software.amazon.awssdk.services.organizations.OrganizationsClient Maven / Gradle / Ivy
Show all versions of organizations Show documentation
/*
* Copyright 2012-2017 Amazon.com, Inc. or its affiliates. All Rights Reserved.
*
* Licensed under the Apache License, Version 2.0 (the "License"). You may not use this file except in compliance with
* the License. A copy of the License is located at
*
* http://aws.amazon.com/apache2.0
*
* or in the "license" file accompanying this file. This file is distributed on an "AS IS" BASIS, WITHOUT WARRANTIES OR
* CONDITIONS OF ANY KIND, either express or implied. See the License for the specific language governing permissions
* and limitations under the License.
*/
package software.amazon.awssdk.services.organizations;
import javax.annotation.Generated;
import software.amazon.awssdk.SdkBaseException;
import software.amazon.awssdk.SdkClientException;
import software.amazon.awssdk.regions.ServiceMetadata;
import software.amazon.awssdk.services.organizations.model.AWSOrganizationsNotInUseException;
import software.amazon.awssdk.services.organizations.model.AcceptHandshakeRequest;
import software.amazon.awssdk.services.organizations.model.AcceptHandshakeResponse;
import software.amazon.awssdk.services.organizations.model.AccessDeniedException;
import software.amazon.awssdk.services.organizations.model.AccountNotFoundException;
import software.amazon.awssdk.services.organizations.model.AlreadyInOrganizationException;
import software.amazon.awssdk.services.organizations.model.AttachPolicyRequest;
import software.amazon.awssdk.services.organizations.model.AttachPolicyResponse;
import software.amazon.awssdk.services.organizations.model.CancelHandshakeRequest;
import software.amazon.awssdk.services.organizations.model.CancelHandshakeResponse;
import software.amazon.awssdk.services.organizations.model.ChildNotFoundException;
import software.amazon.awssdk.services.organizations.model.ConcurrentModificationException;
import software.amazon.awssdk.services.organizations.model.ConstraintViolationException;
import software.amazon.awssdk.services.organizations.model.CreateAccountRequest;
import software.amazon.awssdk.services.organizations.model.CreateAccountResponse;
import software.amazon.awssdk.services.organizations.model.CreateAccountStatusNotFoundException;
import software.amazon.awssdk.services.organizations.model.CreateOrganizationRequest;
import software.amazon.awssdk.services.organizations.model.CreateOrganizationResponse;
import software.amazon.awssdk.services.organizations.model.CreateOrganizationalUnitRequest;
import software.amazon.awssdk.services.organizations.model.CreateOrganizationalUnitResponse;
import software.amazon.awssdk.services.organizations.model.CreatePolicyRequest;
import software.amazon.awssdk.services.organizations.model.CreatePolicyResponse;
import software.amazon.awssdk.services.organizations.model.DeclineHandshakeRequest;
import software.amazon.awssdk.services.organizations.model.DeclineHandshakeResponse;
import software.amazon.awssdk.services.organizations.model.DeleteOrganizationRequest;
import software.amazon.awssdk.services.organizations.model.DeleteOrganizationResponse;
import software.amazon.awssdk.services.organizations.model.DeleteOrganizationalUnitRequest;
import software.amazon.awssdk.services.organizations.model.DeleteOrganizationalUnitResponse;
import software.amazon.awssdk.services.organizations.model.DeletePolicyRequest;
import software.amazon.awssdk.services.organizations.model.DeletePolicyResponse;
import software.amazon.awssdk.services.organizations.model.DescribeAccountRequest;
import software.amazon.awssdk.services.organizations.model.DescribeAccountResponse;
import software.amazon.awssdk.services.organizations.model.DescribeCreateAccountStatusRequest;
import software.amazon.awssdk.services.organizations.model.DescribeCreateAccountStatusResponse;
import software.amazon.awssdk.services.organizations.model.DescribeHandshakeRequest;
import software.amazon.awssdk.services.organizations.model.DescribeHandshakeResponse;
import software.amazon.awssdk.services.organizations.model.DescribeOrganizationRequest;
import software.amazon.awssdk.services.organizations.model.DescribeOrganizationResponse;
import software.amazon.awssdk.services.organizations.model.DescribeOrganizationalUnitRequest;
import software.amazon.awssdk.services.organizations.model.DescribeOrganizationalUnitResponse;
import software.amazon.awssdk.services.organizations.model.DescribePolicyRequest;
import software.amazon.awssdk.services.organizations.model.DescribePolicyResponse;
import software.amazon.awssdk.services.organizations.model.DestinationParentNotFoundException;
import software.amazon.awssdk.services.organizations.model.DetachPolicyRequest;
import software.amazon.awssdk.services.organizations.model.DetachPolicyResponse;
import software.amazon.awssdk.services.organizations.model.DisablePolicyTypeRequest;
import software.amazon.awssdk.services.organizations.model.DisablePolicyTypeResponse;
import software.amazon.awssdk.services.organizations.model.DuplicateAccountException;
import software.amazon.awssdk.services.organizations.model.DuplicateHandshakeException;
import software.amazon.awssdk.services.organizations.model.DuplicateOrganizationalUnitException;
import software.amazon.awssdk.services.organizations.model.DuplicatePolicyAttachmentException;
import software.amazon.awssdk.services.organizations.model.DuplicatePolicyException;
import software.amazon.awssdk.services.organizations.model.EnableAllFeaturesRequest;
import software.amazon.awssdk.services.organizations.model.EnableAllFeaturesResponse;
import software.amazon.awssdk.services.organizations.model.EnablePolicyTypeRequest;
import software.amazon.awssdk.services.organizations.model.EnablePolicyTypeResponse;
import software.amazon.awssdk.services.organizations.model.FinalizingOrganizationException;
import software.amazon.awssdk.services.organizations.model.HandshakeAlreadyInStateException;
import software.amazon.awssdk.services.organizations.model.HandshakeConstraintViolationException;
import software.amazon.awssdk.services.organizations.model.HandshakeNotFoundException;
import software.amazon.awssdk.services.organizations.model.InvalidHandshakeTransitionException;
import software.amazon.awssdk.services.organizations.model.InvalidInputException;
import software.amazon.awssdk.services.organizations.model.InviteAccountToOrganizationRequest;
import software.amazon.awssdk.services.organizations.model.InviteAccountToOrganizationResponse;
import software.amazon.awssdk.services.organizations.model.LeaveOrganizationRequest;
import software.amazon.awssdk.services.organizations.model.LeaveOrganizationResponse;
import software.amazon.awssdk.services.organizations.model.ListAccountsForParentRequest;
import software.amazon.awssdk.services.organizations.model.ListAccountsForParentResponse;
import software.amazon.awssdk.services.organizations.model.ListAccountsRequest;
import software.amazon.awssdk.services.organizations.model.ListAccountsResponse;
import software.amazon.awssdk.services.organizations.model.ListChildrenRequest;
import software.amazon.awssdk.services.organizations.model.ListChildrenResponse;
import software.amazon.awssdk.services.organizations.model.ListCreateAccountStatusRequest;
import software.amazon.awssdk.services.organizations.model.ListCreateAccountStatusResponse;
import software.amazon.awssdk.services.organizations.model.ListHandshakesForAccountRequest;
import software.amazon.awssdk.services.organizations.model.ListHandshakesForAccountResponse;
import software.amazon.awssdk.services.organizations.model.ListHandshakesForOrganizationRequest;
import software.amazon.awssdk.services.organizations.model.ListHandshakesForOrganizationResponse;
import software.amazon.awssdk.services.organizations.model.ListOrganizationalUnitsForParentRequest;
import software.amazon.awssdk.services.organizations.model.ListOrganizationalUnitsForParentResponse;
import software.amazon.awssdk.services.organizations.model.ListParentsRequest;
import software.amazon.awssdk.services.organizations.model.ListParentsResponse;
import software.amazon.awssdk.services.organizations.model.ListPoliciesForTargetRequest;
import software.amazon.awssdk.services.organizations.model.ListPoliciesForTargetResponse;
import software.amazon.awssdk.services.organizations.model.ListPoliciesRequest;
import software.amazon.awssdk.services.organizations.model.ListPoliciesResponse;
import software.amazon.awssdk.services.organizations.model.ListRootsRequest;
import software.amazon.awssdk.services.organizations.model.ListRootsResponse;
import software.amazon.awssdk.services.organizations.model.ListTargetsForPolicyRequest;
import software.amazon.awssdk.services.organizations.model.ListTargetsForPolicyResponse;
import software.amazon.awssdk.services.organizations.model.MalformedPolicyDocumentException;
import software.amazon.awssdk.services.organizations.model.MasterCannotLeaveOrganizationException;
import software.amazon.awssdk.services.organizations.model.MoveAccountRequest;
import software.amazon.awssdk.services.organizations.model.MoveAccountResponse;
import software.amazon.awssdk.services.organizations.model.OrganizationNotEmptyException;
import software.amazon.awssdk.services.organizations.model.OrganizationalUnitNotEmptyException;
import software.amazon.awssdk.services.organizations.model.OrganizationalUnitNotFoundException;
import software.amazon.awssdk.services.organizations.model.OrganizationsException;
import software.amazon.awssdk.services.organizations.model.ParentNotFoundException;
import software.amazon.awssdk.services.organizations.model.PolicyInUseException;
import software.amazon.awssdk.services.organizations.model.PolicyNotAttachedException;
import software.amazon.awssdk.services.organizations.model.PolicyNotFoundException;
import software.amazon.awssdk.services.organizations.model.PolicyTypeAlreadyEnabledException;
import software.amazon.awssdk.services.organizations.model.PolicyTypeNotAvailableForOrganizationException;
import software.amazon.awssdk.services.organizations.model.PolicyTypeNotEnabledException;
import software.amazon.awssdk.services.organizations.model.RemoveAccountFromOrganizationRequest;
import software.amazon.awssdk.services.organizations.model.RemoveAccountFromOrganizationResponse;
import software.amazon.awssdk.services.organizations.model.RootNotFoundException;
import software.amazon.awssdk.services.organizations.model.ServiceException;
import software.amazon.awssdk.services.organizations.model.SourceParentNotFoundException;
import software.amazon.awssdk.services.organizations.model.TargetNotFoundException;
import software.amazon.awssdk.services.organizations.model.TooManyRequestsException;
import software.amazon.awssdk.services.organizations.model.UpdateOrganizationalUnitRequest;
import software.amazon.awssdk.services.organizations.model.UpdateOrganizationalUnitResponse;
import software.amazon.awssdk.services.organizations.model.UpdatePolicyRequest;
import software.amazon.awssdk.services.organizations.model.UpdatePolicyResponse;
import software.amazon.awssdk.utils.SdkAutoCloseable;
/**
* Service client for accessing Organizations. This can be created using the static {@link #builder()} method.
*
* AWS Organizations API Reference
*
* AWS Organizations is a web service that enables you to consolidate your multiple AWS accounts into an
* organization and centrally manage your accounts and their resources.
*
*
* This guide provides descriptions of the Organizations API. For more information about using this service, see the AWS Organizations User
* Guide.
*
*
* API Version
*
*
* This version of the Organizations API Reference documents the Organizations API version 2016-11-28.
*
*
*
* As an alternative to using the API directly, you can use one of the AWS SDKs, which consist of libraries and sample
* code for various programming languages and platforms (Java, Ruby, .NET, iOS, Android, and more). The SDKs provide a
* convenient way to create programmatic access to AWS Organizations. For example, the SDKs take care of
* cryptographically signing requests, managing errors, and retrying requests automatically. For more information about
* the AWS SDKs, including how to download and install them, see Tools for Amazon
* Web Services.
*
*
*
* We recommend that you use the AWS SDKs to make programmatic API calls to Organizations. However, you also can use the
* Organizations Query API to make direct calls to the Organizations web service. To learn more about the Organizations
* Query API, see Making
* Query Requests in the AWS Organizations User Guide. Organizations supports GET and POST requests for all
* actions. That is, the API does not require you to use GET for some actions and POST for others. However, GET requests
* are subject to the limitation size of a URL. Therefore, for operations that require larger sizes, use a POST request.
*
*
* Signing Requests
*
*
* When you send HTTP requests to AWS, you must sign the requests so that AWS can identify who sent them. You sign
* requests with your AWS access key, which consists of an access key ID and a secret access key. We strongly recommend
* that you do not create an access key for your root account. Anyone who has the access key for your root account has
* unrestricted access to all the resources in your account. Instead, create an access key for an IAM user account that
* has administrative privileges. As another option, use AWS Security Token Service to generate temporary security
* credentials, and use those credentials to sign requests.
*
*
* To sign requests, we recommend that you use Signature Version 4. If you have an
* existing application that uses Signature Version 2, you do not have to update it to use Signature Version 4. However,
* some operations now require Signature Version 4. The documentation for operations that require version 4 indicate
* this requirement.
*
*
* When you use the AWS Command Line Interface (AWS CLI) or one of the AWS SDKs to make requests to AWS, these tools
* automatically sign the requests for you with the access key that you specify when you configure the tools.
*
*
* In this release, each organization can have only one root. In a future release, a single organization will support
* multiple roots.
*
*
* Support and Feedback for AWS Organizations
*
*
* We welcome your feedback. Send your comments to [email protected] or post your feedback and
* questions in our private AWS Organizations support
* forum. If you don't have access to the forum, send a request for access to the email address, along with your
* forum user ID. For more information about the AWS support forums, see Forums Help.
*
*
* Endpoint to Call When Using the CLI or the AWS API
*
*
* For the current release of Organizations, you must specify the us-east-1
region for all AWS API and CLI
* calls. You can do this in the CLI by using these parameters and commands:
*
*
* -
*
* Use the following parameter with each command to specify both the endpoint and its region:
*
*
* --endpoint-url https://organizations.us-east-1.amazonaws.com
*
*
* -
*
* Use the default endpoint, but configure your default region with this command:
*
*
* aws configure set default.region us-east-1
*
*
* -
*
* Use the following parameter with each command to specify the endpoint:
*
*
* --region us-east-1
*
*
*
*
* For the various SDKs used to call the APIs, see the documentation for the SDK of interest to learn how to direct the
* requests to a specific endpoint. For more information, see Regions and Endpoints in the AWS
* General Reference.
*
*
* How examples are presented
*
*
* The JSON returned by the AWS Organizations service as response to your requests is returned as a single long string
* without line breaks or formatting whitespace. Both line breaks and whitespace are included in the examples in this
* guide to improve readability. When example input parameters also would result in long strings that would extend
* beyond the screen, we insert line breaks to enhance readability. You should always submit the input as a single JSON
* text string.
*
*
* Recording API Requests
*
*
* AWS Organizations supports AWS CloudTrail, a service that records AWS API calls for your AWS account and delivers log
* files to an Amazon S3 bucket. By using information collected by AWS CloudTrail, you can determine which requests were
* successfully made to Organizations, who made the request, when it was made, and so on. For more about AWS
* Organizations and its support for AWS CloudTrail, see Logging AWS
* Organizations Events with AWS CloudTrail in the AWS Organizations User Guide. To learn more about
* CloudTrail, including how to turn it on and find your log files, see the AWS CloudTrail
* User Guide.
*
*/
@Generated("software.amazon.awssdk:codegen")
public interface OrganizationsClient extends SdkAutoCloseable {
String SERVICE_NAME = "organizations";
/**
* Create a {@link OrganizationsClient} with the region loaded from the
* {@link software.amazon.awssdk.regions.providers.DefaultAwsRegionProviderChain} and credentials loaded from the
* {@link software.amazon.awssdk.auth.DefaultCredentialsProvider}.
*/
static OrganizationsClient create() {
return builder().build();
}
/**
* Create a builder that can be used to configure and create a {@link OrganizationsClient}.
*/
static OrganizationsClientBuilder builder() {
return new DefaultOrganizationsClientBuilder();
}
/**
*
* Sends a response to the originator of a handshake agreeing to the action proposed by the handshake request.
*
*
* This operation can be called only by the following principals when they also have the relevant IAM permissions:
*
*
* -
*
* Invitation to join or Approve all features request handshakes: only a principal from the member
* account.
*
*
* -
*
* Enable all features final confirmation handshake: only a principal from the master account.
*
*
* For more information about invitations, see Inviting an
* AWS Account to Join Your Organization in the AWS Organizations User Guide. For more information about
* requests to enable all features in the organization, see Enabling All Features in Your Organization in the AWS Organizations User Guide.
*
*
*
*
* After you accept a handshake, it continues to appear in the results of relevant APIs for only 30 days. After that
* it is deleted.
*
*
* @param acceptHandshakeRequest
* @return Result of the AcceptHandshake operation returned by the service.
* @throws AccessDeniedException
* You don't have permissions to perform the requested operation. The user or role that is making the
* request must have at least one IAM permissions policy attached that grants the required permissions. For
* more information, see Access
* Management in the IAM User Guide.
* @throws AWSOrganizationsNotInUseException
* Your account is not a member of an organization. To make this request, you must use the credentials of an
* account that belongs to an organization.
