pkg/context/ 7164// for more information on using Contexts. 7165func (c *Organizations) ListOrganizationalUnitsForParentPagesWithContext(ctx aws.Context, input *ListOrganizationalUnitsForParentInput, fn func(*ListOrganizationalUnitsForParentOutput, bool) bool, opts ...request.Option) error { 7166 p := request.Pagination{ 7167 NewRequest: func() (*request.Request, error) { 7168 var inCpy *ListOrganizationalUnitsForParentInput 7169 if input != nil { 7170 tmp := *input 7171 inCpy = &tmp 7172 } 7173 req, _ := c.ListOrganizationalUnitsForParentRequest(inCpy) 7174 req.SetContext(ctx) 7175 req.ApplyOptions(opts...) 7176 return req, nil 7177 }, 7178 } 7179 7180 cont := true 7181 for p.Next() && cont { 7182 cont = fn(p.Page().(*ListOrganizationalUnitsForParentOutput), !p.HasNextPage()) 7183 } 7184 return p.Err() 7185} 7186 7187const opListParents = "ListParents" 7188 7189// ListParentsRequest generates a "aws/request.Request" representing the 7190// client's request for the ListParents operation. The "output" return 7191// value will be populated with the request's response once the request complets 7192// successfuly. 7193// 7194// Use "Send" method on the returned Request to send the API call to the service. 7195// the "output" return value is not valid until after Send returns without error. 7196// 7197// See ListParents for more information on using the ListParents 7198// API call, and error handling. 7199// 7200// This method is useful when you want to inject custom logic or configuration 7201// into the SDK's request lifecycle. Such as custom headers, or retry logic. 7202// 7203// 7204// // Example sending a request using the ListParentsRequest method. 7205// req, resp := client.ListParentsRequest(params) 7206// 7207// err := req.Send() 7208// if err == nil { // resp is now filled 7209// fmt.Println(resp) 7210// } 7211// 7212// See also, https://docs.aws.amazon.com/goto/WebAPI/organizations-2016-11-28/ListParents 7213func (c *Organizations) ListParentsRequest(input *ListParentsInput) (req *request.Request, output *ListParentsOutput) { 7214 op := &request.Operation{ 7215 Name: opListParents, 7216 HTTPMethod: "POST", 7217 HTTPPath: "/", 7218 Paginator: &request.Paginator{ 7219 InputTokens: []string{"NextToken"}, 7220 OutputTokens: []string{"NextToken"}, 7221 LimitToken: "MaxResults", 7222 TruncationToken: "", 7223 }, 7224 } 7225 7226 if input == nil { 7227 input = &ListParentsInput{} 7228 } 7229 7230 output = &ListParentsOutput{} 7231 req = c.newRequest(op, input, output) 7232 return 7233} 7234 7235// ListParents API operation for AWS Organizations. 7236// 7237// Lists the root or organizational units (OUs) that serve as the immediate 7238// parent of the specified child OU or account. This operation, along with ListChildren 7239// enables you to traverse the tree structure that makes up this root. 7240// 7241// This operation can be called only from the organization's master account. 7242// 7243// In the current release, a child can have only a single parent. 7244// 7245// Returns awserr.Error for service API and SDK errors. Use runtime type assertions 7246// with awserr.Error's Code and Message methods to get detailed information about 7247// the error. 7248// 7249// See the AWS API reference guide for AWS Organizations's 7250// API operation ListParents for usage and error information. 7251// 7252// Returned Error Codes: 7253// * ErrCodeAccessDeniedException "AccessDeniedException" 7254// You don't have permissions to perform the requested operation. The user or 7255// role that is making the request must have at least one IAM permissions policy 7256// attached that grants the required permissions. For more information, see 7257// Access Management (http://docs.aws.amazon.com/IAM/latest/UserGuide/access.html) 7258// in the IAM User Guide. 7259// 7260// * ErrCodeAWSOrganizationsNotInUseException "AWSOrganizationsNotInUseException" 7261// Your account is not a member of an organization. To make this request, you 7262// must use the credentials of an account that belongs to an organization. 7263// 7264// * ErrCodeChildNotFoundException "ChildNotFoundException" 7265// We can't find an organizational unit (OU) or AWS account with the ChildId 7266// that you specified. 7267// 7268// * ErrCodeInvalidInputException "InvalidInputException" 7269// The requested operation failed because you provided invalid values for one 7270// or more of the request parameters. This exception includes a reason that 7271// contains additional information about the violated limit: 7272// 7273// Some of the reasons in the following list might not be applicable to this 7274// specific API or operation: 7275// 7276// * INVALID_PARTY_TYPE_TARGET: You specified the wrong type of entity (account, 7277// organization, or email) as a party. 7278// 7279// * INVALID_SYNTAX_ORGANIZATION_ARN: You specified an invalid ARN for the 7280// organization. 7281// 7282// * INVALID_SYNTAX_POLICY_ID: You specified an invalid policy ID. 7283// 7284// * INVALID_ENUM: You specified a value that is not valid for that parameter. 7285// 7286// * INVALID_FULL_NAME_TARGET: You specified a full name that contains invalid 7287// characters. 7288// 7289// * INVALID_LIST_MEMBER: You provided a list to a parameter that contains 7290// at least one invalid value. 7291// 7292// * MAX_LENGTH_EXCEEDED: You provided a string parameter that is longer 7293// than allowed. 7294// 7295// * MAX_VALUE_EXCEEDED: You provided a numeric parameter that has a larger 7296// value than allowed. 7297// 7298// * MIN_LENGTH_EXCEEDED: You provided a string parameter that is shorter 7299// than allowed. 7300// 7301// * MIN_VALUE_EXCEEDED: You provided a numeric parameter that has a smaller 7302// value than allowed. 7303// 7304// * IMMUTABLE_POLICY: You specified a policy that is managed by AWS and 7305// cannot be modified. 7306// 7307// * INVALID_PATTERN: You provided a value that doesn't match the required 7308// pattern. 7309// 7310// * INVALID_PATTERN_TARGET_ID: You specified a policy target ID that doesn't 7311// match the required pattern. 7312// 7313// * INPUT_REQUIRED: You must include a value for all required parameters. 7314// 7315// * INVALID_PAGINATION_TOKEN: Get the value for the NextToken parameter 7316// from the response to a previous call of the operation. 7317// 7318// * MAX_FILTER_LIMIT_EXCEEDED: You can specify only one filter parameter 7319// for the operation. 7320// 7321// * MOVING_ACCOUNT_BETWEEN_DIFFERENT_ROOTS: You can move an account only 7322// between entities in the same root. 7323// 7324// * ErrCodeServiceException "ServiceException" 7325// AWS Organizations can't complete your request because of an internal service 7326// error. Try again later. 7327// 7328// * ErrCodeTooManyRequestsException "TooManyRequestsException" 7329// You've sent too many requests in too short a period of time. The limit helps 7330// protect against denial-of-service attacks. Try again later. 7331// 7332// See also, https://docs.aws.amazon.com/goto/WebAPI/organizations-2016-11-28/ListParents 7333func (c *Organizations) ListParents(input *ListParentsInput) (*ListParentsOutput, error) { 7334 req, out := c.ListParentsRequest(input) 7335 return out, req.Send() 7336} 7337 7338// ListParentsWithContext is the same as ListParents with the addition of 7339// the ability to pass a context and additional request options. 7340// 7341// See ListParents for details on how to use this API operation. 7342// 7343// The context must be non-nil and will be used for request cancellation. If 7344// the context is nil a panic will occur. In the future the SDK may create 7345// sub-contexts for http.Requests. See https://golang.org/pkg/context/ 7346// for more information on using Contexts. 7347func (c *Organizations) ListParentsWithContext(ctx aws.Context, input *ListParentsInput, opts ...request.Option) (*ListParentsOutput, error) { 7348 req, out := c.ListParentsRequest(input) 7349 req.SetContext(ctx) 7350 req.ApplyOptions(opts...) 7351 return out, req.Send() 7352} 7353 7354// ListParentsPages iterates over the pages of a ListParents operation, 7355// calling the "fn" function with the response data for each page. To stop 7356// iterating, return false from the fn function. 7357// 7358// See ListParents method for more information on how to use this operation. 7359// 7360// Note: This operation can generate multiple requests to a service. 7361// 7362// // Example iterating over at most 3 pages of a ListParents operation. 7363// pageNum := 0 7364// err := client.ListParentsPages(params, 7365// func(page *ListParentsOutput, lastPage bool) bool { 7366// pageNum++ 7367// fmt.Println(page) 7368// return pageNum <= 3 7369// }) 7370// 7371func (c *Organizations) ListParentsPages(input *ListParentsInput, fn func(*ListParentsOutput, bool) bool) error { 7372 return c.ListParentsPagesWithContext(aws.BackgroundContext(), input, fn) 7373} 7374 7375// ListParentsPagesWithContext same as ListParentsPages except 7376// it takes a Context and allows setting request options on the pages. 7377// 7378// The context must be non-nil and will be used for request cancellation. If 7379// the context is nil a panic will occur. In the future the SDK may create 7380// sub-contexts for http.Requests. See https://golang.org/pkg/context/ 7381// for more information on using Contexts. 7382func (c *Organizations) ListParentsPagesWithContext(ctx aws.Context, input *ListParentsInput, fn func(*ListParentsOutput, bool) bool, opts ...request.Option) error { 7383 p := request.Pagination{ 7384 NewRequest: func() (*request.Request, error) { 7385 var inCpy *ListParentsInput 7386 if input != nil { 7387 tmp := *input 7388 inCpy = &tmp 7389 } 7390 req, _ := c.ListParentsRequest(inCpy) 7391 req.SetContext(ctx) 7392 req.ApplyOptions(opts...) 7393 return req, nil 7394 }, 7395 } 7396 7397 cont := true 7398 for p.Next() && cont { 7399 cont = fn(p.Page().(*ListParentsOutput), !p.HasNextPage()) 7400 } 7401 return p.Err() 7402} 7403 7404const opListPolicies = "ListPolicies" 7405 7406// ListPoliciesRequest generates a "aws/request.Request" representing the 7407// client's request for the ListPolicies operation. The "output" return 7408// value will be populated with the request's response once the request complets 7409// successfuly. 7410// 7411// Use "Send" method on the returned Request to send the API call to the service. 7412// the "output" return value is not valid until after Send returns without error. 7413// 7414// See ListPolicies for more information on using the ListPolicies 7415// API call, and error handling. 7416// 7417// This method is useful when you want to inject custom logic or configuration 7418// into the SDK's request lifecycle. Such as custom headers, or retry logic. 7419// 7420// 7421// // Example sending a request using the ListPoliciesRequest method. 7422// req, resp := client.ListPoliciesRequest(params) 7423// 7424// err := req.Send() 7425// if err == nil { // resp is now filled 7426// fmt.Println(resp) 7427// } 7428// 7429// See also, https://docs.aws.amazon.com/goto/WebAPI/organizations-2016-11-28/ListPolicies 7430func (c *Organizations) ListPoliciesRequest(input *ListPoliciesInput) (req *request.Request, output *ListPoliciesOutput) { 7431 op := &request.Operation{ 7432 Name: opListPolicies, 7433 HTTPMethod: "POST", 7434 HTTPPath: "/", 7435 Paginator: &request.Paginator{ 7436 InputTokens: []string{"NextToken"}, 7437 OutputTokens: []string{"NextToken"}, 7438 LimitToken: "MaxResults", 7439 TruncationToken: "", 7440 }, 7441 } 7442 7443 if input == nil { 7444 input = &ListPoliciesInput{} 7445 } 7446 7447 output = &ListPoliciesOutput{} 7448 req = c.newRequest(op, input, output) 7449 return 7450} 7451 7452// ListPolicies API operation for AWS Organizations. 7453// 7454// Retrieves the list of all policies in an organization of a specified type. 7455// 7456// This operation can be called only from the organization's master account. 7457// 7458// Returns awserr.Error for service API and SDK errors. Use runtime type assertions 7459// with awserr.Error's Code and Message methods to get detailed information about 7460// the error. 7461// 7462// See the AWS API reference guide for AWS Organizations's 7463// API operation ListPolicies for usage and error information. 7464// 7465// Returned Error Codes: 7466// * ErrCodeAccessDeniedException "AccessDeniedException" 7467// You don't have permissions to perform the requested operation. The user or 7468// role that is making the request must have at least one IAM permissions policy 7469// attached that grants the required permissions. For more information, see 7470// Access Management (http://docs.aws.amazon.com/IAM/latest/UserGuide/access.html) 7471// in the IAM User Guide. 7472// 7473// * ErrCodeAWSOrganizationsNotInUseException "AWSOrganizationsNotInUseException" 7474// Your account is not a member of an organization. To make this request, you 7475// must use the credentials of an account that belongs to an organization. 7476// 7477// * ErrCodeInvalidInputException "InvalidInputException" 7478// The requested operation failed because you provided invalid values for one 7479// or more of the request parameters. This exception includes a reason that 7480// contains additional information about the violated limit: 7481// 7482// Some of the reasons in the following list might not be applicable to this 7483// specific API or operation: 7484// 7485// * INVALID_PARTY_TYPE_TARGET: You specified the wrong type of entity (account, 7486// organization, or email) as a party. 7487// 7488// * INVALID_SYNTAX_ORGANIZATION_ARN: You specified an invalid ARN for the 7489// organization. 7490// 7491// * INVALID_SYNTAX_POLICY_ID: You specified an invalid policy ID. 7492// 7493// * INVALID_ENUM: You specified a value that is not valid for that parameter. 7494// 7495// * INVALID_FULL_NAME_TARGET: You specified a full name that contains invalid 7496// characters. 7497// 7498// * INVALID_LIST_MEMBER: You provided a list to a parameter that contains 7499// at least one invalid value. 7500// 7501// * MAX_LENGTH_EXCEEDED: You provided a string parameter that is longer 7502// than allowed. 7503// 7504// * MAX_VALUE_EXCEEDED: You provided a numeric parameter that has a larger 7505// value than allowed. 7506// 7507// * MIN_LENGTH_EXCEEDED: You provided a string parameter that is shorter 7508// than allowed. 7509// 7510// * MIN_VALUE_EXCEEDED: You provided a numeric parameter that has a smaller 7511// value than allowed. 7512// 7513// * IMMUTABLE_POLICY: You specified a policy that is managed by AWS and 7514// cannot be modified. 7515// 7516// * INVALID_PATTERN: You provided a value that doesn't match the required 7517// pattern. 7518// 7519// * INVALID_PATTERN_TARGET_ID: You specified a policy target ID that doesn't 7520// match the required pattern. 7521// 7522// * INPUT_REQUIRED: You must include a value for all required parameters. 7523// 7524// * INVALID_PAGINATION_TOKEN: Get the value for the NextToken parameter 7525// from the response to a previous call of the operation. 7526// 7527// * MAX_FILTER_LIMIT_EXCEEDED: You can specify only one filter parameter 7528// for the operation. 7529// 7530// * MOVING_ACCOUNT_BETWEEN_DIFFERENT_ROOTS: You can move an account only 7531// between entities in the same root. 7532// 7533// * ErrCodeServiceException "ServiceException" 7534// AWS Organizations can't complete your request because of an internal service 7535// error. Try again later. 7536// 7537// * ErrCodeTooManyRequestsException "TooManyRequestsException" 7538// You've sent too many requests in too short a period of time. The limit helps 7539// protect against denial-of-service attacks. Try again later. 7540// 7541// See also, https://docs.aws.amazon.com/goto/WebAPI/organizations-2016-11-28/ListPolicies 7542func (c *Organizations) ListPolicies(input *ListPoliciesInput) (*ListPoliciesOutput, error) { 7543 req, out := c.ListPoliciesRequest(input) 7544 return out, req.Send() 7545} 7546 7547// ListPoliciesWithContext is the same as ListPolicies with the addition of 7548// the ability to pass a context and additional request options. 7549// 7550// See ListPolicies for details on how to use this API operation. 7551// 7552// The context must be non-nil and will be used for request cancellation. If 7553// the context is nil a panic will occur. In the future the SDK may create 7554// sub-contexts for http.Requests. See https://golang.org/pkg/context/ 7555// for more information on using Contexts. 7556func (c *Organizations) ListPoliciesWithContext(ctx aws.Context, input *ListPoliciesInput, opts ...request.Option) (*ListPoliciesOutput, error) { 7557 req, out := c.ListPoliciesRequest(input) 7558 req.SetContext(ctx) 7559 req.ApplyOptions(opts...) 7560 return out, req.Send() 7561} 7562 7563// ListPoliciesPages iterates over the pages of a ListPolicies operation, 7564// calling the "fn" function with the response data for each page. To stop 7565// iterating, return false from the fn function. 7566// 7567// See ListPolicies method for more information on how to use this operation. 7568// 7569// Note: This operation can generate multiple requests to a service. 7570// 7571// // Example iterating over at most 3 pages of a ListPolicies operation. 7572// pageNum := 0 7573// err := client.ListPoliciesPages(params, 7574// func(page *ListPoliciesOutput, lastPage bool) bool { 7575// pageNum++ 7576// fmt.Println(page) 7577// return pageNum <= 3 7578// }) 7579// 7580func (c *Organizations) ListPoliciesPages(input *ListPoliciesInput, fn func(*ListPoliciesOutput, bool) bool) error { 7581 return c.ListPoliciesPagesWithContext(aws.BackgroundContext(), input, fn) 7582} 7583 7584// ListPoliciesPagesWithContext same as ListPoliciesPages except 7585// it takes a Context and allows setting request options on the pages. 7586// 7587// The context must be non-nil and will be used for request cancellation. If 7588// the context is nil a panic will occur. In the future the SDK may create 7589// sub-contexts for http.Requests. See https://golang.org/pkg/context/ 7590// for more information on using Contexts. 7591func (c *Organizations) ListPoliciesPagesWithContext(ctx aws.Context, input *ListPoliciesInput, fn func(*ListPoliciesOutput, bool) bool, opts ...request.Option) error { 7592 p := request.Pagination{ 7593 NewRequest: func() (*request.Request, error) { 7594 var inCpy *ListPoliciesInput 7595 if input != nil { 7596 tmp := *input 7597 inCpy = &tmp 7598 } 7599 req, _ := c.ListPoliciesRequest(inCpy) 7600 req.SetContext(ctx) 7601 req.ApplyOptions(opts...) 7602 return req, nil 7603 }, 7604 } 7605 7606 cont := true 7607 for p.Next() && cont { 7608 cont = fn(p.Page().(*ListPoliciesOutput), !p.HasNextPage()) 7609 } 7610 return p.Err() 7611} 7612 7613const opListPoliciesForTarget = "ListPoliciesForTarget" 7614 7615// ListPoliciesForTargetRequest generates a "aws/request.Request" representing the 7616// client's request for the ListPoliciesForTarget operation. The "output" return 7617// value will be populated with the request's response once the request complets 7618// successfuly. 7619// 7620// Use "Send" method on the returned Request to send the API call to the service. 7621// the "output" return value is not valid until after Send returns without error. 7622// 7623// See ListPoliciesForTarget for more information on using the ListPoliciesForTarget 7624// API call, and error handling. 7625// 7626// This method is useful when you want to inject custom logic or configuration 7627// into the SDK's request lifecycle. Such as custom headers, or retry logic. 7628// 7629// 7630// // Example sending a request using the ListPoliciesForTargetRequest method. 7631// req, resp := client.ListPoliciesForTargetRequest(params) 7632// 7633// err := req.Send() 7634// if err == nil { // resp is now filled 7635// fmt.Println(resp) 7636// } 7637// 7638// See also, https://docs.aws.amazon.com/goto/WebAPI/organizations-2016-11-28/ListPoliciesForTarget 7639func (c *Organizations) ListPoliciesForTargetRequest(input *ListPoliciesForTargetInput) (req *request.Request, output *ListPoliciesForTargetOutput) { 7640 op := &request.Operation{ 7641 Name: opListPoliciesForTarget, 7642 HTTPMethod: "POST", 7643 HTTPPath: "/", 7644 Paginator: &request.Paginator{ 7645 InputTokens: []string{"NextToken"}, 7646 OutputTokens: []string{"NextToken"}, 7647 LimitToken: "MaxResults", 7648 TruncationToken: "", 7649 }, 7650 } 7651 7652 if input == nil { 7653 input = &ListPoliciesForTargetInput{} 7654 } 7655 7656 output = &ListPoliciesForTargetOutput{} 7657 req = c.newRequest(op, input, output) 7658 return 7659} 7660 7661// ListPoliciesForTarget API operation for AWS Organizations. 7662// 7663// Lists the policies that are directly attached to the specified target root, 7664// organizational unit (OU), or account. You must specify the policy type that 7665// you want included in the returned list. 7666// 7667// This operation can be called only from the organization's master account. 7668// 7669// Returns awserr.Error for service API and SDK errors. Use runtime type assertions 7670// with awserr.Error's Code and Message methods to get detailed information about 7671// the error. 7672// 7673// See the AWS API reference guide for AWS Organizations's 7674// API operation ListPoliciesForTarget for usage and error information. 7675// 7676// Returned Error Codes: 7677// * ErrCodeAccessDeniedException "AccessDeniedException" 7678// You don't have permissions to perform the requested operation. The user or 7679// role that is making the request must have at least one IAM permissions policy 7680// attached that grants the required permissions. For more information, see 7681// Access Management (http://docs.aws.amazon.com/IAM/latest/UserGuide/access.html) 7682// in the IAM User Guide. 7683// 7684// * ErrCodeAWSOrganizationsNotInUseException "AWSOrganizationsNotInUseException" 7685// Your account is not a member of an organization. To make this request, you 7686// must use the credentials of an account that belongs to an organization. 7687// 7688// * ErrCodeInvalidInputException "InvalidInputException" 7689// The requested operation failed because you provided invalid values for one 7690// or more of the request parameters. This exception includes a reason that 7691// contains additional information about the violated limit: 7692// 7693// Some of the reasons in the following list might not be applicable to this 7694// specific API or operation: 7695// 7696// * INVALID_PARTY_TYPE_TARGET: You specified the wrong type of entity (account, 7697// organization, or email) as a party. 7698// 7699// * INVALID_SYNTAX_ORGANIZATION_ARN: You specified an invalid ARN for the 7700// organization. 7701// 7702// * INVALID_SYNTAX_POLICY_ID: You specified an invalid policy ID. 7703// 7704// * INVALID_ENUM: You specified a value that is not valid for that parameter. 7705// 7706// * INVALID_FULL_NAME_TARGET: You specified a full name that contains invalid 7707// characters. 7708// 7709// * INVALID_LIST_MEMBER: You provided a list to a parameter that contains 7710// at least one invalid value. 7711// 7712// * MAX_LENGTH_EXCEEDED: You provided a string parameter that is longer 7713// than allowed. 7714// 7715// * MAX_VALUE_EXCEEDED: You provided a numeric parameter that has a larger 7716// value than allowed. 7717// 7718// * MIN_LENGTH_EXCEEDED: You provided a string parameter that is shorter 7719// than allowed. 7720// 7721// * MIN_VALUE_EXCEEDED: You provided a numeric parameter that has a smaller 7722// value than allowed. 7723// 7724// * IMMUTABLE_POLICY: You specified a policy that is managed by AWS and 7725// cannot be modified. 7726// 7727// * INVALID_PATTERN: You provided a value that doesn't match the required 7728// pattern. 7729// 7730// * INVALID_PATTERN_TARGET_ID: You specified a policy target ID that doesn't 7731// match the required pattern. 7732// 7733// * INPUT_REQUIRED: You must include a value for all required parameters. 7734// 7735// * INVALID_PAGINATION_TOKEN: Get the value for the NextToken parameter 7736// from the response to a previous call of the operation. 7737// 7738// * MAX_FILTER_LIMIT_EXCEEDED: You can specify only one filter parameter 7739// for the operation. 7740// 7741// * MOVING_ACCOUNT_BETWEEN_DIFFERENT_ROOTS: You can move an account only 7742// between entities in the same root. 7743// 7744// * ErrCodeServiceException "ServiceException" 7745// AWS Organizations can't complete your request because of an internal service 7746// error. Try again later. 7747// 7748// * ErrCodeTargetNotFoundException "TargetNotFoundException" 7749// We can't find a root, OU, or account with the TargetId that you specified. 7750// 7751// * ErrCodeTooManyRequestsException "TooManyRequestsException" 7752// You've sent too many requests in too short a period of time. The limit helps 7753// protect against denial-of-service attacks. Try again later. 7754// 7755// See also, https://docs.aws.amazon.com/goto/WebAPI/organizations-2016-11-28/ListPoliciesForTarget 7756func (c *Organizations) ListPoliciesForTarget(input *ListPoliciesForTargetInput) (*ListPoliciesForTargetOutput, error) { 7757 req, out := c.ListPoliciesForTargetRequest(input) 7758 return out, req.Send() 7759} 7760 7761// ListPoliciesForTargetWithContext is the same as ListPoliciesForTarget with the addition of 7762// the ability to pass a context and additional request options. 7763// 7764// See ListPoliciesForTarget for details on how to use this API operation. 7765// 7766// The context must be non-nil and will be used for request cancellation. If 7767// the context is nil a panic will occur. In the future the SDK may create 7768// sub-contexts for http.Requests. See https://golang.org/pkg/context/ 7769// for more information on using Contexts. 7770func (c *Organizations) ListPoliciesForTargetWithContext(ctx aws.Context, input *ListPoliciesForTargetInput, opts ...request.Option) (*ListPoliciesForTargetOutput, error) { 7771 req, out := c.ListPoliciesForTargetRequest(input) 7772 req.SetContext(ctx) 7773 req.ApplyOptions(opts...) 7774 return out, req.Send() 7775} 7776 7777// ListPoliciesForTargetPages iterates over the pages of a ListPoliciesForTarget operation, 7778// calling the "fn" function with the response data for each page. To stop 7779// iterating, return false from the fn function. 7780// 7781// See ListPoliciesForTarget method for more information on how to use this operation. 7782// 7783// Note: This operation can generate multiple requests to a service. 7784// 7785// // Example iterating over at most 3 pages of a ListPoliciesForTarget operation. 7786// pageNum := 0 7787// err := client.ListPoliciesForTargetPages(params, 7788// func(page *ListPoliciesForTargetOutput, lastPage bool) bool { 7789// pageNum++ 7790// fmt.Println(page) 7791// return pageNum <= 3 7792// }) 7793// 7794func (c *Organizations) ListPoliciesForTargetPages(input *ListPoliciesForTargetInput, fn func(*ListPoliciesForTargetOutput, bool) bool) error { 7795 return c.ListPoliciesForTargetPagesWithContext(aws.BackgroundContext(), input, fn) 7796} 7797 7798// ListPoliciesForTargetPagesWithContext same as ListPoliciesForTargetPages except 7799// it takes a Context and allows setting request options on the pages. 7800// 7801// The context must be non-nil and will be used for request cancellation. If 7802// the context is nil a panic will occur. In the future the SDK may create 7803// sub-contexts for http.Requests. See https://golang.org/pkg/context/ 7804// for more information on using Contexts. 7805func (c *Organizations) ListPoliciesForTargetPagesWithContext(ctx aws.Context, input *ListPoliciesForTargetInput, fn func(*ListPoliciesForTargetOutput, bool) bool, opts ...request.Option) error { 7806 p := request.Pagination{ 7807 NewRequest: func() (*request.Request, error) { 7808 var inCpy *ListPoliciesForTargetInput 7809 if input != nil { 7810 tmp := *input 7811 inCpy = &tmp 7812 } 7813 req, _ := c.ListPoliciesForTargetRequest(inCpy) 7814 req.SetContext(ctx) 7815 req.ApplyOptions(opts...) 7816 return req, nil 7817 }, 7818 } 7819 7820 cont := true 7821 for p.Next() && cont { 7822 cont = fn(p.Page().(*ListPoliciesForTargetOutput), !p.HasNextPage()) 7823 } 7824 return p.Err() 7825} 7826 7827const opListRoots = "ListRoots" 7828 7829// ListRootsRequest generates a "aws/request.Request" representing the 7830// client's request for the ListRoots operation. The "output" return 7831// value will be populated with the request's response once the request complets 7832// successfuly. 7833// 7834// Use "Send" method on the returned Request to send the API call to the service. 7835// the "output" return value is not valid until after Send returns without error. 7836// 7837// See ListRoots for more information on using the ListRoots 7838// API call, and error handling. 7839// 7840// This method is useful when you want to inject custom logic or configuration 7841// into the SDK's request lifecycle. Such as custom headers, or retry logic. 7842// 7843// 7844// // Example sending a request using the ListRootsRequest method. 7845// req, resp := client.ListRootsRequest(params) 7846// 7847// err := req.Send() 7848// if err == nil { // resp is now filled 7849// fmt.Println(resp) 7850// } 7851// 7852// See also, https://docs.aws.amazon.com/goto/WebAPI/organizations-2016-11-28/ListRoots 7853func (c *Organizations) ListRootsRequest(input *ListRootsInput) (req *request.Request, output *ListRootsOutput) { 7854 op := &request.Operation{ 7855 Name: opListRoots, 7856 HTTPMethod: "POST", 7857 HTTPPath: "/", 7858 Paginator: &request.Paginator{ 7859 InputTokens: []string{"NextToken"}, 7860 OutputTokens: []string{"NextToken"}, 7861 LimitToken: "MaxResults", 7862 TruncationToken: "", 7863 }, 7864 } 7865 7866 if input == nil { 7867 input = &ListRootsInput{} 7868 } 7869 7870 output = &ListRootsOutput{} 7871 req = c.newRequest(op, input, output) 7872 return 7873} 7874 7875// ListRoots API operation for AWS Organizations. 7876// 7877// Lists the roots that are defined in the current organization. 7878// 7879// This operation can be called only from the organization's master account. 7880// 7881// Returns awserr.Error for service API and SDK errors. Use runtime type assertions 7882// with awserr.Error's Code and Message methods to get detailed information about 7883// the error. 7884// 7885// See the AWS API reference guide for AWS Organizations's 7886// API operation ListRoots for usage and error information. 7887// 7888// Returned Error Codes: 7889// * ErrCodeAccessDeniedException "AccessDeniedException" 7890// You don't have permissions to perform the requested operation. The user or 7891// role that is making the request must have at least one IAM permissions policy 7892// attached that grants the required permissions. For more information, see 7893// Access Management (http://docs.aws.amazon.com/IAM/latest/UserGuide/access.html) 7894// in the IAM User Guide. 7895// 7896// * ErrCodeAWSOrganizationsNotInUseException "AWSOrganizationsNotInUseException" 7897// Your account is not a member of an organization. To make this request, you 7898// must use the credentials of an account that belongs to an organization. 7899// 7900// * ErrCodeInvalidInputException "InvalidInputException" 7901// The requested operation failed because you provided invalid values for one 7902// or more of the request parameters. This exception includes a reason that 7903// contains additional information about the violated limit: 7904// 7905// Some of the reasons in the following list might not be applicable to this 7906// specific API or operation: 7907// 7908// * INVALID_PARTY_TYPE_TARGET: You specified the wrong type of entity (account, 7909// organization, or email) as a party. 7910// 7911// * INVALID_SYNTAX_ORGANIZATION_ARN: You specified an invalid ARN for the 7912// organization. 7913// 7914// * INVALID_SYNTAX_POLICY_ID: You specified an invalid policy ID. 7915// 7916// * INVALID_ENUM: You specified a value that is not valid for that parameter. 7917// 7918// * INVALID_FULL_NAME_TARGET: You specified a full name that contains invalid 7919// characters. 7920// 7921// * INVALID_LIST_MEMBER: You provided a list to a parameter that contains 7922// at least one invalid value. 7923// 7924// * MAX_LENGTH_EXCEEDED: You provided a string parameter that is longer 7925// than allowed. 7926// 7927// * MAX_VALUE_EXCEEDED: You provided a numeric parameter that has a larger 7928// value than allowed. 7929// 7930// * MIN_LENGTH_EXCEEDED: You provided a string parameter that is shorter 7931// than allowed. 7932// 7933// * MIN_VALUE_EXCEEDED: You provided a numeric parameter that has a smaller 7934// value than allowed. 7935// 7936// * IMMUTABLE_POLICY: You specified a policy that is managed by AWS and 7937// cannot be modified. 7938// 7939// * INVALID_PATTERN: You provided a value that doesn't match the required 7940// pattern. 7941// 7942// * INVALID_PATTERN_TARGET_ID: You specified a policy target ID that doesn't 7943// match the required pattern. 7944// 7945// * INPUT_REQUIRED: You must include a value for all required parameters. 7946// 7947// * INVALID_PAGINATION_TOKEN: Get the value for the NextToken parameter 7948// from the response to a previous call of the operation. 7949// 7950// * MAX_FILTER_LIMIT_EXCEEDED: You can specify only one filter parameter 7951// for the operation. 7952// 7953// * MOVING_ACCOUNT_BETWEEN_DIFFERENT_ROOTS: You can move an account only 7954// between entities in the same root. 7955// 7956// * ErrCodeServiceException "ServiceException" 7957// AWS Organizations can't complete your request because of an internal service 7958// error. Try again later. 7959// 7960// * ErrCodeTooManyRequestsException "TooManyRequestsException" 7961// You've sent too many requests in too short a period of time. The limit helps 7962// protect against denial-of-service attacks. Try again later. 7963// 7964// See also, https://docs.aws.amazon.com/goto/WebAPI/organizations-2016-11-28/ListRoots 7965func (c *Organizations) ListRoots(input *ListRootsInput) (*ListRootsOutput, error) { 7966 req, out := c.ListRootsRequest(input) 7967 return out, req.Send() 7968} 7969 7970// ListRootsWithContext is the same as ListRoots with the addition of 7971// the ability to pass a context and additional request options. 7972// 7973// See ListRoots for details on how to use this API operation. 7974// 7975// The context must be non-nil and will be used for request cancellation. If 7976// the context is nil a panic will occur. In the future the SDK may create 7977// sub-contexts for http.Requests. See https://golang.org/pkg/context/ 7978// for more information on using Contexts. 7979func (c *Organizations) ListRootsWithContext(ctx aws.Context, input *ListRootsInput, opts ...request.Option) (*ListRootsOutput, error) { 7980 req, out := c.ListRootsRequest(input) 7981 req.SetContext(ctx) 7982 req.ApplyOptions(opts...) 7983 return out, req.Send() 7984} 7985 7986// ListRootsPages iterates over the pages of a ListRoots operation, 7987// calling the "fn" function with the response data for each page. To stop 7988// iterating, return false from the fn function. 7989// 7990// See ListRoots method for more information on how to use this operation. 7991// 7992// Note: This operation can generate multiple requests to a service. 7993// 7994// // Example iterating over at most 3 pages of a ListRoots operation. 7995// pageNum := 0 7996// err := client.ListRootsPages(params, 7997// func(page *ListRootsOutput, lastPage bool) bool { 7998// pageNum++ 7999// fmt.Println(page) 8000// return pageNum <= 3 8001// }) 8002// 8003func (c *Organizations) ListRootsPages(input *ListRootsInput, fn func(*ListRootsOutput, bool) bool) error { 8004 return c.ListRootsPagesWithContext(aws.BackgroundContext(), input, fn) 8005} 8006 8007// ListRootsPagesWithContext same as ListRootsPages except 8008// it takes a Context and allows setting request options on the pages. 