/*
* Copyright Amazon.com, Inc. or its affiliates. All Rights Reserved.
*
* Licensed under the Apache License, Version 2.0 (the "License").
* You may not use this file except in compliance with the License.
* A copy of the License is located at
*
* http://aws.amazon.com/apache2.0
*
* or in the "license" file accompanying this file. This file is distributed
* on an "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either
* express or implied. See the License for the specific language governing
* permissions and limitations under the License.
*/
/*
* Do not modify this file. This file is generated from the organizations-2016-11-28.normal.json service model.
*/
using System;
using System.Collections.Generic;
using System.Xml.Serialization;
using System.Text;
using System.IO;
using System.Net;
using Amazon.Runtime;
using Amazon.Runtime.Internal;
namespace Amazon.Organizations.Model
{
///
/// Container for the parameters to the CreateAccount operation.
/// Creates an Amazon Web Services account that is automatically a member of the organization
/// whose credentials made the request. This is an asynchronous request that Amazon Web
/// Services performs in the background. Because CreateAccount operates asynchronously,
/// it can return a successful completion message even though account initialization might
/// still be in progress. You might need to wait a few minutes before you can successfully
/// access the account. To check the status of the request, do one of the following:
///
/// -
///
/// Use the
Id value of the CreateAccountStatus response element
/// from this operation to provide as a parameter to the DescribeCreateAccountStatus
/// operation.
///
/// -
///
/// Check the CloudTrail log for the
CreateAccountResult event. For information
/// on using CloudTrail with Organizations, see Logging
/// and monitoring in Organizations in the Organizations User Guide.
///
///
///
/// The user who calls the API to create an account must have the organizations:CreateAccount
/// permission. If you enabled all features in the organization, Organizations creates
/// the required service-linked role named AWSServiceRoleForOrganizations.
/// For more information, see Organizations
/// and Service-Linked Roles in the Organizations User Guide.
///
///
///
/// If the request includes tags, then the requester must have the organizations:TagResource
/// permission.
///
///
///
/// Organizations preconfigures the new member account with a role (named OrganizationAccountAccessRole
/// by default) that grants users in the management account administrator permissions
/// in the new member account. Principals in the management account can assume the role.
/// Organizations clones the company name and address information for the new account
/// from the organization's management account.
///
///
///
/// This operation can be called only from the organization's management account.
///
///
///
/// For more information about creating accounts, see Creating
/// an Amazon Web Services account in Your Organization in the Organizations User
/// Guide.
///
/// -
///
/// When you create an account in an organization using the Organizations console, API,
/// or CLI commands, the information required for the account to operate as a standalone
/// account, such as a payment method and signing the end user license agreement (EULA)
/// is not automatically collected. If you must remove an account from your organization
/// later, you can do so only after you provide the missing information. Follow the steps
/// at
/// To leave an organization as a member account in the Organizations User Guide.
///
///
-
///
/// If you get an exception that indicates that you exceeded your account limits for the
/// organization, contact Amazon
/// Web Services Support.
///
///
-
///
/// If you get an exception that indicates that the operation failed because your organization
/// is still initializing, wait one hour and then try again. If the error persists, contact
/// Amazon Web Services Support.
///
///
-
///
/// Using
CreateAccount to create multiple temporary accounts isn't recommended.
/// You can only close an account from the Billing and Cost Management console, and you
/// must be signed in as the root user. For information on the requirements and process
/// for closing an account, see Closing
/// an Amazon Web Services account in the Organizations User Guide.
///
///
///
/// When you create a member account with this operation, you can choose whether to create
/// the account with the IAM User and Role Access to Billing Information switch
/// enabled. If you enable it, IAM users and roles that have appropriate permissions can
/// view billing information for the account. If you disable it, only the account root
/// user can access billing information. For information about how to disable this switch
/// for an account, see Granting
/// Access to Your Billing Information and Tools.
///
///
///
public partial class CreateAccountRequest : AmazonOrganizationsRequest
{
private string _accountName;
private string _email;
private IAMUserAccessToBilling _iamUserAccessToBilling;
private string _roleName;
private List _tags = new List();
///
/// Gets and sets the property AccountName.