* @throws HandshakeConstraintViolationException
* The requested operation would violate the constraint identified in the reason code.
*
* -
*
* ACCOUNT_NUMBER_LIMIT_EXCEEDED: You attempted to exceed the limit on the number of accounts in an
* organization. Note: deleted and closed accounts still count toward your limit.
*
*
* -
*
* HANDSHAKE_RATE_LIMIT_EXCEEDED: You attempted to exceed the number of handshakes you can send in one day.
*
*
* -
*
* ALREADY_IN_AN_ORGANIZATION: The handshake request is invalid because the invited account is already a
* member of an organization.
*
*
* -
*
* ORGANIZATION_ALREADY_HAS_ALL_FEATURES: The handshake request is invalid because the organization has
* already enabled all features.
*
*
* -
*
* INVITE_DISABLED_DURING_ENABLE_ALL_FEATURES: You cannot issue new invitations to join an organization
* while it is in the process of enabling all features. You can resume inviting accounts after you finalize
* the process when all accounts have agreed to the change.
*
*
* -
*
* PAYMENT_INSTRUMENT_REQUIRED: You cannot complete the operation with an account that does not have a
* payment instrument, such as a credit card, associated with it.
*
*
* -
*
* ORGANIZATION_FROM_DIFFERENT_SELLER_OF_RECORD: The request failed because the account is from a different
* marketplace than the accounts in the organization. For example, accounts with India addresses must be
* associated with the AISPL marketplace. All accounts in an organization must be from the same marketplace.
*
*
* -
*
* ORGANIZATION_MEMBERSHIP_CHANGE_RATE_LIMIT_EXCEEDED: You attempted to change the membership of an account
* too quickly after its previous change.
*
*
* @throws HandshakeNotFoundException
* We can't find a handshake with the HandshakeId that you specified.
* @throws InvalidHandshakeTransitionException
* You can't perform the operation on the handshake in its current state. For example, you can't cancel a
* handshake that was already accepted, or accept a handshake that was already declined.
* @throws HandshakeAlreadyInStateException
* The specified handshake is already in the requested state. For example, you can't accept a handshake that
* was already accepted.
* @throws InvalidInputException
* The requested operation failed because you provided invalid values for one or more of the request
* parameters. This exception includes a reason that contains additional information about the violated
* limit:
*
* -
*
* INVALID_PARTY_TYPE_TARGET: You specified the wrong type of entity (account, organization, or email) as a
* party.
*
*
* -
*
* INVALID_SYNTAX_ORGANIZATION_ARN: You specified an invalid ARN for the organization.
*
*
* -
*
* INVALID_SYNTAX_POLICY_ID: You specified an invalid policy ID.
*
*
* -
*
* INVALID_ENUM: You specified a value that is not valid for that parameter.
*
*
* -
*
* INVALID_FULL_NAME_TARGET: You specified a full name that contains invalid characters.
*
*
* -
*
* INVALID_LIST_MEMBER: You provided a list to a parameter that contains at least one invalid value.
*
*
* -
*
* MAX_LENGTH_EXCEEDED: You provided a string parameter that is longer than allowed.
*
*
* -
*
* MAX_VALUE_EXCEEDED: You provided a numeric parameter that has a larger value than allowed.
*
*
* -
*
* MIN_LENGTH_EXCEEDED: You provided a string parameter that is shorter than allowed.
*
*
* -
*
* MIN_VALUE_EXCEEDED: You provided a numeric parameter that has a smaller value than allowed.
*
*
* -
*
* IMMUTABLE_POLICY: You specified a policy that is managed by AWS and cannot be modified.
*
*
* -
*
* INVALID_PATTERN: You provided a value that doesn't match the required pattern.
*
*
* -
*
* INVALID_PATTERN_TARGET_ID: You specified a policy target ID that doesn't match the required pattern.
*
*
* -
*
* INPUT_REQUIRED: You must include a value for all required parameters.
*
*
* -
*
* INVALID_PAGINATION_TOKEN: Get the value for the NextToken parameter from the response to a previous call
* of the operation.
*
*
* -
*
* MAX_FILTER_LIMIT_EXCEEDED: You can specify only one filter parameter for the operation.
*
*
* -
*
* MOVING_ACCOUNT_BETWEEN_DIFFERENT_ROOTS: You can move an account only between entities in the same root.
*
*
* @throws ConcurrentModificationException
* The target of the operation is currently being modified by a different request. Try again later.
* @throws ServiceException
* AWS Organizations can't complete your request because of an internal service error. Try again later.
* @throws TooManyRequestsException
* You've sent too many requests in too short a period of time. The limit helps protect against
* denial-of-service attacks. Try again later.
* @throws SdkBaseException
* Base class for all exceptions that can be thrown by the SDK (both service and client). Can be used for
* catch all scenarios.
* @throws SdkClientException
* If any client side error occurs such as an IO related failure, failure to get credentials, etc.
* @throws OrganizationsException
* Base class for all service exceptions. Unknown exceptions will be thrown as an instance of this type.
* @sample OrganizationsClient.AcceptHandshake
* @see AWS
* API Documentation
*/
default AcceptHandshakeResponse acceptHandshake(AcceptHandshakeRequest acceptHandshakeRequest) throws AccessDeniedException,
AWSOrganizationsNotInUseException, HandshakeConstraintViolationException, HandshakeNotFoundException,
InvalidHandshakeTransitionException, HandshakeAlreadyInStateException, InvalidInputException,
ConcurrentModificationException, ServiceException, TooManyRequestsException, SdkBaseException, SdkClientException,
OrganizationsException {
throw new UnsupportedOperationException();
}
/**
*
* Attaches a policy to a root, an organizational unit, or an individual account. How the policy affects accounts
* depends on the type of policy:
*
*
* -
*
* Service control policy (SCP) - An SCP specifies what permissions can be delegated to users in affected
* member accounts. The scope of influence for a policy depends on what you attach the policy to:
*
*
* -
*
* If you attach an SCP to a root, it affects all accounts in the organization.
*
*
* -
*
* If you attach an SCP to an OU, it affects all accounts in that OU and in any child OUs.
*
*
* -
*
* If you attach the policy directly to an account, then it affects only that account.
*
*
*
*
* SCPs essentially are permission "filters". When you attach one SCP to a higher level root or OU, and you also
* attach a different SCP to a child OU or to an account, the child policy can further restrict only the permissions
* that pass through the parent filter and are available to the child. An SCP that is attached to a child cannot
* grant a permission that is not already granted by the parent. For example, imagine that the parent SCP allows
* permissions A, B, C, D, and E. The child SCP allows C, D, E, F, and G. The result is that the accounts affected
* by the child SCP are allowed to use only C, D, and E. They cannot use A or B because they were filtered out by
* the child OU. They also cannot use F and G because they were filtered out by the parent OU. They cannot be
* granted back by the child SCP; child SCPs can only filter the permissions they receive from the parent SCP.
*
*
* AWS Organizations attaches a default SCP named "FullAWSAccess
to every root, OU, and account. This
* default SCP allows all services and actions, enabling any new child OU or account to inherit the permissions of
* the parent root or OU. If you detach the default policy, you must replace it with a policy that specifies the
* permissions that you want to allow in that OU or account.
*
*
* For more information about how Organizations policies permissions work, see Using Service
* Control Policies in the AWS Organizations User Guide.
*
*
*
*
* This operation can be called only from the organization's master account.
*
*
* @param attachPolicyRequest
* @return Result of the AttachPolicy operation returned by the service.
* @throws AccessDeniedException
* You don't have permissions to perform the requested operation. The user or role that is making the
* request must have at least one IAM permissions policy attached that grants the required permissions. For
* more information, see Access
* Management in the IAM User Guide.
* @throws AWSOrganizationsNotInUseException
* Your account is not a member of an organization. To make this request, you must use the credentials of an
* account that belongs to an organization.
* @throws ConcurrentModificationException
* The target of the operation is currently being modified by a different request. Try again later.
* @throws ConstraintViolationException
* Performing this operation violates a minimum or maximum value limit. For example, attempting to removing
* the last SCP from an OU or root, inviting or creating too many accounts to the organization, or attaching
* too many policies to an account, OU, or root. This exception includes a reason that contains additional
* information about the violated limit:
*
*
* -
*
* ACCOUNT_NUMBER_LIMIT_EXCEEDED: You attempted to exceed the limit on the number of accounts in an
* organization. If you need more accounts, contact AWS Support to request an increase in your limit.
*
*
* Or, The number of invitations that you tried to send would cause you to exceed the limit of accounts in
* your organization. Send fewer invitations, or contact AWS Support to request an increase in the number of
* accounts.
*
*
* Note: deleted and closed accounts still count toward your limit.
*
*
* -
*
* HANDSHAKE_RATE_LIMIT_EXCEEDED: You attempted to exceed the number of handshakes you can send in one day.
*
*
* -
*
* OU_NUMBER_LIMIT_EXCEEDED: You attempted to exceed the number of organizational units you can have in an
* organization.
*
*
* -
*
* OU_DEPTH_LIMIT_EXCEEDED: You attempted to create an organizational unit tree that is too many levels
* deep.
*
*
* -
*
* POLICY_NUMBER_LIMIT_EXCEEDED. You attempted to exceed the number of policies that you can have in an
* organization.
*
*
* -
*
* MAX_POLICY_TYPE_ATTACHMENT_LIMIT_EXCEEDED: You attempted to exceed the number of policies of a certain
* type that can be attached to an entity at one time.
*
*
* -
*
* MIN_POLICY_TYPE_ATTACHMENT_LIMIT_EXCEEDED: You attempted to detach a policy from an entity that would
* cause the entity to have fewer than the minimum number of policies of a certain type required.
*
*
* -
*
* ACCOUNT_CANNOT_LEAVE_WITHOUT_EULA: You attempted to remove an account from the organization that does not
* yet have enough information to exist as a stand-alone account. This account requires you to first agree
* to the End-User License Agreement (EULA).
*
*
* -
*
* ACCOUNT_CANNOT_LEAVE_WITHOUT_PHONE_VERIFICATION: You attempted to remove an account from the organization
* that does not yet have enough information to exist as a stand-alone account. This account requires you to
* first complete phone verification.
*
*
* -
*
* MASTER_ACCOUNT_PAYMENT_INSTRUMENT_REQUIRED: To create an organization with this account, you first must
* associate a payment instrument, such as a credit card, with the account.
*
*
* -
*
* MEMBER_ACCOUNT_PAYMENT_INSTRUMENT_REQUIRED: To complete this operation with this member account, you
* first must associate a payment instrument, such as a credit card, with the account.
*
*
* -
*
* ACCOUNT_CREATION_RATE_LIMIT_EXCEEDED: You attempted to exceed the number of accounts that you can create
* in one day.
*
*
* -
*
* MASTER_ACCOUNT_ADDRESS_DOES_NOT_MATCH_MARKETPLACE: To create an account in this organization, you first
* must migrate the organization's master account to the marketplace that corresponds to the master
* account's address. For example, accounts with India addresses must be associated with the AISPL
* marketplace. All accounts in an organization must be associated with the same marketplace.
*
*
* @throws DuplicatePolicyAttachmentException
* The selected policy is already attached to the specified target.
* @throws InvalidInputException
* The requested operation failed because you provided invalid values for one or more of the request
* parameters. This exception includes a reason that contains additional information about the violated
* limit:
*
*
* -
*
* INVALID_PARTY_TYPE_TARGET: You specified the wrong type of entity (account, organization, or email) as a
* party.
*
*
* -
*
* INVALID_SYNTAX_ORGANIZATION_ARN: You specified an invalid ARN for the organization.
*
*
* -
*
* INVALID_SYNTAX_POLICY_ID: You specified an invalid policy ID.
*
*
* -
*
* INVALID_ENUM: You specified a value that is not valid for that parameter.
*
*
* -
*
* INVALID_FULL_NAME_TARGET: You specified a full name that contains invalid characters.
*
*
* -
*
* INVALID_LIST_MEMBER: You provided a list to a parameter that contains at least one invalid value.
*
*
* -
*
* MAX_LENGTH_EXCEEDED: You provided a string parameter that is longer than allowed.
*
*
* -
*
* MAX_VALUE_EXCEEDED: You provided a numeric parameter that has a larger value than allowed.
*
*
* -
*
* MIN_LENGTH_EXCEEDED: You provided a string parameter that is shorter than allowed.
*
*
* -
*
* MIN_VALUE_EXCEEDED: You provided a numeric parameter that has a smaller value than allowed.
*
*
* -
*
* IMMUTABLE_POLICY: You specified a policy that is managed by AWS and cannot be modified.
*
*
* -
*
* INVALID_PATTERN: You provided a value that doesn't match the required pattern.
*
*
* -
*
* INVALID_PATTERN_TARGET_ID: You specified a policy target ID that doesn't match the required pattern.
*
*
* -
*
* INPUT_REQUIRED: You must include a value for all required parameters.
*
*
* -
*
* INVALID_PAGINATION_TOKEN: Get the value for the NextToken parameter from the response to a previous call
* of the operation.
*
*
* -
*
* MAX_FILTER_LIMIT_EXCEEDED: You can specify only one filter parameter for the operation.
*
*
* -
*
* MOVING_ACCOUNT_BETWEEN_DIFFERENT_ROOTS: You can move an account only between entities in the same root.
*
*
* @throws PolicyNotFoundException
* We can't find a policy with the PolicyId that you specified.
* @throws PolicyTypeNotEnabledException
* The specified policy type is not currently enabled in this root. You cannot attach policies of the
* specified type to entities in a root until you enable that type in the root. For more information, see Enabling All Features in Your Organization in the AWS Organizations User Guide.
* @throws ServiceException
* AWS Organizations can't complete your request because of an internal service error. Try again later.
* @throws TargetNotFoundException
* We can't find a root, OU, or account with the TargetId that you specified.
* @throws TooManyRequestsException
* You've sent too many requests in too short a period of time. The limit helps protect against
* denial-of-service attacks. Try again later.
* @throws SdkBaseException
* Base class for all exceptions that can be thrown by the SDK (both service and client). Can be used for
* catch all scenarios.
* @throws SdkClientException
* If any client side error occurs such as an IO related failure, failure to get credentials, etc.
* @throws OrganizationsException
* Base class for all service exceptions. Unknown exceptions will be thrown as an instance of this type.
* @sample OrganizationsClient.AttachPolicy
* @see AWS API
* Documentation
*/
default AttachPolicyResponse attachPolicy(AttachPolicyRequest attachPolicyRequest) throws AccessDeniedException,
AWSOrganizationsNotInUseException, ConcurrentModificationException, ConstraintViolationException,
DuplicatePolicyAttachmentException, InvalidInputException, PolicyNotFoundException, PolicyTypeNotEnabledException,
ServiceException, TargetNotFoundException, TooManyRequestsException, SdkBaseException, SdkClientException,
OrganizationsException {
throw new UnsupportedOperationException();
}
/**
*
* Cancels a handshake. Canceling a handshake sets the handshake state to CANCELED
.
*
*
* This operation can be called only from the account that originated the handshake. The recipient of the handshake
* can't cancel it, but can use DeclineHandshake instead. After a handshake is canceled, the recipient can no
* longer respond to that handshake.
*
*
* After you cancel a handshake, it continues to appear in the results of relevant APIs for only 30 days. After that
* it is deleted.
*
*
* @param cancelHandshakeRequest
* @return Result of the CancelHandshake operation returned by the service.
* @throws AccessDeniedException
* You don't have permissions to perform the requested operation. The user or role that is making the
* request must have at least one IAM permissions policy attached that grants the required permissions. For
* more information, see Access
* Management in the IAM User Guide.
* @throws ConcurrentModificationException
* The target of the operation is currently being modified by a different request. Try again later.
* @throws HandshakeNotFoundException
* We can't find a handshake with the HandshakeId that you specified.
* @throws InvalidHandshakeTransitionException
* You can't perform the operation on the handshake in its current state. For example, you can't cancel a
* handshake that was already accepted, or accept a handshake that was already declined.
* @throws HandshakeAlreadyInStateException
* The specified handshake is already in the requested state. For example, you can't accept a handshake that
* was already accepted.
* @throws InvalidInputException
* The requested operation failed because you provided invalid values for one or more of the request
* parameters. This exception includes a reason that contains additional information about the violated
* limit:
*
* -
*
* INVALID_PARTY_TYPE_TARGET: You specified the wrong type of entity (account, organization, or email) as a
* party.
*
*
* -
*
* INVALID_SYNTAX_ORGANIZATION_ARN: You specified an invalid ARN for the organization.
*
*
* -
*
* INVALID_SYNTAX_POLICY_ID: You specified an invalid policy ID.
*
*
* -
*
* INVALID_ENUM: You specified a value that is not valid for that parameter.
*
*
* -
*
* INVALID_FULL_NAME_TARGET: You specified a full name that contains invalid characters.
*
*
* -
*
* INVALID_LIST_MEMBER: You provided a list to a parameter that contains at least one invalid value.