8009// 8010// The context must be non-nil and will be used for request cancellation. If 8011// the context is nil a panic will occur. In the future the SDK may create 8012// sub-contexts for http.Requests. See https://golang.org/pkg/context/ 8013// for more information on using Contexts. 8014func (c *Organizations) ListRootsPagesWithContext(ctx aws.Context, input *ListRootsInput, fn func(*ListRootsOutput, bool) bool, opts ...request.Option) error { 8015 p := request.Pagination{ 8016 NewRequest: func() (*request.Request, error) { 8017 var inCpy *ListRootsInput 8018 if input != nil { 8019 tmp := *input 8020 inCpy = &tmp 8021 } 8022 req, _ := c.ListRootsRequest(inCpy) 8023 req.SetContext(ctx) 8024 req.ApplyOptions(opts...) 8025 return req, nil 8026 }, 8027 } 8028 8029 cont := true 8030 for p.Next() && cont { 8031 cont = fn(p.Page().(*ListRootsOutput), !p.HasNextPage()) 8032 } 8033 return p.Err() 8034} 8035 8036const opListTargetsForPolicy = "ListTargetsForPolicy" 8037 8038// ListTargetsForPolicyRequest generates a "aws/request.Request" representing the 8039// client's request for the ListTargetsForPolicy operation. The "output" return 8040// value will be populated with the request's response once the request complets 8041// successfuly. 8042// 8043// Use "Send" method on the returned Request to send the API call to the service. 8044// the "output" return value is not valid until after Send returns without error. 8045// 8046// See ListTargetsForPolicy for more information on using the ListTargetsForPolicy 8047// API call, and error handling. 8048// 8049// This method is useful when you want to inject custom logic or configuration 8050// into the SDK's request lifecycle. Such as custom headers, or retry logic. 8051// 8052// 8053// // Example sending a request using the ListTargetsForPolicyRequest method. 8054// req, resp := client.ListTargetsForPolicyRequest(params) 8055// 8056// err := req.Send() 8057// if err == nil { // resp is now filled 8058// fmt.Println(resp) 8059// } 8060// 8061// See also, https://docs.aws.amazon.com/goto/WebAPI/organizations-2016-11-28/ListTargetsForPolicy 8062func (c *Organizations) ListTargetsForPolicyRequest(input *ListTargetsForPolicyInput) (req *request.Request, output *ListTargetsForPolicyOutput) { 8063 op := &request.Operation{ 8064 Name: opListTargetsForPolicy, 8065 HTTPMethod: "POST", 8066 HTTPPath: "/", 8067 Paginator: &request.Paginator{ 8068 InputTokens: []string{"NextToken"}, 8069 OutputTokens: []string{"NextToken"}, 8070 LimitToken: "MaxResults", 8071 TruncationToken: "", 8072 }, 8073 } 8074 8075 if input == nil { 8076 input = &ListTargetsForPolicyInput{} 8077 } 8078 8079 output = &ListTargetsForPolicyOutput{} 8080 req = c.newRequest(op, input, output) 8081 return 8082} 8083 8084// ListTargetsForPolicy API operation for AWS Organizations. 8085// 8086// Lists all the roots, OUs, and accounts to which the specified policy is attached. 8087// 8088// This operation can be called only from the organization's master account. 8089// 8090// Returns awserr.Error for service API and SDK errors. Use runtime type assertions 8091// with awserr.Error's Code and Message methods to get detailed information about 8092// the error. 8093// 8094// See the AWS API reference guide for AWS Organizations's 8095// API operation ListTargetsForPolicy for usage and error information. 8096// 8097// Returned Error Codes: 8098// * ErrCodeAccessDeniedException "AccessDeniedException" 8099// You don't have permissions to perform the requested operation. The user or 8100// role that is making the request must have at least one IAM permissions policy 8101// attached that grants the required permissions. For more information, see 8102// Access Management (http://docs.aws.amazon.com/IAM/latest/UserGuide/access.html) 8103// in the IAM User Guide. 8104// 8105// * ErrCodeAWSOrganizationsNotInUseException "AWSOrganizationsNotInUseException" 8106// Your account is not a member of an organization. To make this request, you 8107// must use the credentials of an account that belongs to an organization. 8108// 8109// * ErrCodeInvalidInputException "InvalidInputException" 8110// The requested operation failed because you provided invalid values for one 8111// or more of the request parameters. This exception includes a reason that 8112// contains additional information about the violated limit: 8113// 8114// Some of the reasons in the following list might not be applicable to this 8115// specific API or operation: 8116// 8117// * INVALID_PARTY_TYPE_TARGET: You specified the wrong type of entity (account, 8118// organization, or email) as a party. 8119// 8120// * INVALID_SYNTAX_ORGANIZATION_ARN: You specified an invalid ARN for the 8121// organization. 8122// 8123// * INVALID_SYNTAX_POLICY_ID: You specified an invalid policy ID. 8124// 8125// * INVALID_ENUM: You specified a value that is not valid for that parameter. 8126// 8127// * INVALID_FULL_NAME_TARGET: You specified a full name that contains invalid 8128// characters. 8129// 8130// * INVALID_LIST_MEMBER: You provided a list to a parameter that contains 8131// at least one invalid value. 8132// 8133// * MAX_LENGTH_EXCEEDED: You provided a string parameter that is longer 8134// than allowed. 8135// 8136// * MAX_VALUE_EXCEEDED: You provided a numeric parameter that has a larger 8137// value than allowed. 8138// 8139// * MIN_LENGTH_EXCEEDED: You provided a string parameter that is shorter 8140// than allowed. 8141// 8142// * MIN_VALUE_EXCEEDED: You provided a numeric parameter that has a smaller 8143// value than allowed. 8144// 8145// * IMMUTABLE_POLICY: You specified a policy that is managed by AWS and 8146// cannot be modified. 8147// 8148// * INVALID_PATTERN: You provided a value that doesn't match the required 8149// pattern. 8150// 8151// * INVALID_PATTERN_TARGET_ID: You specified a policy target ID that doesn't 8152// match the required pattern. 8153// 8154// * INPUT_REQUIRED: You must include a value for all required parameters. 8155// 8156// * INVALID_PAGINATION_TOKEN: Get the value for the NextToken parameter 8157// from the response to a previous call of the operation. 8158// 8159// * MAX_FILTER_LIMIT_EXCEEDED: You can specify only one filter parameter 8160// for the operation. 8161// 8162// * MOVING_ACCOUNT_BETWEEN_DIFFERENT_ROOTS: You can move an account only 8163// between entities in the same root. 8164// 8165// * ErrCodePolicyNotFoundException "PolicyNotFoundException" 8166// We can't find a policy with the PolicyId that you specified. 8167// 8168// * ErrCodeServiceException "ServiceException" 8169// AWS Organizations can't complete your request because of an internal service 8170// error. Try again later. 8171// 8172// * ErrCodeTooManyRequestsException "TooManyRequestsException" 8173// You've sent too many requests in too short a period of time. The limit helps 8174// protect against denial-of-service attacks. Try again later. 8175// 8176// See also, https://docs.aws.amazon.com/goto/WebAPI/organizations-2016-11-28/ListTargetsForPolicy 8177func (c *Organizations) ListTargetsForPolicy(input *ListTargetsForPolicyInput) (*ListTargetsForPolicyOutput, error) { 8178 req, out := c.ListTargetsForPolicyRequest(input) 8179 return out, req.Send() 8180} 8181 8182// ListTargetsForPolicyWithContext is the same as ListTargetsForPolicy with the addition of 8183// the ability to pass a context and additional request options. 8184// 8185// See ListTargetsForPolicy for details on how to use this API operation. 8186// 8187// The context must be non-nil and will be used for request cancellation. If 8188// the context is nil a panic will occur. In the future the SDK may create 8189// sub-contexts for http.Requests. See https://golang.org/pkg/context/ 8190// for more information on using Contexts. 8191func (c *Organizations) ListTargetsForPolicyWithContext(ctx aws.Context, input *ListTargetsForPolicyInput, opts ...request.Option) (*ListTargetsForPolicyOutput, error) { 8192 req, out := c.ListTargetsForPolicyRequest(input) 8193 req.SetContext(ctx) 8194 req.ApplyOptions(opts...) 8195 return out, req.Send() 8196} 8197 8198// ListTargetsForPolicyPages iterates over the pages of a ListTargetsForPolicy operation, 8199// calling the "fn" function with the response data for each page. To stop 8200// iterating, return false from the fn function. 8201// 8202// See ListTargetsForPolicy method for more information on how to use this operation. 8203// 8204// Note: This operation can generate multiple requests to a service. 8205// 8206// // Example iterating over at most 3 pages of a ListTargetsForPolicy operation. 8207// pageNum := 0 8208// err := client.ListTargetsForPolicyPages(params, 8209// func(page *ListTargetsForPolicyOutput, lastPage bool) bool { 8210// pageNum++ 8211// fmt.Println(page) 8212// return pageNum <= 3 8213// }) 8214// 8215func (c *Organizations) ListTargetsForPolicyPages(input *ListTargetsForPolicyInput, fn func(*ListTargetsForPolicyOutput, bool) bool) error { 8216 return c.ListTargetsForPolicyPagesWithContext(aws.BackgroundContext(), input, fn) 8217} 8218 8219// ListTargetsForPolicyPagesWithContext same as ListTargetsForPolicyPages except 8220// it takes a Context and allows setting request options on the pages. 8221// 8222// The context must be non-nil and will be used for request cancellation. If 8223// the context is nil a panic will occur. In the future the SDK may create 8224// sub-contexts for http.Requests. See https://golang.org/pkg/context/ 8225// for more information on using Contexts. 8226func (c *Organizations) ListTargetsForPolicyPagesWithContext(ctx aws.Context, input *ListTargetsForPolicyInput, fn func(*ListTargetsForPolicyOutput, bool) bool, opts ...request.Option) error { 8227 p := request.Pagination{ 8228 NewRequest: func() (*request.Request, error) { 8229 var inCpy *ListTargetsForPolicyInput 8230 if input != nil { 8231 tmp := *input 8232 inCpy = &tmp 8233 } 8234 req, _ := c.ListTargetsForPolicyRequest(inCpy) 8235 req.SetContext(ctx) 8236 req.ApplyOptions(opts...) 8237 return req, nil 8238 }, 8239 } 8240 8241 cont := true 8242 for p.Next() && cont { 8243 cont = fn(p.Page().(*ListTargetsForPolicyOutput), !p.HasNextPage()) 8244 } 8245 return p.Err() 8246} 8247 8248const opMoveAccount = "MoveAccount" 8249 8250// MoveAccountRequest generates a "aws/request.Request" representing the 8251// client's request for the MoveAccount operation. The "output" return 8252// value will be populated with the request's response once the request complets 8253// successfuly. 8254// 8255// Use "Send" method on the returned Request to send the API call to the service. 8256// the "output" return value is not valid until after Send returns without error. 8257// 8258// See MoveAccount for more information on using the MoveAccount 8259// API call, and error handling. 8260// 8261// This method is useful when you want to inject custom logic or configuration 8262// into the SDK's request lifecycle. Such as custom headers, or retry logic. 8263// 8264// 8265// // Example sending a request using the MoveAccountRequest method. 8266// req, resp := client.MoveAccountRequest(params) 8267// 8268// err := req.Send() 8269// if err == nil { // resp is now filled 8270// fmt.Println(resp) 8271// } 8272// 8273// See also, https://docs.aws.amazon.com/goto/WebAPI/organizations-2016-11-28/MoveAccount 8274func (c *Organizations) MoveAccountRequest(input *MoveAccountInput) (req *request.Request, output *MoveAccountOutput) { 8275 op := &request.Operation{ 8276 Name: opMoveAccount, 8277 HTTPMethod: "POST", 8278 HTTPPath: "/", 8279 } 8280 8281 if input == nil { 8282 input = &MoveAccountInput{} 8283 } 8284 8285 output = &MoveAccountOutput{} 8286 req = c.newRequest(op, input, output) 8287 req.Handlers.Unmarshal.Remove(jsonrpc.UnmarshalHandler) 8288 req.Handlers.Unmarshal.PushBackNamed(protocol.UnmarshalDiscardBodyHandler) 8289 return 8290} 8291 8292// MoveAccount API operation for AWS Organizations. 8293// 8294// Moves an account from its current source parent root or OU to the specified 8295// destination parent root or OU. 8296// 8297// This operation can be called only from the organization's master account. 8298// 8299// Returns awserr.Error for service API and SDK errors. Use runtime type assertions 8300// with awserr.Error's Code and Message methods to get detailed information about 8301// the error. 8302// 8303// See the AWS API reference guide for AWS Organizations's 8304// API operation MoveAccount for usage and error information. 8305// 8306// Returned Error Codes: 8307// * ErrCodeAccessDeniedException "AccessDeniedException" 8308// You don't have permissions to perform the requested operation. The user or 8309// role that is making the request must have at least one IAM permissions policy 8310// attached that grants the required permissions. For more information, see 8311// Access Management (http://docs.aws.amazon.com/IAM/latest/UserGuide/access.html) 8312// in the IAM User Guide. 8313// 8314// * ErrCodeInvalidInputException "InvalidInputException" 8315// The requested operation failed because you provided invalid values for one 8316// or more of the request parameters. This exception includes a reason that 8317// contains additional information about the violated limit: 8318// 8319// Some of the reasons in the following list might not be applicable to this 8320// specific API or operation: 8321// 8322// * INVALID_PARTY_TYPE_TARGET: You specified the wrong type of entity (account, 8323// organization, or email) as a party. 8324// 8325// * INVALID_SYNTAX_ORGANIZATION_ARN: You specified an invalid ARN for the 8326// organization. 8327// 8328// * INVALID_SYNTAX_POLICY_ID: You specified an invalid policy ID. 8329// 8330// * INVALID_ENUM: You specified a value that is not valid for that parameter. 8331// 8332// * INVALID_FULL_NAME_TARGET: You specified a full name that contains invalid 8333// characters. 8334// 8335// * INVALID_LIST_MEMBER: You provided a list to a parameter that contains 8336// at least one invalid value. 8337// 8338// * MAX_LENGTH_EXCEEDED: You provided a string parameter that is longer 8339// than allowed. 8340// 8341// * MAX_VALUE_EXCEEDED: You provided a numeric parameter that has a larger 8342// value than allowed. 8343// 8344// * MIN_LENGTH_EXCEEDED: You provided a string parameter that is shorter 8345// than allowed. 8346// 8347// * MIN_VALUE_EXCEEDED: You provided a numeric parameter that has a smaller 8348// value than allowed. 8349// 8350// * IMMUTABLE_POLICY: You specified a policy that is managed by AWS and 8351// cannot be modified. 8352// 8353// * INVALID_PATTERN: You provided a value that doesn't match the required 8354// pattern. 8355// 8356// * INVALID_PATTERN_TARGET_ID: You specified a policy target ID that doesn't 8357// match the required pattern. 8358// 8359// * INPUT_REQUIRED: You must include a value for all required parameters. 8360// 8361// * INVALID_PAGINATION_TOKEN: Get the value for the NextToken parameter 8362// from the response to a previous call of the operation. 8363// 8364// * MAX_FILTER_LIMIT_EXCEEDED: You can specify only one filter parameter 8365// for the operation. 8366// 8367// * MOVING_ACCOUNT_BETWEEN_DIFFERENT_ROOTS: You can move an account only 8368// between entities in the same root. 8369// 8370// * ErrCodeSourceParentNotFoundException "SourceParentNotFoundException" 8371// We can't find a source root or OU with the ParentId that you specified. 8372// 8373// * ErrCodeDestinationParentNotFoundException "DestinationParentNotFoundException" 8374// We can't find the destination container (a root or OU) with the ParentId 8375// that you specified. 8376// 8377// * ErrCodeDuplicateAccountException "DuplicateAccountException" 8378// That account is already present in the specified destination. 8379// 8380// * ErrCodeAccountNotFoundException "AccountNotFoundException" 8381// We can't find an AWS account with the AccountId that you specified, or the 8382// account whose credentials you used to make this request is not a member of 8383// an organization. 8384// 8385// * ErrCodeTooManyRequestsException "TooManyRequestsException" 8386// You've sent too many requests in too short a period of time. The limit helps 8387// protect against denial-of-service attacks. Try again later. 8388// 8389// * ErrCodeConcurrentModificationException "ConcurrentModificationException" 8390// The target of the operation is currently being modified by a different request. 8391// Try again later. 8392// 8393// * ErrCodeAWSOrganizationsNotInUseException "AWSOrganizationsNotInUseException" 8394// Your account is not a member of an organization. To make this request, you 8395// must use the credentials of an account that belongs to an organization. 8396// 8397// * ErrCodeServiceException "ServiceException" 8398// AWS Organizations can't complete your request because of an internal service 8399// error. Try again later. 8400// 8401// See also, https://docs.aws.amazon.com/goto/WebAPI/organizations-2016-11-28/MoveAccount 8402func (c *Organizations) MoveAccount(input *MoveAccountInput) (*MoveAccountOutput, error) { 8403 req, out := c.MoveAccountRequest(input) 8404 return out, req.Send() 8405} 8406 8407// MoveAccountWithContext is the same as MoveAccount with the addition of 8408// the ability to pass a context and additional request options. 8409// 8410// See MoveAccount for details on how to use this API operation. 8411// 8412// The context must be non-nil and will be used for request cancellation. If 8413// the context is nil a panic will occur. In the future the SDK may create 8414// sub-contexts for http.Requests. See https://golang.org/pkg/context/ 8415// for more information on using Contexts. 8416func (c *Organizations) MoveAccountWithContext(ctx aws.Context, input *MoveAccountInput, opts ...request.Option) (*MoveAccountOutput, error) { 8417 req, out := c.MoveAccountRequest(input) 8418 req.SetContext(ctx) 8419 req.ApplyOptions(opts...) 8420 return out, req.Send() 8421} 8422 8423const opRemoveAccountFromOrganization = "RemoveAccountFromOrganization" 8424 8425// RemoveAccountFromOrganizationRequest generates a "aws/request.Request" representing the 8426// client's request for the RemoveAccountFromOrganization operation. The "output" return 8427// value will be populated with the request's response once the request complets 8428// successfuly. 8429// 8430// Use "Send" method on the returned Request to send the API call to the service. 8431// the "output" return value is not valid until after Send returns without error. 8432// 8433// See RemoveAccountFromOrganization for more information on using the RemoveAccountFromOrganization 8434// API call, and error handling. 8435// 8436// This method is useful when you want to inject custom logic or configuration 8437// into the SDK's request lifecycle. Such as custom headers, or retry logic. 8438// 8439// 8440// // Example sending a request using the RemoveAccountFromOrganizationRequest method. 8441// req, resp := client.RemoveAccountFromOrganizationRequest(params) 8442// 8443// err := req.Send() 8444// if err == nil { // resp is now filled 8445// fmt.Println(resp) 8446// } 8447// 8448// See also, https://docs.aws.amazon.com/goto/WebAPI/organizations-2016-11-28/RemoveAccountFromOrganization 8449func (c *Organizations) RemoveAccountFromOrganizationRequest(input *RemoveAccountFromOrganizationInput) (req *request.Request, output *RemoveAccountFromOrganizationOutput) { 8450 op := &request.Operation{ 8451 Name: opRemoveAccountFromOrganization, 8452 HTTPMethod: "POST", 8453 HTTPPath: "/", 8454 } 8455 8456 if input == nil { 8457 input = &RemoveAccountFromOrganizationInput{} 8458 } 8459 8460 output = &RemoveAccountFromOrganizationOutput{} 8461 req = c.newRequest(op, input, output) 8462 req.Handlers.Unmarshal.Remove(jsonrpc.UnmarshalHandler) 8463 req.Handlers.Unmarshal.PushBackNamed(protocol.UnmarshalDiscardBodyHandler) 8464 return 8465} 8466 8467// RemoveAccountFromOrganization API operation for AWS Organizations. 8468// 8469// Removes the specified account from the organization. 8470// 8471// The removed account becomes a stand-alone account that is not a member of 8472// any organization. It is no longer subject to any policies and is responsible 8473// for its own bill payments. The organization's master account is no longer 8474// charged for any expenses accrued by the member account after it is removed 8475// from the organization. 8476// 8477// This operation can be called only from the organization's master account. 8478// Member accounts can remove themselves with LeaveOrganization instead. 8479// 8480// You can remove an account from your organization only if the account is configured 8481// with the information required to operate as a standalone account. When you 8482// create an account in an organization using the AWS Organizations console, 8483// API, or CLI commands, the information required of standalone accounts is 8484// not automatically collected. For an account that you want to make standalone, 8485// you must accept the End User License Agreement (EULA), choose a support plan, 8486// provide and verify the required contact information, and provide a current 8487// payment method. AWS uses the payment method to charge for any billable (not 8488// free tier) AWS activity that occurs while the account is not attached to 8489// an organization. To remove an account that does not yet have this information, 8490// you must sign in as the member account and follow the steps at To leave 8491// an organization when all required account information has not yet been provided 8492// (http://docs.aws.amazon.com/organizations/latest/userguide/orgs_manage_accounts_remove.html#leave-without-all-info) 8493// in the AWS Organizations User Guide. 8494// 8495// You can remove a member account only after you enable IAM user access to 8496// billing in the member account. For more information, see Activating Access 8497// to the Billing and Cost Management Console (http://docs.aws.amazon.com/awsaccountbilling/latest/aboutv2/grantaccess.html#ControllingAccessWebsite-Activate) 8498// in the AWS Billing and Cost Management User Guide. 8499// 8500// Returns awserr.Error for service API and SDK errors. Use runtime type assertions 8501// with awserr.Error's Code and Message methods to get detailed information about 8502// the error. 8503// 8504// See the AWS API reference guide for AWS Organizations's 8505// API operation RemoveAccountFromOrganization for usage and error information. 8506// 8507// Returned Error Codes: 8508// * ErrCodeAccessDeniedException "AccessDeniedException" 8509// You don't have permissions to perform the requested operation. The user or 8510// role that is making the request must have at least one IAM permissions policy 8511// attached that grants the required permissions. For more information, see 8512// Access Management (http://docs.aws.amazon.com/IAM/latest/UserGuide/access.html) 8513// in the IAM User Guide. 8514// 8515// * ErrCodeAccountNotFoundException "AccountNotFoundException" 8516// We can't find an AWS account with the AccountId that you specified, or the 8517// account whose credentials you used to make this request is not a member of 8518// an organization. 8519// 8520// * ErrCodeAWSOrganizationsNotInUseException "AWSOrganizationsNotInUseException" 8521// Your account is not a member of an organization. To make this request, you 8522// must use the credentials of an account that belongs to an organization. 8523// 8524// * ErrCodeConcurrentModificationException "ConcurrentModificationException" 8525// The target of the operation is currently being modified by a different request. 8526// Try again later. 8527// 8528// * ErrCodeConstraintViolationException "ConstraintViolationException" 8529// Performing this operation violates a minimum or maximum value limit. For 8530// example, attempting to removing the last SCP from an OU or root, inviting 8531// or creating too many accounts to the organization, or attaching too many 8532// policies to an account, OU, or root. This exception includes a reason that 8533// contains additional information about the violated limit: 8534// 8535// Some of the reasons in the following list might not be applicable to this 8536// specific API or operation: 8537// 8538// ACCOUNT_NUMBER_LIMIT_EXCEEDED: You attempted to exceed the limit on the number 8539// of accounts in an organization. If you need more accounts, contact AWS Support 8540// to request an increase in your limit. 8541// 8542// Or, The number of invitations that you tried to send would cause you to exceed 8543// the limit of accounts in your organization. Send fewer invitations, or contact 8544// AWS Support to request an increase in the number of accounts. 8545// 8546// Note: deleted and closed accounts still count toward your limit. 8547// 8548// If you get an exception that indicates that you exceeded your account limits 8549// for the organization or that you can"t add an account because your organization 8550// is still initializing, please contact AWS Customer Support (https://console.aws.amazon.com/support/home#/). 8551// 8552// * HANDSHAKE_RATE_LIMIT_EXCEEDED: You attempted to exceed the number of 8553// handshakes you can send in one day. 8554// 8555// * OU_NUMBER_LIMIT_EXCEEDED: You attempted to exceed the number of organizational 8556// units you can have in an organization. 8557// 8558// * OU_DEPTH_LIMIT_EXCEEDED: You attempted to create an organizational unit 8559// tree that is too many levels deep. 8560// 8561// * POLICY_NUMBER_LIMIT_EXCEEDED. You attempted to exceed the number of 8562// policies that you can have in an organization. 8563// 8564// * MAX_POLICY_TYPE_ATTACHMENT_LIMIT_EXCEEDED: You attempted to exceed the 8565// number of policies of a certain type that can be attached to an entity 8566// at one time. 8567// 8568// * MIN_POLICY_TYPE_ATTACHMENT_LIMIT_EXCEEDED: You attempted to detach a 8569// policy from an entity that would cause the entity to have fewer than the 8570// minimum number of policies of a certain type required. 8571// 8572// * ACCOUNT_CANNOT_LEAVE_WITHOUT_EULA: You attempted to remove an account 8573// from the organization that does not yet have enough information to exist 8574// as a stand-alone account. This account requires you to first agree to 8575// the AWS Customer Agreement. Follow the steps at To leave an organization 8576// when all required account information has not yet been provided (http://docs.aws.amazon.com/organizations/latest/userguide/orgs_manage_accounts_remove.html#leave-without-all-info) 8577// in the AWS Organizations User Guide. 8578// 8579// * ACCOUNT_CANNOT_LEAVE_WITHOUT_PHONE_VERIFICATION: You attempted to remove 8580// an account from the organization that does not yet have enough information 8581// to exist as a stand-alone account. This account requires you to first 8582// complete phone verification. Follow the steps at To leave an organization 8583// when all required account information has not yet been provided (http://docs.aws.amazon.com/organizations/latest/userguide/orgs_manage_accounts_remove.html#leave-without-all-info) 8584// in the AWS Organizations User Guide. 8585// 8586// * MASTER_ACCOUNT_PAYMENT_INSTRUMENT_REQUIRED: To create an organization 8587// with this account, you first must associate a payment instrument, such 8588// as a credit card, with the account. Follow the steps at To leave an organization 8589// when all required account information has not yet been provided (http://docs.aws.amazon.com/organizations/latest/userguide/orgs_manage_accounts_remove.html#leave-without-all-info) 8590// in the AWS Organizations User Guide. 8591// 8592// * MEMBER_ACCOUNT_PAYMENT_INSTRUMENT_REQUIRED: To complete this operation 8593// with this member account, you first must associate a payment instrument, 8594// such as a credit card, with the account. Follow the steps at To leave 8595// an organization when all required account information has not yet been 8596// provided (http://docs.aws.amazon.com/organizations/latest/userguide/orgs_manage_accounts_remove.html#leave-without-all-info) 8597// in the AWS Organizations User Guide. 8598// 8599// * ACCOUNT_CREATION_RATE_LIMIT_EXCEEDED: You attempted to exceed the number 8600// of accounts that you can create in one day. 8601// 8602// * MASTER_ACCOUNT_ADDRESS_DOES_NOT_MATCH_MARKETPLACE: To create an account 8603// in this organization, you first must migrate the organization's master 8604// account to the marketplace that corresponds to the master account's address. 8605// For example, accounts with India addresses must be associated with the 8606// AISPL marketplace. All accounts in an organization must be associated 8607// with the same marketplace. 8608// 8609// * MASTER_ACCOUNT_MISSING_CONTACT_INFO: To complete this operation, you 8610// must first provide contact a valid address and phone number for the master 8611// account. Then try the operation again. 8612// 8613// * ErrCodeInvalidInputException "InvalidInputException" 8614// The requested operation failed because you provided invalid values for one 8615// or more of the request parameters. This exception includes a reason that 8616// contains additional information about the violated limit: 8617// 8618// Some of the reasons in the following list might not be applicable to this 8619// specific API or operation: 8620// 8621// * INVALID_PARTY_TYPE_TARGET: You specified the wrong type of entity (account, 8622// organization, or email) as a party. 8623// 8624// * INVALID_SYNTAX_ORGANIZATION_ARN: You specified an invalid ARN for the 8625// organization. 8626// 8627// * INVALID_SYNTAX_POLICY_ID: You specified an invalid policy ID. 8628// 8629// * INVALID_ENUM: You specified a value that is not valid for that parameter. 8630// 8631// * INVALID_FULL_NAME_TARGET: You specified a full name that contains invalid 8632// characters. 8633// 8634// * INVALID_LIST_MEMBER: You provided a list to a parameter that contains 8635// at least one invalid value. 8636// 8637// * MAX_LENGTH_EXCEEDED: You provided a string parameter that is longer 8638// than allowed. 8639// 8640// * MAX_VALUE_EXCEEDED: You provided a numeric parameter that has a larger 8641// value than allowed. 8642// 8643// * MIN_LENGTH_EXCEEDED: You provided a string parameter that is shorter 8644// than allowed. 8645// 8646// * MIN_VALUE_EXCEEDED: You provided a numeric parameter that has a smaller 8647// value than allowed. 8648// 8649// * IMMUTABLE_POLICY: You specified a policy that is managed by AWS and 8650// cannot be modified. 8651// 8652// * INVALID_PATTERN: You provided a value that doesn't match the required 8653// pattern. 8654// 8655// * INVALID_PATTERN_TARGET_ID: You specified a policy target ID that doesn't 8656// match the required pattern. 8657// 8658// * INPUT_REQUIRED: You must include a value for all required parameters. 8659// 8660// * INVALID_PAGINATION_TOKEN: Get the value for the NextToken parameter 8661// from the response to a previous call of the operation. 8662// 8663// * MAX_FILTER_LIMIT_EXCEEDED: You can specify only one filter parameter 8664// for the operation. 8665// 8666// * MOVING_ACCOUNT_BETWEEN_DIFFERENT_ROOTS: You can move an account only 8667// between entities in the same root. 8668// 8669// * ErrCodeMasterCannotLeaveOrganizationException "MasterCannotLeaveOrganizationException" 8670// You can't remove a master account from an organization. If you want the master 8671// account to become a member account in another organization, you must first 8672// delete the current organization of the master account. 8673// 8674// * ErrCodeServiceException "ServiceException" 8675// AWS Organizations can't complete your request because of an internal service 8676// error. Try again later. 8677// 8678// * ErrCodeTooManyRequestsException "TooManyRequestsException" 8679// You've sent too many requests in too short a period of time. The limit helps 8680// protect against denial-of-service attacks. Try again later. 8681// 8682// See also, https://docs.aws.amazon.com/goto/WebAPI/organizations-2016-11-28/RemoveAccountFromOrganization 8683func (c *Organizations) RemoveAccountFromOrganization(input *RemoveAccountFromOrganizationInput) (*RemoveAccountFromOrganizationOutput, error) { 8684 req, out := c.RemoveAccountFromOrganizationRequest(input) 8685 return out, req.Send() 8686} 8687 8688// RemoveAccountFromOrganizationWithContext is the same as RemoveAccountFromOrganization with the addition of 8689// the ability to pass a context and additional request options. 8690// 8691// See RemoveAccountFromOrganization for details on how to use this API operation. 8692// 8693// The context must be non-nil and will be used for request cancellation. If 8694// the context is nil a panic will occur. In the future the SDK may create 8695// sub-contexts for http.Requests. See https://golang.org/pkg/context/ 8696// for more information on using Contexts. 8697func (c *Organizations) RemoveAccountFromOrganizationWithContext(ctx aws.Context, input *RemoveAccountFromOrganizationInput, opts ...request.Option) (*RemoveAccountFromOrganizationOutput, error) { 8698 req, out := c.RemoveAccountFromOrganizationRequest(input) 8699 req.SetContext(ctx) 8700 req.ApplyOptions(opts...) 8701 return out, req.Send() 8702} 8703 8704const opUpdateOrganizationalUnit = "UpdateOrganizationalUnit" 8705 8706// UpdateOrganizationalUnitRequest generates a "aws/request.Request" representing the 8707// client's request for the UpdateOrganizationalUnit operation. The "output" return 8708// value will be populated with the request's response once the request complets 8709// successfuly. 8710// 8711// Use "Send" method on the returned Request to send the API call to the service. 8712// the "output" return value is not valid until after Send returns without error. 8713// 8714// See UpdateOrganizationalUnit for more information on using the UpdateOrganizationalUnit 8715// API call, and error handling. 8716// 8717// This method is useful when you want to inject custom logic or configuration 8718// into the SDK's request lifecycle. Such as custom headers, or retry logic. 8719// 8720// 8721// // Example sending a request using the UpdateOrganizationalUnitRequest method. 8722// req, resp := client.UpdateOrganizationalUnitRequest(params) 8723// 8724// err := req.Send() 8725// if err == nil { // resp is now filled 8726// fmt.Println(resp) 8727// } 8728// 8729// See also, https://docs.aws.amazon.com/goto/WebAPI/organizations-2016-11-28/UpdateOrganizationalUnit 8730func (c *Organizations) UpdateOrganizationalUnitRequest(input *UpdateOrganizationalUnitInput) (req *request.Request, output *UpdateOrganizationalUnitOutput) { 8731 op := &request.Operation{ 8732 Name: opUpdateOrganizationalUnit, 8733 HTTPMethod: "POST", 8734 HTTPPath: "/", 8735 } 8736 8737 if input == nil { 8738 input = &UpdateOrganizationalUnitInput{} 8739 } 8740 8741 output = &UpdateOrganizationalUnitOutput{} 8742 req = c.newRequest(op, input, output) 8743 return 8744} 8745 8746// UpdateOrganizationalUnit API operation for AWS Organizations. 8747// 8748// Renames the specified organizational unit (OU). The ID and ARN do not change. 8749// The child OUs and accounts remain in place, and any attached policies of 8750// the OU remain attached. 8751// 8752// This operation can be called only from the organization's master account. 8753// 8754// Returns awserr.Error for service API and SDK errors. Use runtime type assertions 8755// with awserr.Error's Code and Message methods to get detailed information about 8756// the error. 