// Code generated by smithy-go-codegen DO NOT EDIT. package types import ( smithydocument "github.com/aws/smithy-go/document" "time" ) // Contains information about an Amazon Web Services account that is a member of // an organization. type Account struct { // The Amazon Resource Name (ARN) of the account. For more information about ARNs // in Organizations, see ARN Formats Supported by Organizations (https://docs.aws.amazon.com/service-authorization/latest/reference/list_awsorganizations.html#awsorganizations-resources-for-iam-policies) // in the Amazon Web Services Service Authorization Reference. Arn *string // The email address associated with the Amazon Web Services account. The regex // pattern (http://wikipedia.org/wiki/regex) for this parameter is a string of // characters that represents a standard internet email address. Email *string // The unique identifier (ID) of the account. The regex pattern (http://wikipedia.org/wiki/regex) // for an account ID string requires exactly 12 digits. Id *string // The method by which the account joined the organization. JoinedMethod AccountJoinedMethod // The date the account became a part of the organization. JoinedTimestamp *time.Time // The friendly name of the account. The regex pattern (http://wikipedia.org/wiki/regex) // that is used to validate this parameter is a string of any of the characters in // the ASCII character range. Name *string // The status of the account in the organization. Status AccountStatus noSmithyDocumentSerde } // Contains a list of child entities, either OUs or accounts. type Child struct { // The unique identifier (ID) of this child entity. The regex pattern (http://wikipedia.org/wiki/regex) // for a child ID string requires one of the following: // - Account - A string that consists of exactly 12 digits. // - Organizational unit (OU) - A string that begins with "ou-" followed by from // 4 to 32 lowercase letters or digits (the ID of the root that contains the OU). // This string is followed by a second "-" dash and from 8 to 32 additional // lowercase letters or digits. Id *string // The type of this child entity. Type ChildType noSmithyDocumentSerde } // Contains the status about a CreateAccount or CreateGovCloudAccount request to // create an Amazon Web Services account or an Amazon Web Services GovCloud (US) // account in an organization. type CreateAccountStatus struct { // If the account was created successfully, the unique identifier (ID) of the new // account. The regex pattern (http://wikipedia.org/wiki/regex) for an account ID // string requires exactly 12 digits. AccountId *string // The account name given to the account when it was created. AccountName *string // The date and time that the account was created and the request completed. CompletedTimestamp *time.Time // If the request failed, a description of the reason for the failure. // - ACCOUNT_LIMIT_EXCEEDED: The account couldn't be created because you reached // the limit on the number of accounts in your organization. // - CONCURRENT_ACCOUNT_MODIFICATION: You already submitted a request with the // same information. // - EMAIL_ALREADY_EXISTS: The account could not be created because another // Amazon Web Services account with that email address already exists. // - FAILED_BUSINESS_VALIDATION: The Amazon Web Services account that owns your // organization failed to receive business license validation. // - GOVCLOUD_ACCOUNT_ALREADY_EXISTS: The account in the Amazon Web Services // GovCloud (US) Region could not be created because this Region already includes // an account with that email address. // - IDENTITY_INVALID_BUSINESS_VALIDATION: The Amazon Web Services account that // owns your organization can't complete business license validation because it // doesn't have valid identity data. // - INVALID_ADDRESS: The account could not be created because the address you // provided is not valid. // - INVALID_EMAIL: The account could not be created because the email address // you provided is not valid. // - INVALID_PAYMENT_INSTRUMENT: The Amazon Web Services account that owns your // organization does not have a supported payment method associated with the // account. Amazon Web Services does not support cards issued by financial // institutions in Russia or Belarus. For more information, see Managing your // Amazon Web Services payments (https://docs.aws.amazon.com/awsaccountbilling/latest/aboutv2/manage-general.html) // . // - INTERNAL_FAILURE: The account could not be created because of an internal // failure. Try again later. If the problem persists, contact Amazon Web Services // Customer Support. // - MISSING_BUSINESS_VALIDATION: The Amazon Web Services account that owns your // organization has not received Business Validation. // - MISSING_PAYMENT_INSTRUMENT: You must configure the management account with // a valid payment method, such as a credit card. // - PENDING_BUSINESS_VALIDATION: The Amazon Web Services account that owns your // organization is still in the process of completing business