*
*
* -
*
* MAX_LENGTH_EXCEEDED: You provided a string parameter that is longer than allowed.
*
*
* -
*
* MAX_VALUE_EXCEEDED: You provided a numeric parameter that has a larger value than allowed.
*
*
* -
*
* MIN_LENGTH_EXCEEDED: You provided a string parameter that is shorter than allowed.
*
*
* -
*
* MIN_VALUE_EXCEEDED: You provided a numeric parameter that has a smaller value than allowed.
*
*
* -
*
* IMMUTABLE_POLICY: You specified a policy that is managed by AWS and cannot be modified.
*
*
* -
*
* INVALID_PATTERN: You provided a value that doesn't match the required pattern.
*
*
* -
*
* INVALID_PATTERN_TARGET_ID: You specified a policy target ID that doesn't match the required pattern.
*
*
* -
*
* INPUT_REQUIRED: You must include a value for all required parameters.
*
*
* -
*
* INVALID_PAGINATION_TOKEN: Get the value for the NextToken parameter from the response to a previous call
* of the operation.
*
*
* -
*
* MAX_FILTER_LIMIT_EXCEEDED: You can specify only one filter parameter for the operation.
*
*
* -
*
* MOVING_ACCOUNT_BETWEEN_DIFFERENT_ROOTS: You can move an account only between entities in the same root.
*
*
* @throws ServiceException
* AWS Organizations can't complete your request because of an internal service error. Try again later.
* @throws TooManyRequestsException
* You've sent too many requests in too short a period of time. The limit helps protect against
* denial-of-service attacks. Try again later.
* @throws SdkBaseException
* Base class for all exceptions that can be thrown by the SDK (both service and client). Can be used for
* catch all scenarios.
* @throws SdkClientException
* If any client side error occurs such as an IO related failure, failure to get credentials, etc.
* @throws OrganizationsException
* Base class for all service exceptions. Unknown exceptions will be thrown as an instance of this type.
* @sample OrganizationsClient.CancelHandshake
* @see AWS
* API Documentation
*/
default CancelHandshakeResponse cancelHandshake(CancelHandshakeRequest cancelHandshakeRequest) throws AccessDeniedException,
ConcurrentModificationException, HandshakeNotFoundException, InvalidHandshakeTransitionException,
HandshakeAlreadyInStateException, InvalidInputException, ServiceException, TooManyRequestsException,
SdkBaseException, SdkClientException, OrganizationsException {
throw new UnsupportedOperationException();
}
/**
*
* Creates an AWS account that is automatically a member of the organization whose credentials made the request.
* This is an asynchronous request that AWS performs in the background. If you want to check the status of the
* request later, you need the OperationId
response element from this operation to provide as a
* parameter to the DescribeCreateAccountStatus operation.
*
*
* AWS Organizations preconfigures the new member account with a role (named
* OrganizationAccountAccessRole
by default) that grants administrator permissions to the new account.
* Principals in the master account can assume the role. AWS Organizations clones the company name and address
* information for the new account from the organization's master account.
*
*
* For more information about creating accounts, see Creating an AWS
* Account in Your Organization in the AWS Organizations User Guide.
*
*
*
* You cannot remove accounts that are created with this operation from an organization. That also means that you
* cannot delete an organization that contains an account that is created with this operation.
*
*
*
* When you create a member account with this operation, you can choose whether to create the account with the
* IAM User and Role Access to Billing Information switch enabled. If you enable it, IAM users and roles that
* have appropriate permissions can view billing information for the account. If you disable this, then only the
* account root user can access billing information. For information about how to disable this for an account, see
* Granting Access to Your
* Billing Information and Tools.
*
*
*
* This operation can be called only from the organization's master account.
*
*
* @param createAccountRequest
* @return Result of the CreateAccount operation returned by the service.
* @throws AccessDeniedException
* You don't have permissions to perform the requested operation. The user or role that is making the
* request must have at least one IAM permissions policy attached that grants the required permissions. For
* more information, see Access
* Management in the IAM User Guide.
* @throws AWSOrganizationsNotInUseException
* Your account is not a member of an organization. To make this request, you must use the credentials of an
* account that belongs to an organization.
* @throws ConcurrentModificationException
* The target of the operation is currently being modified by a different request. Try again later.
* @throws ConstraintViolationException
* Performing this operation violates a minimum or maximum value limit. For example, attempting to removing
* the last SCP from an OU or root, inviting or creating too many accounts to the organization, or attaching
* too many policies to an account, OU, or root. This exception includes a reason that contains additional
* information about the violated limit:
*
*
* -
*
* ACCOUNT_NUMBER_LIMIT_EXCEEDED: You attempted to exceed the limit on the number of accounts in an
* organization. If you need more accounts, contact AWS Support to request an increase in your limit.
*
*
* Or, The number of invitations that you tried to send would cause you to exceed the limit of accounts in
* your organization. Send fewer invitations, or contact AWS Support to request an increase in the number of
* accounts.
*
*
* Note: deleted and closed accounts still count toward your limit.
*
*
* -
*
* HANDSHAKE_RATE_LIMIT_EXCEEDED: You attempted to exceed the number of handshakes you can send in one day.
*
*
* -
*
* OU_NUMBER_LIMIT_EXCEEDED: You attempted to exceed the number of organizational units you can have in an
* organization.
*
*
* -
*
* OU_DEPTH_LIMIT_EXCEEDED: You attempted to create an organizational unit tree that is too many levels
* deep.
*
*
* -
*
* POLICY_NUMBER_LIMIT_EXCEEDED. You attempted to exceed the number of policies that you can have in an
* organization.
*
*
* -
*
* MAX_POLICY_TYPE_ATTACHMENT_LIMIT_EXCEEDED: You attempted to exceed the number of policies of a certain
* type that can be attached to an entity at one time.
*
*
* -
*
* MIN_POLICY_TYPE_ATTACHMENT_LIMIT_EXCEEDED: You attempted to detach a policy from an entity that would
* cause the entity to have fewer than the minimum number of policies of a certain type required.
*
*
* -
*
* ACCOUNT_CANNOT_LEAVE_WITHOUT_EULA: You attempted to remove an account from the organization that does not
* yet have enough information to exist as a stand-alone account. This account requires you to first agree
* to the End-User License Agreement (EULA).
*
*
* -
*
* ACCOUNT_CANNOT_LEAVE_WITHOUT_PHONE_VERIFICATION: You attempted to remove an account from the organization
* that does not yet have enough information to exist as a stand-alone account. This account requires you to
* first complete phone verification.
*
*
* -
*
* MASTER_ACCOUNT_PAYMENT_INSTRUMENT_REQUIRED: To create an organization with this account, you first must
* associate a payment instrument, such as a credit card, with the account.
*
*
* -
*
* MEMBER_ACCOUNT_PAYMENT_INSTRUMENT_REQUIRED: To complete this operation with this member account, you
* first must associate a payment instrument, such as a credit card, with the account.
*
*
* -
*
* ACCOUNT_CREATION_RATE_LIMIT_EXCEEDED: You attempted to exceed the number of accounts that you can create
* in one day.
*
*
* -
*
* MASTER_ACCOUNT_ADDRESS_DOES_NOT_MATCH_MARKETPLACE: To create an account in this organization, you first
* must migrate the organization's master account to the marketplace that corresponds to the master
* account's address. For example, accounts with India addresses must be associated with the AISPL
* marketplace. All accounts in an organization must be associated with the same marketplace.
*
*
* @throws InvalidInputException
* The requested operation failed because you provided invalid values for one or more of the request
* parameters. This exception includes a reason that contains additional information about the violated
* limit:
*
*
* -
*
* INVALID_PARTY_TYPE_TARGET: You specified the wrong type of entity (account, organization, or email) as a
* party.
*
*
* -
*
* INVALID_SYNTAX_ORGANIZATION_ARN: You specified an invalid ARN for the organization.
*
*
* -
*
* INVALID_SYNTAX_POLICY_ID: You specified an invalid policy ID.
*
*
* -
*
* INVALID_ENUM: You specified a value that is not valid for that parameter.
*
*
* -
*
* INVALID_FULL_NAME_TARGET: You specified a full name that contains invalid characters.
*
*
* -
*
* INVALID_LIST_MEMBER: You provided a list to a parameter that contains at least one invalid value.
*
*
* -
*
* MAX_LENGTH_EXCEEDED: You provided a string parameter that is longer than allowed.
*
*
* -
*
* MAX_VALUE_EXCEEDED: You provided a numeric parameter that has a larger value than allowed.
*
*
* -
*
* MIN_LENGTH_EXCEEDED: You provided a string parameter that is shorter than allowed.
*
*
* -
*
* MIN_VALUE_EXCEEDED: You provided a numeric parameter that has a smaller value than allowed.
*
*
* -
*
* IMMUTABLE_POLICY: You specified a policy that is managed by AWS and cannot be modified.
*
*
* -
*
* INVALID_PATTERN: You provided a value that doesn't match the required pattern.
*
*
* -
*
* INVALID_PATTERN_TARGET_ID: You specified a policy target ID that doesn't match the required pattern.
*
*
* -
*
* INPUT_REQUIRED: You must include a value for all required parameters.
*
*
* -
*
* INVALID_PAGINATION_TOKEN: Get the value for the NextToken parameter from the response to a previous call
* of the operation.
*
*
* -
*
* MAX_FILTER_LIMIT_EXCEEDED: You can specify only one filter parameter for the operation.
*
*
* -
*
* MOVING_ACCOUNT_BETWEEN_DIFFERENT_ROOTS: You can move an account only between entities in the same root.
*
*
* @throws FinalizingOrganizationException
* AWS Organizations could not finalize the creation of your organization. Try again later. If this
* persists, contact AWS customer support.
* @throws ServiceException
* AWS Organizations can't complete your request because of an internal service error. Try again later.
* @throws TooManyRequestsException
* You've sent too many requests in too short a period of time. The limit helps protect against
* denial-of-service attacks. Try again later.
* @throws SdkBaseException
* Base class for all exceptions that can be thrown by the SDK (both service and client). Can be used for
* catch all scenarios.
* @throws SdkClientException
* If any client side error occurs such as an IO related failure, failure to get credentials, etc.
* @throws OrganizationsException
* Base class for all service exceptions. Unknown exceptions will be thrown as an instance of this type.
* @sample OrganizationsClient.CreateAccount
* @see AWS
* API Documentation
*/
default CreateAccountResponse createAccount(CreateAccountRequest createAccountRequest) throws AccessDeniedException,
AWSOrganizationsNotInUseException, ConcurrentModificationException, ConstraintViolationException,
InvalidInputException, FinalizingOrganizationException, ServiceException, TooManyRequestsException, SdkBaseException,
SdkClientException, OrganizationsException {
throw new UnsupportedOperationException();
}
/**
*
* Creates an AWS organization. The account whose user is calling the CreateOrganization operation automatically
* becomes the master
* account of the new organization.
*
*
* This operation must be called using credentials from the account that is to become the new organization's master
* account. The principal must also have the relevant IAM permissions.
*
*
* By default (or if you set the FeatureSet
parameter to ALL
), the new organization is
* created with all features enabled and service control policies automatically enabled in the root. If you instead
* choose to create the organization supporting only the consolidated billing features by setting the
* FeatureSet
parameter to CONSOLIDATED_BILLING"
, then no policy types are enabled by
* default and you cannot use organization policies.
*
*
* @return Result of the CreateOrganization operation returned by the service.
* @throws AccessDeniedException
* You don't have permissions to perform the requested operation. The user or role that is making the
* request must have at least one IAM permissions policy attached that grants the required permissions. For
* more information, see Access
* Management in the IAM User Guide.
* @throws AlreadyInOrganizationException
* This account is already a member of an organization. An account can belong to only one organization at a
* time.
* @throws ConcurrentModificationException
* The target of the operation is currently being modified by a different request. Try again later.
* @throws ConstraintViolationException
* Performing this operation violates a minimum or maximum value limit. For example, attempting to removing
* the last SCP from an OU or root, inviting or creating too many accounts to the organization, or attaching
* too many policies to an account, OU, or root. This exception includes a reason that contains additional
* information about the violated limit:
*
*
* -
*
* ACCOUNT_NUMBER_LIMIT_EXCEEDED: You attempted to exceed the limit on the number of accounts in an
* organization. If you need more accounts, contact AWS Support to request an increase in your limit.
*
*
* Or, The number of invitations that you tried to send would cause you to exceed the limit of accounts in
* your organization. Send fewer invitations, or contact AWS Support to request an increase in the number of
* accounts.
*
*
* Note: deleted and closed accounts still count toward your limit.
*
*
* -
*
* HANDSHAKE_RATE_LIMIT_EXCEEDED: You attempted to exceed the number of handshakes you can send in one day.
*
*
* -
*
* OU_NUMBER_LIMIT_EXCEEDED: You attempted to exceed the number of organizational units you can have in an
* organization.
*
*
* -
*
* OU_DEPTH_LIMIT_EXCEEDED: You attempted to create an organizational unit tree that is too many levels
* deep.
*
*
* -
*
* POLICY_NUMBER_LIMIT_EXCEEDED. You attempted to exceed the number of policies that you can have in an
* organization.
*
*
* -
*
* MAX_POLICY_TYPE_ATTACHMENT_LIMIT_EXCEEDED: You attempted to exceed the number of policies of a certain
* type that can be attached to an entity at one time.
*
*
* -
*
* MIN_POLICY_TYPE_ATTACHMENT_LIMIT_EXCEEDED: You attempted to detach a policy from an entity that would
* cause the entity to have fewer than the minimum number of policies of a certain type required.
*
*
* -
*
* ACCOUNT_CANNOT_LEAVE_WITHOUT_EULA: You attempted to remove an account from the organization that does not
* yet have enough information to exist as a stand-alone account. This account requires you to first agree
* to the End-User License Agreement (EULA).
*
*
* -
*
* ACCOUNT_CANNOT_LEAVE_WITHOUT_PHONE_VERIFICATION: You attempted to remove an account from the organization
* that does not yet have enough information to exist as a stand-alone account. This account requires you to
* first complete phone verification.
*
*
* -
*
* MASTER_ACCOUNT_PAYMENT_INSTRUMENT_REQUIRED: To create an organization with this account, you first must
* associate a payment instrument, such as a credit card, with the account.
*
*
* -
*
* MEMBER_ACCOUNT_PAYMENT_INSTRUMENT_REQUIRED: To complete this operation with this member account, you
* first must associate a payment instrument, such as a credit card, with the account.
*
*
* -
*
* ACCOUNT_CREATION_RATE_LIMIT_EXCEEDED: You attempted to exceed the number of accounts that you can create
* in one day.
*
*
* -
*
* MASTER_ACCOUNT_ADDRESS_DOES_NOT_MATCH_MARKETPLACE: To create an account in this organization, you first
* must migrate the organization's master account to the marketplace that corresponds to the master
* account's address. For example, accounts with India addresses must be associated with the AISPL
* marketplace. All accounts in an organization must be associated with the same marketplace.
*
*
* @throws InvalidInputException
* The requested operation failed because you provided invalid values for one or more of the request
* parameters. This exception includes a reason that contains additional information about the violated
* limit:
*
*
* -
*
* INVALID_PARTY_TYPE_TARGET: You specified the wrong type of entity (account, organization, or email) as a
* party.
*
*
* -
*
* INVALID_SYNTAX_ORGANIZATION_ARN: You specified an invalid ARN for the organization.
*
*
* -
*
* INVALID_SYNTAX_POLICY_ID: You specified an invalid policy ID.
*
*
* -
*
* INVALID_ENUM: You specified a value that is not valid for that parameter.
*
*
* -
*
* INVALID_FULL_NAME_TARGET: You specified a full name that contains invalid characters.
*
*
* -
*
* INVALID_LIST_MEMBER: You provided a list to a parameter that contains at least one invalid value.
*
*
* -
*
* MAX_LENGTH_EXCEEDED: You provided a string parameter that is longer than allowed.
*
*
* -
*
* MAX_VALUE_EXCEEDED: You provided a numeric parameter that has a larger value than allowed.
*
*
* -
*
* MIN_LENGTH_EXCEEDED: You provided a string parameter that is shorter than allowed.
*
*
* -
*
* MIN_VALUE_EXCEEDED: You provided a numeric parameter that has a smaller value than allowed.
*
*
* -
*
* IMMUTABLE_POLICY: You specified a policy that is managed by AWS and cannot be modified.
*
*
* -
*
* INVALID_PATTERN: You provided a value that doesn't match the required pattern.
*
*
* -
*
* INVALID_PATTERN_TARGET_ID: You specified a policy target ID that doesn't match the required pattern.
*
*
* -
*
* INPUT_REQUIRED: You must include a value for all required parameters.
*
*
* -
*
* INVALID_PAGINATION_TOKEN: Get the value for the NextToken parameter from the response to a previous call
* of the operation.
*
*
* -
*
* MAX_FILTER_LIMIT_EXCEEDED: You can specify only one filter parameter for the operation.