8757// 8758// See the AWS API reference guide for AWS Organizations's 8759// API operation UpdateOrganizationalUnit for usage and error information. 8760// 8761// Returned Error Codes: 8762// * ErrCodeAccessDeniedException "AccessDeniedException" 8763// You don't have permissions to perform the requested operation. The user or 8764// role that is making the request must have at least one IAM permissions policy 8765// attached that grants the required permissions. For more information, see 8766// Access Management (http://docs.aws.amazon.com/IAM/latest/UserGuide/access.html) 8767// in the IAM User Guide. 8768// 8769// * ErrCodeAWSOrganizationsNotInUseException "AWSOrganizationsNotInUseException" 8770// Your account is not a member of an organization. To make this request, you 8771// must use the credentials of an account that belongs to an organization. 8772// 8773// * ErrCodeConcurrentModificationException "ConcurrentModificationException" 8774// The target of the operation is currently being modified by a different request. 8775// Try again later. 8776// 8777// * ErrCodeDuplicateOrganizationalUnitException "DuplicateOrganizationalUnitException" 8778// An organizational unit (OU) with the same name already exists. 8779// 8780// * ErrCodeInvalidInputException "InvalidInputException" 8781// The requested operation failed because you provided invalid values for one 8782// or more of the request parameters. This exception includes a reason that 8783// contains additional information about the violated limit: 8784// 8785// Some of the reasons in the following list might not be applicable to this 8786// specific API or operation: 8787// 8788// * INVALID_PARTY_TYPE_TARGET: You specified the wrong type of entity (account, 8789// organization, or email) as a party. 8790// 8791// * INVALID_SYNTAX_ORGANIZATION_ARN: You specified an invalid ARN for the 8792// organization. 8793// 8794// * INVALID_SYNTAX_POLICY_ID: You specified an invalid policy ID. 8795// 8796// * INVALID_ENUM: You specified a value that is not valid for that parameter. 8797// 8798// * INVALID_FULL_NAME_TARGET: You specified a full name that contains invalid 8799// characters. 8800// 8801// * INVALID_LIST_MEMBER: You provided a list to a parameter that contains 8802// at least one invalid value. 8803// 8804// * MAX_LENGTH_EXCEEDED: You provided a string parameter that is longer 8805// than allowed. 8806// 8807// * MAX_VALUE_EXCEEDED: You provided a numeric parameter that has a larger 8808// value than allowed. 8809// 8810// * MIN_LENGTH_EXCEEDED: You provided a string parameter that is shorter 8811// than allowed. 8812// 8813// * MIN_VALUE_EXCEEDED: You provided a numeric parameter that has a smaller 8814// value than allowed. 8815// 8816// * IMMUTABLE_POLICY: You specified a policy that is managed by AWS and 8817// cannot be modified. 8818// 8819// * INVALID_PATTERN: You provided a value that doesn't match the required 8820// pattern. 8821// 8822// * INVALID_PATTERN_TARGET_ID: You specified a policy target ID that doesn't 8823// match the required pattern. 8824// 8825// * INPUT_REQUIRED: You must include a value for all required parameters. 8826// 8827// * INVALID_PAGINATION_TOKEN: Get the value for the NextToken parameter 8828// from the response to a previous call of the operation. 8829// 8830// * MAX_FILTER_LIMIT_EXCEEDED: You can specify only one filter parameter 8831// for the operation. 8832// 8833// * MOVING_ACCOUNT_BETWEEN_DIFFERENT_ROOTS: You can move an account only 8834// between entities in the same root. 8835// 8836// * ErrCodeOrganizationalUnitNotFoundException "OrganizationalUnitNotFoundException" 8837// We can't find an organizational unit (OU) with the OrganizationalUnitId that 8838// you specified. 8839// 8840// * ErrCodeServiceException "ServiceException" 8841// AWS Organizations can't complete your request because of an internal service 8842// error. Try again later. 8843// 8844// * ErrCodeTooManyRequestsException "TooManyRequestsException" 8845// You've sent too many requests in too short a period of time. The limit helps 8846// protect against denial-of-service attacks. Try again later. 8847// 8848// See also, https://docs.aws.amazon.com/goto/WebAPI/organizations-2016-11-28/UpdateOrganizationalUnit 8849func (c *Organizations) UpdateOrganizationalUnit(input *UpdateOrganizationalUnitInput) (*UpdateOrganizationalUnitOutput, error) { 8850 req, out := c.UpdateOrganizationalUnitRequest(input) 8851 return out, req.Send() 8852} 8853 8854// UpdateOrganizationalUnitWithContext is the same as UpdateOrganizationalUnit with the addition of 8855// the ability to pass a context and additional request options. 8856// 8857// See UpdateOrganizationalUnit for details on how to use this API operation. 8858// 8859// The context must be non-nil and will be used for request cancellation. If 8860// the context is nil a panic will occur. In the future the SDK may create 8861// sub-contexts for http.Requests. See https://golang.org/pkg/context/ 8862// for more information on using Contexts. 8863func (c *Organizations) UpdateOrganizationalUnitWithContext(ctx aws.Context, input *UpdateOrganizationalUnitInput, opts ...request.Option) (*UpdateOrganizationalUnitOutput, error) { 8864 req, out := c.UpdateOrganizationalUnitRequest(input) 8865 req.SetContext(ctx) 8866 req.ApplyOptions(opts...) 8867 return out, req.Send() 8868} 8869 8870const opUpdatePolicy = "UpdatePolicy" 8871 8872// UpdatePolicyRequest generates a "aws/request.Request" representing the 8873// client's request for the UpdatePolicy operation. The "output" return 8874// value will be populated with the request's response once the request complets 8875// successfuly. 8876// 8877// Use "Send" method on the returned Request to send the API call to the service. 8878// the "output" return value is not valid until after Send returns without error. 8879// 8880// See UpdatePolicy for more information on using the UpdatePolicy 8881// API call, and error handling. 8882// 8883// This method is useful when you want to inject custom logic or configuration 8884// into the SDK's request lifecycle. Such as custom headers, or retry logic. 8885// 8886// 8887// // Example sending a request using the UpdatePolicyRequest method. 8888// req, resp := client.UpdatePolicyRequest(params) 8889// 8890// err := req.Send() 8891// if err == nil { // resp is now filled 8892// fmt.Println(resp) 8893// } 8894// 8895// See also, https://docs.aws.amazon.com/goto/WebAPI/organizations-2016-11-28/UpdatePolicy 8896func (c *Organizations) UpdatePolicyRequest(input *UpdatePolicyInput) (req *request.Request, output *UpdatePolicyOutput) { 8897 op := &request.Operation{ 8898 Name: opUpdatePolicy, 8899 HTTPMethod: "POST", 8900 HTTPPath: "/", 8901 } 8902 8903 if input == nil { 8904 input = &UpdatePolicyInput{} 8905 } 8906 8907 output = &UpdatePolicyOutput{} 8908 req = c.newRequest(op, input, output) 8909 return 8910} 8911 8912// UpdatePolicy API operation for AWS Organizations. 8913// 8914// Updates an existing policy with a new name, description, or content. If any 8915// parameter is not supplied, that value remains unchanged. Note that you cannot 8916// change a policy's type. 8917// 8918// This operation can be called only from the organization's master account. 8919// 8920// Returns awserr.Error for service API and SDK errors. Use runtime type assertions 8921// with awserr.Error's Code and Message methods to get detailed information about 8922// the error. 8923// 8924// See the AWS API reference guide for AWS Organizations's 8925// API operation UpdatePolicy for usage and error information. 8926// 8927// Returned Error Codes: 8928// * ErrCodeAccessDeniedException "AccessDeniedException" 8929// You don't have permissions to perform the requested operation. The user or 8930// role that is making the request must have at least one IAM permissions policy 8931// attached that grants the required permissions. For more information, see 8932// Access Management (http://docs.aws.amazon.com/IAM/latest/UserGuide/access.html) 8933// in the IAM User Guide. 8934// 8935// * ErrCodeAWSOrganizationsNotInUseException "AWSOrganizationsNotInUseException" 8936// Your account is not a member of an organization. To make this request, you 8937// must use the credentials of an account that belongs to an organization. 8938// 8939// * ErrCodeConcurrentModificationException "ConcurrentModificationException" 8940// The target of the operation is currently being modified by a different request. 8941// Try again later. 8942// 8943// * ErrCodeConstraintViolationException "ConstraintViolationException" 8944// Performing this operation violates a minimum or maximum value limit. For 8945// example, attempting to removing the last SCP from an OU or root, inviting 8946// or creating too many accounts to the organization, or attaching too many 8947// policies to an account, OU, or root. This exception includes a reason that 8948// contains additional information about the violated limit: 8949// 8950// Some of the reasons in the following list might not be applicable to this 8951// specific API or operation: 8952// 8953// ACCOUNT_NUMBER_LIMIT_EXCEEDED: You attempted to exceed the limit on the number 8954// of accounts in an organization. If you need more accounts, contact AWS Support 8955// to request an increase in your limit. 8956// 8957// Or, The number of invitations that you tried to send would cause you to exceed 8958// the limit of accounts in your organization. Send fewer invitations, or contact 8959// AWS Support to request an increase in the number of accounts. 8960// 8961// Note: deleted and closed accounts still count toward your limit. 8962// 8963// If you get an exception that indicates that you exceeded your account limits 8964// for the organization or that you can"t add an account because your organization 8965// is still initializing, please contact AWS Customer Support (https://console.aws.amazon.com/support/home#/). 8966// 8967// * HANDSHAKE_RATE_LIMIT_EXCEEDED: You attempted to exceed the number of 8968// handshakes you can send in one day. 8969// 8970// * OU_NUMBER_LIMIT_EXCEEDED: You attempted to exceed the number of organizational 8971// units you can have in an organization. 8972// 8973// * OU_DEPTH_LIMIT_EXCEEDED: You attempted to create an organizational unit 8974// tree that is too many levels deep. 8975// 8976// * POLICY_NUMBER_LIMIT_EXCEEDED. You attempted to exceed the number of 8977// policies that you can have in an organization. 8978// 8979// * MAX_POLICY_TYPE_ATTACHMENT_LIMIT_EXCEEDED: You attempted to exceed the 8980// number of policies of a certain type that can be attached to an entity 8981// at one time. 8982// 8983// * MIN_POLICY_TYPE_ATTACHMENT_LIMIT_EXCEEDED: You attempted to detach a 8984// policy from an entity that would cause the entity to have fewer than the 8985// minimum number of policies of a certain type required. 8986// 8987// * ACCOUNT_CANNOT_LEAVE_WITHOUT_EULA: You attempted to remove an account 8988// from the organization that does not yet have enough information to exist 8989// as a stand-alone account. This account requires you to first agree to 8990// the AWS Customer Agreement. Follow the steps at To leave an organization 8991// when all required account information has not yet been provided (http://docs.aws.amazon.com/organizations/latest/userguide/orgs_manage_accounts_remove.html#leave-without-all-info) 8992// in the AWS Organizations User Guide. 8993// 8994// * ACCOUNT_CANNOT_LEAVE_WITHOUT_PHONE_VERIFICATION: You attempted to remove 8995// an account from the organization that does not yet have enough information 8996// to exist as a stand-alone account. This account requires you to first 8997// complete phone verification. Follow the steps at To leave an organization 8998// when all required account information has not yet been provided (http://docs.aws.amazon.com/organizations/latest/userguide/orgs_manage_accounts_remove.html#leave-without-all-info) 8999// in the AWS Organizations User Guide. 9000// 9001// * MASTER_ACCOUNT_PAYMENT_INSTRUMENT_REQUIRED: To create an organization 9002// with this account, you first must associate a payment instrument, such 9003// as a credit card, with the account. Follow the steps at To leave an organization 9004// when all required account information has not yet been provided (http://docs.aws.amazon.com/organizations/latest/userguide/orgs_manage_accounts_remove.html#leave-without-all-info) 9005// in the AWS Organizations User Guide. 9006// 9007// * MEMBER_ACCOUNT_PAYMENT_INSTRUMENT_REQUIRED: To complete this operation 9008// with this member account, you first must associate a payment instrument, 9009// such as a credit card, with the account. Follow the steps at To leave 9010// an organization when all required account information has not yet been 9011// provided (http://docs.aws.amazon.com/organizations/latest/userguide/orgs_manage_accounts_remove.html#leave-without-all-info) 9012// in the AWS Organizations User Guide. 9013// 9014// * ACCOUNT_CREATION_RATE_LIMIT_EXCEEDED: You attempted to exceed the number 9015// of accounts that you can create in one day. 9016// 9017// * MASTER_ACCOUNT_ADDRESS_DOES_NOT_MATCH_MARKETPLACE: To create an account 9018// in this organization, you first must migrate the organization's master 9019// account to the marketplace that corresponds to the master account's address. 9020// For example, accounts with India addresses must be associated with the 9021// AISPL marketplace. All accounts in an organization must be associated 9022// with the same marketplace. 9023// 9024// * MASTER_ACCOUNT_MISSING_CONTACT_INFO: To complete this operation, you 9025// must first provide contact a valid address and phone number for the master 9026// account. Then try the operation again. 9027// 9028// * ErrCodeDuplicatePolicyException "DuplicatePolicyException" 9029// A policy with the same name already exists. 9030// 9031// * ErrCodeInvalidInputException "InvalidInputException" 9032// The requested operation failed because you provided invalid values for one 9033// or more of the request parameters. This exception includes a reason that 9034// contains additional information about the violated limit: 9035// 9036// Some of the reasons in the following list might not be applicable to this 9037// specific API or operation: 9038// 9039// * INVALID_PARTY_TYPE_TARGET: You specified the wrong type of entity (account, 9040// organization, or email) as a party. 9041// 9042// * INVALID_SYNTAX_ORGANIZATION_ARN: You specified an invalid ARN for the 9043// organization. 9044// 9045// * INVALID_SYNTAX_POLICY_ID: You specified an invalid policy ID. 9046// 9047// * INVALID_ENUM: You specified a value that is not valid for that parameter. 9048// 9049// * INVALID_FULL_NAME_TARGET: You specified a full name that contains invalid 9050// characters. 9051// 9052// * INVALID_LIST_MEMBER: You provided a list to a parameter that contains 9053// at least one invalid value. 9054// 9055// * MAX_LENGTH_EXCEEDED: You provided a string parameter that is longer 9056// than allowed. 9057// 9058// * MAX_VALUE_EXCEEDED: You provided a numeric parameter that has a larger 9059// value than allowed. 9060// 9061// * MIN_LENGTH_EXCEEDED: You provided a string parameter that is shorter 9062// than allowed. 9063// 9064// * MIN_VALUE_EXCEEDED: You provided a numeric parameter that has a smaller 9065// value than allowed. 9066// 9067// * IMMUTABLE_POLICY: You specified a policy that is managed by AWS and 9068// cannot be modified. 9069// 9070// * INVALID_PATTERN: You provided a value that doesn't match the required 9071// pattern. 9072// 9073// * INVALID_PATTERN_TARGET_ID: You specified a policy target ID that doesn't 9074// match the required pattern. 9075// 9076// * INPUT_REQUIRED: You must include a value for all required parameters. 9077// 9078// * INVALID_PAGINATION_TOKEN: Get the value for the NextToken parameter 9079// from the response to a previous call of the operation. 9080// 9081// * MAX_FILTER_LIMIT_EXCEEDED: You can specify only one filter parameter 9082// for the operation. 9083// 9084// * MOVING_ACCOUNT_BETWEEN_DIFFERENT_ROOTS: You can move an account only 9085// between entities in the same root. 9086// 9087// * ErrCodeMalformedPolicyDocumentException "MalformedPolicyDocumentException" 9088// The provided policy document does not meet the requirements of the specified 9089// policy type. For example, the syntax might be incorrect. For details about 9090// service control policy syntax, see Service Control Policy Syntax (http://docs.aws.amazon.com/organizations/latest/userguide/orgs_reference_scp-syntax.html) 9091// in the AWS Organizations User Guide. 9092// 9093// * ErrCodePolicyNotFoundException "PolicyNotFoundException" 9094// We can't find a policy with the PolicyId that you specified. 9095// 9096// * ErrCodeServiceException "ServiceException" 9097// AWS Organizations can't complete your request because of an internal service 9098// error. Try again later. 9099// 9100// * ErrCodeTooManyRequestsException "TooManyRequestsException" 9101// You've sent too many requests in too short a period of time. The limit helps 9102// protect against denial-of-service attacks. Try again later. 9103// 9104// See also, https://docs.aws.amazon.com/goto/WebAPI/organizations-2016-11-28/UpdatePolicy 9105func (c *Organizations) UpdatePolicy(input *UpdatePolicyInput) (*UpdatePolicyOutput, error) { 9106 req, out := c.UpdatePolicyRequest(input) 9107 return out, req.Send() 9108} 9109 9110// UpdatePolicyWithContext is the same as UpdatePolicy with the addition of 9111// the ability to pass a context and additional request options. 9112// 9113// See UpdatePolicy for details on how to use this API operation. 9114// 9115// The context must be non-nil and will be used for request cancellation. If 9116// the context is nil a panic will occur. In the future the SDK may create 9117// sub-contexts for http.Requests. See https://golang.org/pkg/context/ 9118// for more information on using Contexts. 9119func (c *Organizations) UpdatePolicyWithContext(ctx aws.Context, input *UpdatePolicyInput, opts ...request.Option) (*UpdatePolicyOutput, error) { 9120 req, out := c.UpdatePolicyRequest(input) 9121 req.SetContext(ctx) 9122 req.ApplyOptions(opts...) 9123 return out, req.Send() 9124} 9125 9126// See also, https://docs.aws.amazon.com/goto/WebAPI/organizations-2016-11-28/AcceptHandshakeRequest 9127type AcceptHandshakeInput struct { 9128 _ struct{} `type:"structure"` 9129 9130 // The unique identifier (ID) of the handshake that you want to accept. 9131 // 9132 // The regex pattern (http://wikipedia.org/wiki/regex) for handshake ID string 9133 // requires "h-" followed by from 8 to 32 lower-case letters or digits. 9134 // 9135 // HandshakeId is a required field 9136 HandshakeId *string `type:"string" required:"true"` 9137} 9138 9139// String returns the string representation 9140func (s AcceptHandshakeInput) String() string { 9141 return awsutil.Prettify(s) 9142} 9143 9144// GoString returns the string representation 9145func (s AcceptHandshakeInput) GoString() string { 9146 return s.String() 9147} 9148 9149// Validate inspects the fields of the type to determine if they are valid. 9150func (s *AcceptHandshakeInput) Validate() error { 9151 invalidParams := request.ErrInvalidParams{Context: "AcceptHandshakeInput"} 9152 if s.HandshakeId == nil { 9153 invalidParams.Add(request.NewErrParamRequired("HandshakeId")) 9154 } 9155 9156 if invalidParams.Len() > 0 { 9157 return invalidParams 9158 } 9159 return nil 9160} 9161 9162// SetHandshakeId sets the HandshakeId field's value. 9163func (s *AcceptHandshakeInput) SetHandshakeId(v string) *AcceptHandshakeInput { 9164 s.HandshakeId = &v 9165 return s 9166} 9167 9168// See also, https://docs.aws.amazon.com/goto/WebAPI/organizations-2016-11-28/AcceptHandshakeResponse 9169type AcceptHandshakeOutput struct { 9170 _ struct{} `type:"structure"` 9171 9172 // A structure that contains details about the accepted handshake. 9173 Handshake *Handshake `type:"structure"` 9174} 9175 9176// String returns the string representation 9177func (s AcceptHandshakeOutput) String() string { 9178 return awsutil.Prettify(s) 9179} 9180 9181// GoString returns the string representation 9182func (s AcceptHandshakeOutput) GoString() string { 9183 return s.String() 9184} 9185 9186// SetHandshake sets the Handshake field's value. 9187func (s *AcceptHandshakeOutput) SetHandshake(v *Handshake) *AcceptHandshakeOutput { 9188 s.Handshake = v 9189 return s 9190} 9191 9192// Contains information about an AWS account that is a member of an organization. 9193// See also, https://docs.aws.amazon.com/goto/WebAPI/organizations-2016-11-28/Account 9194type Account struct { 9195 _ struct{} `type:"structure"` 9196 9197 // The Amazon Resource Name (ARN) of the account. 9198 // 9199 // For more information about ARNs in Organizations, see ARN Formats Supported 9200 // by Organizations (http://docs.aws.amazon.com/organizations/latest/userguide/orgs_permissions.html#orgs-permissions-arns) 9201 // in the AWS Organizations User Guide. 9202 Arn *string `type:"string"` 9203 9204 // The email address associated with the AWS account. 9205 // 9206 // The regex pattern (http://wikipedia.org/wiki/regex) for this parameter is 9207 // a string of characters that represents a standard Internet email address. 9208 Email *string `min:"6" type:"string"` 9209 9210 // The unique identifier (ID) of the account. 9211 // 9212 // The regex pattern (http://wikipedia.org/wiki/regex) for an account ID string 9213 // requires exactly 12 digits. 9214 Id *string `type:"string"` 9215 9216 // The method by which the account joined the organization. 9217 JoinedMethod *string `type:"string" enum:"AccountJoinedMethod"` 9218 9219 // The date the account became a part of the organization. 9220 JoinedTimestamp *time.Time `type:"timestamp" timestampFormat:"unix"` 9221 9222 // The friendly name of the account. 9223 // 9224 // The regex pattern (http://wikipedia.org/wiki/regex) that is used to validate 9225 // this parameter is a string of any of the characters in the ASCII character 9226 // range. 9227 Name *string `min:"1" type:"string"` 9228 9229 // The status of the account in the organization. 9230 Status *string `type:"string" enum:"AccountStatus"` 9231} 9232 9233// String returns the string representation 9234func (s Account) String() string { 9235 return awsutil.Prettify(s) 9236} 9237 9238// GoString returns the string representation 9239func (s Account) GoString() string { 9240 return s.String() 9241} 9242 9243// SetArn sets the Arn field's value. 9244func (s *Account) SetArn(v string) *Account { 9245 s.Arn = &v 9246 return s 9247} 9248 9249// SetEmail sets the Email field's value. 9250func (s *Account) SetEmail(v string) *Account { 9251 s.Email = &v 9252 return s 9253} 9254 9255// SetId sets the Id field's value. 9256func (s *Account) SetId(v string) *Account { 9257 s.Id = &v 9258 return s 9259} 9260 9261// SetJoinedMethod sets the JoinedMethod field's value. 9262func (s *Account) SetJoinedMethod(v string) *Account { 9263 s.JoinedMethod = &v 9264 return s 9265} 9266 9267// SetJoinedTimestamp sets the JoinedTimestamp field's value. 9268func (s *Account) SetJoinedTimestamp(v time.Time) *Account { 9269 s.JoinedTimestamp = &v 9270 return s 9271} 9272 9273// SetName sets the Name field's value. 9274func (s *Account) SetName(v string) *Account { 9275 s.Name = &v 9276 return s 9277} 9278 9279// SetStatus sets the Status field's value. 9280func (s *Account) SetStatus(v string) *Account { 9281 s.Status = &v 9282 return s 9283} 9284 9285// See also, https://docs.aws.amazon.com/goto/WebAPI/organizations-2016-11-28/AttachPolicyRequest 9286type AttachPolicyInput struct { 9287 _ struct{} `type:"structure"` 9288 9289 // The unique identifier (ID) of the policy that you want to attach to the target. 9290 // You can get the ID for the policy by calling the ListPolicies operation. 9291 // 9292 // The regex pattern (http://wikipedia.org/wiki/regex) for a policy ID string 9293 // requires "p-" followed by from 8 to 128 lower-case letters or digits. 9294 // 9295 // PolicyId is a required field 9296 PolicyId *string `type:"string" required:"true"` 9297 9298 // The unique identifier (ID) of the root, OU, or account that you want to attach 9299 // the policy to. You can get the ID by calling the ListRoots, ListOrganizationalUnitsForParent, 9300 // or ListAccounts operations. 9301 // 9302 // The regex pattern (http://wikipedia.org/wiki/regex) for a target ID string 9303 // requires one of the following: 9304 // 9305 // * Root: a string that begins with "r-" followed by from 4 to 32 lower-case 9306 // letters or digits. 9307 // 9308 // * Account: a string that consists of exactly 12 digits. 9309 // 9310 // * Organizational unit (OU): a string that begins with "ou-" followed by 9311 // from 4 to 32 lower-case letters or digits (the ID of the root that the 9312 // OU is in) followed by a second "-" dash and from 8 to 32 additional lower-case 9313 // letters or digits. 9314 // 9315 // TargetId is a required field 9316 TargetId *string `type:"string" required:"true"` 9317} 9318 9319// String returns the string representation 9320func (s AttachPolicyInput) String() string { 9321 return awsutil.Prettify(s) 9322} 9323 9324// GoString returns the string representation 9325func (s AttachPolicyInput) GoString() string { 9326 return s.String() 9327} 9328 9329// Validate inspects the fields of the type to determine if they are valid. 9330func (s *AttachPolicyInput) Validate() error { 9331 invalidParams := request.ErrInvalidParams{Context: "AttachPolicyInput"} 9332 if s.PolicyId == nil { 9333 invalidParams.Add(request.NewErrParamRequired("PolicyId")) 9334 } 9335 if s.TargetId == nil { 9336 invalidParams.Add(request.NewErrParamRequired("TargetId")) 9337 } 9338 9339 if invalidParams.Len() > 0 { 9340 return invalidParams 9341 } 9342 return nil 9343} 9344 9345// SetPolicyId sets the PolicyId field's value. 9346func (s *AttachPolicyInput) SetPolicyId(v string) *AttachPolicyInput { 9347 s.PolicyId = &v 9348 return s 9349} 9350 9351// SetTargetId sets the TargetId field's value. 9352func (s *AttachPolicyInput) SetTargetId(v string) *AttachPolicyInput { 9353 s.TargetId = &v 9354 return s 9355} 9356 9357// See also, https://docs.aws.amazon.com/goto/WebAPI/organizations-2016-11-28/AttachPolicyOutput 9358type AttachPolicyOutput struct { 9359 _ struct{} `type:"structure"` 9360} 9361 9362// String returns the string representation 9363func (s AttachPolicyOutput) String() string { 9364 return awsutil.Prettify(s) 9365} 9366 9367// GoString returns the string representation 9368func (s AttachPolicyOutput) GoString() string { 9369 return s.String() 9370} 9371 9372// See also, https://docs.aws.amazon.com/goto/WebAPI/organizations-2016-11-28/CancelHandshakeRequest 9373type CancelHandshakeInput struct { 9374 _ struct{} `type:"structure"` 9375 9376 // The unique identifier (ID) of the handshake that you want to cancel. You 9377 // can get the ID from the ListHandshakesForOrganization operation. 9378 // 9379 // The regex pattern (http://wikipedia.org/wiki/regex) for handshake ID string 9380 // requires "h-" followed by from 8 to 32 lower-case letters or digits. 9381 // 9382 // HandshakeId is a required field 9383 HandshakeId *string `type:"string" required:"true"` 9384} 9385 9386// String returns the string representation 9387func (s CancelHandshakeInput) String() string { 9388 return awsutil.Prettify(s) 9389} 9390 9391// GoString returns the string representation 9392func (s CancelHandshakeInput) GoString() string { 9393 return s.String() 9394} 9395 9396// Validate inspects the fields of the type to determine if they are valid. 9397func (s *CancelHandshakeInput) Validate() error { 9398 invalidParams := request.ErrInvalidParams{Context: "CancelHandshakeInput"} 9399 if s.HandshakeId == nil { 9400 invalidParams.Add(request.NewErrParamRequired("HandshakeId")) 9401 } 9402 9403 if invalidParams.Len() > 0 { 9404 return invalidParams 9405 } 9406 return nil 9407} 9408 9409// SetHandshakeId sets the HandshakeId field's value. 9410func (s *CancelHandshakeInput) SetHandshakeId(v string) *CancelHandshakeInput { 9411 s.HandshakeId = &v 9412 return s 9413} 9414 9415// See also, https://docs.aws.amazon.com/goto/WebAPI/organizations-2016-11-28/CancelHandshakeResponse 9416type CancelHandshakeOutput struct { 9417 _ struct{} `type:"structure"` 9418 9419 // A structure that contains details about the handshake that you canceled. 9420 Handshake *Handshake `type:"structure"` 9421} 9422 9423// String returns the string representation 9424func (s CancelHandshakeOutput) String() string { 9425 return awsutil.Prettify(s) 9426} 9427 9428// GoString returns the string representation 9429func (s CancelHandshakeOutput) GoString() string { 9430 return s.String() 9431} 9432 9433// SetHandshake sets the Handshake field's value. 9434func (s *CancelHandshakeOutput) SetHandshake(v *Handshake) *CancelHandshakeOutput { 9435 s.Handshake = v 9436 return s 9437} 9438 9439// Contains a list of child entities, either OUs or accounts. 9440// See also, https://docs.aws.amazon.com/goto/WebAPI/organizations-2016-11-28/Child 9441type Child struct { 9442 _ struct{} `type:"structure"` 9443 9444 // The unique identifier (ID) of this child entity. 9445 // 9446 // The regex pattern (http://wikipedia.org/wiki/regex) for a child ID string 9447 // requires one of the following: 9448 // 9449 // * Account: a string that consists of exactly 12 digits. 9450 // 9451 // * Organizational unit (OU): a string that begins with "ou-" followed by 9452 // from 4 to 32 lower-case letters or digits (the ID of the root that contains 9453 // the OU) followed by a second "-" dash and from 8 to 32 additional lower-case 9454 // letters or digits. 9455 Id *string `type:"string"` 9456 9457 // The type of this child entity. 9458 Type *string `type:"string" enum:"ChildType"` 9459} 9460 9461// String returns the string representation 9462func (s Child) String() string { 9463 return awsutil.Prettify(s) 9464} 9465 9466// GoString returns the string representation 9467func (s Child) GoString() string { 9468 return s.String() 9469} 9470 9471// SetId sets the Id field's value. 9472func (s *Child) SetId(v string) *Child { 9473 s.Id = &v 9474 return s 9475} 9476 9477// SetType sets the Type field's value. 9478func (s *Child) SetType(v string) *Child { 9479 s.Type = &v 9480 return s 9481} 9482 9483// See also, https://docs.aws.amazon.com/goto/WebAPI/organizations-2016-11-28/CreateAccountRequest 9484type CreateAccountInput struct { 9485 _ struct{} `type:"structure"` 9486 9487 // The friendly name of the member account. 9488 // 9489 // AccountName is a required field 9490 AccountName *string `min:"1" type:"string" required:"true"` 9491 9492 // The email address of the owner to assign to the new member account. This 9493 // email address must not already be associated with another AWS account. You 9494 // must use a valid email address to complete account creation. You cannot access 9495 // the root user of the account or remove an account that was created with an 9496 // invalid email address. 9497 // 9498 // Email is a required field 9499 Email *string `min:"6" type:"string" required:"true"` 9500 9501 // If set to ALLOW, the new account enables IAM users to access account billing 9502 // information if they have the required permissions. If set to DENY, then only 9503 // the root user of the new account can access account billing information. 9504 // For more information, see Activating Access to the Billing and Cost Management 9505 // Console (http://docs.aws.amazon.com/awsaccountbilling/latest/aboutv2/grantaccess.html#ControllingAccessWebsite-Activate) 9506 // in the AWS Billing and Cost Management User Guide. 9507 // 9508 // If you do not specify this parameter, the value defaults to ALLOW, and IAM 9509 // users and roles with the required permissions can access billing information 9510 // for the new account. 9511 IamUserAccessToBilling *string `type:"string" enum:"IAMUserAccessToBilling"` 9512 9513 // (Optional) 9514 // 9515 // The name of an IAM role that Organizations automatically preconfigures in 9516 // the new member account. This role trusts the master account, allowing users 9517 // in the master account to assume the role, as permitted by the master account 9518 // administrator. The role has administrator permissions in the new member account. 9519 // 9520 // If you do not specify this parameter, the role name defaults to OrganizationAccountAccessRole. 9521 // 9522 // For more information about how to use this role to access the member account, 9523 // see Accessing and Administering the Member Accounts in Your Organization 9524 // (http://docs.aws.amazon.com/organizations/latest/userguide/orgs_manage_accounts_access.html#orgs_manage_accounts_create-cross-account-role) 9525 // in the AWS Organizations User Guide, and steps 2 and 3 in Tutorial: Delegate 9526 // Access Across AWS Accounts Using IAM Roles (http://docs.aws.amazon.com/IAM/latest/UserGuide/tutorial_cross-account-with-roles.html) 9527 // in the IAM User Guide. 9528 // 9529 // The regex pattern (http://wikipedia.org/wiki/regex) that is used to validate 9530 // this parameter is a string of characters that can consist of uppercase letters, 9531 // lowercase letters, digits with no spaces, and any of the following characters: 9532 // =,.@- 9533 RoleName *string `type:"string"` 9534} 9535 9536// String returns the string representation 9537func (s CreateAccountInput) String() string { 9538 return awsutil.Prettify(s) 9539} 9540 9541// GoString returns the string representation 9542func (s CreateAccountInput) GoString() string { 9543 return s.String() 9544} 9545 9546// Validate inspects the fields of the type to determine if they are valid. 9547func (s *CreateAccountInput) Validate() error { 9548 invalidParams := request.ErrInvalidParams{Context: "CreateAccountInput"} 9549 if s.AccountName == nil { 9550 invalidParams.Add(request.NewErrParamRequired("AccountName")) 9551 } 9552 if s.AccountName != nil && len(*s.AccountName) < 1 { 9553 invalidParams.Add(request.NewErrParamMinLen("AccountName", 1)) 9554 } 9555 if s.Email == nil { 9556 invalidParams.Add(request.NewErrParamRequired("Email")) 9557 } 9558 if s.Email != nil && len(*s.Email) < 6 { 9559 invalidParams.Add(request.NewErrParamMinLen("Email", 6)) 9560 } 9561 9562 if invalidParams.Len() > 0 { 9563 return invalidParams 9564 } 9565 return nil 9566} 9567 9568// SetAccountName sets the AccountName field's value. 9569func (s *CreateAccountInput) SetAccountName(v string) *CreateAccountInput { 9570 s.AccountName = &v 9571 return s 9572} 9573 9574// SetEmail sets the Email field's value. 9575func (s *CreateAccountInput) SetEmail(v string) *CreateAccountInput { 9576 s.Email = &v 9577 return s 9578} 9579 9580// SetIamUserAccessToBilling sets the IamUserAccessToBilling field's value. 9581func (s *CreateAccountInput) SetIamUserAccessToBilling(v string) *CreateAccountInput { 9582 s.IamUserAccessToBilling = &v 9583 return s 9584} 9585 9586// SetRoleName sets the RoleName field's value. 9587func (s *CreateAccountInput) SetRoleName(v string) *CreateAccountInput { 9588 s.RoleName = &v 9589 return s 9590} 9591 9592// See also, https://docs.aws.amazon.com/goto/WebAPI/organizations-2016-11-28/CreateAccountResponse 9593type CreateAccountOutput struct { 9594 _ struct{} `type:"structure"` 9595 9596 // A structure that contains details about the request to create an account. 9597 // This response structure might not be fully populated when you first receive 9598 // it because account creation is an asynchronous process. You can pass the 9599 // returned CreateAccountStatus ID as a parameter to DescribeCreateAccountStatus 9600 // to get status about the progress of the request at later times. 