/*
* Copyright Amazon.com, Inc. or its affiliates. All Rights Reserved.
*
* Licensed under the Apache License, Version 2.0 (the "License").
* You may not use this file except in compliance with the License.
* A copy of the License is located at
*
* http://aws.amazon.com/apache2.0
*
* or in the "license" file accompanying this file. This file is distributed
* on an "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either
* express or implied. See the License for the specific language governing
* permissions and limitations under the License.
*/
/*
* Do not modify this file. This file is generated from the controltower-2018-05-10.normal.json service model.
*/
using System;
using System.Runtime.ExceptionServices;
using System.Threading;
using System.Threading.Tasks;
using System.Collections.Generic;
using System.Net;
using Amazon.ControlTower.Model;
using Amazon.ControlTower.Model.Internal.MarshallTransformations;
using Amazon.ControlTower.Internal;
using Amazon.Runtime;
using Amazon.Runtime.Internal;
using Amazon.Runtime.Internal.Auth;
using Amazon.Runtime.Internal.Transform;
namespace Amazon.ControlTower
{
///
/// Implementation for accessing ControlTower
///
/// These interfaces allow you to apply the AWS library of pre-defined controls
/// to your organizational units, programmatically. In this context, controls are the
/// same as AWS Control Tower guardrails.
///
///
///
/// To call these APIs, you'll need to know:
///
/// -
///
/// the
ControlARN for the control--that is, the guardrail--you are targeting,
///
/// -
///
/// and the ARN associated with the target organizational unit (OU).
///
///
///
/// To get the ControlARN for your AWS Control Tower guardrail:
///
///
///
/// The ControlARN contains the control name which is specified in each guardrail.
/// For a list of control names for Strongly recommended and Elective guardrails,
/// see Resource
/// identifiers for APIs and guardrails in the Automating
/// tasks section of the AWS Control Tower User Guide. Remember that Mandatory
/// guardrails cannot be added or removed.
///
///
///
/// ARN format: arn:aws:controltower:{REGION}::control/{CONTROL_NAME}
///
///
///
///
/// Example:
///
///
///
/// arn:aws:controltower:us-west-2::control/AWS-GR_AUTOSCALING_LAUNCH_CONFIG_PUBLIC_IP_DISABLED
///
///
///
///
/// To get the ARN for an OU:
///
///
///
/// In the AWS Organizations console, you can find the ARN for the OU on the Organizational
/// unit details page associated with that OU.
///
///
///
/// OU ARN format:
///
///
///
/// arn:${Partition}:organizations::${MasterAccountId}:ou/o-${OrganizationId}/ou-${OrganizationalUnitId}
///
///
/// Details and examples
///
///
///
/// To view the open source resource repository on GitHub, see aws-cloudformation/aws-cloudformation-resource-providers-controltower
///
///
///
///
/// Recording API Requests
///
///
///
/// AWS Control Tower supports AWS CloudTrail, a service that records AWS API calls for
/// your AWS account and delivers log files to an Amazon S3 bucket. By using information
/// collected by CloudTrail, you can determine which requests the AWS Control Tower service
/// received, who made the request and when, and so on. For more about AWS Control Tower
/// and its support for CloudTrail, see Logging
/// AWS Control Tower Actions with AWS CloudTrail in the AWS Control Tower User Guide.
/// To learn more about CloudTrail, including how to turn it on and find your log files,
/// see the AWS CloudTrail User Guide.
///
///
public partial class AmazonControlTowerClient : AmazonServiceClient, IAmazonControlTower
{
private static IServiceMetadata serviceMetadata = new AmazonControlTowerMetadata();
private IControlTowerPaginatorFactory _paginators;
///
/// Paginators for the service
///
public IControlTowerPaginatorFactory Paginators
{
get
{
if (this._paginators == null)
{
this._paginators = new ControlTowerPaginatorFactory(this);
}
return this._paginators;
}
}
#region Constructors
///
/// Constructs AmazonControlTowerClient with the credentials loaded from the application's
/// default configuration, and if unsuccessful from the Instance Profile service on an EC2 instance.
///
/// Example App.config with credentials set.
///
/// <?xml version="1.0" encoding="utf-8" ?>
/// <configuration>
/// <appSettings>
/// <add key="AWSProfileName" value="AWS Default"/>
/// </appSettings>
/// </configuration>
///
///
///
public AmazonControlTowerClient()
: base(FallbackCredentialsFactory.GetCredentials(), new AmazonControlTowerConfig()) { }
///
/// Constructs AmazonControlTowerClient with the credentials loaded from the application's
/// default configuration, and if unsuccessful from the Instance Profile service on an EC2 instance.
///
/// Example App.config with credentials set.