*
*
* -
*
* MOVING_ACCOUNT_BETWEEN_DIFFERENT_ROOTS: You can move an account only between entities in the same root.
*
*
* @throws ServiceException
* AWS Organizations can't complete your request because of an internal service error. Try again later.
* @throws TooManyRequestsException
* You've sent too many requests in too short a period of time. The limit helps protect against
* denial-of-service attacks. Try again later.
* @throws SdkBaseException
* Base class for all exceptions that can be thrown by the SDK (both service and client). Can be used for
* catch all scenarios.
* @throws SdkClientException
* If any client side error occurs such as an IO related failure, failure to get credentials, etc.
* @throws OrganizationsException
* Base class for all service exceptions. Unknown exceptions will be thrown as an instance of this type.
* @sample OrganizationsClient.CreateOrganization
* @see #createOrganization(CreateOrganizationRequest)
* @see AWS API Documentation
*/
default CreateOrganizationResponse createOrganization() throws AccessDeniedException, AlreadyInOrganizationException,
ConcurrentModificationException, ConstraintViolationException, InvalidInputException, ServiceException,
TooManyRequestsException, SdkBaseException, SdkClientException, OrganizationsException {
return createOrganization(CreateOrganizationRequest.builder().build());
}
/**
*
* Creates an AWS organization. The account whose user is calling the CreateOrganization operation automatically
* becomes the master
* account of the new organization.
*
*
* This operation must be called using credentials from the account that is to become the new organization's master
* account. The principal must also have the relevant IAM permissions.
*
*
* By default (or if you set the FeatureSet
parameter to ALL
), the new organization is
* created with all features enabled and service control policies automatically enabled in the root. If you instead
* choose to create the organization supporting only the consolidated billing features by setting the
* FeatureSet
parameter to CONSOLIDATED_BILLING"
, then no policy types are enabled by
* default and you cannot use organization policies.
*
*
* @param createOrganizationRequest
* @return Result of the CreateOrganization operation returned by the service.
* @throws AccessDeniedException
* You don't have permissions to perform the requested operation. The user or role that is making the
* request must have at least one IAM permissions policy attached that grants the required permissions. For
* more information, see Access
* Management in the IAM User Guide.
* @throws AlreadyInOrganizationException
* This account is already a member of an organization. An account can belong to only one organization at a
* time.
* @throws ConcurrentModificationException
* The target of the operation is currently being modified by a different request. Try again later.
* @throws ConstraintViolationException
* Performing this operation violates a minimum or maximum value limit. For example, attempting to removing
* the last SCP from an OU or root, inviting or creating too many accounts to the organization, or attaching
* too many policies to an account, OU, or root. This exception includes a reason that contains additional
* information about the violated limit:
*
*
* -
*
* ACCOUNT_NUMBER_LIMIT_EXCEEDED: You attempted to exceed the limit on the number of accounts in an
* organization. If you need more accounts, contact AWS Support to request an increase in your limit.
*
*
* Or, The number of invitations that you tried to send would cause you to exceed the limit of accounts in
* your organization. Send fewer invitations, or contact AWS Support to request an increase in the number of
* accounts.
*
*
* Note: deleted and closed accounts still count toward your limit.
*
*
* -
*
* HANDSHAKE_RATE_LIMIT_EXCEEDED: You attempted to exceed the number of handshakes you can send in one day.
*
*
* -
*
* OU_NUMBER_LIMIT_EXCEEDED: You attempted to exceed the number of organizational units you can have in an
* organization.
*
*
* -
*
* OU_DEPTH_LIMIT_EXCEEDED: You attempted to create an organizational unit tree that is too many levels
* deep.
*
*
* -
*
* POLICY_NUMBER_LIMIT_EXCEEDED. You attempted to exceed the number of policies that you can have in an
* organization.
*
*
* -
*
* MAX_POLICY_TYPE_ATTACHMENT_LIMIT_EXCEEDED: You attempted to exceed the number of policies of a certain
* type that can be attached to an entity at one time.
*
*
* -
*
* MIN_POLICY_TYPE_ATTACHMENT_LIMIT_EXCEEDED: You attempted to detach a policy from an entity that would
* cause the entity to have fewer than the minimum number of policies of a certain type required.
*
*
* -
*
* ACCOUNT_CANNOT_LEAVE_WITHOUT_EULA: You attempted to remove an account from the organization that does not
* yet have enough information to exist as a stand-alone account. This account requires you to first agree
* to the End-User License Agreement (EULA).
*
*
* -
*
* ACCOUNT_CANNOT_LEAVE_WITHOUT_PHONE_VERIFICATION: You attempted to remove an account from the organization
* that does not yet have enough information to exist as a stand-alone account. This account requires you to
* first complete phone verification.
*
*
* -
*
* MASTER_ACCOUNT_PAYMENT_INSTRUMENT_REQUIRED: To create an organization with this account, you first must
* associate a payment instrument, such as a credit card, with the account.
*
*
* -
*
* MEMBER_ACCOUNT_PAYMENT_INSTRUMENT_REQUIRED: To complete this operation with this member account, you
* first must associate a payment instrument, such as a credit card, with the account.
*
*
* -
*
* ACCOUNT_CREATION_RATE_LIMIT_EXCEEDED: You attempted to exceed the number of accounts that you can create
* in one day.
*
*
* -
*
* MASTER_ACCOUNT_ADDRESS_DOES_NOT_MATCH_MARKETPLACE: To create an account in this organization, you first
* must migrate the organization's master account to the marketplace that corresponds to the master
* account's address. For example, accounts with India addresses must be associated with the AISPL
* marketplace. All accounts in an organization must be associated with the same marketplace.
*
*
* @throws InvalidInputException
* The requested operation failed because you provided invalid values for one or more of the request
* parameters. This exception includes a reason that contains additional information about the violated
* limit:
*
*
* -
*
* INVALID_PARTY_TYPE_TARGET: You specified the wrong type of entity (account, organization, or email) as a
* party.
*
*
* -
*
* INVALID_SYNTAX_ORGANIZATION_ARN: You specified an invalid ARN for the organization.
*
*
* -
*
* INVALID_SYNTAX_POLICY_ID: You specified an invalid policy ID.
*
*
* -
*
* INVALID_ENUM: You specified a value that is not valid for that parameter.
*
*
* -
*
* INVALID_FULL_NAME_TARGET: You specified a full name that contains invalid characters.
*
*
* -
*
* INVALID_LIST_MEMBER: You provided a list to a parameter that contains at least one invalid value.
*
*
* -
*
* MAX_LENGTH_EXCEEDED: You provided a string parameter that is longer than allowed.
*
*
* -
*
* MAX_VALUE_EXCEEDED: You provided a numeric parameter that has a larger value than allowed.
*
*
* -
*
* MIN_LENGTH_EXCEEDED: You provided a string parameter that is shorter than allowed.
*
*
* -
*
* MIN_VALUE_EXCEEDED: You provided a numeric parameter that has a smaller value than allowed.
*
*
* -
*
* IMMUTABLE_POLICY: You specified a policy that is managed by AWS and cannot be modified.
*
*
* -
*
* INVALID_PATTERN: You provided a value that doesn't match the required pattern.
*
*
* -
*
* INVALID_PATTERN_TARGET_ID: You specified a policy target ID that doesn't match the required pattern.
*
*
* -
*
* INPUT_REQUIRED: You must include a value for all required parameters.
*
*
* -
*
* INVALID_PAGINATION_TOKEN: Get the value for the NextToken parameter from the response to a previous call
* of the operation.
*
*
* -
*
* MAX_FILTER_LIMIT_EXCEEDED: You can specify only one filter parameter for the operation.
*
*
* -
*
* MOVING_ACCOUNT_BETWEEN_DIFFERENT_ROOTS: You can move an account only between entities in the same root.
*
*
* @throws ServiceException
* AWS Organizations can't complete your request because of an internal service error. Try again later.
* @throws TooManyRequestsException
* You've sent too many requests in too short a period of time. The limit helps protect against
* denial-of-service attacks. Try again later.
* @throws SdkBaseException
* Base class for all exceptions that can be thrown by the SDK (both service and client). Can be used for
* catch all scenarios.
* @throws SdkClientException
* If any client side error occurs such as an IO related failure, failure to get credentials, etc.
* @throws OrganizationsException
* Base class for all service exceptions. Unknown exceptions will be thrown as an instance of this type.
* @sample OrganizationsClient.CreateOrganization
* @see AWS API Documentation
*/
default CreateOrganizationResponse createOrganization(CreateOrganizationRequest createOrganizationRequest)
throws AccessDeniedException, AlreadyInOrganizationException, ConcurrentModificationException,
ConstraintViolationException, InvalidInputException, ServiceException, TooManyRequestsException, SdkBaseException,
SdkClientException, OrganizationsException {
throw new UnsupportedOperationException();
}
/**
*
* Creates an organizational unit (OU) within a root or parent OU. An OU is a container for accounts that enables
* you to organize your accounts to apply policies according to your business requirements. The number of levels
* deep that you can nest OUs is dependent upon the policy types enabled for that root. For service control
* policies, the limit is five.
*
*
* For more information about OUs, see Managing Organizational
* Units in the AWS Organizations User Guide.
*
*
* This operation can be called only from the organization's master account.
*
*
* @param createOrganizationalUnitRequest
* @return Result of the CreateOrganizationalUnit operation returned by the service.
* @throws AccessDeniedException
* You don't have permissions to perform the requested operation. The user or role that is making the
* request must have at least one IAM permissions policy attached that grants the required permissions. For
* more information, see Access
* Management in the IAM User Guide.
* @throws AWSOrganizationsNotInUseException
* Your account is not a member of an organization. To make this request, you must use the credentials of an
* account that belongs to an organization.
* @throws ConcurrentModificationException
* The target of the operation is currently being modified by a different request. Try again later.
* @throws ConstraintViolationException
* Performing this operation violates a minimum or maximum value limit. For example, attempting to removing
* the last SCP from an OU or root, inviting or creating too many accounts to the organization, or attaching
* too many policies to an account, OU, or root. This exception includes a reason that contains additional
* information about the violated limit:
*
*
* -
*
* ACCOUNT_NUMBER_LIMIT_EXCEEDED: You attempted to exceed the limit on the number of accounts in an
* organization. If you need more accounts, contact AWS Support to request an increase in your limit.
*
*
* Or, The number of invitations that you tried to send would cause you to exceed the limit of accounts in
* your organization. Send fewer invitations, or contact AWS Support to request an increase in the number of
* accounts.
*
*
* Note: deleted and closed accounts still count toward your limit.
*
*
* -
*
* HANDSHAKE_RATE_LIMIT_EXCEEDED: You attempted to exceed the number of handshakes you can send in one day.
*
*
* -
*
* OU_NUMBER_LIMIT_EXCEEDED: You attempted to exceed the number of organizational units you can have in an
* organization.
*
*
* -
*
* OU_DEPTH_LIMIT_EXCEEDED: You attempted to create an organizational unit tree that is too many levels
* deep.
*
*
* -
*
* POLICY_NUMBER_LIMIT_EXCEEDED. You attempted to exceed the number of policies that you can have in an
* organization.
*
*
* -
*
* MAX_POLICY_TYPE_ATTACHMENT_LIMIT_EXCEEDED: You attempted to exceed the number of policies of a certain
* type that can be attached to an entity at one time.
*
*
* -
*
* MIN_POLICY_TYPE_ATTACHMENT_LIMIT_EXCEEDED: You attempted to detach a policy from an entity that would
* cause the entity to have fewer than the minimum number of policies of a certain type required.
*
*
* -
*
* ACCOUNT_CANNOT_LEAVE_WITHOUT_EULA: You attempted to remove an account from the organization that does not
* yet have enough information to exist as a stand-alone account. This account requires you to first agree
* to the End-User License Agreement (EULA).
*
*
* -
*
* ACCOUNT_CANNOT_LEAVE_WITHOUT_PHONE_VERIFICATION: You attempted to remove an account from the organization
* that does not yet have enough information to exist as a stand-alone account. This account requires you to
* first complete phone verification.
*
*
* -
*
* MASTER_ACCOUNT_PAYMENT_INSTRUMENT_REQUIRED: To create an organization with this account, you first must
* associate a payment instrument, such as a credit card, with the account.
*
*
* -
*
* MEMBER_ACCOUNT_PAYMENT_INSTRUMENT_REQUIRED: To complete this operation with this member account, you
* first must associate a payment instrument, such as a credit card, with the account.
*
*
* -
*
* ACCOUNT_CREATION_RATE_LIMIT_EXCEEDED: You attempted to exceed the number of accounts that you can create
* in one day.
*
*
* -
*
* MASTER_ACCOUNT_ADDRESS_DOES_NOT_MATCH_MARKETPLACE: To create an account in this organization, you first
* must migrate the organization's master account to the marketplace that corresponds to the master
* account's address. For example, accounts with India addresses must be associated with the AISPL
* marketplace. All accounts in an organization must be associated with the same marketplace.
*
*
* @throws DuplicateOrganizationalUnitException
* An organizational unit (OU) with the same name already exists.
* @throws InvalidInputException
* The requested operation failed because you provided invalid values for one or more of the request
* parameters. This exception includes a reason that contains additional information about the violated
* limit:
*
*
* -
*
* INVALID_PARTY_TYPE_TARGET: You specified the wrong type of entity (account, organization, or email) as a
* party.
*
*
* -
*
* INVALID_SYNTAX_ORGANIZATION_ARN: You specified an invalid ARN for the organization.
*
*
* -
*
* INVALID_SYNTAX_POLICY_ID: You specified an invalid policy ID.
*
*
* -
*
* INVALID_ENUM: You specified a value that is not valid for that parameter.
*
*
* -
*
* INVALID_FULL_NAME_TARGET: You specified a full name that contains invalid characters.
*
*
* -
*
* INVALID_LIST_MEMBER: You provided a list to a parameter that contains at least one invalid value.
*
*
* -
*
* MAX_LENGTH_EXCEEDED: You provided a string parameter that is longer than allowed.
*
*
* -
*
* MAX_VALUE_EXCEEDED: You provided a numeric parameter that has a larger value than allowed.
*
*
* -
*
* MIN_LENGTH_EXCEEDED: You provided a string parameter that is shorter than allowed.
*
*
* -
*
* MIN_VALUE_EXCEEDED: You provided a numeric parameter that has a smaller value than allowed.
*
*
* -
*
* IMMUTABLE_POLICY: You specified a policy that is managed by AWS and cannot be modified.
*
*
* -
*
* INVALID_PATTERN: You provided a value that doesn't match the required pattern.
*
*
* -
*
* INVALID_PATTERN_TARGET_ID: You specified a policy target ID that doesn't match the required pattern.
*
*
* -
*
* INPUT_REQUIRED: You must include a value for all required parameters.
*
*
* -
*
* INVALID_PAGINATION_TOKEN: Get the value for the NextToken parameter from the response to a previous call
* of the operation.
*
*
* -
*
* MAX_FILTER_LIMIT_EXCEEDED: You can specify only one filter parameter for the operation.
*
*
* -
*
* MOVING_ACCOUNT_BETWEEN_DIFFERENT_ROOTS: You can move an account only between entities in the same root.
*
*
* @throws ParentNotFoundException
* We can't find a root or organizational unit (OU) with the ParentId that you specified.
* @throws ServiceException
* AWS Organizations can't complete your request because of an internal service error. Try again later.
* @throws TooManyRequestsException
* You've sent too many requests in too short a period of time. The limit helps protect against
* denial-of-service attacks. Try again later.
* @throws SdkBaseException
* Base class for all exceptions that can be thrown by the SDK (both service and client). Can be used for
* catch all scenarios.
* @throws SdkClientException
* If any client side error occurs such as an IO related failure, failure to get credentials, etc.
* @throws OrganizationsException
* Base class for all service exceptions. Unknown exceptions will be thrown as an instance of this type.
* @sample OrganizationsClient.CreateOrganizationalUnit
* @see AWS API Documentation
*/
default CreateOrganizationalUnitResponse createOrganizationalUnit(
CreateOrganizationalUnitRequest createOrganizationalUnitRequest) throws AccessDeniedException,
AWSOrganizationsNotInUseException, ConcurrentModificationException, ConstraintViolationException,
DuplicateOrganizationalUnitException, InvalidInputException, ParentNotFoundException, ServiceException,
TooManyRequestsException, SdkBaseException, SdkClientException, OrganizationsException {
throw new UnsupportedOperationException();
}
/**
*
* Creates a policy of a specified type that you can attach to a root, an organizational unit (OU), or an individual
* AWS account.
*
*
* For more information about policies and their use, see Managing Organization
* Policies.
*
*
* This operation can be called only from the organization's master account.
*
*
* @param createPolicyRequest
* @return Result of the CreatePolicy operation returned by the service.
* @throws AccessDeniedException
* You don't have permissions to perform the requested operation. The user or role that is making the
* request must have at least one IAM permissions policy attached that grants the required permissions. For
* more information, see Access
* Management in the IAM User Guide.