9601 CreateAccountStatus *CreateAccountStatus `type:"structure"` 9602} 9603 9604// String returns the string representation 9605func (s CreateAccountOutput) String() string { 9606 return awsutil.Prettify(s) 9607} 9608 9609// GoString returns the string representation 9610func (s CreateAccountOutput) GoString() string { 9611 return s.String() 9612} 9613 9614// SetCreateAccountStatus sets the CreateAccountStatus field's value. 9615func (s *CreateAccountOutput) SetCreateAccountStatus(v *CreateAccountStatus) *CreateAccountOutput { 9616 s.CreateAccountStatus = v 9617 return s 9618} 9619 9620// Contains the status about a CreateAccount request to create an AWS account 9621// in an organization. 9622// See also, https://docs.aws.amazon.com/goto/WebAPI/organizations-2016-11-28/CreateAccountStatus 9623type CreateAccountStatus struct { 9624 _ struct{} `type:"structure"` 9625 9626 // If the account was created successfully, the unique identifier (ID) of the 9627 // new account. 9628 // 9629 // The regex pattern (http://wikipedia.org/wiki/regex) for an account ID string 9630 // requires exactly 12 digits. 9631 AccountId *string `type:"string"` 9632 9633 // The account name given to the account when it was created. 9634 AccountName *string `min:"1" type:"string"` 9635 9636 // The date and time that the account was created and the request completed. 9637 CompletedTimestamp *time.Time `type:"timestamp" timestampFormat:"unix"` 9638 9639 // If the request failed, a description of the reason for the failure. 9640 // 9641 // * ACCOUNT_LIMIT_EXCEEDED: The account could not be created because you 9642 // have reached the limit on the number of accounts in your organization. 9643 // 9644 // * EMAIL_ALREADY_EXISTS: The account could not be created because another 9645 // AWS account with that email address already exists. 9646 // 9647 // * INVALID_ADDRESS: The account could not be created because the address 9648 // you provided is not valid. 9649 // 9650 // * INVALID_EMAIL: The account could not be created because the email address 9651 // you provided is not valid. 9652 // 9653 // * INTERNAL_FAILURE: The account could not be created because of an internal 9654 // failure. Try again later. If the problem persists, contact Customer Support. 9655 FailureReason *string `type:"string" enum:"CreateAccountFailureReason"` 9656 9657 // The unique identifier (ID) that references this request. You get this value 9658 // from the response of the initial CreateAccount request to create the account. 9659 // 9660 // The regex pattern (http://wikipedia.org/wiki/regex) for an create account 9661 // request ID string requires "car-" followed by from 8 to 32 lower-case letters 9662 // or digits. 9663 Id *string `type:"string"` 9664 9665 // The date and time that the request was made for the account creation. 9666 RequestedTimestamp *time.Time `type:"timestamp" timestampFormat:"unix"` 9667 9668 // The status of the request. 9669 State *string `type:"string" enum:"CreateAccountState"` 9670} 9671 9672// String returns the string representation 9673func (s CreateAccountStatus) String() string { 9674 return awsutil.Prettify(s) 9675} 9676 9677// GoString returns the string representation 9678func (s CreateAccountStatus) GoString() string { 9679 return s.String() 9680} 9681 9682// SetAccountId sets the AccountId field's value. 9683func (s *CreateAccountStatus) SetAccountId(v string) *CreateAccountStatus { 9684 s.AccountId = &v 9685 return s 9686} 9687 9688// SetAccountName sets the AccountName field's value. 9689func (s *CreateAccountStatus) SetAccountName(v string) *CreateAccountStatus { 9690 s.AccountName = &v 9691 return s 9692} 9693 9694// SetCompletedTimestamp sets the CompletedTimestamp field's value. 9695func (s *CreateAccountStatus) SetCompletedTimestamp(v time.Time) *CreateAccountStatus { 9696 s.CompletedTimestamp = &v 9697 return s 9698} 9699 9700// SetFailureReason sets the FailureReason field's value. 9701func (s *CreateAccountStatus) SetFailureReason(v string) *CreateAccountStatus { 9702 s.FailureReason = &v 9703 return s 9704} 9705 9706// SetId sets the Id field's value. 9707func (s *CreateAccountStatus) SetId(v string) *CreateAccountStatus { 9708 s.Id = &v 9709 return s 9710} 9711 9712// SetRequestedTimestamp sets the RequestedTimestamp field's value. 9713func (s *CreateAccountStatus) SetRequestedTimestamp(v time.Time) *CreateAccountStatus { 9714 s.RequestedTimestamp = &v 9715 return s 9716} 9717 9718// SetState sets the State field's value. 9719func (s *CreateAccountStatus) SetState(v string) *CreateAccountStatus { 9720 s.State = &v 9721 return s 9722} 9723 9724// See also, https://docs.aws.amazon.com/goto/WebAPI/organizations-2016-11-28/CreateOrganizationRequest 9725type CreateOrganizationInput struct { 9726 _ struct{} `type:"structure"` 9727 9728 // Specifies the feature set supported by the new organization. Each feature 9729 // set supports different levels of functionality. 9730 // 9731 // * CONSOLIDATED_BILLING: All member accounts have their bills consolidated 9732 // to and paid by the master account. For more information, see Consolidated 9733 // Billing (http://docs.aws.amazon.com/organizations/latest/userguide/orgs_getting-started_concepts.html#feature-set-cb-only) 9734 // in the AWS Organizations User Guide. 9735 // 9736 // * ALL: In addition to all the features supported by the consolidated billing 9737 // feature set, the master account can also apply any type of policy to any 9738 // member account in the organization. For more information, see All features 9739 // (http://docs.aws.amazon.com/organizations/latest/userguide/orgs_getting-started_concepts.html#feature-set-all) 9740 // in the AWS Organizations User Guide. 9741 FeatureSet *string `type:"string" enum:"OrganizationFeatureSet"` 9742} 9743 9744// String returns the string representation 9745func (s CreateOrganizationInput) String() string { 9746 return awsutil.Prettify(s) 9747} 9748 9749// GoString returns the string representation 9750func (s CreateOrganizationInput) GoString() string { 9751 return s.String() 9752} 9753 9754// SetFeatureSet sets the FeatureSet field's value. 9755func (s *CreateOrganizationInput) SetFeatureSet(v string) *CreateOrganizationInput { 9756 s.FeatureSet = &v 9757 return s 9758} 9759 9760// See also, https://docs.aws.amazon.com/goto/WebAPI/organizations-2016-11-28/CreateOrganizationResponse 9761type CreateOrganizationOutput struct { 9762 _ struct{} `type:"structure"` 9763 9764 // A structure that contains details about the newly created organization. 9765 Organization *Organization `type:"structure"` 9766} 9767 9768// String returns the string representation 9769func (s CreateOrganizationOutput) String() string { 9770 return awsutil.Prettify(s) 9771} 9772 9773// GoString returns the string representation 9774func (s CreateOrganizationOutput) GoString() string { 9775 return s.String() 9776} 9777 9778// SetOrganization sets the Organization field's value. 9779func (s *CreateOrganizationOutput) SetOrganization(v *Organization) *CreateOrganizationOutput { 9780 s.Organization = v 9781 return s 9782} 9783 9784// See also, https://docs.aws.amazon.com/goto/WebAPI/organizations-2016-11-28/CreateOrganizationalUnitRequest 9785type CreateOrganizationalUnitInput struct { 9786 _ struct{} `type:"structure"` 9787 9788 // The friendly name to assign to the new OU. 9789 // 9790 // Name is a required field 9791 Name *string `min:"1" type:"string" required:"true"` 9792 9793 // The unique identifier (ID) of the parent root or OU in which you want to 9794 // create the new OU. 9795 // 9796 // The regex pattern (http://wikipedia.org/wiki/regex) for a parent ID string 9797 // requires one of the following: 9798 // 9799 // * Root: a string that begins with "r-" followed by from 4 to 32 lower-case 9800 // letters or digits. 9801 // 9802 // * Organizational unit (OU): a string that begins with "ou-" followed by 9803 // from 4 to 32 lower-case letters or digits (the ID of the root that the 9804 // OU is in) followed by a second "-" dash and from 8 to 32 additional lower-case 9805 // letters or digits. 9806 // 9807 // ParentId is a required field 9808 ParentId *string `type:"string" required:"true"` 9809} 9810 9811// String returns the string representation 9812func (s CreateOrganizationalUnitInput) String() string { 9813 return awsutil.Prettify(s) 9814} 9815 9816// GoString returns the string representation 9817func (s CreateOrganizationalUnitInput) GoString() string { 9818 return s.String() 9819} 9820 9821// Validate inspects the fields of the type to determine if they are valid. 9822func (s *CreateOrganizationalUnitInput) Validate() error { 9823 invalidParams := request.ErrInvalidParams{Context: "CreateOrganizationalUnitInput"} 9824 if s.Name == nil { 9825 invalidParams.Add(request.NewErrParamRequired("Name")) 9826 } 9827 if s.Name != nil && len(*s.Name) < 1 { 9828 invalidParams.Add(request.NewErrParamMinLen("Name", 1)) 9829 } 9830 if s.ParentId == nil { 9831 invalidParams.Add(request.NewErrParamRequired("ParentId")) 9832 } 9833 9834 if invalidParams.Len() > 0 { 9835 return invalidParams 9836 } 9837 return nil 9838} 9839 9840// SetName sets the Name field's value. 9841func (s *CreateOrganizationalUnitInput) SetName(v string) *CreateOrganizationalUnitInput { 9842 s.Name = &v 9843 return s 9844} 9845 9846// SetParentId sets the ParentId field's value. 9847func (s *CreateOrganizationalUnitInput) SetParentId(v string) *CreateOrganizationalUnitInput { 9848 s.ParentId = &v 9849 return s 9850} 9851 9852// See also, https://docs.aws.amazon.com/goto/WebAPI/organizations-2016-11-28/CreateOrganizationalUnitResponse 9853type CreateOrganizationalUnitOutput struct { 9854 _ struct{} `type:"structure"` 9855 9856 // A structure that contains details about the newly created OU. 9857 OrganizationalUnit *OrganizationalUnit `type:"structure"` 9858} 9859 9860// String returns the string representation 9861func (s CreateOrganizationalUnitOutput) String() string { 9862 return awsutil.Prettify(s) 9863} 9864 9865// GoString returns the string representation 9866func (s CreateOrganizationalUnitOutput) GoString() string { 9867 return s.String() 9868} 9869 9870// SetOrganizationalUnit sets the OrganizationalUnit field's value. 9871func (s *CreateOrganizationalUnitOutput) SetOrganizationalUnit(v *OrganizationalUnit) *CreateOrganizationalUnitOutput { 9872 s.OrganizationalUnit = v 9873 return s 9874} 9875 9876// See also, https://docs.aws.amazon.com/goto/WebAPI/organizations-2016-11-28/CreatePolicyRequest 9877type CreatePolicyInput struct { 9878 _ struct{} `type:"structure"` 9879 9880 // The policy content to add to the new policy. For example, if you create a 9881 // service control policy (http://docs.aws.amazon.com/organizations/latest/userguide/orgs_manage_policies_scp.html) 9882 // (SCP), this string must be JSON text that specifies the permissions that 9883 // admins in attached accounts can delegate to their users, groups, and roles. 9884 // For more information about the SCP syntax, see Service Control Policy Syntax 9885 // (http://docs.aws.amazon.com/organizations/latest/userguide/orgs_reference_scp-syntax.html) 9886 // in the AWS Organizations User Guide. 9887 // 9888 // Content is a required field 9889 Content *string `min:"1" type:"string" required:"true"` 9890 9891 // An optional description to assign to the policy. 9892 // 9893 // Description is a required field 9894 Description *string `type:"string" required:"true"` 9895 9896 // The friendly name to assign to the policy. 9897 // 9898 // The regex pattern (http://wikipedia.org/wiki/regex) that is used to validate 9899 // this parameter is a string of any of the characters in the ASCII character 9900 // range. 9901 // 9902 // Name is a required field 9903 Name *string `min:"1" type:"string" required:"true"` 9904 9905 // The type of policy to create. 9906 // 9907 // In the current release, the only type of policy that you can create is a 9908 // service control policy (SCP). 9909 // 9910 // Type is a required field 9911 Type *string `type:"string" required:"true" enum:"PolicyType"` 9912} 9913 9914// String returns the string representation 9915func (s CreatePolicyInput) String() string { 9916 return awsutil.Prettify(s) 9917} 9918 9919// GoString returns the string representation 9920func (s CreatePolicyInput) GoString() string { 9921 return s.String() 9922} 9923 9924// Validate inspects the fields of the type to determine if they are valid. 9925func (s *CreatePolicyInput) Validate() error { 9926 invalidParams := request.ErrInvalidParams{Context: "CreatePolicyInput"} 9927 if s.Content == nil { 9928 invalidParams.Add(request.NewErrParamRequired("Content")) 9929 } 9930 if s.Content != nil && len(*s.Content) < 1 { 9931 invalidParams.Add(request.NewErrParamMinLen("Content", 1)) 9932 } 9933 if s.Description == nil { 9934 invalidParams.Add(request.NewErrParamRequired("Description")) 9935 } 9936 if s.Name == nil { 9937 invalidParams.Add(request.NewErrParamRequired("Name")) 9938 } 9939 if s.Name != nil && len(*s.Name) < 1 { 9940 invalidParams.Add(request.NewErrParamMinLen("Name", 1)) 9941 } 9942 if s.Type == nil { 9943 invalidParams.Add(request.NewErrParamRequired("Type")) 9944 } 9945 9946 if invalidParams.Len() > 0 { 9947 return invalidParams 9948 } 9949 return nil 9950} 9951 9952// SetContent sets the Content field's value. 9953func (s *CreatePolicyInput) SetContent(v string) *CreatePolicyInput { 9954 s.Content = &v 9955 return s 9956} 9957 9958// SetDescription sets the Description field's value. 9959func (s *CreatePolicyInput) SetDescription(v string) *CreatePolicyInput { 9960 s.Description = &v 9961 return s 9962} 9963 9964// SetName sets the Name field's value. 9965func (s *CreatePolicyInput) SetName(v string) *CreatePolicyInput { 9966 s.Name = &v 9967 return s 9968} 9969 9970// SetType sets the Type field's value. 9971func (s *CreatePolicyInput) SetType(v string) *CreatePolicyInput { 9972 s.Type = &v 9973 return s 9974} 9975 9976// See also, https://docs.aws.amazon.com/goto/WebAPI/organizations-2016-11-28/CreatePolicyResponse 9977type CreatePolicyOutput struct { 9978 _ struct{} `type:"structure"` 9979 9980 // A structure that contains details about the newly created policy. 9981 Policy *Policy `type:"structure"` 9982} 9983 9984// String returns the string representation 9985func (s CreatePolicyOutput) String() string { 9986 return awsutil.Prettify(s) 9987} 9988 9989// GoString returns the string representation 9990func (s CreatePolicyOutput) GoString() string { 9991 return s.String() 9992} 9993 9994// SetPolicy sets the Policy field's value. 9995func (s *CreatePolicyOutput) SetPolicy(v *Policy) *CreatePolicyOutput { 9996 s.Policy = v 9997 return s 9998} 9999 10000// See also, https://docs.aws.amazon.com/goto/WebAPI/organizations-2016-11-28/DeclineHandshakeRequest 10001type DeclineHandshakeInput struct { 10002 _ struct{} `type:"structure"` 10003 10004 // The unique identifier (ID) of the handshake that you want to decline. You 10005 // can get the ID from the ListHandshakesForAccount operation. 10006 // 10007 // The regex pattern (http://wikipedia.org/wiki/regex) for handshake ID string 10008 // requires "h-" followed by from 8 to 32 lower-case letters or digits. 10009 // 10010 // HandshakeId is a required field 10011 HandshakeId *string `type:"string" required:"true"` 10012} 10013 10014// String returns the string representation 10015func (s DeclineHandshakeInput) String() string { 10016 return awsutil.Prettify(s) 10017} 10018 10019// GoString returns the string representation 10020func (s DeclineHandshakeInput) GoString() string { 10021 return s.String() 10022} 10023 10024// Validate inspects the fields of the type to determine if they are valid. 10025func (s *DeclineHandshakeInput) Validate() error { 10026 invalidParams := request.ErrInvalidParams{Context: "DeclineHandshakeInput"} 10027 if s.HandshakeId == nil { 10028 invalidParams.Add(request.NewErrParamRequired("HandshakeId")) 10029 } 10030 10031 if invalidParams.Len() > 0 { 10032 return invalidParams 10033 } 10034 return nil 10035} 10036 10037// SetHandshakeId sets the HandshakeId field's value. 10038func (s *DeclineHandshakeInput) SetHandshakeId(v string) *DeclineHandshakeInput { 10039 s.HandshakeId = &v 10040 return s 10041} 10042 10043// See also, https://docs.aws.amazon.com/goto/WebAPI/organizations-2016-11-28/DeclineHandshakeResponse 10044type DeclineHandshakeOutput struct { 10045 _ struct{} `type:"structure"` 10046 10047 // A structure that contains details about the declined handshake. The state 10048 // is updated to show the value DECLINED. 10049 Handshake *Handshake `type:"structure"` 10050} 10051 10052// String returns the string representation 10053func (s DeclineHandshakeOutput) String() string { 10054 return awsutil.Prettify(s) 10055} 10056 10057// GoString returns the string representation 10058func (s DeclineHandshakeOutput) GoString() string { 10059 return s.String() 10060} 10061 10062// SetHandshake sets the Handshake field's value. 10063func (s *DeclineHandshakeOutput) SetHandshake(v *Handshake) *DeclineHandshakeOutput { 10064 s.Handshake = v 10065 return s 10066} 10067 10068// See also, https://docs.aws.amazon.com/goto/WebAPI/organizations-2016-11-28/DeleteOrganizationInput 10069type DeleteOrganizationInput struct { 10070 _ struct{} `type:"structure"` 10071} 10072 10073// String returns the string representation 10074func (s DeleteOrganizationInput) String() string { 10075 return awsutil.Prettify(s) 10076} 10077 10078// GoString returns the string representation 10079func (s DeleteOrganizationInput) GoString() string { 10080 return s.String() 10081} 10082 10083// See also, https://docs.aws.amazon.com/goto/WebAPI/organizations-2016-11-28/DeleteOrganizationOutput 10084type DeleteOrganizationOutput struct { 10085 _ struct{} `type:"structure"` 10086} 10087 10088// String returns the string representation 10089func (s DeleteOrganizationOutput) String() string { 10090 return awsutil.Prettify(s) 10091} 10092 10093// GoString returns the string representation 10094func (s DeleteOrganizationOutput) GoString() string { 10095 return s.String() 10096} 10097 10098// See also, https://docs.aws.amazon.com/goto/WebAPI/organizations-2016-11-28/DeleteOrganizationalUnitRequest 10099type DeleteOrganizationalUnitInput struct { 10100 _ struct{} `type:"structure"` 10101 10102 // The unique identifier (ID) of the organizational unit that you want to delete. 10103 // You can get the ID from the ListOrganizationalUnitsForParent operation. 10104 // 10105 // The regex pattern (http://wikipedia.org/wiki/regex) for an organizational 10106 // unit ID string requires "ou-" followed by from 4 to 32 lower-case letters 10107 // or digits (the ID of the root that contains the OU) followed by a second 10108 // "-" dash and from 8 to 32 additional lower-case letters or digits. 10109 // 10110 // OrganizationalUnitId is a required field 10111 OrganizationalUnitId *string `type:"string" required:"true"` 10112} 10113 10114// String returns the string representation 10115func (s DeleteOrganizationalUnitInput) String() string { 10116 return awsutil.Prettify(s) 10117} 10118 10119// GoString returns the string representation 10120func (s DeleteOrganizationalUnitInput) GoString() string { 10121 return s.String() 10122} 10123 10124// Validate inspects the fields of the type to determine if they are valid. 10125func (s *DeleteOrganizationalUnitInput) Validate() error { 10126 invalidParams := request.ErrInvalidParams{Context: "DeleteOrganizationalUnitInput"} 10127 if s.OrganizationalUnitId == nil { 10128 invalidParams.Add(request.NewErrParamRequired("OrganizationalUnitId")) 10129 } 10130 10131 if invalidParams.Len() > 0 { 10132 return invalidParams 10133 } 10134 return nil 10135} 10136 10137// SetOrganizationalUnitId sets the OrganizationalUnitId field's value. 10138func (s *DeleteOrganizationalUnitInput) SetOrganizationalUnitId(v string) *DeleteOrganizationalUnitInput { 10139 s.OrganizationalUnitId = &v 10140 return s 10141} 10142 10143// See also, https://docs.aws.amazon.com/goto/WebAPI/organizations-2016-11-28/DeleteOrganizationalUnitOutput 10144type DeleteOrganizationalUnitOutput struct { 10145 _ struct{} `type:"structure"` 10146} 10147 10148// String returns the string representation 10149func (s DeleteOrganizationalUnitOutput) String() string { 10150 return awsutil.Prettify(s) 10151} 10152 10153// GoString returns the string representation 10154func (s DeleteOrganizationalUnitOutput) GoString() string { 10155 return s.String() 10156} 10157 10158// See also, https://docs.aws.amazon.com/goto/WebAPI/organizations-2016-11-28/DeletePolicyRequest 10159type DeletePolicyInput struct { 10160 _ struct{} `type:"structure"` 10161 10162 // The unique identifier (ID) of the policy that you want to delete. You can 10163 // get the ID from the ListPolicies or ListPoliciesForTarget operations. 10164 // 10165 // The regex pattern (http://wikipedia.org/wiki/regex) for a policy ID string 10166 // requires "p-" followed by from 8 to 128 lower-case letters or digits. 10167 // 10168 // PolicyId is a required field 10169 PolicyId *string `type:"string" required:"true"` 10170} 10171 10172// String returns the string representation 10173func (s DeletePolicyInput) String() string { 10174 return awsutil.Prettify(s) 10175} 10176 10177// GoString returns the string representation 10178func (s DeletePolicyInput) GoString() string { 10179 return s.String() 10180} 10181 10182// Validate inspects the fields of the type to determine if they are valid. 10183func (s *DeletePolicyInput) Validate() error { 10184 invalidParams := request.ErrInvalidParams{Context: "DeletePolicyInput"} 10185 if s.PolicyId == nil { 10186 invalidParams.Add(request.NewErrParamRequired("PolicyId")) 10187 } 10188 10189 if invalidParams.Len() > 0 { 10190 return invalidParams 10191 } 10192 return nil 10193} 10194 10195// SetPolicyId sets the PolicyId field's value. 10196func (s *DeletePolicyInput) SetPolicyId(v string) *DeletePolicyInput { 10197 s.PolicyId = &v 10198 return s 10199} 10200 10201// See also, https://docs.aws.amazon.com/goto/WebAPI/organizations-2016-11-28/DeletePolicyOutput 10202type DeletePolicyOutput struct { 10203 _ struct{} `type:"structure"` 10204} 10205 10206// String returns the string representation 10207func (s DeletePolicyOutput) String() string { 10208 return awsutil.Prettify(s) 10209} 10210 10211// GoString returns the string representation 10212func (s DeletePolicyOutput) GoString() string { 10213 return s.String() 10214} 10215 10216// See also, https://docs.aws.amazon.com/goto/WebAPI/organizations-2016-11-28/DescribeAccountRequest 10217type DescribeAccountInput struct { 10218 _ struct{} `type:"structure"` 10219 10220 // The unique identifier (ID) of the AWS account that you want information about. 10221 // You can get the ID from the ListAccounts or ListAccountsForParent operations. 10222 // 10223 // The regex pattern (http://wikipedia.org/wiki/regex) for an account ID string 10224 // requires exactly 12 digits. 10225 // 10226 // AccountId is a required field 10227 AccountId *string `type:"string" required:"true"` 10228} 10229 10230// String returns the string representation 10231func (s DescribeAccountInput) String() string { 10232 return awsutil.Prettify(s) 10233} 10234 10235// GoString returns the string representation 10236func (s DescribeAccountInput) GoString() string { 10237 return s.String() 10238} 10239 10240// Validate inspects the fields of the type to determine if they are valid. 10241func (s *DescribeAccountInput) Validate() error { 10242 invalidParams := request.ErrInvalidParams{Context: "DescribeAccountInput"} 10243 if s.AccountId == nil { 10244 invalidParams.Add(request.NewErrParamRequired("AccountId")) 10245 } 10246 10247 if invalidParams.Len() > 0 { 10248 return invalidParams 10249 } 10250 return nil 10251} 10252 10253// SetAccountId sets the AccountId field's value. 10254func (s *DescribeAccountInput) SetAccountId(v string) *DescribeAccountInput { 10255 s.AccountId = &v 10256 return s 10257} 10258 10259// See also, https://docs.aws.amazon.com/goto/WebAPI/organizations-2016-11-28/DescribeAccountResponse 10260type DescribeAccountOutput struct { 10261 _ struct{} `type:"structure"` 10262 10263 // A structure that contains information about the requested account. 10264 Account *Account `type:"structure"` 10265} 10266 10267// String returns the string representation 10268func (s DescribeAccountOutput) String() string { 10269 return awsutil.Prettify(s) 10270} 10271 10272// GoString returns the string representation 10273func (s DescribeAccountOutput) GoString() string { 10274 return s.String() 10275} 10276 10277// SetAccount sets the Account field's value. 10278func (s *DescribeAccountOutput) SetAccount(v *Account) *DescribeAccountOutput { 10279 s.Account = v 10280 return s 10281} 10282 10283// See also, https://docs.aws.amazon.com/goto/WebAPI/organizations-2016-11-28/DescribeCreateAccountStatusRequest 10284type DescribeCreateAccountStatusInput struct { 10285 _ struct{} `type:"structure"` 10286 10287 // Specifies the operationId that uniquely identifies the request. You can get 10288 // the ID from the response to an earlier CreateAccount request, or from the 10289 // ListCreateAccountStatus operation. 10290 // 10291 // The regex pattern (http://wikipedia.org/wiki/regex) for an create account 10292 // request ID string requires "car-" followed by from 8 to 32 lower-case letters 10293 // or digits. 10294 // 10295 // CreateAccountRequestId is a required field 10296 CreateAccountRequestId *string `type:"string" required:"true"` 10297} 10298 10299// String returns the string representation 10300func (s DescribeCreateAccountStatusInput) String() string { 10301 return awsutil.Prettify(s) 10302} 10303 10304// GoString returns the string representation 10305func (s DescribeCreateAccountStatusInput) GoString() string { 10306 return s.String() 10307} 10308 10309// Validate inspects the fields of the type to determine if they are valid. 10310func (s *DescribeCreateAccountStatusInput) Validate() error { 10311 invalidParams := request.ErrInvalidParams{Context: "DescribeCreateAccountStatusInput"} 10312 if s.CreateAccountRequestId == nil { 10313 invalidParams.Add(request.NewErrParamRequired("CreateAccountRequestId")) 10314 } 10315 10316 if invalidParams.Len() > 0 { 10317 return invalidParams 10318 } 10319 return nil 10320} 10321 10322// SetCreateAccountRequestId sets the CreateAccountRequestId field's value. 10323func (s *DescribeCreateAccountStatusInput) SetCreateAccountRequestId(v string) *DescribeCreateAccountStatusInput { 10324 s.CreateAccountRequestId = &v 10325 return s 10326} 10327 10328// See also, https://docs.aws.amazon.com/goto/WebAPI/organizations-2016-11-28/DescribeCreateAccountStatusResponse 10329type DescribeCreateAccountStatusOutput struct { 10330 _ struct{} `type:"structure"` 10331 10332 // A structure that contains the current status of an account creation request. 10333 CreateAccountStatus *CreateAccountStatus `type:"structure"` 10334} 10335 10336// String returns the string representation 10337func (s DescribeCreateAccountStatusOutput) String() string { 10338 return awsutil.Prettify(s) 10339} 10340 10341// GoString returns the string representation 10342func (s DescribeCreateAccountStatusOutput) GoString() string { 10343 return s.String() 10344} 10345 10346// SetCreateAccountStatus sets the CreateAccountStatus field's value. 10347func (s *DescribeCreateAccountStatusOutput) SetCreateAccountStatus(v *CreateAccountStatus) *DescribeCreateAccountStatusOutput { 10348 s.CreateAccountStatus = v 10349 return s 10350} 10351 10352// See also, https://docs.aws.amazon.com/goto/WebAPI/organizations-2016-11-28/DescribeHandshakeRequest 10353type DescribeHandshakeInput struct { 10354 _ struct{} `type:"structure"` 10355 10356 // The unique identifier (ID) of the handshake that you want information about. 10357 // You can get the ID from the original call to InviteAccountToOrganization, 10358 // or from a call to ListHandshakesForAccount or ListHandshakesForOrganization. 10359 // 10360 // The regex pattern (http://wikipedia.org/wiki/regex) for handshake ID string 10361 // requires "h-" followed by from 8 to 32 lower-case letters or digits. 10362 // 10363 // HandshakeId is a required field 10364 HandshakeId *string `type:"string" required:"true"` 10365} 10366 10367// String returns the string representation 10368func (s DescribeHandshakeInput) String() string { 10369 return awsutil.Prettify(s) 10370} 10371 10372// GoString returns the string representation 10373func (s DescribeHandshakeInput) GoString() string { 10374 return s.String() 10375} 10376 10377// Validate inspects the fields of the type to determine if they are valid. 10378func (s *DescribeHandshakeInput) Validate() error { 10379 invalidParams := request.ErrInvalidParams{Context: "DescribeHandshakeInput"} 10380 if s.HandshakeId == nil { 10381 invalidParams.Add(request.NewErrParamRequired("HandshakeId")) 10382 } 10383 10384 if invalidParams.Len() > 0 { 10385 return invalidParams 10386 } 10387 return nil 10388} 10389 10390// SetHandshakeId sets the HandshakeId field's value. 10391func (s *DescribeHandshakeInput) SetHandshakeId(v string) *DescribeHandshakeInput { 10392 s.HandshakeId = &v 10393 return s 10394} 10395 10396// See also, https://docs.aws.amazon.com/goto/WebAPI/organizations-2016-11-28/DescribeHandshakeResponse 10397type DescribeHandshakeOutput struct { 10398 _ struct{} `type:"structure"` 10399 10400 // A structure that contains information about the specified handshake. 10401 Handshake *Handshake `type:"structure"` 10402} 10403 10404// String returns the string representation 10405func (s DescribeHandshakeOutput) String() string { 10406 return awsutil.Prettify(s) 10407} 10408 10409// GoString returns the string representation 10410func (s DescribeHandshakeOutput) GoString() string { 10411 return s.String() 10412} 10413 10414// SetHandshake sets the Handshake field's value. 10415func (s *DescribeHandshakeOutput) SetHandshake(v *Handshake) *DescribeHandshakeOutput { 10416 s.Handshake = v 10417 return s 10418} 10419 10420// See also, https://docs.aws.amazon.com/goto/WebAPI/organizations-2016-11-28/DescribeOrganizationInput 10421type DescribeOrganizationInput struct { 10422 _ struct{} `type:"structure"` 10423} 10424 10425// String returns the string representation 10426func (s DescribeOrganizationInput) String() string { 10427 return awsutil.Prettify(s) 10428} 10429 10430// GoString returns the string representation 10431func (s DescribeOrganizationInput) GoString() string { 10432 return s.String() 10433} 10434 10435// See also, https://docs.aws.amazon.com/goto/WebAPI/organizations-2016-11-28/DescribeOrganizationResponse 10436type DescribeOrganizationOutput struct { 10437 _ struct{} `type:"structure"` 10438 10439 // A structure that contains information about the organization. 10440 Organization *Organization `type:"structure"` 10441} 10442 10443// String returns the string representation 10444func (s DescribeOrganizationOutput) String() string { 10445 return awsutil.Prettify(s) 10446} 10447 10448// GoString returns the string representation 10449func (s DescribeOrganizationOutput) GoString() string { 10450 return s.String() 10451} 10452 10453// SetOrganization sets the Organization field's value. 10454func (s *DescribeOrganizationOutput) SetOrganization(v *Organization) *DescribeOrganizationOutput { 10455 s.Organization = v 10456 return s 10457} 10458 10459// See also, https://docs.aws.amazon.com/goto/WebAPI/organizations-2016-11-28/DescribeOrganizationalUnitRequest 10460type DescribeOrganizationalUnitInput struct { 10461 _ struct{} `type:"structure"` 10462 10463 // The unique identifier (ID) of the organizational unit that you want details 10464 // about. You can get the ID from the ListOrganizationalUnitsForParent operation. 10465 // 10466 // The regex pattern (http://wikipedia.org/wiki/regex) for an organizational 10467 // unit ID string requires "ou-" followed by from 4 to 32 lower-case letters 10468 // or digits (the ID of the root that contains the OU) followed by a second 10469 // "-" dash and from 8 to 32 additional lower-case letters or digits. 10470 // 10471 // OrganizationalUnitId is a required field 10472 OrganizationalUnitId *string `type:"string" required:"true"` 10473} 10474 10475// String returns the string representation 10476func (s DescribeOrganizationalUnitInput) String() string { 10477 return awsutil.Prettify(s) 10478} 10479 10480// GoString returns the string representation 10481func (s DescribeOrganizationalUnitInput) GoString() string { 10482 return s.String() 10483} 10484 10485// Validate inspects the fields of the type to determine if they are valid. 10486func (s *DescribeOrganizationalUnitInput) Validate() error { 10487 invalidParams := request.ErrInvalidParams{Context: "DescribeOrganizationalUnitInput"} 10488 if s.OrganizationalUnitId == nil { 10489 invalidParams.Add(request.NewErrParamRequired("OrganizationalUnitId")) 10490 } 10491 10492 if invalidParams.Len() > 0 { 10493 return invalidParams 10494 } 10495 return nil 10496} 10497 10498// SetOrganizationalUnitId sets the OrganizationalUnitId field's value. 10499func (s *DescribeOrganizationalUnitInput) SetOrganizationalUnitId(v string) *DescribeOrganizationalUnitInput { 10500 s.OrganizationalUnitId = &v 10501 return s 10502} 10503 10504// See also, https://docs.aws.amazon.com/goto/WebAPI/organizations-2016-11-28/DescribeOrganizationalUnitResponse 10505type DescribeOrganizationalUnitOutput struct { 10506 _ struct{} `type:"structure"` 10507 10508 // A structure that contains details about the specified OU. 10509 OrganizationalUnit *OrganizationalUnit `type:"structure"` 10510} 10511 10512// String returns the string representation 10513func (s DescribeOrganizationalUnitOutput) String() string { 10514 return awsutil.Prettify(s) 10515} 10516 10517// GoString returns the string representation 10518func (s DescribeOrganizationalUnitOutput) GoString() string { 10519 return s.String() 10520} 10521 10522// SetOrganizationalUnit sets the OrganizationalUnit field's value. 10523func (s *DescribeOrganizationalUnitOutput) SetOrganizationalUnit(v *OrganizationalUnit) *DescribeOrganizationalUnitOutput { 10524 s.OrganizationalUnit = v 10525 return s 10526} 10527 10528// See also, https://docs.aws.amazon.com/goto/WebAPI/organizations-2016-11-28/DescribePolicyRequest 10529type DescribePolicyInput struct { 10530 _ struct{} `type:"structure"` 10531 10532 // The unique identifier (ID) of the policy that you want details about. You 10533 // can get the ID from the ListPolicies or ListPoliciesForTarget operations. 10534 // 10535 // The regex pattern (http://wikipedia.org/wiki/regex) for a policy ID string 10536 // requires "p-" followed by from 8 to 128 lower-case letters or digits. 10537 // 10538 // PolicyId is a required field 10539 PolicyId *string `type:"string" required:"true"` 10540} 10541 10542// String returns the string representation 10543func (s DescribePolicyInput) String() string { 10544 return awsutil.Prettify(s) 10545} 10546 10547// GoString returns the string representation 10548func (s DescribePolicyInput) GoString() string { 10549 return s.String() 10550} 10551 10552// Validate inspects the fields of the type to determine if they are valid. 10553func (s *DescribePolicyInput) Validate() error { 10554 invalidParams := request.ErrInvalidParams{Context: "DescribePolicyInput"} 10555 if s.PolicyId == nil { 10556 invalidParams.Add(request.NewErrParamRequired("PolicyId")) 10557 } 10558 10559 if invalidParams.Len() > 0 { 10560 return invalidParams 10561 } 10562 return nil 10563} 10564 10565// SetPolicyId sets the PolicyId field's value. 