license validation. // - UNKNOWN_BUSINESS_VALIDATION: The Amazon Web Services account that owns your // organization has an unknown issue with business license validation. FailureReason CreateAccountFailureReason // If the account was created successfully, the unique identifier (ID) of the new // account in the Amazon Web Services GovCloud (US) Region. GovCloudAccountId *string // The unique identifier (ID) that references this request. You get this value // from the response of the initial CreateAccount request to create the account. // The regex pattern (http://wikipedia.org/wiki/regex) for a create account // request ID string requires "car-" followed by from 8 to 32 lowercase letters or // digits. Id *string // The date and time that the request was made for the account creation. RequestedTimestamp *time.Time // The status of the asynchronous request to create an Amazon Web Services account. State CreateAccountState noSmithyDocumentSerde } // Contains information about the delegated administrator. type DelegatedAdministrator struct { // The Amazon Resource Name (ARN) of the delegated administrator's account. Arn *string // The date when the account was made a delegated administrator. DelegationEnabledDate *time.Time // The email address that is associated with the delegated administrator's Amazon // Web Services account. Email *string // The unique identifier (ID) of the delegated administrator's account. Id *string // The method by which the delegated administrator's account joined the // organization. JoinedMethod AccountJoinedMethod // The date when the delegated administrator's account became a part of the // organization. JoinedTimestamp *time.Time // The friendly name of the delegated administrator's account. Name *string // The status of the delegated administrator's account in the organization. Status AccountStatus noSmithyDocumentSerde } // Contains information about the Amazon Web Services service for which the // account is a delegated administrator. type DelegatedService struct { // The date that the account became a delegated administrator for this service. DelegationEnabledDate *time.Time // The name of an Amazon Web Services service that can request an operation for // the specified service. This is typically in the form of a URL, such as: // servicename.amazonaws.com . ServicePrincipal *string noSmithyDocumentSerde } // Contains rules to be applied to the affected accounts. The effective policy is // the aggregation of any policies the account inherits, plus any policy directly // attached to the account. type EffectivePolicy struct { // The time of the last update to this policy. LastUpdatedTimestamp *time.Time // The text content of the policy. PolicyContent *string // The policy type. PolicyType EffectivePolicyType // The account ID of the policy target. TargetId *string noSmithyDocumentSerde } // A structure that contains details of a service principal that represents an // Amazon Web Services service that is enabled to integrate with Organizations. type EnabledServicePrincipal struct { // The date that the service principal was enabled for integration with // Organizations. DateEnabled *time.Time // The name of the service principal. This is typically in the form of a URL, such // as: servicename.amazonaws.com . ServicePrincipal *string noSmithyDocumentSerde } // Contains information that must be exchanged to securely establish a // relationship between two accounts (an originator and a recipient). For example, // when a management account (the originator) invites another account (the // recipient) to join its organization, the two accounts exchange information as a // series of handshake requests and responses. Note: Handshakes that are CANCELED , // ACCEPTED , DECLINED , or EXPIRED show up in lists for only 30 days after // entering that state After that they are deleted. type Handshake struct { // The type of handshake, indicating what action occurs when the recipient accepts // the handshake. The following handshake types are supported: // - INVITE: This type of handshake represents a request to join an // organization. It is always sent from the management account to only non-member // accounts. // - ENABLE_ALL_FEATURES: This type of handshake represents a request to enable // all features in an organization. It is always sent from the management account // to only invited member accounts. Created accounts do not receive this because // those accounts were created by the organization's management account and // approval is inferred. // - APPROVE_ALL_FEATURES: This type of handshake is sent from the Organizations // service when all member accounts have approved the ENABLE_ALL_FEATURES // invitation. It is sent only to the management account and signals the master // that it can finalize the process to enable all features. Action ActionType // The Amazon Resource Name (ARN) of a handshake. For more information about ARNs // in Organizations, see ARN Formats Supported by Organizations (https://docs.aws.amazon.com/service-authorization/latest/reference/list_awsorganizations.html#awsorganizations-resources-for-iam-policies) // in the Amazon Web Services Service Authorization Reference. Arn *string // The date and time that the handshake expires. If the recipient of the handshake // request fails to respond before the specified date and time, the handshake // becomes inactive and is no longer valid. ExpirationTimestamp *time.Time // The unique identifier (ID) of a handshake. The originating account creates the // ID when it initiates the handshake. The regex pattern (http://wikipedia.org/wiki/regex) // for handshake ID string requires "h-" followed by from 8 to 32 lowercase letters // or digits. Id *string // Information about the two accounts that are participating in the handshake. Parties []HandshakeParty // The date and time that the handshake request was made. RequestedTimestamp *time.Time // Additional information that is needed to process the handshake. Resources []HandshakeResource // The current state of the handshake. Use the state to trace the flow of the // handshake through the process from its creation to its acceptance. The meaning // of each of the valid values is as follows: // - REQUESTED: This handshake was sent to multiple recipients (applicable to // only some handshake types) and not all recipients have responded yet. The // request stays in this state until all recipients respond. // - OPEN: This handshake was sent to multiple recipients (applicable to only // some policy types) and all recipients have responded, allowing the originator to // complete the handshake action. // - CANCELED: This handshake is no longer active because it was canceled by the // originating account. // - ACCEPTED: This handshake is complete because it has been accepted by the // recipient. // - DECLINED: This handshake is no longer active because it was declined by the // recipient account. // - EXPIRED: This handshake is no longer active because the originator did not // receive a response of any kind from the recipient before the expiration time (15 // days). State HandshakeState noSmithyDocumentSerde } // Specifies the criteria that are used to select the handshakes for the operation. type HandshakeFilter struct { // Specifies the type of handshake action. If you specify ActionType , you cannot // also specify ParentHandshakeId . ActionType ActionType // Specifies the parent handshake. Only used for handshake types that are a child // of another type. If you specify ParentHandshakeId , you cannot also specify // ActionType . The regex pattern (http://wikipedia.org/wiki/regex) for handshake // ID string requires "h-" followed by from 8 to 32 lowercase letters or digits. ParentHandshakeId *string noSmithyDocumentSerde } // Identifies a participant in a handshake. type HandshakeParty struct { // The unique identifier (ID) for the party. The regex pattern (http://wikipedia.org/wiki/regex) // for handshake ID string requires "h-" followed by from 8 to 32 lowercase letters // or digits. // // This member is required. Id *string // The type of party. // // This member is required. Type HandshakePartyType noSmithyDocumentSerde } // Contains additional data that is needed to process a handshake. type HandshakeResource struct { // When needed, contains an additional array of HandshakeResource objects. Resources []HandshakeResource // The type of information being passed, specifying how the value is to be // interpreted by the other party: // - ACCOUNT - Specifies an Amazon Web Services account ID number. // - ORGANIZATION - Specifies an organization ID number. // - EMAIL - Specifies the email address that is associated with the account that // receives the handshake. // - OWNER_EMAIL - Specifies the email address associated with the management // account. Included as information about an organization. // - OWNER_NAME - Specifies the name associated with the management account. // Included as information about an organization. // - NOTES - Additional text provided by the handshake initiator and intended for // the recipient to read. Type HandshakeResourceType // The information that is passed to the other party in the handshake. The format // of the value string must match the requirements of the specified type. Value *string noSmithyDocumentSerde } // Contains details about an organization. An organization is a collection of // accounts that are centrally managed together using consolidated billing, // organized hierarchically with organizational units (OUs), and controlled with // policies . type Organization struct { // The Amazon Resource Name (ARN) of an organization. For more information about // ARNs in Organizations, see ARN Formats Supported by Organizations (https://docs.aws.amazon.com/service-authorization/latest/reference/list_awsorganizations.html#awsorganizations-resources-for-iam-policies) // in the Amazon Web Services Service Authorization Reference. Arn *string // Do not use. This field is deprecated and doesn't provide complete information // about the policies in your organization. To determine the policies that are // enabled and available for use in your organization, use the ListRoots operation // instead. AvailablePolicyTypes []PolicyTypeSummary // Specifies the functionality that currently is available to the organization. If // set to "ALL", then all features are enabled and policies can be applied to // accounts in the organization. If set to "CONSOLIDATED_BILLING", then only // consolidated billing functionality is available. For more information, see // Enabling All Features in Your Organization (https://docs.aws.amazon.com/organizations/latest/userguide/orgs_manage_org_support-all-features.html) // in the Organizations User Guide. FeatureSet OrganizationFeatureSet // The unique identifier (ID) of an organization. The regex pattern (http://wikipedia.org/wiki/regex) // for an organization ID string requires "o-" followed by from 10 to 32 lowercase // letters or digits. Id *string // The Amazon Resource Name (ARN) of the account that is designated as the // management account for the organization. For more information about ARNs in // Organizations, see ARN Formats Supported by Organizations (https://docs.aws.amazon.com/service-authorization/latest/reference/list_awsorganizations.html#awsorganizations-resources-for-iam-policies) // in the Amazon Web Services Service Authorization Reference. MasterAccountArn *string // The email address that is associated with the Amazon Web Services account that // is designated as the management account for the organization. MasterAccountEmail *string // The unique identifier (ID) of the management account of an organization. The // regex pattern (http://wikipedia.org/wiki/regex) for an account ID string // requires exactly 12 digits. MasterAccountId *string noSmithyDocumentSerde } // Contains details about an organizational unit (OU). An OU is a container of // Amazon Web Services accounts within a root of an organization. Policies that are // attached to an OU apply to all accounts contained in that OU and in any child // OUs. type OrganizationalUnit struct { // The Amazon Resource Name (ARN) of this OU. For more information about ARNs in // Organizations, see ARN Formats Supported by Organizations (https://docs.aws.amazon.com/service-authorization/latest/reference/list_awsorganizations.html#awsorganizations-resources-for-iam-policies) // in the Amazon Web Services Service Authorization Reference. Arn *string // The unique identifier (ID) associated with this OU. The regex pattern (http://wikipedia.org/wiki/regex) // for an organizational unit ID string requires "ou-" followed by from 4 to 32 // lowercase letters or digits (the ID of the root that contains the OU). This // string is followed by a second "-" dash and from 8 to 32 additional lowercase // letters or digits. Id *string // The friendly name of this OU. The regex pattern (http://wikipedia.org/wiki/regex) // that is used to validate this parameter is a string of any of the characters in // the ASCII character range. Name *string noSmithyDocumentSerde } // Contains information about either a root or an organizational unit (OU) that // can contain OUs or accounts in an organization. type Parent struct { // The unique identifier (ID) of the parent entity. The regex pattern (http://wikipedia.org/wiki/regex) // for a parent ID string requires one of the following: // - Root - A string that begins with "r-" followed by from 4 to 32 lowercase // letters or digits. // - Organizational unit (OU) - A string that begins with "ou-" followed by from // 4 to 32 lowercase letters or digits (the ID of the root that the OU is in). This // string is followed by a second "-" dash and from 8 to 32 additional lowercase // letters or digits. Id *string // The type of the parent entity. Type ParentType noSmithyDocumentSerde } // Contains rules to be applied to the affected accounts. Policies can be attached // directly to accounts, or to roots and OUs to affect all accounts in those // hierarchies. type Policy struct { // The text content of the policy. Content *string // A structure that contains additional details about the policy. PolicySummary *PolicySummary noSmithyDocumentSerde } // Contains information about a policy, but does not include the content. To see // the content of a policy, see DescribePolicy . type PolicySummary struct { // The Amazon Resource Name (ARN) of the policy. For more information about ARNs // in Organizations, see ARN Formats Supported by Organizations (https://docs.aws.amazon.com/service-authorization/latest/reference/list_awsorganizations.html#awsorganizations-resources-for-iam-policies) // in the Amazon Web Services Service Authorization Reference. Arn *string // A boolean value that indicates whether the specified policy is an Amazon Web // Services managed policy. If true, then you can attach the policy to roots, OUs, // or accounts, but you cannot edit it. AwsManaged bool // The description of the policy. Description *string // The unique identifier (ID) of the