///
/// <?xml version="1.0" encoding="utf-8" ?>
/// <configuration>
/// <appSettings>
/// <add key="AWSProfileName" value="AWS Default"/>
/// </appSettings>
/// </configuration>
///
///
///
/// The region to connect.
public AmazonControlTowerClient(RegionEndpoint region)
: base(FallbackCredentialsFactory.GetCredentials(), new AmazonControlTowerConfig{RegionEndpoint = region}) { }
///
/// Constructs AmazonControlTowerClient with the credentials loaded from the application's
/// default configuration, and if unsuccessful from the Instance Profile service on an EC2 instance.
///
/// Example App.config with credentials set.
///
/// <?xml version="1.0" encoding="utf-8" ?>
/// <configuration>
/// <appSettings>
/// <add key="AWSProfileName" value="AWS Default"/>
/// </appSettings>
/// </configuration>
///
///
///
/// The AmazonControlTowerClient Configuration Object
public AmazonControlTowerClient(AmazonControlTowerConfig config)
: base(FallbackCredentialsFactory.GetCredentials(config), config){}
///
/// Constructs AmazonControlTowerClient with AWS Credentials
///
/// AWS Credentials
public AmazonControlTowerClient(AWSCredentials credentials)
: this(credentials, new AmazonControlTowerConfig())
{
}
///
/// Constructs AmazonControlTowerClient with AWS Credentials
///
/// AWS Credentials
/// The region to connect.
public AmazonControlTowerClient(AWSCredentials credentials, RegionEndpoint region)
: this(credentials, new AmazonControlTowerConfig{RegionEndpoint = region})
{
}
///
/// Constructs AmazonControlTowerClient with AWS Credentials and an
/// AmazonControlTowerClient Configuration object.
///
/// AWS Credentials
/// The AmazonControlTowerClient Configuration Object
public AmazonControlTowerClient(AWSCredentials credentials, AmazonControlTowerConfig clientConfig)
: base(credentials, clientConfig)
{
}
///
/// Constructs AmazonControlTowerClient with AWS Access Key ID and AWS Secret Key
///
/// AWS Access Key ID
/// AWS Secret Access Key
public AmazonControlTowerClient(string awsAccessKeyId, string awsSecretAccessKey)
: this(awsAccessKeyId, awsSecretAccessKey, new AmazonControlTowerConfig())
{
}
///
/// Constructs AmazonControlTowerClient with AWS Access Key ID and AWS Secret Key
///
/// AWS Access Key ID
/// AWS Secret Access Key
/// The region to connect.
public AmazonControlTowerClient(string awsAccessKeyId, string awsSecretAccessKey, RegionEndpoint region)
: this(awsAccessKeyId, awsSecretAccessKey, new AmazonControlTowerConfig() {RegionEndpoint=region})
{
}
///
/// Constructs AmazonControlTowerClient with AWS Access Key ID, AWS Secret Key and an
/// AmazonControlTowerClient Configuration object.
///
/// AWS Access Key ID
/// AWS Secret Access Key
/// The AmazonControlTowerClient Configuration Object
public AmazonControlTowerClient(string awsAccessKeyId, string awsSecretAccessKey, AmazonControlTowerConfig clientConfig)
: base(awsAccessKeyId, awsSecretAccessKey, clientConfig)
{
}
///
/// Constructs AmazonControlTowerClient with AWS Access Key ID and AWS Secret Key
///
/// AWS Access Key ID
/// AWS Secret Access Key
/// AWS Session Token
public AmazonControlTowerClient(string awsAccessKeyId, string awsSecretAccessKey, string awsSessionToken)
: this(awsAccessKeyId, awsSecretAccessKey, awsSessionToken, new AmazonControlTowerConfig())
{
}
///
/// Constructs AmazonControlTowerClient with AWS Access Key ID and AWS Secret Key
///
/// AWS Access Key ID
/// AWS Secret Access Key
/// AWS Session Token
/// The region to connect.
public AmazonControlTowerClient(string awsAccessKeyId, string awsSecretAccessKey, string awsSessionToken, RegionEndpoint region)
: this(awsAccessKeyId, awsSecretAccessKey, awsSessionToken, new AmazonControlTowerConfig{RegionEndpoint = region})
{
}
///
/// Constructs AmazonControlTowerClient with AWS Access Key ID, AWS Secret Key and an
/// AmazonControlTowerClient Configuration object.
///
/// AWS Access Key ID
/// AWS Secret Access Key
/// AWS Session Token
/// The AmazonControlTowerClient Configuration Object
public AmazonControlTowerClient(string awsAccessKeyId, string awsSecretAccessKey, string awsSessionToken, AmazonControlTowerConfig clientConfig)
: base(awsAccessKeyId, awsSecretAccessKey, awsSessionToken, clientConfig)
{
}
#endregion
#region Overrides
///
/// Creates the signer for the service.