10566func (s *DescribePolicyInput) SetPolicyId(v string) *DescribePolicyInput { 10567 s.PolicyId = &v 10568 return s 10569} 10570 10571// See also, https://docs.aws.amazon.com/goto/WebAPI/organizations-2016-11-28/DescribePolicyResponse 10572type DescribePolicyOutput struct { 10573 _ struct{} `type:"structure"` 10574 10575 // A structure that contains details about the specified policy. 10576 Policy *Policy `type:"structure"` 10577} 10578 10579// String returns the string representation 10580func (s DescribePolicyOutput) String() string { 10581 return awsutil.Prettify(s) 10582} 10583 10584// GoString returns the string representation 10585func (s DescribePolicyOutput) GoString() string { 10586 return s.String() 10587} 10588 10589// SetPolicy sets the Policy field's value. 10590func (s *DescribePolicyOutput) SetPolicy(v *Policy) *DescribePolicyOutput { 10591 s.Policy = v 10592 return s 10593} 10594 10595// See also, https://docs.aws.amazon.com/goto/WebAPI/organizations-2016-11-28/DetachPolicyRequest 10596type DetachPolicyInput struct { 10597 _ struct{} `type:"structure"` 10598 10599 // The unique identifier (ID) of the policy you want to detach. You can get 10600 // the ID from the ListPolicies or ListPoliciesForTarget operations. 10601 // 10602 // The regex pattern (http://wikipedia.org/wiki/regex) for a policy ID string 10603 // requires "p-" followed by from 8 to 128 lower-case letters or digits. 10604 // 10605 // PolicyId is a required field 10606 PolicyId *string `type:"string" required:"true"` 10607 10608 // The unique identifier (ID) of the root, OU, or account from which you want 10609 // to detach the policy. You can get the ID from the ListRoots, ListOrganizationalUnitsForParent, 10610 // or ListAccounts operations. 10611 // 10612 // The regex pattern (http://wikipedia.org/wiki/regex) for a target ID string 10613 // requires one of the following: 10614 // 10615 // * Root: a string that begins with "r-" followed by from 4 to 32 lower-case 10616 // letters or digits. 10617 // 10618 // * Account: a string that consists of exactly 12 digits. 10619 // 10620 // * Organizational unit (OU): a string that begins with "ou-" followed by 10621 // from 4 to 32 lower-case letters or digits (the ID of the root that the 10622 // OU is in) followed by a second "-" dash and from 8 to 32 additional lower-case 10623 // letters or digits. 10624 // 10625 // TargetId is a required field 10626 TargetId *string `type:"string" required:"true"` 10627} 10628 10629// String returns the string representation 10630func (s DetachPolicyInput) String() string { 10631 return awsutil.Prettify(s) 10632} 10633 10634// GoString returns the string representation 10635func (s DetachPolicyInput) GoString() string { 10636 return s.String() 10637} 10638 10639// Validate inspects the fields of the type to determine if they are valid. 10640func (s *DetachPolicyInput) Validate() error { 10641 invalidParams := request.ErrInvalidParams{Context: "DetachPolicyInput"} 10642 if s.PolicyId == nil { 10643 invalidParams.Add(request.NewErrParamRequired("PolicyId")) 10644 } 10645 if s.TargetId == nil { 10646 invalidParams.Add(request.NewErrParamRequired("TargetId")) 10647 } 10648 10649 if invalidParams.Len() > 0 { 10650 return invalidParams 10651 } 10652 return nil 10653} 10654 10655// SetPolicyId sets the PolicyId field's value. 10656func (s *DetachPolicyInput) SetPolicyId(v string) *DetachPolicyInput { 10657 s.PolicyId = &v 10658 return s 10659} 10660 10661// SetTargetId sets the TargetId field's value. 10662func (s *DetachPolicyInput) SetTargetId(v string) *DetachPolicyInput { 10663 s.TargetId = &v 10664 return s 10665} 10666 10667// See also, https://docs.aws.amazon.com/goto/WebAPI/organizations-2016-11-28/DetachPolicyOutput 10668type DetachPolicyOutput struct { 10669 _ struct{} `type:"structure"` 10670} 10671 10672// String returns the string representation 10673func (s DetachPolicyOutput) String() string { 10674 return awsutil.Prettify(s) 10675} 10676 10677// GoString returns the string representation 10678func (s DetachPolicyOutput) GoString() string { 10679 return s.String() 10680} 10681 10682// See also, https://docs.aws.amazon.com/goto/WebAPI/organizations-2016-11-28/DisableAWSServiceAccessRequest 10683type DisableAWSServiceAccessInput struct { 10684 _ struct{} `type:"structure"` 10685 10686 // The service principal name of the AWS service for which you want to disable 10687 // integration with your organization. This is typically in the form of a URL, 10688 // such as service-abbreviation.amazonaws.com. 10689 // 10690 // ServicePrincipal is a required field 10691 ServicePrincipal *string `min:"1" type:"string" required:"true"` 10692} 10693 10694// String returns the string representation 10695func (s DisableAWSServiceAccessInput) String() string { 10696 return awsutil.Prettify(s) 10697} 10698 10699// GoString returns the string representation 10700func (s DisableAWSServiceAccessInput) GoString() string { 10701 return s.String() 10702} 10703 10704// Validate inspects the fields of the type to determine if they are valid. 10705func (s *DisableAWSServiceAccessInput) Validate() error { 10706 invalidParams := request.ErrInvalidParams{Context: "DisableAWSServiceAccessInput"} 10707 if s.ServicePrincipal == nil { 10708 invalidParams.Add(request.NewErrParamRequired("ServicePrincipal")) 10709 } 10710 if s.ServicePrincipal != nil && len(*s.ServicePrincipal) < 1 { 10711 invalidParams.Add(request.NewErrParamMinLen("ServicePrincipal", 1)) 10712 } 10713 10714 if invalidParams.Len() > 0 { 10715 return invalidParams 10716 } 10717 return nil 10718} 10719 10720// SetServicePrincipal sets the ServicePrincipal field's value. 10721func (s *DisableAWSServiceAccessInput) SetServicePrincipal(v string) *DisableAWSServiceAccessInput { 10722 s.ServicePrincipal = &v 10723 return s 10724} 10725 10726// See also, https://docs.aws.amazon.com/goto/WebAPI/organizations-2016-11-28/DisableAWSServiceAccessOutput 10727type DisableAWSServiceAccessOutput struct { 10728 _ struct{} `type:"structure"` 10729} 10730 10731// String returns the string representation 10732func (s DisableAWSServiceAccessOutput) String() string { 10733 return awsutil.Prettify(s) 10734} 10735 10736// GoString returns the string representation 10737func (s DisableAWSServiceAccessOutput) GoString() string { 10738 return s.String() 10739} 10740 10741// See also, https://docs.aws.amazon.com/goto/WebAPI/organizations-2016-11-28/DisablePolicyTypeRequest 10742type DisablePolicyTypeInput struct { 10743 _ struct{} `type:"structure"` 10744 10745 // The policy type that you want to disable in this root. 10746 // 10747 // PolicyType is a required field 10748 PolicyType *string `type:"string" required:"true" enum:"PolicyType"` 10749 10750 // The unique identifier (ID) of the root in which you want to disable a policy 10751 // type. You can get the ID from the ListRoots operation. 10752 // 10753 // The regex pattern (http://wikipedia.org/wiki/regex) for a root ID string 10754 // requires "r-" followed by from 4 to 32 lower-case letters or digits. 10755 // 10756 // RootId is a required field 10757 RootId *string `type:"string" required:"true"` 10758} 10759 10760// String returns the string representation 10761func (s DisablePolicyTypeInput) String() string { 10762 return awsutil.Prettify(s) 10763} 10764 10765// GoString returns the string representation 10766func (s DisablePolicyTypeInput) GoString() string { 10767 return s.String() 10768} 10769 10770// Validate inspects the fields of the type to determine if they are valid. 10771func (s *DisablePolicyTypeInput) Validate() error { 10772 invalidParams := request.ErrInvalidParams{Context: "DisablePolicyTypeInput"} 10773 if s.PolicyType == nil { 10774 invalidParams.Add(request.NewErrParamRequired("PolicyType")) 10775 } 10776 if s.RootId == nil { 10777 invalidParams.Add(request.NewErrParamRequired("RootId")) 10778 } 10779 10780 if invalidParams.Len() > 0 { 10781 return invalidParams 10782 } 10783 return nil 10784} 10785 10786// SetPolicyType sets the PolicyType field's value. 10787func (s *DisablePolicyTypeInput) SetPolicyType(v string) *DisablePolicyTypeInput { 10788 s.PolicyType = &v 10789 return s 10790} 10791 10792// SetRootId sets the RootId field's value. 10793func (s *DisablePolicyTypeInput) SetRootId(v string) *DisablePolicyTypeInput { 10794 s.RootId = &v 10795 return s 10796} 10797 10798// See also, https://docs.aws.amazon.com/goto/WebAPI/organizations-2016-11-28/DisablePolicyTypeResponse 10799type DisablePolicyTypeOutput struct { 10800 _ struct{} `type:"structure"` 10801 10802 // A structure that shows the root with the updated list of enabled policy types. 10803 Root *Root `type:"structure"` 10804} 10805 10806// String returns the string representation 10807func (s DisablePolicyTypeOutput) String() string { 10808 return awsutil.Prettify(s) 10809} 10810 10811// GoString returns the string representation 10812func (s DisablePolicyTypeOutput) GoString() string { 10813 return s.String() 10814} 10815 10816// SetRoot sets the Root field's value. 10817func (s *DisablePolicyTypeOutput) SetRoot(v *Root) *DisablePolicyTypeOutput { 10818 s.Root = v 10819 return s 10820} 10821 10822// See also, https://docs.aws.amazon.com/goto/WebAPI/organizations-2016-11-28/EnableAWSServiceAccessRequest 10823type EnableAWSServiceAccessInput struct { 10824 _ struct{} `type:"structure"` 10825 10826 // The service principal name of the AWS service for which you want to enable 10827 // integration with your organization. This is typically in the form of a URL, 10828 // such as service-abbreviation.amazonaws.com. 10829 // 10830 // ServicePrincipal is a required field 10831 ServicePrincipal *string `min:"1" type:"string" required:"true"` 10832} 10833 10834// String returns the string representation 10835func (s EnableAWSServiceAccessInput) String() string { 10836 return awsutil.Prettify(s) 10837} 10838 10839// GoString returns the string representation 10840func (s EnableAWSServiceAccessInput) GoString() string { 10841 return s.String() 10842} 10843 10844// Validate inspects the fields of the type to determine if they are valid. 10845func (s *EnableAWSServiceAccessInput) Validate() error { 10846 invalidParams := request.ErrInvalidParams{Context: "EnableAWSServiceAccessInput"} 10847 if s.ServicePrincipal == nil { 10848 invalidParams.Add(request.NewErrParamRequired("ServicePrincipal")) 10849 } 10850 if s.ServicePrincipal != nil && len(*s.ServicePrincipal) < 1 { 10851 invalidParams.Add(request.NewErrParamMinLen("ServicePrincipal", 1)) 10852 } 10853 10854 if invalidParams.Len() > 0 { 10855 return invalidParams 10856 } 10857 return nil 10858} 10859 10860// SetServicePrincipal sets the ServicePrincipal field's value. 10861func (s *EnableAWSServiceAccessInput) SetServicePrincipal(v string) *EnableAWSServiceAccessInput { 10862 s.ServicePrincipal = &v 10863 return s 10864} 10865 10866// See also, https://docs.aws.amazon.com/goto/WebAPI/organizations-2016-11-28/EnableAWSServiceAccessOutput 10867type EnableAWSServiceAccessOutput struct { 10868 _ struct{} `type:"structure"` 10869} 10870 10871// String returns the string representation 10872func (s EnableAWSServiceAccessOutput) String() string { 10873 return awsutil.Prettify(s) 10874} 10875 10876// GoString returns the string representation 10877func (s EnableAWSServiceAccessOutput) GoString() string { 10878 return s.String() 10879} 10880 10881// See also, https://docs.aws.amazon.com/goto/WebAPI/organizations-2016-11-28/EnableAllFeaturesRequest 10882type EnableAllFeaturesInput struct { 10883 _ struct{} `type:"structure"` 10884} 10885 10886// String returns the string representation 10887func (s EnableAllFeaturesInput) String() string { 10888 return awsutil.Prettify(s) 10889} 10890 10891// GoString returns the string representation 10892func (s EnableAllFeaturesInput) GoString() string { 10893 return s.String() 10894} 10895 10896// See also, https://docs.aws.amazon.com/goto/WebAPI/organizations-2016-11-28/EnableAllFeaturesResponse 10897type EnableAllFeaturesOutput struct { 10898 _ struct{} `type:"structure"` 10899 10900 // A structure that contains details about the handshake created to support 10901 // this request to enable all features in the organization. 10902 Handshake *Handshake `type:"structure"` 10903} 10904 10905// String returns the string representation 10906func (s EnableAllFeaturesOutput) String() string { 10907 return awsutil.Prettify(s) 10908} 10909 10910// GoString returns the string representation 10911func (s EnableAllFeaturesOutput) GoString() string { 10912 return s.String() 10913} 10914 10915// SetHandshake sets the Handshake field's value. 10916func (s *EnableAllFeaturesOutput) SetHandshake(v *Handshake) *EnableAllFeaturesOutput { 10917 s.Handshake = v 10918 return s 10919} 10920 10921// See also, https://docs.aws.amazon.com/goto/WebAPI/organizations-2016-11-28/EnablePolicyTypeRequest 10922type EnablePolicyTypeInput struct { 10923 _ struct{} `type:"structure"` 10924 10925 // The policy type that you want to enable. 10926 // 10927 // PolicyType is a required field 10928 PolicyType *string `type:"string" required:"true" enum:"PolicyType"` 10929 10930 // The unique identifier (ID) of the root in which you want to enable a policy 10931 // type. You can get the ID from the ListRoots operation. 10932 // 10933 // The regex pattern (http://wikipedia.org/wiki/regex) for a root ID string 10934 // requires "r-" followed by from 4 to 32 lower-case letters or digits. 10935 // 10936 // RootId is a required field 10937 RootId *string `type:"string" required:"true"` 10938} 10939 10940// String returns the string representation 10941func (s EnablePolicyTypeInput) String() string { 10942 return awsutil.Prettify(s) 10943} 10944 10945// GoString returns the string representation 10946func (s EnablePolicyTypeInput) GoString() string { 10947 return s.String() 10948} 10949 10950// Validate inspects the fields of the type to determine if they are valid. 10951func (s *EnablePolicyTypeInput) Validate() error { 10952 invalidParams := request.ErrInvalidParams{Context: "EnablePolicyTypeInput"} 10953 if s.PolicyType == nil { 10954 invalidParams.Add(request.NewErrParamRequired("PolicyType")) 10955 } 10956 if s.RootId == nil { 10957 invalidParams.Add(request.NewErrParamRequired("RootId")) 10958 } 10959 10960 if invalidParams.Len() > 0 { 10961 return invalidParams 10962 } 10963 return nil 10964} 10965 10966// SetPolicyType sets the PolicyType field's value. 10967func (s *EnablePolicyTypeInput) SetPolicyType(v string) *EnablePolicyTypeInput { 10968 s.PolicyType = &v 10969 return s 10970} 10971 10972// SetRootId sets the RootId field's value. 10973func (s *EnablePolicyTypeInput) SetRootId(v string) *EnablePolicyTypeInput { 10974 s.RootId = &v 10975 return s 10976} 10977 10978// See also, https://docs.aws.amazon.com/goto/WebAPI/organizations-2016-11-28/EnablePolicyTypeResponse 10979type EnablePolicyTypeOutput struct { 10980 _ struct{} `type:"structure"` 10981 10982 // A structure that shows the root with the updated list of enabled policy types. 10983 Root *Root `type:"structure"` 10984} 10985 10986// String returns the string representation 10987func (s EnablePolicyTypeOutput) String() string { 10988 return awsutil.Prettify(s) 10989} 10990 10991// GoString returns the string representation 10992func (s EnablePolicyTypeOutput) GoString() string { 10993 return s.String() 10994} 10995 10996// SetRoot sets the Root field's value. 10997func (s *EnablePolicyTypeOutput) SetRoot(v *Root) *EnablePolicyTypeOutput { 10998 s.Root = v 10999 return s 11000} 11001 11002// A structure that contains details of a service principal that is enabled 11003// to integrate with AWS Organizations. 11004// See also, https://docs.aws.amazon.com/goto/WebAPI/organizations-2016-11-28/EnabledServicePrincipal 11005type EnabledServicePrincipal struct { 11006 _ struct{} `type:"structure"` 11007 11008 // The date that the service principal was enabled for integration with AWS 11009 // Organizations. 11010 DateEnabled *time.Time `type:"timestamp" timestampFormat:"unix"` 11011 11012 // The name of the service principal. This is typically in the form of a URL, 11013 // such as: servicename.amazonaws.com. 11014 ServicePrincipal *string `min:"1" type:"string"` 11015} 11016 11017// String returns the string representation 11018func (s EnabledServicePrincipal) String() string { 11019 return awsutil.Prettify(s) 11020} 11021 11022// GoString returns the string representation 11023func (s EnabledServicePrincipal) GoString() string { 11024 return s.String() 11025} 11026 11027// SetDateEnabled sets the DateEnabled field's value. 11028func (s *EnabledServicePrincipal) SetDateEnabled(v time.Time) *EnabledServicePrincipal { 11029 s.DateEnabled = &v 11030 return s 11031} 11032 11033// SetServicePrincipal sets the ServicePrincipal field's value. 11034func (s *EnabledServicePrincipal) SetServicePrincipal(v string) *EnabledServicePrincipal { 11035 s.ServicePrincipal = &v 11036 return s 11037} 11038 11039// Contains information that must be exchanged to securely establish a relationship 11040// between two accounts (an originator and a recipient). For example, when a 11041// master account (the originator) invites another account (the recipient) to 11042// join its organization, the two accounts exchange information as a series 11043// of handshake requests and responses. 11044// 11045// Note: Handshakes that are CANCELED, ACCEPTED, or DECLINED show up in lists 11046// for only 30 days after entering that state After that they are deleted. 11047// See also, https://docs.aws.amazon.com/goto/WebAPI/organizations-2016-11-28/Handshake 11048type Handshake struct { 11049 _ struct{} `type:"structure"` 11050 11051 // The type of handshake, indicating what action occurs when the recipient accepts 11052 // the handshake. The following handshake types are supported: 11053 // 11054 // * INVITE: This type of handshake represents a request to join an organization. 11055 // It is always sent from the master account to only non-member accounts. 11056 // 11057 // * ENABLE_ALL_FEATURES: This type of handshake represents a request to 11058 // enable all features in an organization. It is always sent from the master 11059 // account to only invited member accounts. Created accounts do not receive 11060 // this because those accounts were created by the organization's master 11061 // account and approval is inferred. 11062 // 11063 // * APPROVE_ALL_FEATURES: This type of handshake is sent from the Organizations 11064 // service when all member accounts have approved the ENABLE_ALL_FEATURES 11065 // invitation. It is sent only to the master account and signals the master 11066 // that it can finalize the process to enable all features. 11067 Action *string `type:"string" enum:"ActionType"` 11068 11069 // The Amazon Resource Name (ARN) of a handshake. 11070 // 11071 // For more information about ARNs in Organizations, see ARN Formats Supported 11072 // by Organizations (http://docs.aws.amazon.com/organizations/latest/userguide/orgs_permissions.html#orgs-permissions-arns) 11073 // in the AWS Organizations User Guide. 11074 Arn *string `type:"string"` 11075 11076 // The date and time that the handshake expires. If the recipient of the handshake 11077 // request fails to respond before the specified date and time, the handshake 11078 // becomes inactive and is no longer valid. 11079 ExpirationTimestamp *time.Time `type:"timestamp" timestampFormat:"unix"` 11080 11081 // The unique identifier (ID) of a handshake. The originating account creates 11082 // the ID when it initiates the handshake. 11083 // 11084 // The regex pattern (http://wikipedia.org/wiki/regex) for handshake ID string 11085 // requires "h-" followed by from 8 to 32 lower-case letters or digits. 11086 Id *string `type:"string"` 11087 11088 // Information about the two accounts that are participating in the handshake. 11089 Parties []*HandshakeParty `type:"list"` 11090 11091 // The date and time that the handshake request was made. 11092 RequestedTimestamp *time.Time `type:"timestamp" timestampFormat:"unix"` 11093 11094 // Additional information that is needed to process the handshake. 11095 Resources []*HandshakeResource `type:"list"` 11096 11097 // The current state of the handshake. Use the state to trace the flow of the 11098 // handshake through the process from its creation to its acceptance. The meaning 11099 // of each of the valid values is as follows: 11100 // 11101 // * REQUESTED: This handshake was sent to multiple recipients (applicable 11102 // to only some handshake types) and not all recipients have responded yet. 11103 // The request stays in this state until all recipients respond. 11104 // 11105 // * OPEN: This handshake was sent to multiple recipients (applicable to 11106 // only some policy types) and all recipients have responded, allowing the 11107 // originator to complete the handshake action. 11108 // 11109 // * CANCELED: This handshake is no longer active because it was canceled 11110 // by the originating account. 11111 // 11112 // * ACCEPTED: This handshake is complete because it has been accepted by 11113 // the recipient. 11114 // 11115 // * DECLINED: This handshake is no longer active because it was declined 11116 // by the recipient account. 11117 // 11118 // * EXPIRED: This handshake is no longer active because the originator did 11119 // not receive a response of any kind from the recipient before the expiration 11120 // time (15 days). 11121 State *string `type:"string" enum:"HandshakeState"` 11122} 11123 11124// String returns the string representation 11125func (s Handshake) String() string { 11126 return awsutil.Prettify(s) 11127} 11128 11129// GoString returns the string representation 11130func (s Handshake) GoString() string { 11131 return s.String() 11132} 11133 11134// SetAction sets the Action field's value. 11135func (s *Handshake) SetAction(v string) *Handshake { 11136 s.Action = &v 11137 return s 11138} 11139 11140// SetArn sets the Arn field's value. 11141func (s *Handshake) SetArn(v string) *Handshake { 11142 s.Arn = &v 11143 return s 11144} 11145 11146// SetExpirationTimestamp sets the ExpirationTimestamp field's value. 11147func (s *Handshake) SetExpirationTimestamp(v time.Time) *Handshake { 11148 s.ExpirationTimestamp = &v 11149 return s 11150} 11151 11152// SetId sets the Id field's value. 11153func (s *Handshake) SetId(v string) *Handshake { 11154 s.Id = &v 11155 return s 11156} 11157 11158// SetParties sets the Parties field's value. 11159func (s *Handshake) SetParties(v []*HandshakeParty) *Handshake { 11160 s.Parties = v 11161 return s 11162} 11163 11164// SetRequestedTimestamp sets the RequestedTimestamp field's value. 11165func (s *Handshake) SetRequestedTimestamp(v time.Time) *Handshake { 11166 s.RequestedTimestamp = &v 11167 return s 11168} 11169 11170// SetResources sets the Resources field's value. 11171func (s *Handshake) SetResources(v []*HandshakeResource) *Handshake { 11172 s.Resources = v 11173 return s 11174} 11175 11176// SetState sets the State field's value. 11177func (s *Handshake) SetState(v string) *Handshake { 11178 s.State = &v 11179 return s 11180} 11181 11182// Specifies the criteria that are used to select the handshakes for the operation. 11183// See also, https://docs.aws.amazon.com/goto/WebAPI/organizations-2016-11-28/HandshakeFilter 11184type HandshakeFilter struct { 11185 _ struct{} `type:"structure"` 11186 11187 // Specifies the type of handshake action. 11188 // 11189 // If you specify ActionType, you cannot also specify ParentHandshakeId. 11190 ActionType *string `type:"string" enum:"ActionType"` 11191 11192 // Specifies the parent handshake. Only used for handshake types that are a 11193 // child of another type. 11194 // 11195 // If you specify ParentHandshakeId, you cannot also specify ActionType. 11196 // 11197 // The regex pattern (http://wikipedia.org/wiki/regex) for handshake ID string 11198 // requires "h-" followed by from 8 to 32 lower-case letters or digits. 11199 ParentHandshakeId *string `type:"string"` 11200} 11201 11202// String returns the string representation 11203func (s HandshakeFilter) String() string { 11204 return awsutil.Prettify(s) 11205} 11206 11207// GoString returns the string representation 11208func (s HandshakeFilter) GoString() string { 11209 return s.String() 11210} 11211 11212// SetActionType sets the ActionType field's value. 11213func (s *HandshakeFilter) SetActionType(v string) *HandshakeFilter { 11214 s.ActionType = &v 11215 return s 11216} 11217 11218// SetParentHandshakeId sets the ParentHandshakeId field's value. 11219func (s *HandshakeFilter) SetParentHandshakeId(v string) *HandshakeFilter { 11220 s.ParentHandshakeId = &v 11221 return s 11222} 11223 11224// Identifies a participant in a handshake. 11225// See also, https://docs.aws.amazon.com/goto/WebAPI/organizations-2016-11-28/HandshakeParty 11226type HandshakeParty struct { 11227 _ struct{} `type:"structure"` 11228 11229 // The unique identifier (ID) for the party. 11230 // 11231 // The regex pattern (http://wikipedia.org/wiki/regex) for handshake ID string 11232 // requires "h-" followed by from 8 to 32 lower-case letters or digits. 11233 // 11234 // Id is a required field 11235 Id *string `min:"1" type:"string" required:"true"` 11236 11237 // The type of party. 11238 // 11239 // Type is a required field 11240 Type *string `type:"string" required:"true" enum:"HandshakePartyType"` 11241} 11242 11243// String returns the string representation 11244func (s HandshakeParty) String() string { 11245 return awsutil.Prettify(s) 11246} 11247 11248// GoString returns the string representation 11249func (s HandshakeParty) GoString() string { 11250 return s.String() 11251} 11252 11253// Validate inspects the fields of the type to determine if they are valid. 11254func (s *HandshakeParty) Validate() error { 11255 invalidParams := request.ErrInvalidParams{Context: "HandshakeParty"} 11256 if s.Id == nil { 11257 invalidParams.Add(request.NewErrParamRequired("Id")) 11258 } 11259 if s.Id != nil && len(*s.Id) < 1 { 11260 invalidParams.Add(request.NewErrParamMinLen("Id", 1)) 11261 } 11262 if s.Type == nil { 11263 invalidParams.Add(request.NewErrParamRequired("Type")) 11264 } 11265 11266 if invalidParams.Len() > 0 { 11267 return invalidParams 11268 } 11269 return nil 11270} 11271 11272// SetId sets the Id field's value. 11273func (s *HandshakeParty) SetId(v string) *HandshakeParty { 11274 s.Id = &v 11275 return s 11276} 11277 11278// SetType sets the Type field's value. 11279func (s *HandshakeParty) SetType(v string) *HandshakeParty { 11280 s.Type = &v 11281 return s 11282} 11283 11284// Contains additional data that is needed to process a handshake. 11285// See also, https://docs.aws.amazon.com/goto/WebAPI/organizations-2016-11-28/HandshakeResource 11286type HandshakeResource struct { 11287 _ struct{} `type:"structure"` 11288 11289 // When needed, contains an additional array of HandshakeResource objects. 11290 Resources []*HandshakeResource `type:"list"` 11291 11292 // The type of information being passed, specifying how the value is to be interpreted 11293 // by the other party: 11294 // 11295 // * ACCOUNT - Specifies an AWS account ID number. 11296 // 11297 // * ORGANIZATION - Specifies an organization ID number. 11298 // 11299 // * EMAIL - Specifies the email address that is associated with the account 11300 // that receives the handshake. 11301 // 11302 // * OWNER_EMAIL - Specifies the email address associated with the master 11303 // account. Included as information about an organization. 11304 // 11305 // * OWNER_NAME - Specifies the name associated with the master account. 11306 // Included as information about an organization. 11307 // 11308 // * NOTES - Additional text provided by the handshake initiator and intended 11309 // for the recipient to read. 11310 Type *string `type:"string" enum:"HandshakeResourceType"` 11311 11312 // The information that is passed to the other party in the handshake. The format 11313 // of the value string must match the requirements of the specified type. 11314 Value *string `type:"string"` 11315} 11316 11317// String returns the string representation 11318func (s HandshakeResource) String() string { 11319 return awsutil.Prettify(s) 11320} 11321 11322// GoString returns the string representation 11323func (s HandshakeResource) GoString() string { 11324 return s.String() 11325} 11326 11327// SetResources sets the Resources field's value. 11328func (s *HandshakeResource) SetResources(v []*HandshakeResource) *HandshakeResource { 11329 s.Resources = v 11330 return s 11331} 11332 11333// SetType sets the Type field's value. 11334func (s *HandshakeResource) SetType(v string) *HandshakeResource { 11335 s.Type = &v 11336 return s 11337} 11338 11339// SetValue sets the Value field's value. 11340func (s *HandshakeResource) SetValue(v string) *HandshakeResource { 11341 s.Value = &v 11342 return s 11343} 11344 11345// See also, https://docs.aws.amazon.com/goto/WebAPI/organizations-2016-11-28/InviteAccountToOrganizationRequest 11346type InviteAccountToOrganizationInput struct { 11347 _ struct{} `type:"structure"` 11348 11349 // Additional information that you want to include in the generated email to 11350 // the recipient account owner. 11351 Notes *string `type:"string"` 11352 11353 // The identifier (ID) of the AWS account that you want to invite to join your 11354 // organization. This is a JSON object that contains the following elements: 11355 // 11356 // { "Type": "ACCOUNT", "Id": "<account id number>" } 11357 // 11358 // If you use the AWS CLI, you can submit this as a single string, similar to 11359 // the following example: 11360 // 11361 // --target Id=123456789012,Type=ACCOUNT 11362 // 11363 // If you specify "Type": "ACCOUNT", then you must provide the AWS account ID 11364 // number as the Id. If you specify "Type": "EMAIL", then you must specify the 11365 // email address that is associated with the account. 11366 // 11367 // --target Id=bill@example.com,Type=EMAIL 11368 // 11369 // Target is a required field 11370 Target *HandshakeParty `type:"structure" required:"true"` 11371} 11372 11373// String returns the string representation 11374func (s InviteAccountToOrganizationInput) String() string { 11375 return awsutil.Prettify(s) 11376} 11377 11378// GoString returns the string representation 11379func (s InviteAccountToOrganizationInput) GoString() string { 11380 return s.String() 11381} 11382 11383// Validate inspects the fields of the type to determine if they are valid. 11384func (s *InviteAccountToOrganizationInput) Validate() error { 11385 invalidParams := request.ErrInvalidParams{Context: "InviteAccountToOrganizationInput"} 11386 if s.Target == nil { 11387 invalidParams.Add(request.NewErrParamRequired("Target")) 11388 } 11389 if s.Target != nil { 11390 if err := s.Target.Validate(); err != nil { 11391 invalidParams.AddNested("Target", err.(request.ErrInvalidParams)) 11392 } 11393 } 11394 11395 if invalidParams.Len() > 0 { 11396 return invalidParams 11397 } 11398 return nil 11399} 11400 11401// SetNotes sets the Notes field's value. 11402func (s *InviteAccountToOrganizationInput) SetNotes(v string) *InviteAccountToOrganizationInput { 11403 s.Notes = &v 11404 return s 11405} 11406 11407// SetTarget sets the Target field's value. 11408func (s *InviteAccountToOrganizationInput) SetTarget(v *HandshakeParty) *InviteAccountToOrganizationInput { 11409 s.Target = v 11410 return s 11411} 11412 11413// See also, https://docs.aws.amazon.com/goto/WebAPI/organizations-2016-11-28/InviteAccountToOrganizationResponse 11414type InviteAccountToOrganizationOutput struct { 11415 _ struct{} `type:"structure"` 11416 11417 // A structure that contains details about the handshake that is created to 11418 // support this invitation request. 11419 Handshake *Handshake `type:"structure"` 11420} 11421 11422// String returns the string representation 11423func (s InviteAccountToOrganizationOutput) String() string { 11424 return awsutil.Prettify(s) 11425} 11426 11427// GoString returns the string representation 11428func (s InviteAccountToOrganizationOutput) GoString() string { 11429 return s.String() 11430} 11431 11432// SetHandshake sets the Handshake field's value. 11433func (s *InviteAccountToOrganizationOutput) SetHandshake(v *Handshake) *InviteAccountToOrganizationOutput { 11434 s.Handshake = v 11435 return s 11436} 11437 11438// See also, https://docs.aws.amazon.com/goto/WebAPI/organizations-2016-11-28/LeaveOrganizationInput 11439type LeaveOrganizationInput struct { 11440 _ struct{} `type:"structure"` 11441} 11442 11443// String returns the string representation 11444func (s LeaveOrganizationInput) String() string { 11445 return awsutil.Prettify(s) 11446} 11447 11448// GoString returns the string representation 11449func (s LeaveOrganizationInput) GoString() string { 11450 return s.String() 11451} 11452 11453// See also, https://docs.aws.amazon.com/goto/WebAPI/organizations-2016-11-28/LeaveOrganizationOutput 11454type LeaveOrganizationOutput struct { 11455 _ struct{} `type:"structure"` 11456} 11457 11458// String returns the string representation 11459func (s LeaveOrganizationOutput) String() string { 11460 return awsutil.Prettify(s) 11461} 11462 11463// GoString returns the string representation 11464func (s LeaveOrganizationOutput) GoString() string { 11465 return s.String() 11466} 11467 11468// See also, https://docs.aws.amazon.com/goto/WebAPI/organizations-2016-11-28/ListAWSServiceAccessForOrganizationRequest 11469type ListAWSServiceAccessForOrganizationInput struct { 11470 _ struct{} `type:"structure"` 11471 11472 // (Optional) Use this to limit the number of results you want included in the 11473 // response. If you do not include this parameter, it defaults to a value that 11474 // is specific to the operation. If additional items exist beyond the maximum 11475 // you specify, the NextToken response element is present and has a value (is 11476 // not null). Include that value as the NextToken request parameter in the next 11477 // call to the operation to get the next part of the results. Note that Organizations 11478 // might return fewer results than the maximum even when there are more results 11479 // available. You should check NextToken after every operation to ensure that 11480 // you receive all of the results. 11481 MaxResults *int64 `min:"1" type:"integer"` 11482 11483 // Use this parameter if you receive a NextToken response in a previous request 11484 // that indicates that there is more output available. Set it to the value of 11485 // the previous call's NextToken response to indicate where the output should 11486 // continue from. 11487 NextToken *string `type:"string"` 11488} 11489 11490// String returns the string representation 11491func (s ListAWSServiceAccessForOrganizationInput) String() string { 11492 return awsutil.Prettify(s) 11493} 11494 11495// GoString returns the string representation 11496func (s ListAWSServiceAccessForOrganizationInput) GoString() string { 11497 return s.String() 11498} 11499 11500// Validate inspects the fields of the type to determine if they are valid. 11501func (s *ListAWSServiceAccessForOrganizationInput) Validate() error { 11502 invalidParams := request.ErrInvalidParams{Context: "ListAWSServiceAccessForOrganizationInput"} 11503 if s.MaxResults != nil && *s.MaxResults < 1 { 11504 invalidParams.Add(request.NewErrParamMinValue("MaxResults", 1)) 11505 } 11506 11507 if invalidParams.Len() > 0 { 11508 return invalidParams 11509 } 11510 return nil 11511} 11512 11513// SetMaxResults sets the MaxResults field's value. 