* @throws AWSOrganizationsNotInUseException
* Your account is not a member of an organization. To make this request, you must use the credentials of an
* account that belongs to an organization.
* @throws ConcurrentModificationException
* The target of the operation is currently being modified by a different request. Try again later.
* @throws ConstraintViolationException
* Performing this operation violates a minimum or maximum value limit. For example, attempting to removing
* the last SCP from an OU or root, inviting or creating too many accounts to the organization, or attaching
* too many policies to an account, OU, or root. This exception includes a reason that contains additional
* information about the violated limit:
*
*
* -
*
* ACCOUNT_NUMBER_LIMIT_EXCEEDED: You attempted to exceed the limit on the number of accounts in an
* organization. If you need more accounts, contact AWS Support to request an increase in your limit.
*
*
* Or, The number of invitations that you tried to send would cause you to exceed the limit of accounts in
* your organization. Send fewer invitations, or contact AWS Support to request an increase in the number of
* accounts.
*
*
* Note: deleted and closed accounts still count toward your limit.
*
*
* -
*
* HANDSHAKE_RATE_LIMIT_EXCEEDED: You attempted to exceed the number of handshakes you can send in one day.
*
*
* -
*
* OU_NUMBER_LIMIT_EXCEEDED: You attempted to exceed the number of organizational units you can have in an
* organization.
*
*
* -
*
* OU_DEPTH_LIMIT_EXCEEDED: You attempted to create an organizational unit tree that is too many levels
* deep.
*
*
* -
*
* POLICY_NUMBER_LIMIT_EXCEEDED. You attempted to exceed the number of policies that you can have in an
* organization.
*
*
* -
*
* MAX_POLICY_TYPE_ATTACHMENT_LIMIT_EXCEEDED: You attempted to exceed the number of policies of a certain
* type that can be attached to an entity at one time.
*
*
* -
*
* MIN_POLICY_TYPE_ATTACHMENT_LIMIT_EXCEEDED: You attempted to detach a policy from an entity that would
* cause the entity to have fewer than the minimum number of policies of a certain type required.
*
*
* -
*
* ACCOUNT_CANNOT_LEAVE_WITHOUT_EULA: You attempted to remove an account from the organization that does not
* yet have enough information to exist as a stand-alone account. This account requires you to first agree
* to the End-User License Agreement (EULA).
*
*
* -
*
* ACCOUNT_CANNOT_LEAVE_WITHOUT_PHONE_VERIFICATION: You attempted to remove an account from the organization
* that does not yet have enough information to exist as a stand-alone account. This account requires you to
* first complete phone verification.
*
*
* -
*
* MASTER_ACCOUNT_PAYMENT_INSTRUMENT_REQUIRED: To create an organization with this account, you first must
* associate a payment instrument, such as a credit card, with the account.
*
*
* -
*
* MEMBER_ACCOUNT_PAYMENT_INSTRUMENT_REQUIRED: To complete this operation with this member account, you
* first must associate a payment instrument, such as a credit card, with the account.
*
*
* -
*
* ACCOUNT_CREATION_RATE_LIMIT_EXCEEDED: You attempted to exceed the number of accounts that you can create
* in one day.
*
*
* -
*
* MASTER_ACCOUNT_ADDRESS_DOES_NOT_MATCH_MARKETPLACE: To create an account in this organization, you first
* must migrate the organization's master account to the marketplace that corresponds to the master
* account's address. For example, accounts with India addresses must be associated with the AISPL
* marketplace. All accounts in an organization must be associated with the same marketplace.
*
*
* @throws DuplicatePolicyException
* A policy with the same name already exists.
* @throws InvalidInputException
* The requested operation failed because you provided invalid values for one or more of the request
* parameters. This exception includes a reason that contains additional information about the violated
* limit:
*
*
* -
*
* INVALID_PARTY_TYPE_TARGET: You specified the wrong type of entity (account, organization, or email) as a
* party.
*
*
* -
*
* INVALID_SYNTAX_ORGANIZATION_ARN: You specified an invalid ARN for the organization.
*
*
* -
*
* INVALID_SYNTAX_POLICY_ID: You specified an invalid policy ID.
*
*
* -
*
* INVALID_ENUM: You specified a value that is not valid for that parameter.
*
*
* -
*
* INVALID_FULL_NAME_TARGET: You specified a full name that contains invalid characters.
*
*
* -
*
* INVALID_LIST_MEMBER: You provided a list to a parameter that contains at least one invalid value.
*
*
* -
*
* MAX_LENGTH_EXCEEDED: You provided a string parameter that is longer than allowed.
*
*
* -
*
* MAX_VALUE_EXCEEDED: You provided a numeric parameter that has a larger value than allowed.
*
*
* -
*
* MIN_LENGTH_EXCEEDED: You provided a string parameter that is shorter than allowed.
*
*
* -
*
* MIN_VALUE_EXCEEDED: You provided a numeric parameter that has a smaller value than allowed.
*
*
* -
*
* IMMUTABLE_POLICY: You specified a policy that is managed by AWS and cannot be modified.
*
*
* -
*
* INVALID_PATTERN: You provided a value that doesn't match the required pattern.
*
*
* -
*
* INVALID_PATTERN_TARGET_ID: You specified a policy target ID that doesn't match the required pattern.
*
*
* -
*
* INPUT_REQUIRED: You must include a value for all required parameters.
*
*
* -
*
* INVALID_PAGINATION_TOKEN: Get the value for the NextToken parameter from the response to a previous call
* of the operation.
*
*
* -
*
* MAX_FILTER_LIMIT_EXCEEDED: You can specify only one filter parameter for the operation.
*
*
* -
*
* MOVING_ACCOUNT_BETWEEN_DIFFERENT_ROOTS: You can move an account only between entities in the same root.
*
*
* @throws MalformedPolicyDocumentException
* The provided policy document does not meet the requirements of the specified policy type. For example,
* the syntax might be incorrect. For details about service control policy syntax, see Service
* Control Policy Syntax in the AWS Organizations User Guide.
* @throws PolicyTypeNotAvailableForOrganizationException
* You can't use the specified policy type with the feature set currently enabled for this organization. For
* example, you can enable service control policies (SCPs) only after you enable all features in the
* organization. For more information, see Enabling and Disabling a Policy Type on a Root in the AWS Organizations User Guide.
* @throws ServiceException
* AWS Organizations can't complete your request because of an internal service error. Try again later.
* @throws TooManyRequestsException
* You've sent too many requests in too short a period of time. The limit helps protect against
* denial-of-service attacks. Try again later.
* @throws SdkBaseException
* Base class for all exceptions that can be thrown by the SDK (both service and client). Can be used for
* catch all scenarios.
* @throws SdkClientException
* If any client side error occurs such as an IO related failure, failure to get credentials, etc.
* @throws OrganizationsException
* Base class for all service exceptions. Unknown exceptions will be thrown as an instance of this type.
* @sample OrganizationsClient.CreatePolicy
* @see AWS API
* Documentation
*/
default CreatePolicyResponse createPolicy(CreatePolicyRequest createPolicyRequest) throws AccessDeniedException,
AWSOrganizationsNotInUseException, ConcurrentModificationException, ConstraintViolationException,
DuplicatePolicyException, InvalidInputException, MalformedPolicyDocumentException,
PolicyTypeNotAvailableForOrganizationException, ServiceException, TooManyRequestsException, SdkBaseException,
SdkClientException, OrganizationsException {
throw new UnsupportedOperationException();
}
/**
*
* Declines a handshake request. This sets the handshake state to DECLINED
and effectively deactivates
* the request.
*
*
* This operation can be called only from the account that received the handshake. The originator of the handshake
* can use CancelHandshake instead. The originator can't reactivate a declined request, but can re-initiate
* the process with a new handshake request.
*
*
* After you decline a handshake, it continues to appear in the results of relevant APIs for only 30 days. After
* that it is deleted.
*
*
* @param declineHandshakeRequest
* @return Result of the DeclineHandshake operation returned by the service.
* @throws AccessDeniedException
* You don't have permissions to perform the requested operation. The user or role that is making the
* request must have at least one IAM permissions policy attached that grants the required permissions. For
* more information, see Access
* Management in the IAM User Guide.
* @throws ConcurrentModificationException
* The target of the operation is currently being modified by a different request. Try again later.
* @throws HandshakeNotFoundException
* We can't find a handshake with the HandshakeId that you specified.
* @throws InvalidHandshakeTransitionException
* You can't perform the operation on the handshake in its current state. For example, you can't cancel a
* handshake that was already accepted, or accept a handshake that was already declined.
* @throws HandshakeAlreadyInStateException
* The specified handshake is already in the requested state. For example, you can't accept a handshake that
* was already accepted.
* @throws InvalidInputException
* The requested operation failed because you provided invalid values for one or more of the request
* parameters. This exception includes a reason that contains additional information about the violated
* limit:
*
* -
*
* INVALID_PARTY_TYPE_TARGET: You specified the wrong type of entity (account, organization, or email) as a
* party.
*
*
* -
*
* INVALID_SYNTAX_ORGANIZATION_ARN: You specified an invalid ARN for the organization.
*
*
* -
*
* INVALID_SYNTAX_POLICY_ID: You specified an invalid policy ID.
*
*
* -
*
* INVALID_ENUM: You specified a value that is not valid for that parameter.
*
*
* -
*
* INVALID_FULL_NAME_TARGET: You specified a full name that contains invalid characters.
*
*
* -
*
* INVALID_LIST_MEMBER: You provided a list to a parameter that contains at least one invalid value.
*
*
* -
*
* MAX_LENGTH_EXCEEDED: You provided a string parameter that is longer than allowed.
*
*
* -
*
* MAX_VALUE_EXCEEDED: You provided a numeric parameter that has a larger value than allowed.
*
*
* -
*
* MIN_LENGTH_EXCEEDED: You provided a string parameter that is shorter than allowed.
*
*
* -
*
* MIN_VALUE_EXCEEDED: You provided a numeric parameter that has a smaller value than allowed.
*
*
* -
*
* IMMUTABLE_POLICY: You specified a policy that is managed by AWS and cannot be modified.
*
*
* -
*
* INVALID_PATTERN: You provided a value that doesn't match the required pattern.
*
*
* -
*
* INVALID_PATTERN_TARGET_ID: You specified a policy target ID that doesn't match the required pattern.
*
*
* -
*
* INPUT_REQUIRED: You must include a value for all required parameters.
*
*
* -
*
* INVALID_PAGINATION_TOKEN: Get the value for the NextToken parameter from the response to a previous call
* of the operation.
*
*
* -
*
* MAX_FILTER_LIMIT_EXCEEDED: You can specify only one filter parameter for the operation.
*
*
* -
*
* MOVING_ACCOUNT_BETWEEN_DIFFERENT_ROOTS: You can move an account only between entities in the same root.
*
*
* @throws ServiceException
* AWS Organizations can't complete your request because of an internal service error. Try again later.
* @throws TooManyRequestsException
* You've sent too many requests in too short a period of time. The limit helps protect against
* denial-of-service attacks. Try again later.
* @throws SdkBaseException
* Base class for all exceptions that can be thrown by the SDK (both service and client). Can be used for
* catch all scenarios.
* @throws SdkClientException
* If any client side error occurs such as an IO related failure, failure to get credentials, etc.
* @throws OrganizationsException
* Base class for all service exceptions. Unknown exceptions will be thrown as an instance of this type.
* @sample OrganizationsClient.DeclineHandshake
* @see AWS
* API Documentation
*/
default DeclineHandshakeResponse declineHandshake(DeclineHandshakeRequest declineHandshakeRequest)
throws AccessDeniedException, ConcurrentModificationException, HandshakeNotFoundException,
InvalidHandshakeTransitionException, HandshakeAlreadyInStateException, InvalidInputException, ServiceException,
TooManyRequestsException, SdkBaseException, SdkClientException, OrganizationsException {
throw new UnsupportedOperationException();
}
/**
*
* Deletes the organization. You can delete an organization only by using credentials from the master account. The
* organization must be empty of member accounts, OUs, and policies.
*
*
*
* If you create any accounts using Organizations operations or the Organizations console, you can't remove those
* accounts from the organization, which means that you can't delete the organization.
*
*
*
* @return Result of the DeleteOrganization operation returned by the service.
* @throws AccessDeniedException
* You don't have permissions to perform the requested operation. The user or role that is making the
* request must have at least one IAM permissions policy attached that grants the required permissions. For
* more information, see Access
* Management in the IAM User Guide.
* @throws AWSOrganizationsNotInUseException
* Your account is not a member of an organization. To make this request, you must use the credentials of an
* account that belongs to an organization.
* @throws ConcurrentModificationException
* The target of the operation is currently being modified by a different request. Try again later.
* @throws InvalidInputException
* The requested operation failed because you provided invalid values for one or more of the request
* parameters. This exception includes a reason that contains additional information about the violated
* limit:
*
* -
*
* INVALID_PARTY_TYPE_TARGET: You specified the wrong type of entity (account, organization, or email) as a
* party.
*
*
* -
*
* INVALID_SYNTAX_ORGANIZATION_ARN: You specified an invalid ARN for the organization.
*
*
* -
*
* INVALID_SYNTAX_POLICY_ID: You specified an invalid policy ID.
*
*
* -
*
* INVALID_ENUM: You specified a value that is not valid for that parameter.
*
*
* -
*
* INVALID_FULL_NAME_TARGET: You specified a full name that contains invalid characters.
*
*
* -
*
* INVALID_LIST_MEMBER: You provided a list to a parameter that contains at least one invalid value.
*
*
* -
*
* MAX_LENGTH_EXCEEDED: You provided a string parameter that is longer than allowed.
*
*
* -
*
* MAX_VALUE_EXCEEDED: You provided a numeric parameter that has a larger value than allowed.
*
*
* -
*
* MIN_LENGTH_EXCEEDED: You provided a string parameter that is shorter than allowed.
*
*
* -
*
* MIN_VALUE_EXCEEDED: You provided a numeric parameter that has a smaller value than allowed.
*
*
* -
*
* IMMUTABLE_POLICY: You specified a policy that is managed by AWS and cannot be modified.
*
*
* -
*
* INVALID_PATTERN: You provided a value that doesn't match the required pattern.
*
*
* -
*
* INVALID_PATTERN_TARGET_ID: You specified a policy target ID that doesn't match the required pattern.
*
*
* -
*
* INPUT_REQUIRED: You must include a value for all required parameters.
*
*
* -
*
* INVALID_PAGINATION_TOKEN: Get the value for the NextToken parameter from the response to a previous call
* of the operation.
*
*
* -
*
* MAX_FILTER_LIMIT_EXCEEDED: You can specify only one filter parameter for the operation.
*
*
* -
*
* MOVING_ACCOUNT_BETWEEN_DIFFERENT_ROOTS: You can move an account only between entities in the same root.
*
*
* @throws OrganizationNotEmptyException
* The organization isn't empty. To delete an organization, you must first remove all accounts except the
* master account, delete all organizational units (OUs), and delete all policies.
* @throws ServiceException
* AWS Organizations can't complete your request because of an internal service error. Try again later.
* @throws TooManyRequestsException
* You've sent too many requests in too short a period of time. The limit helps protect against
* denial-of-service attacks. Try again later.
* @throws SdkBaseException
* Base class for all exceptions that can be thrown by the SDK (both service and client). Can be used for
* catch all scenarios.
* @throws SdkClientException
* If any client side error occurs such as an IO related failure, failure to get credentials, etc.
* @throws OrganizationsException
* Base class for all service exceptions. Unknown exceptions will be thrown as an instance of this type.
* @sample OrganizationsClient.DeleteOrganization
* @see #deleteOrganization(DeleteOrganizationRequest)
* @see AWS API Documentation
*/
default DeleteOrganizationResponse deleteOrganization() throws AccessDeniedException, AWSOrganizationsNotInUseException,
ConcurrentModificationException, InvalidInputException, OrganizationNotEmptyException, ServiceException,
TooManyRequestsException, SdkBaseException, SdkClientException, OrganizationsException {
return deleteOrganization(DeleteOrganizationRequest.builder().build());
}
/**
*
* Deletes the organization. You can delete an organization only by using credentials from the master account. The
* organization must be empty of member accounts, OUs, and policies.
*
*
*
* If you create any accounts using Organizations operations or the Organizations console, you can't remove those
* accounts from the organization, which means that you can't delete the organization.
*
*
*
* @param deleteOrganizationRequest
* @return Result of the DeleteOrganization operation returned by the service.
* @throws AccessDeniedException
* You don't have permissions to perform the requested operation. The user or role that is making the
* request must have at least one IAM permissions policy attached that grants the required permissions. For
* more information, see Access
* Management in the IAM User Guide.
* @throws AWSOrganizationsNotInUseException
* Your account is not a member of an organization. To make this request, you must use the credentials of an
* account that belongs to an organization.
* @throws ConcurrentModificationException
* The target of the operation is currently being modified by a different request. Try again later.