///
/// The friendly name of the member account.
///
///
[AWSProperty(Required=true, Sensitive=true, Min=1, Max=50)]
public string AccountName
{
get { return this._accountName; }
set { this._accountName = value; }
}
// Check to see if AccountName property is set
internal bool IsSetAccountName()
{
return this._accountName != null;
}
///
/// Gets and sets the property Email.
///
/// The email address of the owner to assign to the new member account. This email address
/// must not already be associated with another Amazon Web Services account. You must
/// use a valid email address to complete account creation.
///
///
///
/// The rules for a valid email address:
///
/// -
///
/// The address must be a minimum of 6 and a maximum of 64 characters long.
///
///
-
///
/// All characters must be 7-bit ASCII characters.
///
///
-
///
/// There must be one and only one @ symbol, which separates the local name from the domain
/// name.
///
///
-
///
/// The local name can't contain any of the following characters:
///
///
///
/// whitespace, " ' ( ) < > [ ] : ; , \ | % &
///
///
-
///
/// The local name can't begin with a dot (.)
///
///
-
///
/// The domain name can consist of only the characters [a-z],[A-Z],[0-9], hyphen (-),
/// or dot (.)
///
///
-
///
/// The domain name can't begin or end with a hyphen (-) or dot (.)
///
///
-
///
/// The domain name must contain at least one dot
///
///
///
/// You can't access the root user of the account or remove an account that was created
/// with an invalid email address.
///
///
[AWSProperty(Required=true, Sensitive=true, Min=6, Max=64)]
public string Email
{
get { return this._email; }
set { this._email = value; }
}
// Check to see if Email property is set
internal bool IsSetEmail()
{
return this._email != null;
}
///
/// Gets and sets the property IamUserAccessToBilling.
///
/// If set to ALLOW, the new account enables IAM users to access account
/// billing information if they have the required permissions. If set to DENY,
/// only the root user of the new account can access account billing information. For
/// more information, see Activating
/// Access to the Billing and Cost Management Console in the Amazon Web Services
/// Billing and Cost Management User Guide.
///
///
///
/// If you don't specify this parameter, the value defaults to ALLOW, and
/// IAM users and roles with the required permissions can access billing information for
/// the new account.
///
///
public IAMUserAccessToBilling IamUserAccessToBilling
{
get { return this._iamUserAccessToBilling; }
set { this._iamUserAccessToBilling = value; }
}
// Check to see if IamUserAccessToBilling property is set
internal bool IsSetIamUserAccessToBilling()
{
return this._iamUserAccessToBilling != null;
}
///
/// Gets and sets the property RoleName.
///
/// The name of an IAM role that Organizations automatically preconfigures in the new
/// member account. This role trusts the management account, allowing users in the management
/// account to assume the role, as permitted by the management account administrator.
/// The role has administrator permissions in the new member account.
///
///
///
/// If you don't specify this parameter, the role name defaults to OrganizationAccountAccessRole.
///
///
///
/// For more information about how to use this role to access the member account, see
/// the following links:
///
///
///
/// The regex pattern that is used to validate
/// this parameter. The pattern can include uppercase letters, lowercase letters, digits
/// with no spaces, and any of the following characters: =,.@-
///
///
[AWSProperty(Max=64)]
public string RoleName
{
get { return this._roleName; }
set { this._roleName = value; }
}
// Check to see if RoleName property is set
internal bool IsSetRoleName()
{
return this._roleName != null;
}
///
/// Gets and sets the property Tags.
///
/// A list of tags that you want to attach to the newly created account. For each tag
/// in the list, you must specify both a tag key and a value. You can set the value to
/// an empty string, but you can't set it to null. For more information about
/// tagging, see Tagging
/// Organizations resources in the Organizations User Guide.
///
///
///
/// If any one of the tags is not valid or if you exceed the maximum allowed number of
/// tags for an account, then the entire request fails and the account is not created.
///
///
///
public List Tags
{
get { return this._tags; }
set { this._tags = value; }
}
// Check to see if Tags property is set
internal bool IsSetTags()
{
return this._tags != null && this._tags.Count > 0;
}
}
}