11514func (s *ListAWSServiceAccessForOrganizationInput) SetMaxResults(v int64) *ListAWSServiceAccessForOrganizationInput { 11515 s.MaxResults = &v 11516 return s 11517} 11518 11519// SetNextToken sets the NextToken field's value. 11520func (s *ListAWSServiceAccessForOrganizationInput) SetNextToken(v string) *ListAWSServiceAccessForOrganizationInput { 11521 s.NextToken = &v 11522 return s 11523} 11524 11525// See also, https://docs.aws.amazon.com/goto/WebAPI/organizations-2016-11-28/ListAWSServiceAccessForOrganizationResponse 11526type ListAWSServiceAccessForOrganizationOutput struct { 11527 _ struct{} `type:"structure"` 11528 11529 // A list of the service principals for the services that are enabled to integrate 11530 // with your organization. Each principal is a structure that includes the name 11531 // and the date that it was enabled for integration with AWS Organizations. 11532 EnabledServicePrincipals []*EnabledServicePrincipal `type:"list"` 11533 11534 // If present, this value indicates that there is more output available than 11535 // is included in the current response. Use this value in the NextToken request 11536 // parameter in a subsequent call to the operation to get the next part of the 11537 // output. You should repeat this until the NextToken response element comes 11538 // back as null. 11539 NextToken *string `type:"string"` 11540} 11541 11542// String returns the string representation 11543func (s ListAWSServiceAccessForOrganizationOutput) String() string { 11544 return awsutil.Prettify(s) 11545} 11546 11547// GoString returns the string representation 11548func (s ListAWSServiceAccessForOrganizationOutput) GoString() string { 11549 return s.String() 11550} 11551 11552// SetEnabledServicePrincipals sets the EnabledServicePrincipals field's value. 11553func (s *ListAWSServiceAccessForOrganizationOutput) SetEnabledServicePrincipals(v []*EnabledServicePrincipal) *ListAWSServiceAccessForOrganizationOutput { 11554 s.EnabledServicePrincipals = v 11555 return s 11556} 11557 11558// SetNextToken sets the NextToken field's value. 11559func (s *ListAWSServiceAccessForOrganizationOutput) SetNextToken(v string) *ListAWSServiceAccessForOrganizationOutput { 11560 s.NextToken = &v 11561 return s 11562} 11563 11564// See also, https://docs.aws.amazon.com/goto/WebAPI/organizations-2016-11-28/ListAccountsForParentRequest 11565type ListAccountsForParentInput struct { 11566 _ struct{} `type:"structure"` 11567 11568 // (Optional) Use this to limit the number of results you want included in the 11569 // response. If you do not include this parameter, it defaults to a value that 11570 // is specific to the operation. If additional items exist beyond the maximum 11571 // you specify, the NextToken response element is present and has a value (is 11572 // not null). Include that value as the NextToken request parameter in the next 11573 // call to the operation to get the next part of the results. Note that Organizations 11574 // might return fewer results than the maximum even when there are more results 11575 // available. You should check NextToken after every operation to ensure that 11576 // you receive all of the results. 11577 MaxResults *int64 `min:"1" type:"integer"` 11578 11579 // Use this parameter if you receive a NextToken response in a previous request 11580 // that indicates that there is more output available. Set it to the value of 11581 // the previous call's NextToken response to indicate where the output should 11582 // continue from. 11583 NextToken *string `type:"string"` 11584 11585 // The unique identifier (ID) for the parent root or organization unit (OU) 11586 // whose accounts you want to list. 11587 // 11588 // ParentId is a required field 11589 ParentId *string `type:"string" required:"true"` 11590} 11591 11592// String returns the string representation 11593func (s ListAccountsForParentInput) String() string { 11594 return awsutil.Prettify(s) 11595} 11596 11597// GoString returns the string representation 11598func (s ListAccountsForParentInput) GoString() string { 11599 return s.String() 11600} 11601 11602// Validate inspects the fields of the type to determine if they are valid. 11603func (s *ListAccountsForParentInput) Validate() error { 11604 invalidParams := request.ErrInvalidParams{Context: "ListAccountsForParentInput"} 11605 if s.MaxResults != nil && *s.MaxResults < 1 { 11606 invalidParams.Add(request.NewErrParamMinValue("MaxResults", 1)) 11607 } 11608 if s.ParentId == nil { 11609 invalidParams.Add(request.NewErrParamRequired("ParentId")) 11610 } 11611 11612 if invalidParams.Len() > 0 { 11613 return invalidParams 11614 } 11615 return nil 11616} 11617 11618// SetMaxResults sets the MaxResults field's value. 11619func (s *ListAccountsForParentInput) SetMaxResults(v int64) *ListAccountsForParentInput { 11620 s.MaxResults = &v 11621 return s 11622} 11623 11624// SetNextToken sets the NextToken field's value. 11625func (s *ListAccountsForParentInput) SetNextToken(v string) *ListAccountsForParentInput { 11626 s.NextToken = &v 11627 return s 11628} 11629 11630// SetParentId sets the ParentId field's value. 11631func (s *ListAccountsForParentInput) SetParentId(v string) *ListAccountsForParentInput { 11632 s.ParentId = &v 11633 return s 11634} 11635 11636// See also, https://docs.aws.amazon.com/goto/WebAPI/organizations-2016-11-28/ListAccountsForParentResponse 11637type ListAccountsForParentOutput struct { 11638 _ struct{} `type:"structure"` 11639 11640 // A list of the accounts in the specified root or OU. 11641 Accounts []*Account `type:"list"` 11642 11643 // If present, this value indicates that there is more output available than 11644 // is included in the current response. Use this value in the NextToken request 11645 // parameter in a subsequent call to the operation to get the next part of the 11646 // output. You should repeat this until the NextToken response element comes 11647 // back as null. 11648 NextToken *string `type:"string"` 11649} 11650 11651// String returns the string representation 11652func (s ListAccountsForParentOutput) String() string { 11653 return awsutil.Prettify(s) 11654} 11655 11656// GoString returns the string representation 11657func (s ListAccountsForParentOutput) GoString() string { 11658 return s.String() 11659} 11660 11661// SetAccounts sets the Accounts field's value. 11662func (s *ListAccountsForParentOutput) SetAccounts(v []*Account) *ListAccountsForParentOutput { 11663 s.Accounts = v 11664 return s 11665} 11666 11667// SetNextToken sets the NextToken field's value. 11668func (s *ListAccountsForParentOutput) SetNextToken(v string) *ListAccountsForParentOutput { 11669 s.NextToken = &v 11670 return s 11671} 11672 11673// See also, https://docs.aws.amazon.com/goto/WebAPI/organizations-2016-11-28/ListAccountsRequest 11674type ListAccountsInput struct { 11675 _ struct{} `type:"structure"` 11676 11677 // (Optional) Use this to limit the number of results you want included in the 11678 // response. If you do not include this parameter, it defaults to a value that 11679 // is specific to the operation. If additional items exist beyond the maximum 11680 // you specify, the NextToken response element is present and has a value (is 11681 // not null). Include that value as the NextToken request parameter in the next 11682 // call to the operation to get the next part of the results. Note that Organizations 11683 // might return fewer results than the maximum even when there are more results 11684 // available. You should check NextToken after every operation to ensure that 11685 // you receive all of the results. 11686 MaxResults *int64 `min:"1" type:"integer"` 11687 11688 // Use this parameter if you receive a NextToken response in a previous request 11689 // that indicates that there is more output available. Set it to the value of 11690 // the previous call's NextToken response to indicate where the output should 11691 // continue from. 11692 NextToken *string `type:"string"` 11693} 11694 11695// String returns the string representation 11696func (s ListAccountsInput) String() string { 11697 return awsutil.Prettify(s) 11698} 11699 11700// GoString returns the string representation 11701func (s ListAccountsInput) GoString() string { 11702 return s.String() 11703} 11704 11705// Validate inspects the fields of the type to determine if they are valid. 11706func (s *ListAccountsInput) Validate() error { 11707 invalidParams := request.ErrInvalidParams{Context: "ListAccountsInput"} 11708 if s.MaxResults != nil && *s.MaxResults < 1 { 11709 invalidParams.Add(request.NewErrParamMinValue("MaxResults", 1)) 11710 } 11711 11712 if invalidParams.Len() > 0 { 11713 return invalidParams 11714 } 11715 return nil 11716} 11717 11718// SetMaxResults sets the MaxResults field's value. 11719func (s *ListAccountsInput) SetMaxResults(v int64) *ListAccountsInput { 11720 s.MaxResults = &v 11721 return s 11722} 11723 11724// SetNextToken sets the NextToken field's value. 11725func (s *ListAccountsInput) SetNextToken(v string) *ListAccountsInput { 11726 s.NextToken = &v 11727 return s 11728} 11729 11730// See also, https://docs.aws.amazon.com/goto/WebAPI/organizations-2016-11-28/ListAccountsResponse 11731type ListAccountsOutput struct { 11732 _ struct{} `type:"structure"` 11733 11734 // A list of objects in the organization. 11735 Accounts []*Account `type:"list"` 11736 11737 // If present, this value indicates that there is more output available than 11738 // is included in the current response. Use this value in the NextToken request 11739 // parameter in a subsequent call to the operation to get the next part of the 11740 // output. You should repeat this until the NextToken response element comes 11741 // back as null. 11742 NextToken *string `type:"string"` 11743} 11744 11745// String returns the string representation 11746func (s ListAccountsOutput) String() string { 11747 return awsutil.Prettify(s) 11748} 11749 11750// GoString returns the string representation 11751func (s ListAccountsOutput) GoString() string { 11752 return s.String() 11753} 11754 11755// SetAccounts sets the Accounts field's value. 11756func (s *ListAccountsOutput) SetAccounts(v []*Account) *ListAccountsOutput { 11757 s.Accounts = v 11758 return s 11759} 11760 11761// SetNextToken sets the NextToken field's value. 11762func (s *ListAccountsOutput) SetNextToken(v string) *ListAccountsOutput { 11763 s.NextToken = &v 11764 return s 11765} 11766 11767// See also, https://docs.aws.amazon.com/goto/WebAPI/organizations-2016-11-28/ListChildrenRequest 11768type ListChildrenInput struct { 11769 _ struct{} `type:"structure"` 11770 11771 // Filters the output to include only the specified child type. 11772 // 11773 // ChildType is a required field 11774 ChildType *string `type:"string" required:"true" enum:"ChildType"` 11775 11776 // (Optional) Use this to limit the number of results you want included in the 11777 // response. If you do not include this parameter, it defaults to a value that 11778 // is specific to the operation. If additional items exist beyond the maximum 11779 // you specify, the NextToken response element is present and has a value (is 11780 // not null). Include that value as the NextToken request parameter in the next 11781 // call to the operation to get the next part of the results. Note that Organizations 11782 // might return fewer results than the maximum even when there are more results 11783 // available. You should check NextToken after every operation to ensure that 11784 // you receive all of the results. 11785 MaxResults *int64 `min:"1" type:"integer"` 11786 11787 // Use this parameter if you receive a NextToken response in a previous request 11788 // that indicates that there is more output available. Set it to the value of 11789 // the previous call's NextToken response to indicate where the output should 11790 // continue from. 11791 NextToken *string `type:"string"` 11792 11793 // The unique identifier (ID) for the parent root or OU whose children you want 11794 // to list. 11795 // 11796 // The regex pattern (http://wikipedia.org/wiki/regex) for a parent ID string 11797 // requires one of the following: 11798 // 11799 // * Root: a string that begins with "r-" followed by from 4 to 32 lower-case 11800 // letters or digits. 11801 // 11802 // * Organizational unit (OU): a string that begins with "ou-" followed by 11803 // from 4 to 32 lower-case letters or digits (the ID of the root that the 11804 // OU is in) followed by a second "-" dash and from 8 to 32 additional lower-case 11805 // letters or digits. 11806 // 11807 // ParentId is a required field 11808 ParentId *string `type:"string" required:"true"` 11809} 11810 11811// String returns the string representation 11812func (s ListChildrenInput) String() string { 11813 return awsutil.Prettify(s) 11814} 11815 11816// GoString returns the string representation 11817func (s ListChildrenInput) GoString() string { 11818 return s.String() 11819} 11820 11821// Validate inspects the fields of the type to determine if they are valid. 11822func (s *ListChildrenInput) Validate() error { 11823 invalidParams := request.ErrInvalidParams{Context: "ListChildrenInput"} 11824 if s.ChildType == nil { 11825 invalidParams.Add(request.NewErrParamRequired("ChildType")) 11826 } 11827 if s.MaxResults != nil && *s.MaxResults < 1 { 11828 invalidParams.Add(request.NewErrParamMinValue("MaxResults", 1)) 11829 } 11830 if s.ParentId == nil { 11831 invalidParams.Add(request.NewErrParamRequired("ParentId")) 11832 } 11833 11834 if invalidParams.Len() > 0 { 11835 return invalidParams 11836 } 11837 return nil 11838} 11839 11840// SetChildType sets the ChildType field's value. 11841func (s *ListChildrenInput) SetChildType(v string) *ListChildrenInput { 11842 s.ChildType = &v 11843 return s 11844} 11845 11846// SetMaxResults sets the MaxResults field's value. 11847func (s *ListChildrenInput) SetMaxResults(v int64) *ListChildrenInput { 11848 s.MaxResults = &v 11849 return s 11850} 11851 11852// SetNextToken sets the NextToken field's value. 11853func (s *ListChildrenInput) SetNextToken(v string) *ListChildrenInput { 11854 s.NextToken = &v 11855 return s 11856} 11857 11858// SetParentId sets the ParentId field's value. 11859func (s *ListChildrenInput) SetParentId(v string) *ListChildrenInput { 11860 s.ParentId = &v 11861 return s 11862} 11863 11864// See also, https://docs.aws.amazon.com/goto/WebAPI/organizations-2016-11-28/ListChildrenResponse 11865type ListChildrenOutput struct { 11866 _ struct{} `type:"structure"` 11867 11868 // The list of children of the specified parent container. 11869 Children []*Child `type:"list"` 11870 11871 // If present, this value indicates that there is more output available than 11872 // is included in the current response. Use this value in the NextToken request 11873 // parameter in a subsequent call to the operation to get the next part of the 11874 // output. You should repeat this until the NextToken response element comes 11875 // back as null. 11876 NextToken *string `type:"string"` 11877} 11878 11879// String returns the string representation 11880func (s ListChildrenOutput) String() string { 11881 return awsutil.Prettify(s) 11882} 11883 11884// GoString returns the string representation 11885func (s ListChildrenOutput) GoString() string { 11886 return s.String() 11887} 11888 11889// SetChildren sets the Children field's value. 11890func (s *ListChildrenOutput) SetChildren(v []*Child) *ListChildrenOutput { 11891 s.Children = v 11892 return s 11893} 11894 11895// SetNextToken sets the NextToken field's value. 11896func (s *ListChildrenOutput) SetNextToken(v string) *ListChildrenOutput { 11897 s.NextToken = &v 11898 return s 11899} 11900 11901// See also, https://docs.aws.amazon.com/goto/WebAPI/organizations-2016-11-28/ListCreateAccountStatusRequest 11902type ListCreateAccountStatusInput struct { 11903 _ struct{} `type:"structure"` 11904 11905 // (Optional) Use this to limit the number of results you want included in the 11906 // response. If you do not include this parameter, it defaults to a value that 11907 // is specific to the operation. If additional items exist beyond the maximum 11908 // you specify, the NextToken response element is present and has a value (is 11909 // not null). Include that value as the NextToken request parameter in the next 11910 // call to the operation to get the next part of the results. Note that Organizations 11911 // might return fewer results than the maximum even when there are more results 11912 // available. You should check NextToken after every operation to ensure that 11913 // you receive all of the results. 11914 MaxResults *int64 `min:"1" type:"integer"` 11915 11916 // Use this parameter if you receive a NextToken response in a previous request 11917 // that indicates that there is more output available. Set it to the value of 11918 // the previous call's NextToken response to indicate where the output should 11919 // continue from. 11920 NextToken *string `type:"string"` 11921 11922 // A list of one or more states that you want included in the response. If this 11923 // parameter is not present, then all requests are included in the response. 11924 States []*string `type:"list"` 11925} 11926 11927// String returns the string representation 11928func (s ListCreateAccountStatusInput) String() string { 11929 return awsutil.Prettify(s) 11930} 11931 11932// GoString returns the string representation 11933func (s ListCreateAccountStatusInput) GoString() string { 11934 return s.String() 11935} 11936 11937// Validate inspects the fields of the type to determine if they are valid. 11938func (s *ListCreateAccountStatusInput) Validate() error { 11939 invalidParams := request.ErrInvalidParams{Context: "ListCreateAccountStatusInput"} 11940 if s.MaxResults != nil && *s.MaxResults < 1 { 11941 invalidParams.Add(request.NewErrParamMinValue("MaxResults", 1)) 11942 } 11943 11944 if invalidParams.Len() > 0 { 11945 return invalidParams 11946 } 11947 return nil 11948} 11949 11950// SetMaxResults sets the MaxResults field's value. 11951func (s *ListCreateAccountStatusInput) SetMaxResults(v int64) *ListCreateAccountStatusInput { 11952 s.MaxResults = &v 11953 return s 11954} 11955 11956// SetNextToken sets the NextToken field's value. 11957func (s *ListCreateAccountStatusInput) SetNextToken(v string) *ListCreateAccountStatusInput { 11958 s.NextToken = &v 11959 return s 11960} 11961 11962// SetStates sets the States field's value. 11963func (s *ListCreateAccountStatusInput) SetStates(v []*string) *ListCreateAccountStatusInput { 11964 s.States = v 11965 return s 11966} 11967 11968// See also, https://docs.aws.amazon.com/goto/WebAPI/organizations-2016-11-28/ListCreateAccountStatusResponse 11969type ListCreateAccountStatusOutput struct { 11970 _ struct{} `type:"structure"` 11971 11972 // A list of objects with details about the requests. Certain elements, such 11973 // as the accountId number, are present in the output only after the account 11974 // has been successfully created. 11975 CreateAccountStatuses []*CreateAccountStatus `type:"list"` 11976 11977 // If present, this value indicates that there is more output available than 11978 // is included in the current response. Use this value in the NextToken request 11979 // parameter in a subsequent call to the operation to get the next part of the 11980 // output. You should repeat this until the NextToken response element comes 11981 // back as null. 11982 NextToken *string `type:"string"` 11983} 11984 11985// String returns the string representation 11986func (s ListCreateAccountStatusOutput) String() string { 11987 return awsutil.Prettify(s) 11988} 11989 11990// GoString returns the string representation 11991func (s ListCreateAccountStatusOutput) GoString() string { 11992 return s.String() 11993} 11994 11995// SetCreateAccountStatuses sets the CreateAccountStatuses field's value. 11996func (s *ListCreateAccountStatusOutput) SetCreateAccountStatuses(v []*CreateAccountStatus) *ListCreateAccountStatusOutput { 11997 s.CreateAccountStatuses = v 11998 return s 11999} 12000 12001// SetNextToken sets the NextToken field's value. 12002func (s *ListCreateAccountStatusOutput) SetNextToken(v string) *ListCreateAccountStatusOutput { 12003 s.NextToken = &v 12004 return s 12005} 12006 12007// See also, https://docs.aws.amazon.com/goto/WebAPI/organizations-2016-11-28/ListHandshakesForAccountRequest 12008type ListHandshakesForAccountInput struct { 12009 _ struct{} `type:"structure"` 12010 12011 // Filters the handshakes that you want included in the response. The default 12012 // is all types. Use the ActionType element to limit the output to only a specified 12013 // type, such as INVITE, ENABLE-FULL-CONTROL, or APPROVE-FULL-CONTROL. Alternatively, 12014 // for the ENABLE-FULL-CONTROL handshake that generates a separate child handshake 12015 // for each member account, you can specify ParentHandshakeId to see only the 12016 // handshakes that were generated by that parent request. 12017 Filter *HandshakeFilter `type:"structure"` 12018 12019 // (Optional) Use this to limit the number of results you want included in the 12020 // response. If you do not include this parameter, it defaults to a value that 12021 // is specific to the operation. If additional items exist beyond the maximum 12022 // you specify, the NextToken response element is present and has a value (is 12023 // not null). Include that value as the NextToken request parameter in the next 12024 // call to the operation to get the next part of the results. Note that Organizations 12025 // might return fewer results than the maximum even when there are more results 12026 // available. You should check NextToken after every operation to ensure that 12027 // you receive all of the results. 12028 MaxResults *int64 `min:"1" type:"integer"` 12029 12030 // Use this parameter if you receive a NextToken response in a previous request 12031 // that indicates that there is more output available. Set it to the value of 12032 // the previous call's NextToken response to indicate where the output should 12033 // continue from. 12034 NextToken *string `type:"string"` 12035} 12036 12037// String returns the string representation 12038func (s ListHandshakesForAccountInput) String() string { 12039 return awsutil.Prettify(s) 12040} 12041 12042// GoString returns the string representation 12043func (s ListHandshakesForAccountInput) GoString() string { 12044 return s.String() 12045} 12046 12047// Validate inspects the fields of the type to determine if they are valid. 12048func (s *ListHandshakesForAccountInput) Validate() error { 12049 invalidParams := request.ErrInvalidParams{Context: "ListHandshakesForAccountInput"} 12050 if s.MaxResults != nil && *s.MaxResults < 1 { 12051 invalidParams.Add(request.NewErrParamMinValue("MaxResults", 1)) 12052 } 12053 12054 if invalidParams.Len() > 0 { 12055 return invalidParams 12056 } 12057 return nil 12058} 12059 12060// SetFilter sets the Filter field's value. 12061func (s *ListHandshakesForAccountInput) SetFilter(v *HandshakeFilter) *ListHandshakesForAccountInput { 12062 s.Filter = v 12063 return s 12064} 12065 12066// SetMaxResults sets the MaxResults field's value. 12067func (s *ListHandshakesForAccountInput) SetMaxResults(v int64) *ListHandshakesForAccountInput { 12068 s.MaxResults = &v 12069 return s 12070} 12071 12072// SetNextToken sets the NextToken field's value. 12073func (s *ListHandshakesForAccountInput) SetNextToken(v string) *ListHandshakesForAccountInput { 12074 s.NextToken = &v 12075 return s 12076} 12077 12078// See also, https://docs.aws.amazon.com/goto/WebAPI/organizations-2016-11-28/ListHandshakesForAccountResponse 12079type ListHandshakesForAccountOutput struct { 12080 _ struct{} `type:"structure"` 12081 12082 // A list of Handshake objects with details about each of the handshakes that 12083 // is associated with the specified account. 12084 Handshakes []*Handshake `type:"list"` 12085 12086 // If present, this value indicates that there is more output available than 12087 // is included in the current response. Use this value in the NextToken request 12088 // parameter in a subsequent call to the operation to get the next part of the 12089 // output. You should repeat this until the NextToken response element comes 12090 // back as null. 12091 NextToken *string `type:"string"` 12092} 12093 12094// String returns the string representation 12095func (s ListHandshakesForAccountOutput) String() string { 12096 return awsutil.Prettify(s) 12097} 12098 12099// GoString returns the string representation 12100func (s ListHandshakesForAccountOutput) GoString() string { 12101 return s.String() 12102} 12103 12104// SetHandshakes sets the Handshakes field's value. 12105func (s *ListHandshakesForAccountOutput) SetHandshakes(v []*Handshake) *ListHandshakesForAccountOutput { 12106 s.Handshakes = v 12107 return s 12108} 12109 12110// SetNextToken sets the NextToken field's value. 12111func (s *ListHandshakesForAccountOutput) SetNextToken(v string) *ListHandshakesForAccountOutput { 12112 s.NextToken = &v 12113 return s 12114} 12115 12116// See also, https://docs.aws.amazon.com/goto/WebAPI/organizations-2016-11-28/ListHandshakesForOrganizationRequest 12117type ListHandshakesForOrganizationInput struct { 12118 _ struct{} `type:"structure"` 12119 12120 // A filter of the handshakes that you want included in the response. The default 12121 // is all types. Use the ActionType element to limit the output to only a specified 12122 // type, such as INVITE, ENABLE-ALL-FEATURES, or APPROVE-ALL-FEATURES. Alternatively, 12123 // for the ENABLE-ALL-FEATURES handshake that generates a separate child handshake 12124 // for each member account, you can specify the ParentHandshakeId to see only 12125 // the handshakes that were generated by that parent request. 12126 Filter *HandshakeFilter `type:"structure"` 12127 12128 // (Optional) Use this to limit the number of results you want included in the 12129 // response. If you do not include this parameter, it defaults to a value that 12130 // is specific to the operation. If additional items exist beyond the maximum 12131 // you specify, the NextToken response element is present and has a value (is 12132 // not null). Include that value as the NextToken request parameter in the next 12133 // call to the operation to get the next part of the results. Note that Organizations 12134 // might return fewer results than the maximum even when there are more results 12135 // available. You should check NextToken after every operation to ensure that 12136 // you receive all of the results. 12137 MaxResults *int64 `min:"1" type:"integer"` 12138 12139 // Use this parameter if you receive a NextToken response in a previous request 12140 // that indicates that there is more output available. Set it to the value of 12141 // the previous call's NextToken response to indicate where the output should 12142 // continue from. 12143 NextToken *string `type:"string"` 12144} 12145 12146// String returns the string representation 12147func (s ListHandshakesForOrganizationInput) String() string { 12148 return awsutil.Prettify(s) 12149} 12150 12151// GoString returns the string representation 12152func (s ListHandshakesForOrganizationInput) GoString() string { 12153 return s.String() 12154} 12155 12156// Validate inspects the fields of the type to determine if they are valid. 12157func (s *ListHandshakesForOrganizationInput) Validate() error { 12158 invalidParams := request.ErrInvalidParams{Context: "ListHandshakesForOrganizationInput"} 12159 if s.MaxResults != nil && *s.MaxResults < 1 { 12160 invalidParams.Add(request.NewErrParamMinValue("MaxResults", 1)) 12161 } 12162 12163 if invalidParams.Len() > 0 { 12164 return invalidParams 12165 } 12166 return nil 12167} 12168 12169// SetFilter sets the Filter field's value. 12170func (s *ListHandshakesForOrganizationInput) SetFilter(v *HandshakeFilter) *ListHandshakesForOrganizationInput { 12171 s.Filter = v 12172 return s 12173} 12174 12175// SetMaxResults sets the MaxResults field's value. 12176func (s *ListHandshakesForOrganizationInput) SetMaxResults(v int64) *ListHandshakesForOrganizationInput { 12177 s.MaxResults = &v 12178 return s 12179} 12180 12181// SetNextToken sets the NextToken field's value. 12182func (s *ListHandshakesForOrganizationInput) SetNextToken(v string) *ListHandshakesForOrganizationInput { 12183 s.NextToken = &v 12184 return s 12185} 12186 12187// See also, https://docs.aws.amazon.com/goto/WebAPI/organizations-2016-11-28/ListHandshakesForOrganizationResponse 12188type ListHandshakesForOrganizationOutput struct { 12189 _ struct{} `type:"structure"` 12190 12191 // A list of Handshake objects with details about each of the handshakes that 12192 // are associated with an organization. 12193 Handshakes []*Handshake `type:"list"` 12194 12195 // If present, this value indicates that there is more output available than 12196 // is included in the current response. Use this value in the NextToken request 12197 // parameter in a subsequent call to the operation to get the next part of the 12198 // output. You should repeat this until the NextToken response element comes 12199 // back as null. 12200 NextToken *string `type:"string"` 12201} 12202 12203// String returns the string representation 12204func (s ListHandshakesForOrganizationOutput) String() string { 12205 return awsutil.Prettify(s) 12206} 12207 12208// GoString returns the string representation 12209func (s ListHandshakesForOrganizationOutput) GoString() string { 12210 return s.String() 12211} 12212 12213// SetHandshakes sets the Handshakes field's value. 12214func (s *ListHandshakesForOrganizationOutput) SetHandshakes(v []*Handshake) *ListHandshakesForOrganizationOutput { 12215 s.Handshakes = v 12216 return s 12217} 12218 12219// SetNextToken sets the NextToken field's value. 12220func (s *ListHandshakesForOrganizationOutput) SetNextToken(v string) *ListHandshakesForOrganizationOutput { 12221 s.NextToken = &v 12222 return s 12223} 12224 12225// See also, https://docs.aws.amazon.com/goto/WebAPI/organizations-2016-11-28/ListOrganizationalUnitsForParentRequest 12226type ListOrganizationalUnitsForParentInput struct { 12227 _ struct{} `type:"structure"` 12228 12229 // (Optional) Use this to limit the number of results you want included in the 12230 // response. If you do not include this parameter, it defaults to a value that 12231 // is specific to the operation. If additional items exist beyond the maximum 12232 // you specify, the NextToken response element is present and has a value (is 12233 // not null). Include that value as the NextToken request parameter in the next 12234 // call to the operation to get the next part of the results. Note that Organizations 12235 // might return fewer results than the maximum even when there are more results 12236 // available. You should check NextToken after every operation to ensure that 12237 // you receive all of the results. 12238 MaxResults *int64 `min:"1" type:"integer"` 12239 12240 // Use this parameter if you receive a NextToken response in a previous request 12241 // that indicates that there is more output available. Set it to the value of 12242 // the previous call's NextToken response to indicate where the output should 12243 // continue from. 12244 NextToken *string `type:"string"` 12245 12246 // The unique identifier (ID) of the root or OU whose child OUs you want to 12247 // list. 12248 // 12249 // The regex pattern (http://wikipedia.org/wiki/regex) for a parent ID string 12250 // requires one of the following: 12251 // 12252 // * Root: a string that begins with "r-" followed by from 4 to 32 lower-case 12253 // letters or digits. 12254 // 12255 // * Organizational unit (OU): a string that begins with "ou-" followed by 12256 // from 4 to 32 lower-case letters or digits (the ID of the root that the 12257 // OU is in) followed by a second "-" dash and from 8 to 32 additional lower-case 12258 // letters or digits. 12259 // 12260 // ParentId is a required field 12261 ParentId *string `type:"string" required:"true"` 12262} 12263 12264// String returns the string representation 12265func (s ListOrganizationalUnitsForParentInput) String() string { 12266 return awsutil.Prettify(s) 12267} 12268 12269// GoString returns the string representation 12270func (s ListOrganizationalUnitsForParentInput) GoString() string { 12271 return s.String() 12272} 12273 12274// Validate inspects the fields of the type to determine if they are valid. 12275func (s *ListOrganizationalUnitsForParentInput) Validate() error { 12276 invalidParams := request.ErrInvalidParams{Context: "ListOrganizationalUnitsForParentInput"} 12277 if s.MaxResults != nil && *s.MaxResults < 1 { 12278 invalidParams.Add(request.NewErrParamMinValue("MaxResults", 1)) 12279 } 12280 if s.ParentId == nil { 12281 invalidParams.Add(request.NewErrParamRequired("ParentId")) 12282 } 12283 12284 if invalidParams.Len() > 0 { 12285 return invalidParams 12286 } 12287 return nil 12288} 12289 12290// SetMaxResults sets the MaxResults field's value. 12291func (s *ListOrganizationalUnitsForParentInput) SetMaxResults(v int64) *ListOrganizationalUnitsForParentInput { 12292 s.MaxResults = &v 12293 return s 12294} 12295 12296// SetNextToken sets the NextToken field's value. 12297func (s *ListOrganizationalUnitsForParentInput) SetNextToken(v string) *ListOrganizationalUnitsForParentInput { 12298 s.NextToken = &v 12299 return s 12300} 12301 12302// SetParentId sets the ParentId field's value. 12303func (s *ListOrganizationalUnitsForParentInput) SetParentId(v string) *ListOrganizationalUnitsForParentInput { 12304 s.ParentId = &v 12305 return s 12306} 12307 12308// See also, https://docs.aws.amazon.com/goto/WebAPI/organizations-2016-11-28/ListOrganizationalUnitsForParentResponse 12309type ListOrganizationalUnitsForParentOutput struct { 12310 _ struct{} `type:"structure"` 12311 12312 // If present, this value indicates that there is more output available than 12313 // is included in the current response. Use this value in the NextToken request 12314 // parameter in a subsequent call to the operation to get the next part of the 12315 // output. You should repeat this until the NextToken response element comes 12316 // back as null. 12317 NextToken *string `type:"string"` 12318 12319 // A list of the OUs in the specified root or parent OU. 12320 OrganizationalUnits []*OrganizationalUnit `type:"list"` 12321} 12322 12323// String returns the string representation 12324func (s ListOrganizationalUnitsForParentOutput) String() string { 12325 return awsutil.Prettify(s) 12326} 12327 12328// GoString returns the string representation 12329func (s ListOrganizationalUnitsForParentOutput) GoString() string { 12330 return s.String() 12331} 12332 12333// SetNextToken sets the NextToken field's value. 12334func (s *ListOrganizationalUnitsForParentOutput) SetNextToken(v string) *ListOrganizationalUnitsForParentOutput { 12335 s.NextToken = &v 12336 return s 12337} 12338 12339// SetOrganizationalUnits sets the OrganizationalUnits field's value. 12340func (s *ListOrganizationalUnitsForParentOutput) SetOrganizationalUnits(v []*OrganizationalUnit) *ListOrganizationalUnitsForParentOutput { 12341 s.OrganizationalUnits = v 12342 return s 12343} 12344 12345// See also, https://docs.aws.amazon.com/goto/WebAPI/organizations-2016-11-28/ListParentsRequest 12346type ListParentsInput struct { 12347 _ struct{} `type:"structure"` 12348 12349 // The unique identifier (ID) of the OU or account whose parent containers you 12350 // want to list. Do not specify a root. 12351 // 12352 // The regex pattern (http://wikipedia.org/wiki/regex) for a child ID string 12353 // requires one of the following: 12354 // 12355 // * Account: a string that consists of exactly 12 digits. 