* @throws InvalidInputException
* The requested operation failed because you provided invalid values for one or more of the request
* parameters. This exception includes a reason that contains additional information about the violated
* limit:
*
* -
*
* INVALID_PARTY_TYPE_TARGET: You specified the wrong type of entity (account, organization, or email) as a
* party.
*
*
* -
*
* INVALID_SYNTAX_ORGANIZATION_ARN: You specified an invalid ARN for the organization.
*
*
* -
*
* INVALID_SYNTAX_POLICY_ID: You specified an invalid policy ID.
*
*
* -
*
* INVALID_ENUM: You specified a value that is not valid for that parameter.
*
*
* -
*
* INVALID_FULL_NAME_TARGET: You specified a full name that contains invalid characters.
*
*
* -
*
* INVALID_LIST_MEMBER: You provided a list to a parameter that contains at least one invalid value.
*
*
* -
*
* MAX_LENGTH_EXCEEDED: You provided a string parameter that is longer than allowed.
*
*
* -
*
* MAX_VALUE_EXCEEDED: You provided a numeric parameter that has a larger value than allowed.
*
*
* -
*
* MIN_LENGTH_EXCEEDED: You provided a string parameter that is shorter than allowed.
*
*
* -
*
* MIN_VALUE_EXCEEDED: You provided a numeric parameter that has a smaller value than allowed.
*
*
* -
*
* IMMUTABLE_POLICY: You specified a policy that is managed by AWS and cannot be modified.
*
*
* -
*
* INVALID_PATTERN: You provided a value that doesn't match the required pattern.
*
*
* -
*
* INVALID_PATTERN_TARGET_ID: You specified a policy target ID that doesn't match the required pattern.
*
*
* -
*
* INPUT_REQUIRED: You must include a value for all required parameters.
*
*
* -
*
* INVALID_PAGINATION_TOKEN: Get the value for the NextToken parameter from the response to a previous call
* of the operation.
*
*
* -
*
* MAX_FILTER_LIMIT_EXCEEDED: You can specify only one filter parameter for the operation.
*
*
* -
*
* MOVING_ACCOUNT_BETWEEN_DIFFERENT_ROOTS: You can move an account only between entities in the same root.
*
*
* @throws OrganizationNotEmptyException
* The organization isn't empty. To delete an organization, you must first remove all accounts except the
* master account, delete all organizational units (OUs), and delete all policies.
* @throws ServiceException
* AWS Organizations can't complete your request because of an internal service error. Try again later.
* @throws TooManyRequestsException
* You've sent too many requests in too short a period of time. The limit helps protect against
* denial-of-service attacks. Try again later.
* @throws SdkBaseException
* Base class for all exceptions that can be thrown by the SDK (both service and client). Can be used for
* catch all scenarios.
* @throws SdkClientException
* If any client side error occurs such as an IO related failure, failure to get credentials, etc.
* @throws OrganizationsException
* Base class for all service exceptions. Unknown exceptions will be thrown as an instance of this type.
* @sample OrganizationsClient.DeleteOrganization
* @see AWS API Documentation
*/
default DeleteOrganizationResponse deleteOrganization(DeleteOrganizationRequest deleteOrganizationRequest)
throws AccessDeniedException, AWSOrganizationsNotInUseException, ConcurrentModificationException,
InvalidInputException, OrganizationNotEmptyException, ServiceException, TooManyRequestsException, SdkBaseException,
SdkClientException, OrganizationsException {
throw new UnsupportedOperationException();
}
/**
*
* Deletes an organizational unit from a root or another OU. You must first remove all accounts and child OUs from
* the OU that you want to delete.
*
*
* This operation can be called only from the organization's master account.
*
*
* @param deleteOrganizationalUnitRequest
* @return Result of the DeleteOrganizationalUnit operation returned by the service.
* @throws AccessDeniedException
* You don't have permissions to perform the requested operation. The user or role that is making the
* request must have at least one IAM permissions policy attached that grants the required permissions. For
* more information, see Access
* Management in the IAM User Guide.
* @throws AWSOrganizationsNotInUseException
* Your account is not a member of an organization. To make this request, you must use the credentials of an
* account that belongs to an organization.
* @throws ConcurrentModificationException
* The target of the operation is currently being modified by a different request. Try again later.
* @throws InvalidInputException
* The requested operation failed because you provided invalid values for one or more of the request
* parameters. This exception includes a reason that contains additional information about the violated
* limit:
*
* -
*
* INVALID_PARTY_TYPE_TARGET: You specified the wrong type of entity (account, organization, or email) as a
* party.
*
*
* -
*
* INVALID_SYNTAX_ORGANIZATION_ARN: You specified an invalid ARN for the organization.
*
*
* -
*
* INVALID_SYNTAX_POLICY_ID: You specified an invalid policy ID.
*
*
* -
*
* INVALID_ENUM: You specified a value that is not valid for that parameter.
*
*
* -
*
* INVALID_FULL_NAME_TARGET: You specified a full name that contains invalid characters.
*
*
* -
*
* INVALID_LIST_MEMBER: You provided a list to a parameter that contains at least one invalid value.
*
*
* -
*
* MAX_LENGTH_EXCEEDED: You provided a string parameter that is longer than allowed.
*
*
* -
*
* MAX_VALUE_EXCEEDED: You provided a numeric parameter that has a larger value than allowed.
*
*
* -
*
* MIN_LENGTH_EXCEEDED: You provided a string parameter that is shorter than allowed.
*
*
* -
*
* MIN_VALUE_EXCEEDED: You provided a numeric parameter that has a smaller value than allowed.
*
*
* -
*
* IMMUTABLE_POLICY: You specified a policy that is managed by AWS and cannot be modified.
*
*
* -
*
* INVALID_PATTERN: You provided a value that doesn't match the required pattern.
*
*
* -
*
* INVALID_PATTERN_TARGET_ID: You specified a policy target ID that doesn't match the required pattern.
*
*
* -
*
* INPUT_REQUIRED: You must include a value for all required parameters.
*
*
* -
*
* INVALID_PAGINATION_TOKEN: Get the value for the NextToken parameter from the response to a previous call
* of the operation.
*
*
* -
*
* MAX_FILTER_LIMIT_EXCEEDED: You can specify only one filter parameter for the operation.
*
*
* -
*
* MOVING_ACCOUNT_BETWEEN_DIFFERENT_ROOTS: You can move an account only between entities in the same root.
*
*
* @throws OrganizationalUnitNotEmptyException
* The specified organizational unit (OU) is not empty. Move all accounts to another root or to other OUs,
* remove all child OUs, and then try the operation again.
* @throws OrganizationalUnitNotFoundException
* We can't find an organizational unit (OU) with the OrganizationalUnitId that you specified.
* @throws ServiceException
* AWS Organizations can't complete your request because of an internal service error. Try again later.
* @throws TooManyRequestsException
* You've sent too many requests in too short a period of time. The limit helps protect against
* denial-of-service attacks. Try again later.
* @throws SdkBaseException
* Base class for all exceptions that can be thrown by the SDK (both service and client). Can be used for
* catch all scenarios.
* @throws SdkClientException
* If any client side error occurs such as an IO related failure, failure to get credentials, etc.
* @throws OrganizationsException
* Base class for all service exceptions. Unknown exceptions will be thrown as an instance of this type.
* @sample OrganizationsClient.DeleteOrganizationalUnit
* @see AWS API Documentation
*/
default DeleteOrganizationalUnitResponse deleteOrganizationalUnit(
DeleteOrganizationalUnitRequest deleteOrganizationalUnitRequest) throws AccessDeniedException,
AWSOrganizationsNotInUseException, ConcurrentModificationException, InvalidInputException,
OrganizationalUnitNotEmptyException, OrganizationalUnitNotFoundException, ServiceException, TooManyRequestsException,
SdkBaseException, SdkClientException, OrganizationsException {
throw new UnsupportedOperationException();
}
/**
*
* Deletes the specified policy from your organization. Before you perform this operation, you must first detach the
* policy from all OUs, roots, and accounts.
*
*
* This operation can be called only from the organization's master account.
*
*
* @param deletePolicyRequest
* @return Result of the DeletePolicy operation returned by the service.
* @throws AccessDeniedException
* You don't have permissions to perform the requested operation. The user or role that is making the
* request must have at least one IAM permissions policy attached that grants the required permissions. For
* more information, see Access
* Management in the IAM User Guide.
* @throws AWSOrganizationsNotInUseException
* Your account is not a member of an organization. To make this request, you must use the credentials of an
* account that belongs to an organization.
* @throws ConcurrentModificationException
* The target of the operation is currently being modified by a different request. Try again later.
* @throws InvalidInputException
* The requested operation failed because you provided invalid values for one or more of the request
* parameters. This exception includes a reason that contains additional information about the violated
* limit:
*
* -
*
* INVALID_PARTY_TYPE_TARGET: You specified the wrong type of entity (account, organization, or email) as a
* party.
*
*
* -
*
* INVALID_SYNTAX_ORGANIZATION_ARN: You specified an invalid ARN for the organization.
*
*
* -
*
* INVALID_SYNTAX_POLICY_ID: You specified an invalid policy ID.
*
*
* -
*
* INVALID_ENUM: You specified a value that is not valid for that parameter.
*
*
* -
*
* INVALID_FULL_NAME_TARGET: You specified a full name that contains invalid characters.
*
*
* -
*
* INVALID_LIST_MEMBER: You provided a list to a parameter that contains at least one invalid value.
*
*
* -
*
* MAX_LENGTH_EXCEEDED: You provided a string parameter that is longer than allowed.
*
*
* -
*
* MAX_VALUE_EXCEEDED: You provided a numeric parameter that has a larger value than allowed.
*
*
* -
*
* MIN_LENGTH_EXCEEDED: You provided a string parameter that is shorter than allowed.
*
*
* -
*
* MIN_VALUE_EXCEEDED: You provided a numeric parameter that has a smaller value than allowed.
*
*
* -
*
* IMMUTABLE_POLICY: You specified a policy that is managed by AWS and cannot be modified.
*
*
* -
*
* INVALID_PATTERN: You provided a value that doesn't match the required pattern.
*
*
* -
*
* INVALID_PATTERN_TARGET_ID: You specified a policy target ID that doesn't match the required pattern.
*
*
* -
*
* INPUT_REQUIRED: You must include a value for all required parameters.
*
*
* -
*
* INVALID_PAGINATION_TOKEN: Get the value for the NextToken parameter from the response to a previous call
* of the operation.
*
*
* -
*
* MAX_FILTER_LIMIT_EXCEEDED: You can specify only one filter parameter for the operation.
*
*
* -
*
* MOVING_ACCOUNT_BETWEEN_DIFFERENT_ROOTS: You can move an account only between entities in the same root.
*
*
* @throws PolicyInUseException
* The policy is attached to one or more entities. You must detach it from all roots, organizational units
* (OUs), and accounts before performing this operation.
* @throws PolicyNotFoundException
* We can't find a policy with the PolicyId that you specified.
* @throws ServiceException
* AWS Organizations can't complete your request because of an internal service error. Try again later.
* @throws TooManyRequestsException
* You've sent too many requests in too short a period of time. The limit helps protect against
* denial-of-service attacks. Try again later.
* @throws SdkBaseException
* Base class for all exceptions that can be thrown by the SDK (both service and client). Can be used for
* catch all scenarios.
* @throws SdkClientException
* If any client side error occurs such as an IO related failure, failure to get credentials, etc.
* @throws OrganizationsException
* Base class for all service exceptions. Unknown exceptions will be thrown as an instance of this type.
* @sample OrganizationsClient.DeletePolicy
* @see AWS API
* Documentation
*/
default DeletePolicyResponse deletePolicy(DeletePolicyRequest deletePolicyRequest) throws AccessDeniedException,
AWSOrganizationsNotInUseException, ConcurrentModificationException, InvalidInputException, PolicyInUseException,
PolicyNotFoundException, ServiceException, TooManyRequestsException, SdkBaseException, SdkClientException,
OrganizationsException {
throw new UnsupportedOperationException();
}
/**
*
* Retrieves Organizations-related information about the specified account.
*
*
* This operation can be called only from the organization's master account.
*
*
* @param describeAccountRequest
* @return Result of the DescribeAccount operation returned by the service.
* @throws AccessDeniedException
* You don't have permissions to perform the requested operation. The user or role that is making the
* request must have at least one IAM permissions policy attached that grants the required permissions. For
* more information, see Access
* Management in the IAM User Guide.
* @throws AccountNotFoundException
* We can't find an AWS account with the AccountId that you specified, or the account whose credentials you
* used to make this request is not a member of an organization.
* @throws AWSOrganizationsNotInUseException
* Your account is not a member of an organization. To make this request, you must use the credentials of an
* account that belongs to an organization.
* @throws InvalidInputException
* The requested operation failed because you provided invalid values for one or more of the request
* parameters. This exception includes a reason that contains additional information about the violated
* limit:
*
* -
*
* INVALID_PARTY_TYPE_TARGET: You specified the wrong type of entity (account, organization, or email) as a
* party.
*
*
* -
*
* INVALID_SYNTAX_ORGANIZATION_ARN: You specified an invalid ARN for the organization.
*
*
* -
*
* INVALID_SYNTAX_POLICY_ID: You specified an invalid policy ID.
*
*
* -
*
* INVALID_ENUM: You specified a value that is not valid for that parameter.
*
*
* -
*
* INVALID_FULL_NAME_TARGET: You specified a full name that contains invalid characters.
*
*
* -
*
* INVALID_LIST_MEMBER: You provided a list to a parameter that contains at least one invalid value.
*
*
* -
*
* MAX_LENGTH_EXCEEDED: You provided a string parameter that is longer than allowed.
*
*
* -
*
* MAX_VALUE_EXCEEDED: You provided a numeric parameter that has a larger value than allowed.
*
*
* -
*
* MIN_LENGTH_EXCEEDED: You provided a string parameter that is shorter than allowed.
*
*
* -
*
* MIN_VALUE_EXCEEDED: You provided a numeric parameter that has a smaller value than allowed.
*
*
* -
*
* IMMUTABLE_POLICY: You specified a policy that is managed by AWS and cannot be modified.
*
*
* -
*
* INVALID_PATTERN: You provided a value that doesn't match the required pattern.
*
*
* -
*
* INVALID_PATTERN_TARGET_ID: You specified a policy target ID that doesn't match the required pattern.
*
*
* -
*
* INPUT_REQUIRED: You must include a value for all required parameters.
*
*
* -
*
* INVALID_PAGINATION_TOKEN: Get the value for the NextToken parameter from the response to a previous call
* of the operation.
*
*
* -
*
* MAX_FILTER_LIMIT_EXCEEDED: You can specify only one filter parameter for the operation.
*
*
* -
*
* MOVING_ACCOUNT_BETWEEN_DIFFERENT_ROOTS: You can move an account only between entities in the same root.
*
*
* @throws ServiceException
* AWS Organizations can't complete your request because of an internal service error. Try again later.
* @throws TooManyRequestsException
* You've sent too many requests in too short a period of time. The limit helps protect against
* denial-of-service attacks. Try again later.
* @throws SdkBaseException
* Base class for all exceptions that can be thrown by the SDK (both service and client). Can be used for
* catch all scenarios.
* @throws SdkClientException
* If any client side error occurs such as an IO related failure, failure to get credentials, etc.
* @throws OrganizationsException
* Base class for all service exceptions. Unknown exceptions will be thrown as an instance of this type.
* @sample OrganizationsClient.DescribeAccount
* @see AWS
* API Documentation
*/
default DescribeAccountResponse describeAccount(DescribeAccountRequest describeAccountRequest) throws AccessDeniedException,
AccountNotFoundException, AWSOrganizationsNotInUseException, InvalidInputException, ServiceException,
TooManyRequestsException, SdkBaseException, SdkClientException, OrganizationsException {
throw new UnsupportedOperationException();
}
/**
*
* Retrieves the current status of an asynchronous request to create an account.
*
*
* This operation can be called only from the organization's master account.
*
*
* @param describeCreateAccountStatusRequest
* @return Result of the DescribeCreateAccountStatus operation returned by the service.
* @throws AccessDeniedException
* You don't have permissions to perform the requested operation. The user or role that is making the
* request must have at least one IAM permissions policy attached that grants the required permissions. For
* more information, see Access
* Management in the IAM User Guide.
* @throws AWSOrganizationsNotInUseException
* Your account is not a member of an organization. To make this request, you must use the credentials of an
* account that belongs to an organization.
* @throws CreateAccountStatusNotFoundException
* We can't find an create account request with the CreateAccountRequestId that you specified.
* @throws InvalidInputException
* The requested operation failed because you provided invalid values for one or more of the request
* parameters. This exception includes a reason that contains additional information about the violated
* limit:
*
* -
*
* INVALID_PARTY_TYPE_TARGET: You specified the wrong type of entity (account, organization, or email) as a
* party.
*
*
* -
*
* INVALID_SYNTAX_ORGANIZATION_ARN: You specified an invalid ARN for the organization.
*
*
* -
*
* INVALID_SYNTAX_POLICY_ID: You specified an invalid policy ID.