///
protected override AbstractAWSSigner CreateSigner()
{
return new AWS4Signer();
}
///
/// Customize the pipeline
///
///
protected override void CustomizeRuntimePipeline(RuntimePipeline pipeline)
{
pipeline.RemoveHandler();
pipeline.AddHandlerAfter(new AmazonControlTowerEndpointResolver());
}
///
/// Capture metadata for the service.
///
protected override IServiceMetadata ServiceMetadata
{
get
{
return serviceMetadata;
}
}
#endregion
#region Dispose
///
/// Disposes the service client.
///
protected override void Dispose(bool disposing)
{
base.Dispose(disposing);
}
#endregion
#region DisableControl
///
/// This API call turns off a control. It starts an asynchronous operation that deletes
/// AWS resources on the specified organizational unit and the accounts it contains. The
/// resources will vary according to the control that you specify.
///
/// Container for the necessary parameters to execute the DisableControl service method.
///
/// The response from the DisableControl service method, as returned by ControlTower.
///
/// User does not have sufficient access to perform this action.
///
///
/// Updating or deleting a resource can cause an inconsistent state.
///
///
/// Unexpected error during processing of request.
///
///
/// Request references a resource which does not exist.
///
///
/// Request would cause a service quota to be exceeded. The limit is 10 concurrent operations.
///
///
/// Request was denied due to request throttling.
///
///
/// The input fails to satisfy the constraints specified by an AWS service.
///
/// REST API Reference for DisableControl Operation
public virtual DisableControlResponse DisableControl(DisableControlRequest request)
{
var options = new InvokeOptions();
options.RequestMarshaller = DisableControlRequestMarshaller.Instance;
options.ResponseUnmarshaller = DisableControlResponseUnmarshaller.Instance;
return Invoke(request, options);
}
///
/// This API call turns off a control. It starts an asynchronous operation that deletes
/// AWS resources on the specified organizational unit and the accounts it contains. The
/// resources will vary according to the control that you specify.
///
/// Container for the necessary parameters to execute the DisableControl service method.
///
/// A cancellation token that can be used by other objects or threads to receive notice of cancellation.
///
///
/// The response from the DisableControl service method, as returned by ControlTower.
///
/// User does not have sufficient access to perform this action.
///
///
/// Updating or deleting a resource can cause an inconsistent state.
///
///
/// Unexpected error during processing of request.
///
///
/// Request references a resource which does not exist.
///
///
/// Request would cause a service quota to be exceeded. The limit is 10 concurrent operations.
///
///
/// Request was denied due to request throttling.
///
///
/// The input fails to satisfy the constraints specified by an AWS service.
///
/// REST API Reference for DisableControl Operation
public virtual Task DisableControlAsync(DisableControlRequest request, System.Threading.CancellationToken cancellationToken = default(CancellationToken))
{
var options = new InvokeOptions();
options.RequestMarshaller = DisableControlRequestMarshaller.Instance;
options.ResponseUnmarshaller = DisableControlResponseUnmarshaller.Instance;
return InvokeAsync(request, options, cancellationToken);
}
#endregion
#region EnableControl
///
/// This API call activates a control. It starts an asynchronous operation that creates
/// AWS resources on the specified organizational unit and the accounts it contains. The
/// resources created will vary according to the control that you specify.
///
/// Container for the necessary parameters to execute the EnableControl service method.
///
/// The response from the EnableControl service method, as returned by ControlTower.
///
/// User does not have sufficient access to perform this action.
///
///
/// Updating or deleting a resource can cause an inconsistent state.
///
///
/// Unexpected error during processing of request.
///
///
/// Request references a resource which does not exist.
///
///
/// Request would cause a service quota to be exceeded. The limit is 10 concurrent operations.
///
///
/// Request was denied due to request throttling.
///
///
/// The input fails to satisfy the constraints specified by an AWS service.
///
/// REST API Reference for EnableControl Operation
public virtual EnableControlResponse EnableControl(EnableControlRequest request)
{
var options = new InvokeOptions();
options.RequestMarshaller = EnableControlRequestMarshaller.Instance;
options.ResponseUnmarshaller = EnableControlResponseUnmarshaller.Instance;
return Invoke(request, options);
}
///
/// This API call activates a control. It starts an asynchronous operation that creates
/// AWS resources on the specified organizational unit and the accounts it contains. The
/// resources created will vary according to the control that you specify.
///
/// Container for the necessary parameters to execute the EnableControl service method.
///
/// A cancellation token that can be used by other objects or threads to receive notice of cancellation.
///
///
/// The response from the EnableControl service method, as returned by ControlTower.
///
/// User does not have sufficient access to perform this action.
///
///
/// Updating or deleting a resource can cause an inconsistent state.
///
///
/// Unexpected error during processing of request.
///
///
/// Request references a resource which does not exist.
///
///
/// Request would cause a service quota to be exceeded. The limit is 10 concurrent operations.