12356 // 12357 // * Organizational unit (OU): a string that begins with "ou-" followed by 12358 // from 4 to 32 lower-case letters or digits (the ID of the root that contains 12359 // the OU) followed by a second "-" dash and from 8 to 32 additional lower-case 12360 // letters or digits. 12361 // 12362 // ChildId is a required field 12363 ChildId *string `type:"string" required:"true"` 12364 12365 // (Optional) Use this to limit the number of results you want included in the 12366 // response. If you do not include this parameter, it defaults to a value that 12367 // is specific to the operation. If additional items exist beyond the maximum 12368 // you specify, the NextToken response element is present and has a value (is 12369 // not null). Include that value as the NextToken request parameter in the next 12370 // call to the operation to get the next part of the results. Note that Organizations 12371 // might return fewer results than the maximum even when there are more results 12372 // available. You should check NextToken after every operation to ensure that 12373 // you receive all of the results. 12374 MaxResults *int64 `min:"1" type:"integer"` 12375 12376 // Use this parameter if you receive a NextToken response in a previous request 12377 // that indicates that there is more output available. Set it to the value of 12378 // the previous call's NextToken response to indicate where the output should 12379 // continue from. 12380 NextToken *string `type:"string"` 12381} 12382 12383// String returns the string representation 12384func (s ListParentsInput) String() string { 12385 return awsutil.Prettify(s) 12386} 12387 12388// GoString returns the string representation 12389func (s ListParentsInput) GoString() string { 12390 return s.String() 12391} 12392 12393// Validate inspects the fields of the type to determine if they are valid. 12394func (s *ListParentsInput) Validate() error { 12395 invalidParams := request.ErrInvalidParams{Context: "ListParentsInput"} 12396 if s.ChildId == nil { 12397 invalidParams.Add(request.NewErrParamRequired("ChildId")) 12398 } 12399 if s.MaxResults != nil && *s.MaxResults < 1 { 12400 invalidParams.Add(request.NewErrParamMinValue("MaxResults", 1)) 12401 } 12402 12403 if invalidParams.Len() > 0 { 12404 return invalidParams 12405 } 12406 return nil 12407} 12408 12409// SetChildId sets the ChildId field's value. 12410func (s *ListParentsInput) SetChildId(v string) *ListParentsInput { 12411 s.ChildId = &v 12412 return s 12413} 12414 12415// SetMaxResults sets the MaxResults field's value. 12416func (s *ListParentsInput) SetMaxResults(v int64) *ListParentsInput { 12417 s.MaxResults = &v 12418 return s 12419} 12420 12421// SetNextToken sets the NextToken field's value. 12422func (s *ListParentsInput) SetNextToken(v string) *ListParentsInput { 12423 s.NextToken = &v 12424 return s 12425} 12426 12427// See also, https://docs.aws.amazon.com/goto/WebAPI/organizations-2016-11-28/ListParentsResponse 12428type ListParentsOutput struct { 12429 _ struct{} `type:"structure"` 12430 12431 // If present, this value indicates that there is more output available than 12432 // is included in the current response. Use this value in the NextToken request 12433 // parameter in a subsequent call to the operation to get the next part of the 12434 // output. You should repeat this until the NextToken response element comes 12435 // back as null. 12436 NextToken *string `type:"string"` 12437 12438 // A list of parents for the specified child account or OU. 12439 Parents []*Parent `type:"list"` 12440} 12441 12442// String returns the string representation 12443func (s ListParentsOutput) String() string { 12444 return awsutil.Prettify(s) 12445} 12446 12447// GoString returns the string representation 12448func (s ListParentsOutput) GoString() string { 12449 return s.String() 12450} 12451 12452// SetNextToken sets the NextToken field's value. 12453func (s *ListParentsOutput) SetNextToken(v string) *ListParentsOutput { 12454 s.NextToken = &v 12455 return s 12456} 12457 12458// SetParents sets the Parents field's value. 12459func (s *ListParentsOutput) SetParents(v []*Parent) *ListParentsOutput { 12460 s.Parents = v 12461 return s 12462} 12463 12464// See also, https://docs.aws.amazon.com/goto/WebAPI/organizations-2016-11-28/ListPoliciesForTargetRequest 12465type ListPoliciesForTargetInput struct { 12466 _ struct{} `type:"structure"` 12467 12468 // The type of policy that you want to include in the returned list. 12469 // 12470 // Filter is a required field 12471 Filter *string `type:"string" required:"true" enum:"PolicyType"` 12472 12473 // (Optional) Use this to limit the number of results you want included in the 12474 // response. If you do not include this parameter, it defaults to a value that 12475 // is specific to the operation. If additional items exist beyond the maximum 12476 // you specify, the NextToken response element is present and has a value (is 12477 // not null). Include that value as the NextToken request parameter in the next 12478 // call to the operation to get the next part of the results. Note that Organizations 12479 // might return fewer results than the maximum even when there are more results 12480 // available. You should check NextToken after every operation to ensure that 12481 // you receive all of the results. 12482 MaxResults *int64 `min:"1" type:"integer"` 12483 12484 // Use this parameter if you receive a NextToken response in a previous request 12485 // that indicates that there is more output available. Set it to the value of 12486 // the previous call's NextToken response to indicate where the output should 12487 // continue from. 12488 NextToken *string `type:"string"` 12489 12490 // The unique identifier (ID) of the root, organizational unit, or account whose 12491 // policies you want to list. 12492 // 12493 // The regex pattern (http://wikipedia.org/wiki/regex) for a target ID string 12494 // requires one of the following: 12495 // 12496 // * Root: a string that begins with "r-" followed by from 4 to 32 lower-case 12497 // letters or digits. 12498 // 12499 // * Account: a string that consists of exactly 12 digits. 12500 // 12501 // * Organizational unit (OU): a string that begins with "ou-" followed by 12502 // from 4 to 32 lower-case letters or digits (the ID of the root that the 12503 // OU is in) followed by a second "-" dash and from 8 to 32 additional lower-case 12504 // letters or digits. 12505 // 12506 // TargetId is a required field 12507 TargetId *string `type:"string" required:"true"` 12508} 12509 12510// String returns the string representation 12511func (s ListPoliciesForTargetInput) String() string { 12512 return awsutil.Prettify(s) 12513} 12514 12515// GoString returns the string representation 12516func (s ListPoliciesForTargetInput) GoString() string { 12517 return s.String() 12518} 12519 12520// Validate inspects the fields of the type to determine if they are valid. 12521func (s *ListPoliciesForTargetInput) Validate() error { 12522 invalidParams := request.ErrInvalidParams{Context: "ListPoliciesForTargetInput"} 12523 if s.Filter == nil { 12524 invalidParams.Add(request.NewErrParamRequired("Filter")) 12525 } 12526 if s.MaxResults != nil && *s.MaxResults < 1 { 12527 invalidParams.Add(request.NewErrParamMinValue("MaxResults", 1)) 12528 } 12529 if s.TargetId == nil { 12530 invalidParams.Add(request.NewErrParamRequired("TargetId")) 12531 } 12532 12533 if invalidParams.Len() > 0 { 12534 return invalidParams 12535 } 12536 return nil 12537} 12538 12539// SetFilter sets the Filter field's value. 12540func (s *ListPoliciesForTargetInput) SetFilter(v string) *ListPoliciesForTargetInput { 12541 s.Filter = &v 12542 return s 12543} 12544 12545// SetMaxResults sets the MaxResults field's value. 12546func (s *ListPoliciesForTargetInput) SetMaxResults(v int64) *ListPoliciesForTargetInput { 12547 s.MaxResults = &v 12548 return s 12549} 12550 12551// SetNextToken sets the NextToken field's value. 12552func (s *ListPoliciesForTargetInput) SetNextToken(v string) *ListPoliciesForTargetInput { 12553 s.NextToken = &v 12554 return s 12555} 12556 12557// SetTargetId sets the TargetId field's value. 12558func (s *ListPoliciesForTargetInput) SetTargetId(v string) *ListPoliciesForTargetInput { 12559 s.TargetId = &v 12560 return s 12561} 12562 12563// See also, https://docs.aws.amazon.com/goto/WebAPI/organizations-2016-11-28/ListPoliciesForTargetResponse 12564type ListPoliciesForTargetOutput struct { 12565 _ struct{} `type:"structure"` 12566 12567 // If present, this value indicates that there is more output available than 12568 // is included in the current response. Use this value in the NextToken request 12569 // parameter in a subsequent call to the operation to get the next part of the 12570 // output. You should repeat this until the NextToken response element comes 12571 // back as null. 12572 NextToken *string `type:"string"` 12573 12574 // The list of policies that match the criteria in the request. 12575 Policies []*PolicySummary `type:"list"` 12576} 12577 12578// String returns the string representation 12579func (s ListPoliciesForTargetOutput) String() string { 12580 return awsutil.Prettify(s) 12581} 12582 12583// GoString returns the string representation 12584func (s ListPoliciesForTargetOutput) GoString() string { 12585 return s.String() 12586} 12587 12588// SetNextToken sets the NextToken field's value. 12589func (s *ListPoliciesForTargetOutput) SetNextToken(v string) *ListPoliciesForTargetOutput { 12590 s.NextToken = &v 12591 return s 12592} 12593 12594// SetPolicies sets the Policies field's value. 12595func (s *ListPoliciesForTargetOutput) SetPolicies(v []*PolicySummary) *ListPoliciesForTargetOutput { 12596 s.Policies = v 12597 return s 12598} 12599 12600// See also, https://docs.aws.amazon.com/goto/WebAPI/organizations-2016-11-28/ListPoliciesRequest 12601type ListPoliciesInput struct { 12602 _ struct{} `type:"structure"` 12603 12604 // Specifies the type of policy that you want to include in the response. 12605 // 12606 // Filter is a required field 12607 Filter *string `type:"string" required:"true" enum:"PolicyType"` 12608 12609 // (Optional) Use this to limit the number of results you want included in the 12610 // response. If you do not include this parameter, it defaults to a value that 12611 // is specific to the operation. If additional items exist beyond the maximum 12612 // you specify, the NextToken response element is present and has a value (is 12613 // not null). Include that value as the NextToken request parameter in the next 12614 // call to the operation to get the next part of the results. Note that Organizations 12615 // might return fewer results than the maximum even when there are more results 12616 // available. You should check NextToken after every operation to ensure that 12617 // you receive all of the results. 12618 MaxResults *int64 `min:"1" type:"integer"` 12619 12620 // Use this parameter if you receive a NextToken response in a previous request 12621 // that indicates that there is more output available. Set it to the value of 12622 // the previous call's NextToken response to indicate where the output should 12623 // continue from. 12624 NextToken *string `type:"string"` 12625} 12626 12627// String returns the string representation 12628func (s ListPoliciesInput) String() string { 12629 return awsutil.Prettify(s) 12630} 12631 12632// GoString returns the string representation 12633func (s ListPoliciesInput) GoString() string { 12634 return s.String() 12635} 12636 12637// Validate inspects the fields of the type to determine if they are valid. 12638func (s *ListPoliciesInput) Validate() error { 12639 invalidParams := request.ErrInvalidParams{Context: "ListPoliciesInput"} 12640 if s.Filter == nil { 12641 invalidParams.Add(request.NewErrParamRequired("Filter")) 12642 } 12643 if s.MaxResults != nil && *s.MaxResults < 1 { 12644 invalidParams.Add(request.NewErrParamMinValue("MaxResults", 1)) 12645 } 12646 12647 if invalidParams.Len() > 0 { 12648 return invalidParams 12649 } 12650 return nil 12651} 12652 12653// SetFilter sets the Filter field's value. 12654func (s *ListPoliciesInput) SetFilter(v string) *ListPoliciesInput { 12655 s.Filter = &v 12656 return s 12657} 12658 12659// SetMaxResults sets the MaxResults field's value. 12660func (s *ListPoliciesInput) SetMaxResults(v int64) *ListPoliciesInput { 12661 s.MaxResults = &v 12662 return s 12663} 12664 12665// SetNextToken sets the NextToken field's value. 12666func (s *ListPoliciesInput) SetNextToken(v string) *ListPoliciesInput { 12667 s.NextToken = &v 12668 return s 12669} 12670 12671// See also, https://docs.aws.amazon.com/goto/WebAPI/organizations-2016-11-28/ListPoliciesResponse 12672type ListPoliciesOutput struct { 12673 _ struct{} `type:"structure"` 12674 12675 // If present, this value indicates that there is more output available than 12676 // is included in the current response. Use this value in the NextToken request 12677 // parameter in a subsequent call to the operation to get the next part of the 12678 // output. You should repeat this until the NextToken response element comes 12679 // back as null. 12680 NextToken *string `type:"string"` 12681 12682 // A list of policies that match the filter criteria in the request. The output 12683 // list does not include the policy contents. To see the content for a policy, 12684 // see DescribePolicy. 12685 Policies []*PolicySummary `type:"list"` 12686} 12687 12688// String returns the string representation 12689func (s ListPoliciesOutput) String() string { 12690 return awsutil.Prettify(s) 12691} 12692 12693// GoString returns the string representation 12694func (s ListPoliciesOutput) GoString() string { 12695 return s.String() 12696} 12697 12698// SetNextToken sets the NextToken field's value. 12699func (s *ListPoliciesOutput) SetNextToken(v string) *ListPoliciesOutput { 12700 s.NextToken = &v 12701 return s 12702} 12703 12704// SetPolicies sets the Policies field's value. 12705func (s *ListPoliciesOutput) SetPolicies(v []*PolicySummary) *ListPoliciesOutput { 12706 s.Policies = v 12707 return s 12708} 12709 12710// See also, https://docs.aws.amazon.com/goto/WebAPI/organizations-2016-11-28/ListRootsRequest 12711type ListRootsInput struct { 12712 _ struct{} `type:"structure"` 12713 12714 // (Optional) Use this to limit the number of results you want included in the 12715 // response. If you do not include this parameter, it defaults to a value that 12716 // is specific to the operation. If additional items exist beyond the maximum 12717 // you specify, the NextToken response element is present and has a value (is 12718 // not null). Include that value as the NextToken request parameter in the next 12719 // call to the operation to get the next part of the results. Note that Organizations 12720 // might return fewer results than the maximum even when there are more results 12721 // available. You should check NextToken after every operation to ensure that 12722 // you receive all of the results. 12723 MaxResults *int64 `min:"1" type:"integer"` 12724 12725 // Use this parameter if you receive a NextToken response in a previous request 12726 // that indicates that there is more output available. Set it to the value of 12727 // the previous call's NextToken response to indicate where the output should 12728 // continue from. 12729 NextToken *string `type:"string"` 12730} 12731 12732// String returns the string representation 12733func (s ListRootsInput) String() string { 12734 return awsutil.Prettify(s) 12735} 12736 12737// GoString returns the string representation 12738func (s ListRootsInput) GoString() string { 12739 return s.String() 12740} 12741 12742// Validate inspects the fields of the type to determine if they are valid. 12743func (s *ListRootsInput) Validate() error { 12744 invalidParams := request.ErrInvalidParams{Context: "ListRootsInput"} 12745 if s.MaxResults != nil && *s.MaxResults < 1 { 12746 invalidParams.Add(request.NewErrParamMinValue("MaxResults", 1)) 12747 } 12748 12749 if invalidParams.Len() > 0 { 12750 return invalidParams 12751 } 12752 return nil 12753} 12754 12755// SetMaxResults sets the MaxResults field's value. 12756func (s *ListRootsInput) SetMaxResults(v int64) *ListRootsInput { 12757 s.MaxResults = &v 12758 return s 12759} 12760 12761// SetNextToken sets the NextToken field's value. 12762func (s *ListRootsInput) SetNextToken(v string) *ListRootsInput { 12763 s.NextToken = &v 12764 return s 12765} 12766 12767// See also, https://docs.aws.amazon.com/goto/WebAPI/organizations-2016-11-28/ListRootsResponse 12768type ListRootsOutput struct { 12769 _ struct{} `type:"structure"` 12770 12771 // If present, this value indicates that there is more output available than 12772 // is included in the current response. Use this value in the NextToken request 12773 // parameter in a subsequent call to the operation to get the next part of the 12774 // output. You should repeat this until the NextToken response element comes 12775 // back as null. 12776 NextToken *string `type:"string"` 12777 12778 // A list of roots that are defined in an organization. 12779 Roots []*Root `type:"list"` 12780} 12781 12782// String returns the string representation 12783func (s ListRootsOutput) String() string { 12784 return awsutil.Prettify(s) 12785} 12786 12787// GoString returns the string representation 12788func (s ListRootsOutput) GoString() string { 12789 return s.String() 12790} 12791 12792// SetNextToken sets the NextToken field's value. 12793func (s *ListRootsOutput) SetNextToken(v string) *ListRootsOutput { 12794 s.NextToken = &v 12795 return s 12796} 12797 12798// SetRoots sets the Roots field's value. 12799func (s *ListRootsOutput) SetRoots(v []*Root) *ListRootsOutput { 12800 s.Roots = v 12801 return s 12802} 12803 12804// See also, https://docs.aws.amazon.com/goto/WebAPI/organizations-2016-11-28/ListTargetsForPolicyRequest 12805type ListTargetsForPolicyInput struct { 12806 _ struct{} `type:"structure"` 12807 12808 // (Optional) Use this to limit the number of results you want included in the 12809 // response. If you do not include this parameter, it defaults to a value that 12810 // is specific to the operation. If additional items exist beyond the maximum 12811 // you specify, the NextToken response element is present and has a value (is 12812 // not null). Include that value as the NextToken request parameter in the next 12813 // call to the operation to get the next part of the results. Note that Organizations 12814 // might return fewer results than the maximum even when there are more results 12815 // available. You should check NextToken after every operation to ensure that 12816 // you receive all of the results. 12817 MaxResults *int64 `min:"1" type:"integer"` 12818 12819 // Use this parameter if you receive a NextToken response in a previous request 12820 // that indicates that there is more output available. Set it to the value of 12821 // the previous call's NextToken response to indicate where the output should 12822 // continue from. 12823 NextToken *string `type:"string"` 12824 12825 // The unique identifier (ID) of the policy for which you want to know its attachments. 12826 // 12827 // The regex pattern (http://wikipedia.org/wiki/regex) for a policy ID string 12828 // requires "p-" followed by from 8 to 128 lower-case letters or digits. 12829 // 12830 // PolicyId is a required field 12831 PolicyId *string `type:"string" required:"true"` 12832} 12833 12834// String returns the string representation 12835func (s ListTargetsForPolicyInput) String() string { 12836 return awsutil.Prettify(s) 12837} 12838 12839// GoString returns the string representation 12840func (s ListTargetsForPolicyInput) GoString() string { 12841 return s.String() 12842} 12843 12844// Validate inspects the fields of the type to determine if they are valid. 12845func (s *ListTargetsForPolicyInput) Validate() error { 12846 invalidParams := request.ErrInvalidParams{Context: "ListTargetsForPolicyInput"} 12847 if s.MaxResults != nil && *s.MaxResults < 1 { 12848 invalidParams.Add(request.NewErrParamMinValue("MaxResults", 1)) 12849 } 12850 if s.PolicyId == nil { 12851 invalidParams.Add(request.NewErrParamRequired("PolicyId")) 12852 } 12853 12854 if invalidParams.Len() > 0 { 12855 return invalidParams 12856 } 12857 return nil 12858} 12859 12860// SetMaxResults sets the MaxResults field's value. 12861func (s *ListTargetsForPolicyInput) SetMaxResults(v int64) *ListTargetsForPolicyInput { 12862 s.MaxResults = &v 12863 return s 12864} 12865 12866// SetNextToken sets the NextToken field's value. 12867func (s *ListTargetsForPolicyInput) SetNextToken(v string) *ListTargetsForPolicyInput { 12868 s.NextToken = &v 12869 return s 12870} 12871 12872// SetPolicyId sets the PolicyId field's value. 12873func (s *ListTargetsForPolicyInput) SetPolicyId(v string) *ListTargetsForPolicyInput { 12874 s.PolicyId = &v 12875 return s 12876} 12877 12878// See also, https://docs.aws.amazon.com/goto/WebAPI/organizations-2016-11-28/ListTargetsForPolicyResponse 12879type ListTargetsForPolicyOutput struct { 12880 _ struct{} `type:"structure"` 12881 12882 // If present, this value indicates that there is more output available than 12883 // is included in the current response. Use this value in the NextToken request 12884 // parameter in a subsequent call to the operation to get the next part of the 12885 // output. You should repeat this until the NextToken response element comes 12886 // back as null. 12887 NextToken *string `type:"string"` 12888 12889 // A list of structures, each of which contains details about one of the entities 12890 // to which the specified policy is attached. 12891 Targets []*PolicyTargetSummary `type:"list"` 12892} 12893 12894// String returns the string representation 12895func (s ListTargetsForPolicyOutput) String() string { 12896 return awsutil.Prettify(s) 12897} 12898 12899// GoString returns the string representation 12900func (s ListTargetsForPolicyOutput) GoString() string { 12901 return s.String() 12902} 12903 12904// SetNextToken sets the NextToken field's value. 12905func (s *ListTargetsForPolicyOutput) SetNextToken(v string) *ListTargetsForPolicyOutput { 12906 s.NextToken = &v 12907 return s 12908} 12909 12910// SetTargets sets the Targets field's value. 12911func (s *ListTargetsForPolicyOutput) SetTargets(v []*PolicyTargetSummary) *ListTargetsForPolicyOutput { 12912 s.Targets = v 12913 return s 12914} 12915 12916// See also, https://docs.aws.amazon.com/goto/WebAPI/organizations-2016-11-28/MoveAccountRequest 12917type MoveAccountInput struct { 12918 _ struct{} `type:"structure"` 12919 12920 // The unique identifier (ID) of the account that you want to move. 12921 // 12922 // The regex pattern (http://wikipedia.org/wiki/regex) for an account ID string 12923 // requires exactly 12 digits. 12924 // 12925 // AccountId is a required field 12926 AccountId *string `type:"string" required:"true"` 12927 12928 // The unique identifier (ID) of the root or organizational unit that you want 12929 // to move the account to. 12930 // 12931 // The regex pattern (http://wikipedia.org/wiki/regex) for a parent ID string 12932 // requires one of the following: 12933 // 12934 // * Root: a string that begins with "r-" followed by from 4 to 32 lower-case 12935 // letters or digits. 12936 // 12937 // * Organizational unit (OU): a string that begins with "ou-" followed by 12938 // from 4 to 32 lower-case letters or digits (the ID of the root that the 12939 // OU is in) followed by a second "-" dash and from 8 to 32 additional lower-case 12940 // letters or digits. 12941 // 12942 // DestinationParentId is a required field 12943 DestinationParentId *string `type:"string" required:"true"` 12944 12945 // The unique identifier (ID) of the root or organizational unit that you want 12946 // to move the account from. 12947 // 12948 // The regex pattern (http://wikipedia.org/wiki/regex) for a parent ID string 12949 // requires one of the following: 12950 // 12951 // * Root: a string that begins with "r-" followed by from 4 to 32 lower-case 12952 // letters or digits. 12953 // 12954 // * Organizational unit (OU): a string that begins with "ou-" followed by 12955 // from 4 to 32 lower-case letters or digits (the ID of the root that the 12956 // OU is in) followed by a second "-" dash and from 8 to 32 additional lower-case 12957 // letters or digits. 12958 // 12959 // SourceParentId is a required field 12960 SourceParentId *string `type:"string" required:"true"` 12961} 12962 12963// String returns the string representation 12964func (s MoveAccountInput) String() string { 12965 return awsutil.Prettify(s) 12966} 12967 12968// GoString returns the string representation 12969func (s MoveAccountInput) GoString() string { 12970 return s.String() 12971} 12972 12973// Validate inspects the fields of the type to determine if they are valid. 12974func (s *MoveAccountInput) Validate() error { 12975 invalidParams := request.ErrInvalidParams{Context: "MoveAccountInput"} 12976 if s.AccountId == nil { 12977 invalidParams.Add(request.NewErrParamRequired("AccountId")) 12978 } 12979 if s.DestinationParentId == nil { 12980 invalidParams.Add(request.NewErrParamRequired("DestinationParentId")) 12981 } 12982 if s.SourceParentId == nil { 12983 invalidParams.Add(request.NewErrParamRequired("SourceParentId")) 12984 } 12985 12986 if invalidParams.Len() > 0 { 12987 return invalidParams 12988 } 12989 return nil 12990} 12991 12992// SetAccountId sets the AccountId field's value. 12993func (s *MoveAccountInput) SetAccountId(v string) *MoveAccountInput { 12994 s.AccountId = &v 12995 return s 12996} 12997 12998// SetDestinationParentId sets the DestinationParentId field's value. 12999func (s *MoveAccountInput) SetDestinationParentId(v string) *MoveAccountInput { 13000 s.DestinationParentId = &v 13001 return s 13002} 13003 13004// SetSourceParentId sets the SourceParentId field's value. 13005func (s *MoveAccountInput) SetSourceParentId(v string) *MoveAccountInput { 13006 s.SourceParentId = &v 13007 return s 13008} 13009 13010// See also, https://docs.aws.amazon.com/goto/WebAPI/organizations-2016-11-28/MoveAccountOutput 13011type MoveAccountOutput struct { 13012 _ struct{} `type:"structure"` 13013} 13014 13015// String returns the string representation 13016func (s MoveAccountOutput) String() string { 13017 return awsutil.Prettify(s) 13018} 13019 13020// GoString returns the string representation 13021func (s MoveAccountOutput) GoString() string { 13022 return s.String() 13023} 13024 13025// Contains details about an organization. An organization is a collection of 13026// accounts that are centrally managed together using consolidated billing, 13027// organized hierarchically with organizational units (OUs), and controlled 13028// with policies . 13029// See also, https://docs.aws.amazon.com/goto/WebAPI/organizations-2016-11-28/Organization 13030type Organization struct { 13031 _ struct{} `type:"structure"` 13032 13033 // The Amazon Resource Name (ARN) of an organization. 13034 // 13035 // For more information about ARNs in Organizations, see ARN Formats Supported 13036 // by Organizations (http://docs.aws.amazon.com/organizations/latest/userguide/orgs_permissions.html#orgs-permissions-arns) 13037 // in the AWS Organizations User Guide. 13038 Arn *string `type:"string"` 13039 13040 // A list of policy types that are enabled for this organization. For example, 13041 // if your organization has all features enabled, then service control policies 13042 // (SCPs) are included in the list. 13043 AvailablePolicyTypes []*PolicyTypeSummary `type:"list"` 13044 13045 // Specifies the functionality that currently is available to the organization. 13046 // If set to "ALL", then all features are enabled and policies can be applied 13047 // to accounts in the organization. If set to "CONSOLIDATED_BILLING", then only 13048 // consolidated billing functionality is available. For more information, see 13049 // Enabling All Features in Your Organization (http://docs.aws.amazon.com/IAM/latest/UserGuide/orgs_manage_org_support-all-features.html) 13050 // in the AWS Organizations User Guide. 13051 FeatureSet *string `type:"string" enum:"OrganizationFeatureSet"` 13052 13053 // The unique identifier (ID) of an organization. 13054 // 13055 // The regex pattern (http://wikipedia.org/wiki/regex) for an organization ID 13056 // string requires "o-" followed by from 10 to 32 lower-case letters or digits. 13057 Id *string `type:"string"` 13058 13059 // The Amazon Resource Name (ARN) of the account that is designated as the master 13060 // account for the organization. 13061 // 13062 // For more information about ARNs in Organizations, see ARN Formats Supported 13063 // by Organizations (http://docs.aws.amazon.com/organizations/latest/userguide/orgs_permissions.html#orgs-permissions-arns) 13064 // in the AWS Organizations User Guide. 13065 MasterAccountArn *string `type:"string"` 13066 13067 // The email address that is associated with the AWS account that is designated 13068 // as the master account for the organization. 13069 MasterAccountEmail *string `min:"6" type:"string"` 13070 13071 // The unique identifier (ID) of the master account of an organization. 13072 // 13073 // The regex pattern (http://wikipedia.org/wiki/regex) for an account ID string 13074 // requires exactly 12 digits. 13075 MasterAccountId *string `type:"string"` 13076} 13077 13078// String returns the string representation 13079func (s Organization) String() string { 13080 return awsutil.Prettify(s) 13081} 13082 13083// GoString returns the string representation 13084func (s Organization) GoString() string { 13085 return s.String() 13086} 13087 13088// SetArn sets the Arn field's value. 13089func (s *Organization) SetArn(v string) *Organization { 13090 s.Arn = &v 13091 return s 13092} 13093 13094// SetAvailablePolicyTypes sets the AvailablePolicyTypes field's value. 13095func (s *Organization) SetAvailablePolicyTypes(v []*PolicyTypeSummary) *Organization { 13096 s.AvailablePolicyTypes = v 13097 return s 13098} 13099 13100// SetFeatureSet sets the FeatureSet field's value. 13101func (s *Organization) SetFeatureSet(v string) *Organization { 13102 s.FeatureSet = &v 13103 return s 13104} 13105 13106// SetId sets the Id field's value. 13107func (s *Organization) SetId(v string) *Organization { 13108 s.Id = &v 13109 return s 13110} 13111 13112// SetMasterAccountArn sets the MasterAccountArn field's value. 13113func (s *Organization) SetMasterAccountArn(v string) *Organization { 13114 s.MasterAccountArn = &v 13115 return s 13116} 13117 13118// SetMasterAccountEmail sets the MasterAccountEmail field's value. 13119func (s *Organization) SetMasterAccountEmail(v string) *Organization { 13120 s.MasterAccountEmail = &v 13121 return s 13122} 13123 13124// SetMasterAccountId sets the MasterAccountId field's value. 13125func (s *Organization) SetMasterAccountId(v string) *Organization { 13126 s.MasterAccountId = &v 13127 return s 13128} 13129 13130// Contains details about an organizational unit (OU). An OU is a container 13131// of AWS accounts within a root of an organization. Policies that are attached 13132// to an OU apply to all accounts contained in that OU and in any child OUs. 13133// See also, https://docs.aws.amazon.com/goto/WebAPI/organizations-2016-11-28/OrganizationalUnit 13134type OrganizationalUnit struct { 13135 _ struct{} `type:"structure"` 13136 13137 // The Amazon Resource Name (ARN) of this OU. 13138 // 13139 // For more information about ARNs in Organizations, see ARN Formats Supported 13140 // by Organizations (http://docs.aws.amazon.com/organizations/latest/userguide/orgs_permissions.html#orgs-permissions-arns) 13141 // in the AWS Organizations User Guide. 13142 Arn *string `type:"string"` 13143 13144 // The unique identifier (ID) associated with this OU. 13145 // 13146 // The regex pattern (http://wikipedia.org/wiki/regex) for an organizational 13147 // unit ID string requires "ou-" followed by from 4 to 32 lower-case letters 13148 // or digits (the ID of the root that contains the OU) followed by a second 13149 // "-" dash and from 8 to 32 additional lower-case letters or digits. 13150 Id *string `type:"string"` 13151 13152 // The friendly name of this OU. 13153 // 13154 // The regex pattern (http://wikipedia.org/wiki/regex) that is used to validate 13155 // this parameter is a string of any of the characters in the ASCII character 13156 // range. 13157 Name *string `min:"1" type:"string"` 13158} 13159 13160// String returns the string representation 13161func (s OrganizationalUnit) String() string { 13162 return awsutil.Prettify(s) 13163} 13164 13165// GoString returns the string representation 13166func (s OrganizationalUnit) GoString() string { 13167 return s.String() 13168} 13169 13170// SetArn sets the Arn field's value. 13171func (s *OrganizationalUnit) SetArn(v string) *OrganizationalUnit { 13172 s.Arn = &v 13173 return s 13174} 13175 13176// SetId sets the Id field's value. 13177func (s *OrganizationalUnit) SetId(v string) *OrganizationalUnit { 13178 s.Id = &v 13179 return s 13180} 13181 13182// SetName sets the Name field's value. 13183func (s *OrganizationalUnit) SetName(v string) *OrganizationalUnit { 13184 s.Name = &v 13185 return s 13186} 13187 13188// Contains information about either a root or an organizational unit (OU) that 13189// can contain OUs or accounts in an organization. 13190// See also, https://docs.aws.amazon.com/goto/WebAPI/organizations-2016-11-28/Parent 13191type Parent struct { 13192 _ struct{} `type:"structure"` 13193 13194 // The unique identifier (ID) of the parent entity. 13195 // 13196 // The regex pattern (http://wikipedia.org/wiki/regex) for a parent ID string 13197 // requires one of the following: 13198 // 13199 // * Root: a string that begins with "r-" followed by from 4 to 32 lower-case 13200 // letters or digits. 13201 // 13202 // * Organizational unit (OU): a string that begins with "ou-" followed by 13203 // from 4 to 32 lower-case letters or digits (the ID of the root that the 13204 // OU is in) followed by a second "-" dash and from 8 to 32 additional lower-case 13205 // letters or digits. 13206 Id *string `type:"string"` 13207 13208 // The type of the parent entity. 13209 Type *string `type:"string" enum:"ParentType"` 13210} 13211 13212// String returns the string representation 13213func (s Parent) String() string { 13214 return awsutil.Prettify(s) 13215} 13216 13217// GoString returns the string representation 13218func (s Parent) GoString() string { 13219 return s.String() 13220} 13221 13222// SetId sets the Id field's value. 13223func (s *Parent) SetId(v string) *Parent { 13224 s.Id = &v 13225 return s 13226} 13227 13228// SetType sets the Type field's value. 13229func (s *Parent) SetType(v string) *Parent { 13230 s.Type = &v 13231 return s 13232} 13233 13234// Contains rules to be applied to the affected accounts. Policies can be attached 13235// directly to accounts, or to roots and OUs to affect all accounts in those 13236// hierarchies. 13237// See also, https://docs.aws.amazon.com/goto/WebAPI/organizations-2016-11-28/Policy 13238type Policy struct { 13239 _ struct{} `type:"structure"` 13240 13241 // The text content of the policy. 13242 Content *string `min:"1" type:"string"` 13243 13244 // A structure that contains additional details about the policy. 13245 PolicySummary *PolicySummary `type:"structure"` 13246} 13247 13248// String returns the string representation 13249func (s Policy) String() string { 13250 return awsutil.Prettify(s) 13251} 13252 13253// GoString returns the string representation 13254func (s Policy) GoString() string { 13255 return s.String() 13256} 13257 13258// SetContent sets the Content field's value. 