*
*
* -
*
* INVALID_ENUM: You specified a value that is not valid for that parameter.
*
*
* -
*
* INVALID_FULL_NAME_TARGET: You specified a full name that contains invalid characters.
*
*
* -
*
* INVALID_LIST_MEMBER: You provided a list to a parameter that contains at least one invalid value.
*
*
* -
*
* MAX_LENGTH_EXCEEDED: You provided a string parameter that is longer than allowed.
*
*
* -
*
* MAX_VALUE_EXCEEDED: You provided a numeric parameter that has a larger value than allowed.
*
*
* -
*
* MIN_LENGTH_EXCEEDED: You provided a string parameter that is shorter than allowed.
*
*
* -
*
* MIN_VALUE_EXCEEDED: You provided a numeric parameter that has a smaller value than allowed.
*
*
* -
*
* IMMUTABLE_POLICY: You specified a policy that is managed by AWS and cannot be modified.
*
*
* -
*
* INVALID_PATTERN: You provided a value that doesn't match the required pattern.
*
*
* -
*
* INVALID_PATTERN_TARGET_ID: You specified a policy target ID that doesn't match the required pattern.
*
*
* -
*
* INPUT_REQUIRED: You must include a value for all required parameters.
*
*
* -
*
* INVALID_PAGINATION_TOKEN: Get the value for the NextToken parameter from the response to a previous call
* of the operation.
*
*
* -
*
* MAX_FILTER_LIMIT_EXCEEDED: You can specify only one filter parameter for the operation.
*
*
* -
*
* MOVING_ACCOUNT_BETWEEN_DIFFERENT_ROOTS: You can move an account only between entities in the same root.
*
*
* @throws ServiceException
* AWS Organizations can't complete your request because of an internal service error. Try again later.
* @throws TooManyRequestsException
* You've sent too many requests in too short a period of time. The limit helps protect against
* denial-of-service attacks. Try again later.
* @throws SdkBaseException
* Base class for all exceptions that can be thrown by the SDK (both service and client). Can be used for
* catch all scenarios.
* @throws SdkClientException
* If any client side error occurs such as an IO related failure, failure to get credentials, etc.
* @throws OrganizationsException
* Base class for all service exceptions. Unknown exceptions will be thrown as an instance of this type.
* @sample OrganizationsClient.DescribeCreateAccountStatus
* @see AWS API Documentation
*/
default DescribeCreateAccountStatusResponse describeCreateAccountStatus(
DescribeCreateAccountStatusRequest describeCreateAccountStatusRequest) throws AccessDeniedException,
AWSOrganizationsNotInUseException, CreateAccountStatusNotFoundException, InvalidInputException, ServiceException,
TooManyRequestsException, SdkBaseException, SdkClientException, OrganizationsException {
throw new UnsupportedOperationException();
}
/**
*
* Retrieves information about a previously requested handshake. The handshake ID comes from the response to the
* original InviteAccountToOrganization operation that generated the handshake.
*
*
* You can access handshakes that are ACCEPTED, DECLINED, or CANCELED for only 30 days after they change to that
* state. They are then deleted and no longer accessible.
*
*
* This operation can be called from any account in the organization.
*
*
* @param describeHandshakeRequest
* @return Result of the DescribeHandshake operation returned by the service.
* @throws AccessDeniedException
* You don't have permissions to perform the requested operation. The user or role that is making the
* request must have at least one IAM permissions policy attached that grants the required permissions. For
* more information, see Access
* Management in the IAM User Guide.
* @throws ConcurrentModificationException
* The target of the operation is currently being modified by a different request. Try again later.
* @throws HandshakeNotFoundException
* We can't find a handshake with the HandshakeId that you specified.
* @throws InvalidInputException
* The requested operation failed because you provided invalid values for one or more of the request
* parameters. This exception includes a reason that contains additional information about the violated
* limit:
*
* -
*
* INVALID_PARTY_TYPE_TARGET: You specified the wrong type of entity (account, organization, or email) as a
* party.
*
*
* -
*
* INVALID_SYNTAX_ORGANIZATION_ARN: You specified an invalid ARN for the organization.
*
*
* -
*
* INVALID_SYNTAX_POLICY_ID: You specified an invalid policy ID.
*
*
* -
*
* INVALID_ENUM: You specified a value that is not valid for that parameter.
*
*
* -
*
* INVALID_FULL_NAME_TARGET: You specified a full name that contains invalid characters.
*
*
* -
*
* INVALID_LIST_MEMBER: You provided a list to a parameter that contains at least one invalid value.
*
*
* -
*
* MAX_LENGTH_EXCEEDED: You provided a string parameter that is longer than allowed.
*
*
* -
*
* MAX_VALUE_EXCEEDED: You provided a numeric parameter that has a larger value than allowed.
*
*
* -
*
* MIN_LENGTH_EXCEEDED: You provided a string parameter that is shorter than allowed.
*
*
* -
*
* MIN_VALUE_EXCEEDED: You provided a numeric parameter that has a smaller value than allowed.
*
*
* -
*
* IMMUTABLE_POLICY: You specified a policy that is managed by AWS and cannot be modified.
*
*
* -
*
* INVALID_PATTERN: You provided a value that doesn't match the required pattern.
*
*
* -
*
* INVALID_PATTERN_TARGET_ID: You specified a policy target ID that doesn't match the required pattern.
*
*
* -
*
* INPUT_REQUIRED: You must include a value for all required parameters.
*
*
* -
*
* INVALID_PAGINATION_TOKEN: Get the value for the NextToken parameter from the response to a previous call
* of the operation.
*
*
* -
*
* MAX_FILTER_LIMIT_EXCEEDED: You can specify only one filter parameter for the operation.
*
*
* -
*
* MOVING_ACCOUNT_BETWEEN_DIFFERENT_ROOTS: You can move an account only between entities in the same root.
*
*
* @throws ServiceException
* AWS Organizations can't complete your request because of an internal service error. Try again later.
* @throws TooManyRequestsException
* You've sent too many requests in too short a period of time. The limit helps protect against
* denial-of-service attacks. Try again later.
* @throws SdkBaseException
* Base class for all exceptions that can be thrown by the SDK (both service and client). Can be used for
* catch all scenarios.
* @throws SdkClientException
* If any client side error occurs such as an IO related failure, failure to get credentials, etc.
* @throws OrganizationsException
* Base class for all service exceptions. Unknown exceptions will be thrown as an instance of this type.
* @sample OrganizationsClient.DescribeHandshake
* @see AWS API Documentation
*/
default DescribeHandshakeResponse describeHandshake(DescribeHandshakeRequest describeHandshakeRequest)
throws AccessDeniedException, ConcurrentModificationException, HandshakeNotFoundException, InvalidInputException,
ServiceException, TooManyRequestsException, SdkBaseException, SdkClientException, OrganizationsException {
throw new UnsupportedOperationException();
}
/**
*
* Retrieves information about the organization that the user's account belongs to.
*
*
* This operation can be called from any account in the organization.
*
*
* @return Result of the DescribeOrganization operation returned by the service.
* @throws AccessDeniedException
* You don't have permissions to perform the requested operation. The user or role that is making the
* request must have at least one IAM permissions policy attached that grants the required permissions. For
* more information, see Access
* Management in the IAM User Guide.
* @throws AWSOrganizationsNotInUseException
* Your account is not a member of an organization. To make this request, you must use the credentials of an
* account that belongs to an organization.
* @throws ConcurrentModificationException
* The target of the operation is currently being modified by a different request. Try again later.
* @throws ServiceException
* AWS Organizations can't complete your request because of an internal service error. Try again later.
* @throws TooManyRequestsException
* You've sent too many requests in too short a period of time. The limit helps protect against
* denial-of-service attacks. Try again later.
* @throws SdkBaseException
* Base class for all exceptions that can be thrown by the SDK (both service and client). Can be used for
* catch all scenarios.
* @throws SdkClientException
* If any client side error occurs such as an IO related failure, failure to get credentials, etc.
* @throws OrganizationsException
* Base class for all service exceptions. Unknown exceptions will be thrown as an instance of this type.
* @sample OrganizationsClient.DescribeOrganization
* @see #describeOrganization(DescribeOrganizationRequest)
* @see AWS API Documentation
*/
default DescribeOrganizationResponse describeOrganization() throws AccessDeniedException, AWSOrganizationsNotInUseException,
ConcurrentModificationException, ServiceException, TooManyRequestsException, SdkBaseException, SdkClientException,
OrganizationsException {
return describeOrganization(DescribeOrganizationRequest.builder().build());
}
/**
*
* Retrieves information about the organization that the user's account belongs to.
*
*
* This operation can be called from any account in the organization.
*
*
* @param describeOrganizationRequest
* @return Result of the DescribeOrganization operation returned by the service.
* @throws AccessDeniedException
* You don't have permissions to perform the requested operation. The user or role that is making the
* request must have at least one IAM permissions policy attached that grants the required permissions. For
* more information, see Access
* Management in the IAM User Guide.
* @throws AWSOrganizationsNotInUseException
* Your account is not a member of an organization. To make this request, you must use the credentials of an
* account that belongs to an organization.
* @throws ConcurrentModificationException
* The target of the operation is currently being modified by a different request. Try again later.
* @throws ServiceException
* AWS Organizations can't complete your request because of an internal service error. Try again later.
* @throws TooManyRequestsException
* You've sent too many requests in too short a period of time. The limit helps protect against
* denial-of-service attacks. Try again later.
* @throws SdkBaseException
* Base class for all exceptions that can be thrown by the SDK (both service and client). Can be used for
* catch all scenarios.
* @throws SdkClientException
* If any client side error occurs such as an IO related failure, failure to get credentials, etc.
* @throws OrganizationsException
* Base class for all service exceptions. Unknown exceptions will be thrown as an instance of this type.
* @sample OrganizationsClient.DescribeOrganization
* @see AWS API Documentation
*/
default DescribeOrganizationResponse describeOrganization(DescribeOrganizationRequest describeOrganizationRequest)
throws AccessDeniedException, AWSOrganizationsNotInUseException, ConcurrentModificationException, ServiceException,
TooManyRequestsException, SdkBaseException, SdkClientException, OrganizationsException {
throw new UnsupportedOperationException();
}
/**
*
* Retrieves information about an organizational unit (OU).
*
*
* This operation can be called only from the organization's master account.
*
*
* @param describeOrganizationalUnitRequest
* @return Result of the DescribeOrganizationalUnit operation returned by the service.
* @throws AccessDeniedException
* You don't have permissions to perform the requested operation. The user or role that is making the
* request must have at least one IAM permissions policy attached that grants the required permissions. For
* more information, see Access
* Management in the IAM User Guide.
* @throws AWSOrganizationsNotInUseException
* Your account is not a member of an organization. To make this request, you must use the credentials of an
* account that belongs to an organization.
* @throws InvalidInputException
* The requested operation failed because you provided invalid values for one or more of the request
* parameters. This exception includes a reason that contains additional information about the violated
* limit:
*
* -
*
* INVALID_PARTY_TYPE_TARGET: You specified the wrong type of entity (account, organization, or email) as a
* party.
*
*
* -
*
* INVALID_SYNTAX_ORGANIZATION_ARN: You specified an invalid ARN for the organization.
*
*
* -
*
* INVALID_SYNTAX_POLICY_ID: You specified an invalid policy ID.
*
*
* -
*
* INVALID_ENUM: You specified a value that is not valid for that parameter.
*
*
* -
*
* INVALID_FULL_NAME_TARGET: You specified a full name that contains invalid characters.
*
*
* -
*
* INVALID_LIST_MEMBER: You provided a list to a parameter that contains at least one invalid value.
*
*
* -
*
* MAX_LENGTH_EXCEEDED: You provided a string parameter that is longer than allowed.
*
*
* -
*
* MAX_VALUE_EXCEEDED: You provided a numeric parameter that has a larger value than allowed.
*
*
* -
*
* MIN_LENGTH_EXCEEDED: You provided a string parameter that is shorter than allowed.
*
*
* -
*
* MIN_VALUE_EXCEEDED: You provided a numeric parameter that has a smaller value than allowed.
*
*
* -
*
* IMMUTABLE_POLICY: You specified a policy that is managed by AWS and cannot be modified.
*
*
* -
*
* INVALID_PATTERN: You provided a value that doesn't match the required pattern.
*
*
* -
*
* INVALID_PATTERN_TARGET_ID: You specified a policy target ID that doesn't match the required pattern.
*
*
* -
*
* INPUT_REQUIRED: You must include a value for all required parameters.
*
*
* -
*
* INVALID_PAGINATION_TOKEN: Get the value for the NextToken parameter from the response to a previous call
* of the operation.
*
*
* -
*
* MAX_FILTER_LIMIT_EXCEEDED: You can specify only one filter parameter for the operation.
*
*
* -
*
* MOVING_ACCOUNT_BETWEEN_DIFFERENT_ROOTS: You can move an account only between entities in the same root.
*
*
* @throws OrganizationalUnitNotFoundException
* We can't find an organizational unit (OU) with the OrganizationalUnitId that you specified.
* @throws ServiceException
* AWS Organizations can't complete your request because of an internal service error. Try again later.
* @throws TooManyRequestsException
* You've sent too many requests in too short a period of time. The limit helps protect against
* denial-of-service attacks. Try again later.
* @throws SdkBaseException
* Base class for all exceptions that can be thrown by the SDK (both service and client). Can be used for
* catch all scenarios.
* @throws SdkClientException
* If any client side error occurs such as an IO related failure, failure to get credentials, etc.
* @throws OrganizationsException
* Base class for all service exceptions. Unknown exceptions will be thrown as an instance of this type.
* @sample OrganizationsClient.DescribeOrganizationalUnit
* @see AWS API Documentation
*/
default DescribeOrganizationalUnitResponse describeOrganizationalUnit(
DescribeOrganizationalUnitRequest describeOrganizationalUnitRequest) throws AccessDeniedException,
AWSOrganizationsNotInUseException, InvalidInputException, OrganizationalUnitNotFoundException, ServiceException,
TooManyRequestsException, SdkBaseException, SdkClientException, OrganizationsException {
throw new UnsupportedOperationException();
}
/**
*
* Retrieves information about a policy.
*
*
* This operation can be called only from the organization's master account.
*
*
* @param describePolicyRequest
* @return Result of the DescribePolicy operation returned by the service.
* @throws AccessDeniedException
* You don't have permissions to perform the requested operation. The user or role that is making the
* request must have at least one IAM permissions policy attached that grants the required permissions. For
* more information, see Access
* Management in the IAM User Guide.
* @throws AWSOrganizationsNotInUseException
* Your account is not a member of an organization. To make this request, you must use the credentials of an
* account that belongs to an organization.
* @throws InvalidInputException
* The requested operation failed because you provided invalid values for one or more of the request
* parameters. This exception includes a reason that contains additional information about the violated
* limit:
*
* -
*
* INVALID_PARTY_TYPE_TARGET: You specified the wrong type of entity (account, organization, or email) as a
* party.
*
*
* -
*
* INVALID_SYNTAX_ORGANIZATION_ARN: You specified an invalid ARN for the organization.
*
*
* -
*
* INVALID_SYNTAX_POLICY_ID: You specified an invalid policy ID.
*
*
* -
*
* INVALID_ENUM: You specified a value that is not valid for that parameter.
*
*
* -
*
* INVALID_FULL_NAME_TARGET: You specified a full name that contains invalid characters.
*
*
* -
*
* INVALID_LIST_MEMBER: You provided a list to a parameter that contains at least one invalid value.
*
*
* -
*
* MAX_LENGTH_EXCEEDED: You provided a string parameter that is longer than allowed.
*
*
* -
*
* MAX_VALUE_EXCEEDED: You provided a numeric parameter that has a larger value than allowed.
*
*
* -
*
* MIN_LENGTH_EXCEEDED: You provided a string parameter that is shorter than allowed.
*
*
* -
*
* MIN_VALUE_EXCEEDED: You provided a numeric parameter that has a smaller value than allowed.
*
*
* -
*
* IMMUTABLE_POLICY: You specified a policy that is managed by AWS and cannot be modified.
*
*
* -
*
* INVALID_PATTERN: You provided a value that doesn't match the required pattern.
*
*
* -
*
* INVALID_PATTERN_TARGET_ID: You specified a policy target ID that doesn't match the required pattern.
*
*
* -
*
* INPUT_REQUIRED: You must include a value for all required parameters.
*
*
* -
*
* INVALID_PAGINATION_TOKEN: Get the value for the NextToken parameter from the response to a previous call
* of the operation.
*
*
* -
*
* MAX_FILTER_LIMIT_EXCEEDED: You can specify only one filter parameter for the operation.
*
*
* -
*
* MOVING_ACCOUNT_BETWEEN_DIFFERENT_ROOTS: You can move an account only between entities in the same root.
*
*
* @throws PolicyNotFoundException
* We can't find a policy with the PolicyId that you specified.
* @throws ServiceException
* AWS Organizations can't complete your request because of an internal service error. Try again later.