policy. The regex pattern (http://wikipedia.org/wiki/regex) // for a policy ID string requires "p-" followed by from 8 to 128 lowercase or // uppercase letters, digits, or the underscore character (_). Id *string // The friendly name of the policy. The regex pattern (http://wikipedia.org/wiki/regex) // that is used to validate this parameter is a string of any of the characters in // the ASCII character range. Name *string // The type of policy. Type PolicyType noSmithyDocumentSerde } // Contains information about a root, OU, or account that a policy is attached to. type PolicyTargetSummary struct { // The Amazon Resource Name (ARN) of the policy target. For more information about // ARNs in Organizations, see ARN Formats Supported by Organizations (https://docs.aws.amazon.com/service-authorization/latest/reference/list_awsorganizations.html#awsorganizations-resources-for-iam-policies) // in the Amazon Web Services Service Authorization Reference. Arn *string // The friendly name of the policy target. The regex pattern (http://wikipedia.org/wiki/regex) // that is used to validate this parameter is a string of any of the characters in // the ASCII character range. Name *string // The unique identifier (ID) of the policy target. The regex pattern (http://wikipedia.org/wiki/regex) // for a target ID string requires one of the following: // - Root - A string that begins with "r-" followed by from 4 to 32 lowercase // letters or digits. // - Account - A string that consists of exactly 12 digits. // - Organizational unit (OU) - A string that begins with "ou-" followed by from // 4 to 32 lowercase letters or digits (the ID of the root that the OU is in). This // string is followed by a second "-" dash and from 8 to 32 additional lowercase // letters or digits. TargetId *string // The type of the policy target. Type TargetType noSmithyDocumentSerde } // Contains information about a policy type and its status in the associated root. type PolicyTypeSummary struct { // The status of the policy type as it relates to the associated root. To attach a // policy of the specified type to a root or to an OU or account in that root, it // must be available in the organization and enabled for that root. Status PolicyTypeStatus // The name of the policy type. Type PolicyType noSmithyDocumentSerde } // A structure that contains details about a resource policy. type ResourcePolicy struct { // The policy text of the resource policy. Content *string // A structure that contains resource policy ID and Amazon Resource Name (ARN). ResourcePolicySummary *ResourcePolicySummary noSmithyDocumentSerde } // A structure that contains resource policy ID and Amazon Resource Name (ARN). type ResourcePolicySummary struct { // The Amazon Resource Name (ARN) of the resource policy. Arn *string // The unique identifier (ID) of the resource policy. Id *string noSmithyDocumentSerde } // Contains details about a root. A root is a top-level parent node in the // hierarchy of an organization that can contain organizational units (OUs) and // accounts. The root contains every Amazon Web Services account in the // organization. type Root struct { // The Amazon Resource Name (ARN) of the root. For more information about ARNs in // Organizations, see ARN Formats Supported by Organizations (https://docs.aws.amazon.com/service-authorization/latest/reference/list_awsorganizations.html#awsorganizations-resources-for-iam-policies) // in the Amazon Web Services Service Authorization Reference. Arn *string // The unique identifier (ID) for the root. The regex pattern (http://wikipedia.org/wiki/regex) // for a root ID string requires "r-" followed by from 4 to 32 lowercase letters or // digits. Id *string // The friendly name of the root. The regex pattern (http://wikipedia.org/wiki/regex) // that is used to validate this parameter is a string of any of the characters in // the ASCII character range. Name *string // The types of policies that are currently enabled for the root and therefore can // be attached to the root or to its OUs or accounts. Even if a policy type is // shown as available in the organization, you can separately enable and disable // them at the root level by using EnablePolicyType and DisablePolicyType . Use // DescribeOrganization to see the availability of the policy types in that // organization. PolicyTypes []PolicyTypeSummary noSmithyDocumentSerde } // A custom key-value pair associated with a resource within your organization. // You can attach tags to any of the following organization resources. // - Amazon Web Services account // - Organizational unit (OU) // - Organization root // - Policy type Tag struct { // The key identifier, or name, of the tag. // // This member is required. Key *string // The string value that's associated with the key of the tag. You can set the // value of a tag to an empty string, but you can't set the value of a tag to null. // // This member is required. Value *string noSmithyDocumentSerde } type noSmithyDocumentSerde = smithydocument.NoSerde