13259func (s *Policy) SetContent(v string) *Policy { 13260 s.Content = &v 13261 return s 13262} 13263 13264// SetPolicySummary sets the PolicySummary field's value. 13265func (s *Policy) SetPolicySummary(v *PolicySummary) *Policy { 13266 s.PolicySummary = v 13267 return s 13268} 13269 13270// Contains information about a policy, but does not include the content. To 13271// see the content of a policy, see DescribePolicy. 13272// See also, https://docs.aws.amazon.com/goto/WebAPI/organizations-2016-11-28/PolicySummary 13273type PolicySummary struct { 13274 _ struct{} `type:"structure"` 13275 13276 // The Amazon Resource Name (ARN) of the policy. 13277 // 13278 // For more information about ARNs in Organizations, see ARN Formats Supported 13279 // by Organizations (http://docs.aws.amazon.com/organizations/latest/userguide/orgs_permissions.html#orgs-permissions-arns) 13280 // in the AWS Organizations User Guide. 13281 Arn *string `type:"string"` 13282 13283 // A boolean value that indicates whether the specified policy is an AWS managed 13284 // policy. If true, then you can attach the policy to roots, OUs, or accounts, 13285 // but you cannot edit it. 13286 AwsManaged *bool `type:"boolean"` 13287 13288 // The description of the policy. 13289 Description *string `type:"string"` 13290 13291 // The unique identifier (ID) of the policy. 13292 // 13293 // The regex pattern (http://wikipedia.org/wiki/regex) for a policy ID string 13294 // requires "p-" followed by from 8 to 128 lower-case letters or digits. 13295 Id *string `type:"string"` 13296 13297 // The friendly name of the policy. 13298 // 13299 // The regex pattern (http://wikipedia.org/wiki/regex) that is used to validate 13300 // this parameter is a string of any of the characters in the ASCII character 13301 // range. 13302 Name *string `min:"1" type:"string"` 13303 13304 // The type of policy. 13305 Type *string `type:"string" enum:"PolicyType"` 13306} 13307 13308// String returns the string representation 13309func (s PolicySummary) String() string { 13310 return awsutil.Prettify(s) 13311} 13312 13313// GoString returns the string representation 13314func (s PolicySummary) GoString() string { 13315 return s.String() 13316} 13317 13318// SetArn sets the Arn field's value. 13319func (s *PolicySummary) SetArn(v string) *PolicySummary { 13320 s.Arn = &v 13321 return s 13322} 13323 13324// SetAwsManaged sets the AwsManaged field's value. 13325func (s *PolicySummary) SetAwsManaged(v bool) *PolicySummary { 13326 s.AwsManaged = &v 13327 return s 13328} 13329 13330// SetDescription sets the Description field's value. 13331func (s *PolicySummary) SetDescription(v string) *PolicySummary { 13332 s.Description = &v 13333 return s 13334} 13335 13336// SetId sets the Id field's value. 13337func (s *PolicySummary) SetId(v string) *PolicySummary { 13338 s.Id = &v 13339 return s 13340} 13341 13342// SetName sets the Name field's value. 13343func (s *PolicySummary) SetName(v string) *PolicySummary { 13344 s.Name = &v 13345 return s 13346} 13347 13348// SetType sets the Type field's value. 13349func (s *PolicySummary) SetType(v string) *PolicySummary { 13350 s.Type = &v 13351 return s 13352} 13353 13354// Contains information about a root, OU, or account that a policy is attached 13355// to. 13356// See also, https://docs.aws.amazon.com/goto/WebAPI/organizations-2016-11-28/PolicyTargetSummary 13357type PolicyTargetSummary struct { 13358 _ struct{} `type:"structure"` 13359 13360 // The Amazon Resource Name (ARN) of the policy target. 13361 // 13362 // For more information about ARNs in Organizations, see ARN Formats Supported 13363 // by Organizations (http://docs.aws.amazon.com/organizations/latest/userguide/orgs_permissions.html#orgs-permissions-arns) 13364 // in the AWS Organizations User Guide. 13365 Arn *string `type:"string"` 13366 13367 // The friendly name of the policy target. 13368 // 13369 // The regex pattern (http://wikipedia.org/wiki/regex) that is used to validate 13370 // this parameter is a string of any of the characters in the ASCII character 13371 // range. 13372 Name *string `min:"1" type:"string"` 13373 13374 // The unique identifier (ID) of the policy target. 13375 // 13376 // The regex pattern (http://wikipedia.org/wiki/regex) for a target ID string 13377 // requires one of the following: 13378 // 13379 // * Root: a string that begins with "r-" followed by from 4 to 32 lower-case 13380 // letters or digits. 13381 // 13382 // * Account: a string that consists of exactly 12 digits. 13383 // 13384 // * Organizational unit (OU): a string that begins with "ou-" followed by 13385 // from 4 to 32 lower-case letters or digits (the ID of the root that the 13386 // OU is in) followed by a second "-" dash and from 8 to 32 additional lower-case 13387 // letters or digits. 13388 TargetId *string `type:"string"` 13389 13390 // The type of the policy target. 13391 Type *string `type:"string" enum:"TargetType"` 13392} 13393 13394// String returns the string representation 13395func (s PolicyTargetSummary) String() string { 13396 return awsutil.Prettify(s) 13397} 13398 13399// GoString returns the string representation 13400func (s PolicyTargetSummary) GoString() string { 13401 return s.String() 13402} 13403 13404// SetArn sets the Arn field's value. 13405func (s *PolicyTargetSummary) SetArn(v string) *PolicyTargetSummary { 13406 s.Arn = &v 13407 return s 13408} 13409 13410// SetName sets the Name field's value. 13411func (s *PolicyTargetSummary) SetName(v string) *PolicyTargetSummary { 13412 s.Name = &v 13413 return s 13414} 13415 13416// SetTargetId sets the TargetId field's value. 13417func (s *PolicyTargetSummary) SetTargetId(v string) *PolicyTargetSummary { 13418 s.TargetId = &v 13419 return s 13420} 13421 13422// SetType sets the Type field's value. 13423func (s *PolicyTargetSummary) SetType(v string) *PolicyTargetSummary { 13424 s.Type = &v 13425 return s 13426} 13427 13428// Contains information about a policy type and its status in the associated 13429// root. 13430// See also, https://docs.aws.amazon.com/goto/WebAPI/organizations-2016-11-28/PolicyTypeSummary 13431type PolicyTypeSummary struct { 13432 _ struct{} `type:"structure"` 13433 13434 // The status of the policy type as it relates to the associated root. To attach 13435 // a policy of the specified type to a root or to an OU or account in that root, 13436 // it must be available in the organization and enabled for that root. 13437 Status *string `type:"string" enum:"PolicyTypeStatus"` 13438 13439 // The name of the policy type. 13440 Type *string `type:"string" enum:"PolicyType"` 13441} 13442 13443// String returns the string representation 13444func (s PolicyTypeSummary) String() string { 13445 return awsutil.Prettify(s) 13446} 13447 13448// GoString returns the string representation 13449func (s PolicyTypeSummary) GoString() string { 13450 return s.String() 13451} 13452 13453// SetStatus sets the Status field's value. 13454func (s *PolicyTypeSummary) SetStatus(v string) *PolicyTypeSummary { 13455 s.Status = &v 13456 return s 13457} 13458 13459// SetType sets the Type field's value. 13460func (s *PolicyTypeSummary) SetType(v string) *PolicyTypeSummary { 13461 s.Type = &v 13462 return s 13463} 13464 13465// See also, https://docs.aws.amazon.com/goto/WebAPI/organizations-2016-11-28/RemoveAccountFromOrganizationRequest 13466type RemoveAccountFromOrganizationInput struct { 13467 _ struct{} `type:"structure"` 13468 13469 // The unique identifier (ID) of the member account that you want to remove 13470 // from the organization. 13471 // 13472 // The regex pattern (http://wikipedia.org/wiki/regex) for an account ID string 13473 // requires exactly 12 digits. 13474 // 13475 // AccountId is a required field 13476 AccountId *string `type:"string" required:"true"` 13477} 13478 13479// String returns the string representation 13480func (s RemoveAccountFromOrganizationInput) String() string { 13481 return awsutil.Prettify(s) 13482} 13483 13484// GoString returns the string representation 13485func (s RemoveAccountFromOrganizationInput) GoString() string { 13486 return s.String() 13487} 13488 13489// Validate inspects the fields of the type to determine if they are valid. 13490func (s *RemoveAccountFromOrganizationInput) Validate() error { 13491 invalidParams := request.ErrInvalidParams{Context: "RemoveAccountFromOrganizationInput"} 13492 if s.AccountId == nil { 13493 invalidParams.Add(request.NewErrParamRequired("AccountId")) 13494 } 13495 13496 if invalidParams.Len() > 0 { 13497 return invalidParams 13498 } 13499 return nil 13500} 13501 13502// SetAccountId sets the AccountId field's value. 13503func (s *RemoveAccountFromOrganizationInput) SetAccountId(v string) *RemoveAccountFromOrganizationInput { 13504 s.AccountId = &v 13505 return s 13506} 13507 13508// See also, https://docs.aws.amazon.com/goto/WebAPI/organizations-2016-11-28/RemoveAccountFromOrganizationOutput 13509type RemoveAccountFromOrganizationOutput struct { 13510 _ struct{} `type:"structure"` 13511} 13512 13513// String returns the string representation 13514func (s RemoveAccountFromOrganizationOutput) String() string { 13515 return awsutil.Prettify(s) 13516} 13517 13518// GoString returns the string representation 13519func (s RemoveAccountFromOrganizationOutput) GoString() string { 13520 return s.String() 13521} 13522 13523// Contains details about a root. A root is a top-level parent node in the hierarchy 13524// of an organization that can contain organizational units (OUs) and accounts. 13525// Every root contains every AWS account in the organization. Each root enables 13526// the accounts to be organized in a different way and to have different policy 13527// types enabled for use in that root. 13528// See also, https://docs.aws.amazon.com/goto/WebAPI/organizations-2016-11-28/Root 13529type Root struct { 13530 _ struct{} `type:"structure"` 13531 13532 // The Amazon Resource Name (ARN) of the root. 13533 // 13534 // For more information about ARNs in Organizations, see ARN Formats Supported 13535 // by Organizations (http://docs.aws.amazon.com/organizations/latest/userguide/orgs_permissions.html#orgs-permissions-arns) 13536 // in the AWS Organizations User Guide. 13537 Arn *string `type:"string"` 13538 13539 // The unique identifier (ID) for the root. 13540 // 13541 // The regex pattern (http://wikipedia.org/wiki/regex) for a root ID string 13542 // requires "r-" followed by from 4 to 32 lower-case letters or digits. 13543 Id *string `type:"string"` 13544 13545 // The friendly name of the root. 13546 // 13547 // The regex pattern (http://wikipedia.org/wiki/regex) that is used to validate 13548 // this parameter is a string of any of the characters in the ASCII character 13549 // range. 13550 Name *string `min:"1" type:"string"` 13551 13552 // The types of policies that are currently enabled for the root and therefore 13553 // can be attached to the root or to its OUs or accounts. 13554 PolicyTypes []*PolicyTypeSummary `type:"list"` 13555} 13556 13557// String returns the string representation 13558func (s Root) String() string { 13559 return awsutil.Prettify(s) 13560} 13561 13562// GoString returns the string representation 13563func (s Root) GoString() string { 13564 return s.String() 13565} 13566 13567// SetArn sets the Arn field's value. 13568func (s *Root) SetArn(v string) *Root { 13569 s.Arn = &v 13570 return s 13571} 13572 13573// SetId sets the Id field's value. 13574func (s *Root) SetId(v string) *Root { 13575 s.Id = &v 13576 return s 13577} 13578 13579// SetName sets the Name field's value. 13580func (s *Root) SetName(v string) *Root { 13581 s.Name = &v 13582 return s 13583} 13584 13585// SetPolicyTypes sets the PolicyTypes field's value. 13586func (s *Root) SetPolicyTypes(v []*PolicyTypeSummary) *Root { 13587 s.PolicyTypes = v 13588 return s 13589} 13590 13591// See also, https://docs.aws.amazon.com/goto/WebAPI/organizations-2016-11-28/UpdateOrganizationalUnitRequest 13592type UpdateOrganizationalUnitInput struct { 13593 _ struct{} `type:"structure"` 13594 13595 // The new name that you want to assign to the OU. 13596 // 13597 // The regex pattern (http://wikipedia.org/wiki/regex) that is used to validate 13598 // this parameter is a string of any of the characters in the ASCII character 13599 // range. 13600 Name *string `min:"1" type:"string"` 13601 13602 // The unique identifier (ID) of the OU that you want to rename. You can get 13603 // the ID from the ListOrganizationalUnitsForParent operation. 13604 // 13605 // The regex pattern (http://wikipedia.org/wiki/regex) for an organizational 13606 // unit ID string requires "ou-" followed by from 4 to 32 lower-case letters 13607 // or digits (the ID of the root that contains the OU) followed by a second 13608 // "-" dash and from 8 to 32 additional lower-case letters or digits. 13609 // 13610 // OrganizationalUnitId is a required field 13611 OrganizationalUnitId *string `type:"string" required:"true"` 13612} 13613 13614// String returns the string representation 13615func (s UpdateOrganizationalUnitInput) String() string { 13616 return awsutil.Prettify(s) 13617} 13618 13619// GoString returns the string representation 13620func (s UpdateOrganizationalUnitInput) GoString() string { 13621 return s.String() 13622} 13623 13624// Validate inspects the fields of the type to determine if they are valid. 13625func (s *UpdateOrganizationalUnitInput) Validate() error { 13626 invalidParams := request.ErrInvalidParams{Context: "UpdateOrganizationalUnitInput"} 13627 if s.Name != nil && len(*s.Name) < 1 { 13628 invalidParams.Add(request.NewErrParamMinLen("Name", 1)) 13629 } 13630 if s.OrganizationalUnitId == nil { 13631 invalidParams.Add(request.NewErrParamRequired("OrganizationalUnitId")) 13632 } 13633 13634 if invalidParams.Len() > 0 { 13635 return invalidParams 13636 } 13637 return nil 13638} 13639 13640// SetName sets the Name field's value. 13641func (s *UpdateOrganizationalUnitInput) SetName(v string) *UpdateOrganizationalUnitInput { 13642 s.Name = &v 13643 return s 13644} 13645 13646// SetOrganizationalUnitId sets the OrganizationalUnitId field's value. 13647func (s *UpdateOrganizationalUnitInput) SetOrganizationalUnitId(v string) *UpdateOrganizationalUnitInput { 13648 s.OrganizationalUnitId = &v 13649 return s 13650} 13651 13652// See also, https://docs.aws.amazon.com/goto/WebAPI/organizations-2016-11-28/UpdateOrganizationalUnitResponse 13653type UpdateOrganizationalUnitOutput struct { 13654 _ struct{} `type:"structure"` 13655 13656 // A structure that contains the details about the specified OU, including its 13657 // new name. 13658 OrganizationalUnit *OrganizationalUnit `type:"structure"` 13659} 13660 13661// String returns the string representation 13662func (s UpdateOrganizationalUnitOutput) String() string { 13663 return awsutil.Prettify(s) 13664} 13665 13666// GoString returns the string representation 13667func (s UpdateOrganizationalUnitOutput) GoString() string { 13668 return s.String() 13669} 13670 13671// SetOrganizationalUnit sets the OrganizationalUnit field's value. 13672func (s *UpdateOrganizationalUnitOutput) SetOrganizationalUnit(v *OrganizationalUnit) *UpdateOrganizationalUnitOutput { 13673 s.OrganizationalUnit = v 13674 return s 13675} 13676 13677// See also, https://docs.aws.amazon.com/goto/WebAPI/organizations-2016-11-28/UpdatePolicyRequest 13678type UpdatePolicyInput struct { 13679 _ struct{} `type:"structure"` 13680 13681 // If provided, the new content for the policy. The text must be correctly formatted 13682 // JSON that complies with the syntax for the policy's type. For more information, 13683 // see Service Control Policy Syntax (http://docs.aws.amazon.com/organizations/latest/userguide/orgs_reference_scp-syntax.html) 13684 // in the AWS Organizations User Guide. 13685 Content *string `min:"1" type:"string"` 13686 13687 // If provided, the new description for the policy. 13688 Description *string `type:"string"` 13689 13690 // If provided, the new name for the policy. 13691 // 13692 // The regex pattern (http://wikipedia.org/wiki/regex) that is used to validate 13693 // this parameter is a string of any of the characters in the ASCII character 13694 // range. 13695 Name *string `min:"1" type:"string"` 13696 13697 // The unique identifier (ID) of the policy that you want to update. 13698 // 13699 // The regex pattern (http://wikipedia.org/wiki/regex) for a policy ID string 13700 // requires "p-" followed by from 8 to 128 lower-case letters or digits. 13701 // 13702 // PolicyId is a required field 13703 PolicyId *string `type:"string" required:"true"` 13704} 13705 13706// String returns the string representation 13707func (s UpdatePolicyInput) String() string { 13708 return awsutil.Prettify(s) 13709} 13710 13711// GoString returns the string representation 13712func (s UpdatePolicyInput) GoString() string { 13713 return s.String() 13714} 13715 13716// Validate inspects the fields of the type to determine if they are valid. 13717func (s *UpdatePolicyInput) Validate() error { 13718 invalidParams := request.ErrInvalidParams{Context: "UpdatePolicyInput"} 13719 if s.Content != nil && len(*s.Content) < 1 { 13720 invalidParams.Add(request.NewErrParamMinLen("Content", 1)) 13721 } 13722 if s.Name != nil && len(*s.Name) < 1 { 13723 invalidParams.Add(request.NewErrParamMinLen("Name", 1)) 13724 } 13725 if s.PolicyId == nil { 13726 invalidParams.Add(request.NewErrParamRequired("PolicyId")) 13727 } 13728 13729 if invalidParams.Len() > 0 { 13730 return invalidParams 13731 } 13732 return nil 13733} 13734 13735// SetContent sets the Content field's value. 13736func (s *UpdatePolicyInput) SetContent(v string) *UpdatePolicyInput { 13737 s.Content = &v 13738 return s 13739} 13740 13741// SetDescription sets the Description field's value. 13742func (s *UpdatePolicyInput) SetDescription(v string) *UpdatePolicyInput { 13743 s.Description = &v 13744 return s 13745} 13746 13747// SetName sets the Name field's value. 13748func (s *UpdatePolicyInput) SetName(v string) *UpdatePolicyInput { 13749 s.Name = &v 13750 return s 13751} 13752 13753// SetPolicyId sets the PolicyId field's value. 13754func (s *UpdatePolicyInput) SetPolicyId(v string) *UpdatePolicyInput { 13755 s.PolicyId = &v 13756 return s 13757} 13758 13759// See also, https://docs.aws.amazon.com/goto/WebAPI/organizations-2016-11-28/UpdatePolicyResponse 13760type UpdatePolicyOutput struct { 13761 _ struct{} `type:"structure"` 13762 13763 // A structure that contains details about the updated policy, showing the requested 13764 // changes. 13765 Policy *Policy `type:"structure"` 13766} 13767 13768// String returns the string representation 13769func (s UpdatePolicyOutput) String() string { 13770 return awsutil.Prettify(s) 13771} 13772 13773// GoString returns the string representation 13774func (s UpdatePolicyOutput) GoString() string { 13775 return s.String() 13776} 13777 13778// SetPolicy sets the Policy field's value. 13779func (s *UpdatePolicyOutput) SetPolicy(v *Policy) *UpdatePolicyOutput { 13780 s.Policy = v 13781 return s 13782} 13783 13784const ( 13785 // AccessDeniedForDependencyExceptionReasonAccessDeniedDuringCreateServiceLinkedRole is a AccessDeniedForDependencyExceptionReason enum value 13786 AccessDeniedForDependencyExceptionReasonAccessDeniedDuringCreateServiceLinkedRole = "ACCESS_DENIED_DURING_CREATE_SERVICE_LINKED_ROLE" 13787) 13788 13789const ( 13790 // AccountJoinedMethodInvited is a AccountJoinedMethod enum value 13791 AccountJoinedMethodInvited = "INVITED" 13792 13793 // AccountJoinedMethodCreated is a AccountJoinedMethod enum value 13794 AccountJoinedMethodCreated = "CREATED" 13795) 13796 13797const ( 13798 // AccountStatusActive is a AccountStatus enum value 13799 AccountStatusActive = "ACTIVE" 13800 13801 // AccountStatusSuspended is a AccountStatus enum value 13802 AccountStatusSuspended = "SUSPENDED" 13803) 13804 13805const ( 13806 // ActionTypeInvite is a ActionType enum value 13807 ActionTypeInvite = "INVITE" 13808 13809 // ActionTypeEnableAllFeatures is a ActionType enum value 13810 ActionTypeEnableAllFeatures = "ENABLE_ALL_FEATURES" 13811 13812 // ActionTypeApproveAllFeatures is a ActionType enum value 13813 ActionTypeApproveAllFeatures = "APPROVE_ALL_FEATURES" 13814 13815 // ActionTypeAddOrganizationsServiceLinkedRole is a ActionType enum value 13816 ActionTypeAddOrganizationsServiceLinkedRole = "ADD_ORGANIZATIONS_SERVICE_LINKED_ROLE" 13817) 13818 13819const ( 13820 // ChildTypeAccount is a ChildType enum value 13821 ChildTypeAccount = "ACCOUNT" 13822 13823 // ChildTypeOrganizationalUnit is a ChildType enum value 13824 ChildTypeOrganizationalUnit = "ORGANIZATIONAL_UNIT" 13825) 13826 13827const ( 13828 // ConstraintViolationExceptionReasonAccountNumberLimitExceeded is a ConstraintViolationExceptionReason enum value 13829 ConstraintViolationExceptionReasonAccountNumberLimitExceeded = "ACCOUNT_NUMBER_LIMIT_EXCEEDED" 13830 13831 // ConstraintViolationExceptionReasonHandshakeRateLimitExceeded is a ConstraintViolationExceptionReason enum value 13832 ConstraintViolationExceptionReasonHandshakeRateLimitExceeded = "HANDSHAKE_RATE_LIMIT_EXCEEDED" 13833 13834 // ConstraintViolationExceptionReasonOuNumberLimitExceeded is a ConstraintViolationExceptionReason enum value 13835 ConstraintViolationExceptionReasonOuNumberLimitExceeded = "OU_NUMBER_LIMIT_EXCEEDED" 13836 13837 // ConstraintViolationExceptionReasonOuDepthLimitExceeded is a ConstraintViolationExceptionReason enum value 13838 ConstraintViolationExceptionReasonOuDepthLimitExceeded = "OU_DEPTH_LIMIT_EXCEEDED" 13839 13840 // ConstraintViolationExceptionReasonPolicyNumberLimitExceeded is a ConstraintViolationExceptionReason enum value 13841 ConstraintViolationExceptionReasonPolicyNumberLimitExceeded = "POLICY_NUMBER_LIMIT_EXCEEDED" 13842 13843 // ConstraintViolationExceptionReasonMaxPolicyTypeAttachmentLimitExceeded is a ConstraintViolationExceptionReason enum value 13844 ConstraintViolationExceptionReasonMaxPolicyTypeAttachmentLimitExceeded = "MAX_POLICY_TYPE_ATTACHMENT_LIMIT_EXCEEDED" 13845 13846 // ConstraintViolationExceptionReasonMinPolicyTypeAttachmentLimitExceeded is a ConstraintViolationExceptionReason enum value 13847 ConstraintViolationExceptionReasonMinPolicyTypeAttachmentLimitExceeded = "MIN_POLICY_TYPE_ATTACHMENT_LIMIT_EXCEEDED" 13848 13849 // ConstraintViolationExceptionReasonAccountCannotLeaveOrganization is a ConstraintViolationExceptionReason enum value 13850 ConstraintViolationExceptionReasonAccountCannotLeaveOrganization = "ACCOUNT_CANNOT_LEAVE_ORGANIZATION" 13851 13852 // ConstraintViolationExceptionReasonAccountCannotLeaveWithoutEula is a ConstraintViolationExceptionReason enum value 13853 ConstraintViolationExceptionReasonAccountCannotLeaveWithoutEula = "ACCOUNT_CANNOT_LEAVE_WITHOUT_EULA" 13854 13855 // ConstraintViolationExceptionReasonAccountCannotLeaveWithoutPhoneVerification is a ConstraintViolationExceptionReason enum value 13856 ConstraintViolationExceptionReasonAccountCannotLeaveWithoutPhoneVerification = "ACCOUNT_CANNOT_LEAVE_WITHOUT_PHONE_VERIFICATION" 13857 13858 // ConstraintViolationExceptionReasonMasterAccountPaymentInstrumentRequired is a ConstraintViolationExceptionReason enum value 13859 ConstraintViolationExceptionReasonMasterAccountPaymentInstrumentRequired = "MASTER_ACCOUNT_PAYMENT_INSTRUMENT_REQUIRED" 13860 13861 // ConstraintViolationExceptionReasonMemberAccountPaymentInstrumentRequired is a ConstraintViolationExceptionReason enum value 13862 ConstraintViolationExceptionReasonMemberAccountPaymentInstrumentRequired = "MEMBER_ACCOUNT_PAYMENT_INSTRUMENT_REQUIRED" 13863 13864 // ConstraintViolationExceptionReasonAccountCreationRateLimitExceeded is a ConstraintViolationExceptionReason enum value 13865 ConstraintViolationExceptionReasonAccountCreationRateLimitExceeded = "ACCOUNT_CREATION_RATE_LIMIT_EXCEEDED" 13866 13867 // ConstraintViolationExceptionReasonMasterAccountAddressDoesNotMatchMarketplace is a ConstraintViolationExceptionReason enum value 13868 ConstraintViolationExceptionReasonMasterAccountAddressDoesNotMatchMarketplace = "MASTER_ACCOUNT_ADDRESS_DOES_NOT_MATCH_MARKETPLACE" 13869 13870 // ConstraintViolationExceptionReasonMasterAccountMissingContactInfo is a ConstraintViolationExceptionReason enum value 13871 ConstraintViolationExceptionReasonMasterAccountMissingContactInfo = "MASTER_ACCOUNT_MISSING_CONTACT_INFO" 13872 13873 // ConstraintViolationExceptionReasonOrganizationNotInAllFeaturesMode is a ConstraintViolationExceptionReason enum value 13874 ConstraintViolationExceptionReasonOrganizationNotInAllFeaturesMode = "ORGANIZATION_NOT_IN_ALL_FEATURES_MODE" 13875) 13876 13877const ( 13878 // CreateAccountFailureReasonAccountLimitExceeded is a CreateAccountFailureReason enum value 13879 CreateAccountFailureReasonAccountLimitExceeded = "ACCOUNT_LIMIT_EXCEEDED" 13880 13881 // CreateAccountFailureReasonEmailAlreadyExists is a CreateAccountFailureReason enum value 13882 CreateAccountFailureReasonEmailAlreadyExists = "EMAIL_ALREADY_EXISTS" 13883 13884 // CreateAccountFailureReasonInvalidAddress is a CreateAccountFailureReason enum value 13885 CreateAccountFailureReasonInvalidAddress = "INVALID_ADDRESS" 13886 13887 // CreateAccountFailureReasonInvalidEmail is a CreateAccountFailureReason enum value 13888 CreateAccountFailureReasonInvalidEmail = "INVALID_EMAIL" 13889 13890 // CreateAccountFailureReasonConcurrentAccountModification is a CreateAccountFailureReason enum value 13891 CreateAccountFailureReasonConcurrentAccountModification = "CONCURRENT_ACCOUNT_MODIFICATION" 13892 13893 // CreateAccountFailureReasonInternalFailure is a CreateAccountFailureReason enum value 13894 CreateAccountFailureReasonInternalFailure = "INTERNAL_FAILURE" 13895) 13896 13897const ( 13898 // CreateAccountStateInProgress is a CreateAccountState enum value 13899 CreateAccountStateInProgress = "IN_PROGRESS" 13900 13901 // CreateAccountStateSucceeded is a CreateAccountState enum value 13902 CreateAccountStateSucceeded = "SUCCEEDED" 13903 13904 // CreateAccountStateFailed is a CreateAccountState enum value 13905 CreateAccountStateFailed = "FAILED" 13906) 13907 13908const ( 13909 // HandshakeConstraintViolationExceptionReasonAccountNumberLimitExceeded is a HandshakeConstraintViolationExceptionReason enum value 13910 HandshakeConstraintViolationExceptionReasonAccountNumberLimitExceeded = "ACCOUNT_NUMBER_LIMIT_EXCEEDED" 13911 13912 // HandshakeConstraintViolationExceptionReasonHandshakeRateLimitExceeded is a HandshakeConstraintViolationExceptionReason enum value 13913 HandshakeConstraintViolationExceptionReasonHandshakeRateLimitExceeded = "HANDSHAKE_RATE_LIMIT_EXCEEDED" 13914 13915 // HandshakeConstraintViolationExceptionReasonAlreadyInAnOrganization is a HandshakeConstraintViolationExceptionReason enum value 13916 HandshakeConstraintViolationExceptionReasonAlreadyInAnOrganization = "ALREADY_IN_AN_ORGANIZATION" 13917 13918 // HandshakeConstraintViolationExceptionReasonOrganizationAlreadyHasAllFeatures is a HandshakeConstraintViolationExceptionReason enum value 13919 HandshakeConstraintViolationExceptionReasonOrganizationAlreadyHasAllFeatures = "ORGANIZATION_ALREADY_HAS_ALL_FEATURES" 13920 13921 // HandshakeConstraintViolationExceptionReasonInviteDisabledDuringEnableAllFeatures is a HandshakeConstraintViolationExceptionReason enum value 13922 HandshakeConstraintViolationExceptionReasonInviteDisabledDuringEnableAllFeatures = "INVITE_DISABLED_DURING_ENABLE_ALL_FEATURES" 13923 13924 // HandshakeConstraintViolationExceptionReasonPaymentInstrumentRequired is a HandshakeConstraintViolationExceptionReason enum value 13925 HandshakeConstraintViolationExceptionReasonPaymentInstrumentRequired = "PAYMENT_INSTRUMENT_REQUIRED" 13926 13927 // HandshakeConstraintViolationExceptionReasonOrganizationFromDifferentSellerOfRecord is a HandshakeConstraintViolationExceptionReason enum value 13928 HandshakeConstraintViolationExceptionReasonOrganizationFromDifferentSellerOfRecord = "ORGANIZATION_FROM_DIFFERENT_SELLER_OF_RECORD" 13929 13930 // HandshakeConstraintViolationExceptionReasonOrganizationMembershipChangeRateLimitExceeded is a HandshakeConstraintViolationExceptionReason enum value 13931 HandshakeConstraintViolationExceptionReasonOrganizationMembershipChangeRateLimitExceeded = "ORGANIZATION_MEMBERSHIP_CHANGE_RATE_LIMIT_EXCEEDED" 13932) 13933 13934const ( 13935 // HandshakePartyTypeAccount is a HandshakePartyType enum value 13936 HandshakePartyTypeAccount = "ACCOUNT" 13937 13938 // HandshakePartyTypeOrganization is a HandshakePartyType enum value 13939 HandshakePartyTypeOrganization = "ORGANIZATION" 13940 13941 // HandshakePartyTypeEmail is a HandshakePartyType enum value 13942 HandshakePartyTypeEmail = "EMAIL" 13943) 13944 13945const ( 13946 // HandshakeResourceTypeAccount is a HandshakeResourceType enum value 13947 HandshakeResourceTypeAccount = "ACCOUNT" 13948 13949 // HandshakeResourceTypeOrganization is a HandshakeResourceType enum value 13950 HandshakeResourceTypeOrganization = "ORGANIZATION" 13951 13952 // HandshakeResourceTypeOrganizationFeatureSet is a HandshakeResourceType enum value 13953 HandshakeResourceTypeOrganizationFeatureSet = "ORGANIZATION_FEATURE_SET" 13954 13955 // HandshakeResourceTypeEmail is a HandshakeResourceType enum value 13956 HandshakeResourceTypeEmail = "EMAIL" 13957 13958 // HandshakeResourceTypeMasterEmail is a HandshakeResourceType enum value 13959 HandshakeResourceTypeMasterEmail = "MASTER_EMAIL" 13960 13961 // HandshakeResourceTypeMasterName is a HandshakeResourceType enum value 13962 HandshakeResourceTypeMasterName = "MASTER_NAME" 13963 13964 // HandshakeResourceTypeNotes is a HandshakeResourceType enum value 13965 HandshakeResourceTypeNotes = "NOTES" 13966 13967 // HandshakeResourceTypeParentHandshake is a HandshakeResourceType enum value 13968 HandshakeResourceTypeParentHandshake = "PARENT_HANDSHAKE" 13969) 13970 13971const ( 13972 // HandshakeStateRequested is a HandshakeState enum value 13973 HandshakeStateRequested = "REQUESTED" 13974 13975 // HandshakeStateOpen is a HandshakeState enum value 13976 HandshakeStateOpen = "OPEN" 13977 13978 // HandshakeStateCanceled is a HandshakeState enum value 13979 HandshakeStateCanceled = "CANCELED" 13980 13981 // HandshakeStateAccepted is a HandshakeState enum value 13982 HandshakeStateAccepted = "ACCEPTED" 13983 13984 // HandshakeStateDeclined is a HandshakeState enum value 13985 HandshakeStateDeclined = "DECLINED" 13986 13987 // HandshakeStateExpired is a HandshakeState enum value 13988 HandshakeStateExpired = "EXPIRED" 13989) 13990 13991const ( 13992 // IAMUserAccessToBillingAllow is a IAMUserAccessToBilling enum value 13993 IAMUserAccessToBillingAllow = "ALLOW" 13994 13995 // IAMUserAccessToBillingDeny is a IAMUserAccessToBilling enum value 13996 IAMUserAccessToBillingDeny = "DENY" 13997) 13998 13999const ( 14000 // InvalidInputExceptionReasonInvalidPartyTypeTarget is a InvalidInputExceptionReason enum value 14001 InvalidInputExceptionReasonInvalidPartyTypeTarget = "INVALID_PARTY_TYPE_TARGET" 14002 14003 // InvalidInputExceptionReasonInvalidSyntaxOrganizationArn is a InvalidInputExceptionReason enum value 14004 InvalidInputExceptionReasonInvalidSyntaxOrganizationArn = "INVALID_SYNTAX_ORGANIZATION_ARN" 14005 14006 // InvalidInputExceptionReasonInvalidSyntaxPolicyId is a InvalidInputExceptionReason enum value 14007 InvalidInputExceptionReasonInvalidSyntaxPolicyId = "INVALID_SYNTAX_POLICY_ID" 14008 14009 // InvalidInputExceptionReasonInvalidEnum is a InvalidInputExceptionReason enum value 14010 InvalidInputExceptionReasonInvalidEnum = "INVALID_ENUM" 14011 14012 // InvalidInputExceptionReasonInvalidListMember is a InvalidInputExceptionReason enum value 14013 InvalidInputExceptionReasonInvalidListMember = "INVALID_LIST_MEMBER" 14014 14015 // InvalidInputExceptionReasonMaxLengthExceeded is a InvalidInputExceptionReason enum value 14016 InvalidInputExceptionReasonMaxLengthExceeded = "MAX_LENGTH_EXCEEDED" 14017 14018 // InvalidInputExceptionReasonMaxValueExceeded is a InvalidInputExceptionReason enum value 14019 InvalidInputExceptionReasonMaxValueExceeded = "MAX_VALUE_EXCEEDED" 14020 14021 // InvalidInputExceptionReasonMinLengthExceeded is a InvalidInputExceptionReason enum value 14022 InvalidInputExceptionReasonMinLengthExceeded = "MIN_LENGTH_EXCEEDED" 14023 14024 // InvalidInputExceptionReasonMinValueExceeded is a InvalidInputExceptionReason enum value 14025 InvalidInputExceptionReasonMinValueExceeded = "MIN_VALUE_EXCEEDED" 14026 14027 // InvalidInputExceptionReasonImmutablePolicy is a InvalidInputExceptionReason enum value 14028 InvalidInputExceptionReasonImmutablePolicy = "IMMUTABLE_POLICY" 14029 14030 // InvalidInputExceptionReasonInvalidPattern is a InvalidInputExceptionReason enum value 14031 InvalidInputExceptionReasonInvalidPattern = "INVALID_PATTERN" 14032 14033 // InvalidInputExceptionReasonInvalidPatternTargetId is a InvalidInputExceptionReason enum value 14034 InvalidInputExceptionReasonInvalidPatternTargetId = "INVALID_PATTERN_TARGET_ID" 14035 14036 // InvalidInputExceptionReasonInputRequired is a InvalidInputExceptionReason enum value 14037 InvalidInputExceptionReasonInputRequired = "INPUT_REQUIRED" 14038 14039 // InvalidInputExceptionReasonInvalidNextToken is a InvalidInputExceptionReason enum value 14040 InvalidInputExceptionReasonInvalidNextToken = "INVALID_NEXT_TOKEN" 14041 14042 // InvalidInputExceptionReasonMaxLimitExceededFilter is a InvalidInputExceptionReason enum value 14043 InvalidInputExceptionReasonMaxLimitExceededFilter = "MAX_LIMIT_EXCEEDED_FILTER" 14044 14045 // InvalidInputExceptionReasonMovingAccountBetweenDifferentRoots is a InvalidInputExceptionReason enum value 14046 InvalidInputExceptionReasonMovingAccountBetweenDifferentRoots = "MOVING_ACCOUNT_BETWEEN_DIFFERENT_ROOTS" 14047 14048 // InvalidInputExceptionReasonInvalidFullNameTarget is a InvalidInputExceptionReason enum value 14049 InvalidInputExceptionReasonInvalidFullNameTarget = "INVALID_FULL_NAME_TARGET" 14050 14051 // InvalidInputExceptionReasonUnrecognizedServicePrincipal is a InvalidInputExceptionReason enum value 14052 InvalidInputExceptionReasonUnrecognizedServicePrincipal = "UNRECOGNIZED_SERVICE_PRINCIPAL" 14053) 14054 14055const ( 14056 // OrganizationFeatureSetAll is a OrganizationFeatureSet enum value 14057 OrganizationFeatureSetAll = "ALL" 14058 14059 // OrganizationFeatureSetConsolidatedBilling is a OrganizationFeatureSet enum value 14060 OrganizationFeatureSetConsolidatedBilling = "CONSOLIDATED_BILLING" 14061) 14062 14063const ( 14064 // ParentTypeRoot is a ParentType enum value 14065 ParentTypeRoot = "ROOT" 14066 14067 // ParentTypeOrganizationalUnit is a ParentType enum value 14068 ParentTypeOrganizationalUnit = "ORGANIZATIONAL_UNIT" 14069) 14070 14071const ( 14072 // PolicyTypeServiceControlPolicy is a PolicyType enum value 14073 PolicyTypeServiceControlPolicy = "SERVICE_CONTROL_POLICY" 14074) 14075 14076const ( 14077 // PolicyTypeStatusEnabled is a PolicyTypeStatus enum value 14078 PolicyTypeStatusEnabled = "ENABLED" 14079 14080 // PolicyTypeStatusPendingEnable is a PolicyTypeStatus enum value 14081 PolicyTypeStatusPendingEnable = "PENDING_ENABLE" 14082 14083 // PolicyTypeStatusPendingDisable is a PolicyTypeStatus enum value 14084 PolicyTypeStatusPendingDisable = "PENDING_DISABLE" 14085) 14086 14087const ( 14088 // TargetTypeAccount is a TargetType enum value 14089 TargetTypeAccount = "ACCOUNT" 14090 14091 // TargetTypeOrganizationalUnit is a TargetType enum value 14092 TargetTypeOrganizationalUnit = "ORGANIZATIONAL_UNIT" 14093 14094 // TargetTypeRoot is a TargetType enum value 14095 TargetTypeRoot = "ROOT" 14096) 14097