///
///
/// Request was denied due to request throttling.
///
///
/// The input fails to satisfy the constraints specified by an AWS service.
///
/// REST API Reference for EnableControl Operation
public virtual Task EnableControlAsync(EnableControlRequest request, System.Threading.CancellationToken cancellationToken = default(CancellationToken))
{
var options = new InvokeOptions();
options.RequestMarshaller = EnableControlRequestMarshaller.Instance;
options.ResponseUnmarshaller = EnableControlResponseUnmarshaller.Instance;
return InvokeAsync(request, options, cancellationToken);
}
#endregion
#region GetControlOperation
///
/// Returns the status of a particular EnableControl or DisableControl
/// operation. Displays a message in case of error. Details for an operation are available
/// for 90 days.
///
/// Container for the necessary parameters to execute the GetControlOperation service method.
///
/// The response from the GetControlOperation service method, as returned by ControlTower.
///
/// User does not have sufficient access to perform this action.
///
///
/// Unexpected error during processing of request.
///
///
/// Request references a resource which does not exist.
///
///
/// Request was denied due to request throttling.
///
///
/// The input fails to satisfy the constraints specified by an AWS service.
///
/// REST API Reference for GetControlOperation Operation
public virtual GetControlOperationResponse GetControlOperation(GetControlOperationRequest request)
{
var options = new InvokeOptions();
options.RequestMarshaller = GetControlOperationRequestMarshaller.Instance;
options.ResponseUnmarshaller = GetControlOperationResponseUnmarshaller.Instance;
return Invoke(request, options);
}
///
/// Returns the status of a particular EnableControl or DisableControl
/// operation. Displays a message in case of error. Details for an operation are available
/// for 90 days.
///
/// Container for the necessary parameters to execute the GetControlOperation service method.
///
/// A cancellation token that can be used by other objects or threads to receive notice of cancellation.
///
///
/// The response from the GetControlOperation service method, as returned by ControlTower.
///
/// User does not have sufficient access to perform this action.
///
///
/// Unexpected error during processing of request.
///
///
/// Request references a resource which does not exist.
///
///
/// Request was denied due to request throttling.
///
///
/// The input fails to satisfy the constraints specified by an AWS service.
///
/// REST API Reference for GetControlOperation Operation
public virtual Task GetControlOperationAsync(GetControlOperationRequest request, System.Threading.CancellationToken cancellationToken = default(CancellationToken))
{
var options = new InvokeOptions();
options.RequestMarshaller = GetControlOperationRequestMarshaller.Instance;
options.ResponseUnmarshaller = GetControlOperationResponseUnmarshaller.Instance;
return InvokeAsync(request, options, cancellationToken);
}
#endregion
#region ListEnabledControls
///
/// Lists the controls enabled by AWS Control Tower on the specified organizational unit
/// and the accounts it contains.
///
/// Container for the necessary parameters to execute the ListEnabledControls service method.
///
/// The response from the ListEnabledControls service method, as returned by ControlTower.
///
/// User does not have sufficient access to perform this action.
///
///
/// Unexpected error during processing of request.
///
///
/// Request references a resource which does not exist.
///
///
/// Request was denied due to request throttling.
///
///
/// The input fails to satisfy the constraints specified by an AWS service.
///
/// REST API Reference for ListEnabledControls Operation
public virtual ListEnabledControlsResponse ListEnabledControls(ListEnabledControlsRequest request)
{
var options = new InvokeOptions();
options.RequestMarshaller = ListEnabledControlsRequestMarshaller.Instance;
options.ResponseUnmarshaller = ListEnabledControlsResponseUnmarshaller.Instance;
return Invoke(request, options);
}
///
/// Lists the controls enabled by AWS Control Tower on the specified organizational unit
/// and the accounts it contains.
///
/// Container for the necessary parameters to execute the ListEnabledControls service method.
///
/// A cancellation token that can be used by other objects or threads to receive notice of cancellation.
///
///
/// The response from the ListEnabledControls service method, as returned by ControlTower.
///
/// User does not have sufficient access to perform this action.
///
///
/// Unexpected error during processing of request.
///
///
/// Request references a resource which does not exist.
///
///
/// Request was denied due to request throttling.
///
///
/// The input fails to satisfy the constraints specified by an AWS service.
///
/// REST API Reference for ListEnabledControls Operation
public virtual Task ListEnabledControlsAsync(ListEnabledControlsRequest request, System.Threading.CancellationToken cancellationToken = default(CancellationToken))
{
var options = new InvokeOptions();
options.RequestMarshaller = ListEnabledControlsRequestMarshaller.Instance;
options.ResponseUnmarshaller = ListEnabledControlsResponseUnmarshaller.Instance;
return InvokeAsync(request, options, cancellationToken);
}
#endregion
}
}