* @throws TooManyRequestsException
* You've sent too many requests in too short a period of time. The limit helps protect against
* denial-of-service attacks. Try again later.
* @throws SdkBaseException
* Base class for all exceptions that can be thrown by the SDK (both service and client). Can be used for
* catch all scenarios.
* @throws SdkClientException
* If any client side error occurs such as an IO related failure, failure to get credentials, etc.
* @throws OrganizationsException
* Base class for all service exceptions. Unknown exceptions will be thrown as an instance of this type.
* @sample OrganizationsClient.DescribePolicy
* @see AWS
* API Documentation
*/
default DescribePolicyResponse describePolicy(DescribePolicyRequest describePolicyRequest) throws AccessDeniedException,
AWSOrganizationsNotInUseException, InvalidInputException, PolicyNotFoundException, ServiceException,
TooManyRequestsException, SdkBaseException, SdkClientException, OrganizationsException {
throw new UnsupportedOperationException();
}
/**
*
* Detaches a policy from a target root, organizational unit, or account. If the policy being detached is a service
* control policy (SCP), the changes to permissions for IAM users and roles in affected accounts are immediate.
*
*
* Note: Every root, OU, and account must have at least one SCP attached. If you want to replace the default
* FullAWSAccess
policy with one that limits the permissions that can be delegated, then you must
* attach the replacement policy before you can remove the default one. This is the authorization strategy of whitelisting. If you instead attach a second SCP and leave the FullAWSAccess
SCP still
* attached, and specify "Effect": "Deny"
in the second SCP to override the
* "Effect": "Allow"
in the FullAWSAccess
policy (or any other attached SCP), then you are
* using the authorization strategy of blacklisting.
*
*
* This operation can be called only from the organization's master account.
*
*
* @param detachPolicyRequest
* @return Result of the DetachPolicy operation returned by the service.
* @throws AccessDeniedException
* You don't have permissions to perform the requested operation. The user or role that is making the
* request must have at least one IAM permissions policy attached that grants the required permissions. For
* more information, see Access
* Management in the IAM User Guide.
* @throws AWSOrganizationsNotInUseException
* Your account is not a member of an organization. To make this request, you must use the credentials of an
* account that belongs to an organization.
* @throws ConcurrentModificationException
* The target of the operation is currently being modified by a different request. Try again later.
* @throws ConstraintViolationException
* Performing this operation violates a minimum or maximum value limit. For example, attempting to removing
* the last SCP from an OU or root, inviting or creating too many accounts to the organization, or attaching
* too many policies to an account, OU, or root. This exception includes a reason that contains additional
* information about the violated limit:
*
*
* -
*
* ACCOUNT_NUMBER_LIMIT_EXCEEDED: You attempted to exceed the limit on the number of accounts in an
* organization. If you need more accounts, contact AWS Support to request an increase in your limit.
*
*
* Or, The number of invitations that you tried to send would cause you to exceed the limit of accounts in
* your organization. Send fewer invitations, or contact AWS Support to request an increase in the number of
* accounts.
*
*
* Note: deleted and closed accounts still count toward your limit.
*
*
* -
*
* HANDSHAKE_RATE_LIMIT_EXCEEDED: You attempted to exceed the number of handshakes you can send in one day.
*
*
* -
*
* OU_NUMBER_LIMIT_EXCEEDED: You attempted to exceed the number of organizational units you can have in an
* organization.
*
*
* -
*
* OU_DEPTH_LIMIT_EXCEEDED: You attempted to create an organizational unit tree that is too many levels
* deep.
*
*
* -
*
* POLICY_NUMBER_LIMIT_EXCEEDED. You attempted to exceed the number of policies that you can have in an
* organization.
*
*
* -
*
* MAX_POLICY_TYPE_ATTACHMENT_LIMIT_EXCEEDED: You attempted to exceed the number of policies of a certain
* type that can be attached to an entity at one time.
*
*
* -
*
* MIN_POLICY_TYPE_ATTACHMENT_LIMIT_EXCEEDED: You attempted to detach a policy from an entity that would
* cause the entity to have fewer than the minimum number of policies of a certain type required.
*
*
* -
*
* ACCOUNT_CANNOT_LEAVE_WITHOUT_EULA: You attempted to remove an account from the organization that does not
* yet have enough information to exist as a stand-alone account. This account requires you to first agree
* to the End-User License Agreement (EULA).
*
*
* -
*
* ACCOUNT_CANNOT_LEAVE_WITHOUT_PHONE_VERIFICATION: You attempted to remove an account from the organization
* that does not yet have enough information to exist as a stand-alone account. This account requires you to
* first complete phone verification.
*
*
* -
*
* MASTER_ACCOUNT_PAYMENT_INSTRUMENT_REQUIRED: To create an organization with this account, you first must
* associate a payment instrument, such as a credit card, with the account.
*
*
* -
*
* MEMBER_ACCOUNT_PAYMENT_INSTRUMENT_REQUIRED: To complete this operation with this member account, you
* first must associate a payment instrument, such as a credit card, with the account.
*
*
* -
*
* ACCOUNT_CREATION_RATE_LIMIT_EXCEEDED: You attempted to exceed the number of accounts that you can create
* in one day.
*
*
* -
*
* MASTER_ACCOUNT_ADDRESS_DOES_NOT_MATCH_MARKETPLACE: To create an account in this organization, you first
* must migrate the organization's master account to the marketplace that corresponds to the master
* account's address. For example, accounts with India addresses must be associated with the AISPL
* marketplace. All accounts in an organization must be associated with the same marketplace.
*
*
* @throws InvalidInputException
* The requested operation failed because you provided invalid values for one or more of the request
* parameters. This exception includes a reason that contains additional information about the violated
* limit:
*
*
* -
*
* INVALID_PARTY_TYPE_TARGET: You specified the wrong type of entity (account, organization, or email) as a
* party.
*
*
* -
*
* INVALID_SYNTAX_ORGANIZATION_ARN: You specified an invalid ARN for the organization.
*
*
* -
*
* INVALID_SYNTAX_POLICY_ID: You specified an invalid policy ID.
*
*
* -
*
* INVALID_ENUM: You specified a value that is not valid for that parameter.
*
*
* -
*
* INVALID_FULL_NAME_TARGET: You specified a full name that contains invalid characters.
*
*
* -
*
* INVALID_LIST_MEMBER: You provided a list to a parameter that contains at least one invalid value.
*
*
* -
*
* MAX_LENGTH_EXCEEDED: You provided a string parameter that is longer than allowed.
*
*
* -
*
* MAX_VALUE_EXCEEDED: You provided a numeric parameter that has a larger value than allowed.
*
*
* -
*
* MIN_LENGTH_EXCEEDED: You provided a string parameter that is shorter than allowed.
*
*
* -
*
* MIN_VALUE_EXCEEDED: You provided a numeric parameter that has a smaller value than allowed.
*
*
* -
*
* IMMUTABLE_POLICY: You specified a policy that is managed by AWS and cannot be modified.
*
*
* -
*
* INVALID_PATTERN: You provided a value that doesn't match the required pattern.
*
*
* -
*
* INVALID_PATTERN_TARGET_ID: You specified a policy target ID that doesn't match the required pattern.
*
*
* -
*
* INPUT_REQUIRED: You must include a value for all required parameters.
*
*
* -
*
* INVALID_PAGINATION_TOKEN: Get the value for the NextToken parameter from the response to a previous call
* of the operation.
*
*
* -
*
* MAX_FILTER_LIMIT_EXCEEDED: You can specify only one filter parameter for the operation.
*
*
* -
*
* MOVING_ACCOUNT_BETWEEN_DIFFERENT_ROOTS: You can move an account only between entities in the same root.
*
*
* @throws PolicyNotAttachedException
* The policy isn't attached to the specified target in the specified root.
* @throws PolicyNotFoundException
* We can't find a policy with the PolicyId that you specified.
* @throws ServiceException
* AWS Organizations can't complete your request because of an internal service error. Try again later.
* @throws TargetNotFoundException
* We can't find a root, OU, or account with the TargetId that you specified.
* @throws TooManyRequestsException
* You've sent too many requests in too short a period of time. The limit helps protect against
* denial-of-service attacks. Try again later.
* @throws SdkBaseException
* Base class for all exceptions that can be thrown by the SDK (both service and client). Can be used for
* catch all scenarios.
* @throws SdkClientException
* If any client side error occurs such as an IO related failure, failure to get credentials, etc.
* @throws OrganizationsException
* Base class for all service exceptions. Unknown exceptions will be thrown as an instance of this type.
* @sample OrganizationsClient.DetachPolicy
* @see AWS API
* Documentation
*/
default DetachPolicyResponse detachPolicy(DetachPolicyRequest detachPolicyRequest) throws AccessDeniedException,
AWSOrganizationsNotInUseException, ConcurrentModificationException, ConstraintViolationException,
InvalidInputException, PolicyNotAttachedException, PolicyNotFoundException, ServiceException,
TargetNotFoundException, TooManyRequestsException, SdkBaseException, SdkClientException, OrganizationsException {
throw new UnsupportedOperationException();
}
/**
*
* Disables an organizational control policy type in a root. A poicy of a certain type can be attached to entities
* in a root only if that type is enabled in the root. After you perform this operation, you no longer can attach
* policies of the specified type to that root or to any OU or account in that root. You can undo this by using the
* EnablePolicyType operation.
*
*
* This operation can be called only from the organization's master account.
*
*
* @param disablePolicyTypeRequest
* @return Result of the DisablePolicyType operation returned by the service.
* @throws AccessDeniedException
* You don't have permissions to perform the requested operation. The user or role that is making the
* request must have at least one IAM permissions policy attached that grants the required permissions. For
* more information, see Access
* Management in the IAM User Guide.
* @throws AWSOrganizationsNotInUseException
* Your account is not a member of an organization. To make this request, you must use the credentials of an
* account that belongs to an organization.
* @throws ConcurrentModificationException
* The target of the operation is currently being modified by a different request. Try again later.
* @throws ConstraintViolationException
* Performing this operation violates a minimum or maximum value limit. For example, attempting to removing
* the last SCP from an OU or root, inviting or creating too many accounts to the organization, or attaching
* too many policies to an account, OU, or root. This exception includes a reason that contains additional
* information about the violated limit:
*
*
* -
*
* ACCOUNT_NUMBER_LIMIT_EXCEEDED: You attempted to exceed the limit on the number of accounts in an
* organization. If you need more accounts, contact AWS Support to request an increase in your limit.
*
*
* Or, The number of invitations that you tried to send would cause you to exceed the limit of accounts in
* your organization. Send fewer invitations, or contact AWS Support to request an increase in the number of
* accounts.
*
*
* Note: deleted and closed accounts still count toward your limit.
*
*
* -
*
* HANDSHAKE_RATE_LIMIT_EXCEEDED: You attempted to exceed the number of handshakes you can send in one day.
*
*
* -
*
* OU_NUMBER_LIMIT_EXCEEDED: You attempted to exceed the number of organizational units you can have in an
* organization.
*
*
* -
*
* OU_DEPTH_LIMIT_EXCEEDED: You attempted to create an organizational unit tree that is too many levels
* deep.
*
*
* -
*
* POLICY_NUMBER_LIMIT_EXCEEDED. You attempted to exceed the number of policies that you can have in an
* organization.
*
*
* -
*
* MAX_POLICY_TYPE_ATTACHMENT_LIMIT_EXCEEDED: You attempted to exceed the number of policies of a certain
* type that can be attached to an entity at one time.
*
*
* -
*
* MIN_POLICY_TYPE_ATTACHMENT_LIMIT_EXCEEDED: You attempted to detach a policy from an entity that would
* cause the entity to have fewer than the minimum number of policies of a certain type required.
*
*
* -
*
* ACCOUNT_CANNOT_LEAVE_WITHOUT_EULA: You attempted to remove an account from the organization that does not
* yet have enough information to exist as a stand-alone account. This account requires you to first agree
* to the End-User License Agreement (EULA).
*
*
* -
*
* ACCOUNT_CANNOT_LEAVE_WITHOUT_PHONE_VERIFICATION: You attempted to remove an account from the organization
* that does not yet have enough information to exist as a stand-alone account. This account requires you to
* first complete phone verification.
*
*
* -
*
* MASTER_ACCOUNT_PAYMENT_INSTRUMENT_REQUIRED: To create an organization with this account, you first must
* associate a payment instrument, such as a credit card, with the account.
*
*
* -
*
* MEMBER_ACCOUNT_PAYMENT_INSTRUMENT_REQUIRED: To complete this operation with this member account, you
* first must associate a payment instrument, such as a credit card, with the account.
*
*
* -
*
* ACCOUNT_CREATION_RATE_LIMIT_EXCEEDED: You attempted to exceed the number of accounts that you can create
* in one day.
*
*
* -
*
* MASTER_ACCOUNT_ADDRESS_DOES_NOT_MATCH_MARKETPLACE: To create an account in this organization, you first
* must migrate the organization's master account to the marketplace that corresponds to the master
* account's address. For example, accounts with India addresses must be associated with the AISPL
* marketplace. All accounts in an organization must be associated with the same marketplace.
*
*
* @throws InvalidInputException
* The requested operation failed because you provided invalid values for one or more of the request
* parameters. This exception includes a reason that contains additional information about the violated
* limit:
*
*
* -
*
* INVALID_PARTY_TYPE_TARGET: You specified the wrong type of entity (account, organization, or email) as a
* party.
*
*
* -
*
* INVALID_SYNTAX_ORGANIZATION_ARN: You specified an invalid ARN for the organization.
*
*
* -
*
* INVALID_SYNTAX_POLICY_ID: You specified an invalid policy ID.
*
*
* -
*
* INVALID_ENUM: You specified a value that is not valid for that parameter.
*
*
* -
*
* INVALID_FULL_NAME_TARGET: You specified a full name that contains invalid characters.
*
*
* -
*
* INVALID_LIST_MEMBER: You provided a list to a parameter that contains at least one invalid value.
*
*
* -
*
* MAX_LENGTH_EXCEEDED: You provided a string parameter that is longer than allowed.
*
*
* -
*
* MAX_VALUE_EXCEEDED: You provided a numeric parameter that has a larger value than allowed.
*
*
* -
*
* MIN_LENGTH_EXCEEDED: You provided a string parameter that is shorter than allowed.
*
*
* -
*
* MIN_VALUE_EXCEEDED: You provided a numeric parameter that has a smaller value than allowed.
*
*
* -
*
* IMMUTABLE_POLICY: You specified a policy that is managed by AWS and cannot be modified.
*
*
* -
*
* INVALID_PATTERN: You provided a value that doesn't match the required pattern.
*
*
* -
*
* INVALID_PATTERN_TARGET_ID: You specified a policy target ID that doesn't match the required pattern.
*
*
* -
*
* INPUT_REQUIRED: You must include a value for all required parameters.
*
*
* -
*
* INVALID_PAGINATION_TOKEN: Get the value for the NextToken parameter from the response to a previous call
* of the operation.
*
*
* -
*
* MAX_FILTER_LIMIT_EXCEEDED: You can specify only one filter parameter for the operation.
*
*
* -
*
* MOVING_ACCOUNT_BETWEEN_DIFFERENT_ROOTS: You can move an account only between entities in the same root.
*
*
* @throws PolicyTypeNotEnabledException
* The specified policy type is not currently enabled in this root. You cannot attach policies of the
* specified type to entities in a root until you enable that type in the root. For more information, see Enabling All Features in Your Organization in the AWS Organizations User Guide.
* @throws RootNotFoundException
* We can't find a root with the RootId that you specified.
* @throws ServiceException
* AWS Organizations can't complete your request because of an internal service error. Try again later.
* @throws TooManyRequestsException
* You've sent too many requests in too short a period of time. The limit helps protect against
* denial-of-service attacks. Try again later.
* @throws SdkBaseException
* Base class for all exceptions that can be thrown by the SDK (both service and client). Can be used for
* catch all scenarios.
* @throws SdkClientException
* If any client side error occurs such as an IO related failure, failure to get credentials, etc.
* @throws OrganizationsException
* Base class for all service exceptions. Unknown exceptions will be thrown as an instance of this type.
* @sample OrganizationsClient.DisablePolicyType
* @see AWS API Documentation
*/
default DisablePolicyTypeResponse disablePolicyType(DisablePolicyTypeRequest disablePolicyTypeRequest)
throws AccessDeniedException, AWSOrganizationsNotInUseException, ConcurrentModificationException,
ConstraintViolationException, InvalidInputException, PolicyTypeNotEnabledException, RootNotFoundException,
ServiceException, TooManyRequestsException, SdkBaseException, SdkClientException, OrganizationsException {
throw new UnsupportedOperationException();
}
/**
*
* Enables all features in an organization. This enables the use of organization policies that can restrict the
* services and actions that can be called in each account. Until you enable all features, you have access only to
* consolidated billing, and you can't use any of the advanced account administration features that AWS
* Organizations supports. For more information, see Enabling All Features in Your Organization in the AWS Organizations User Guide.
*
*
*
* This operation is required only for organizations that were created explicitly with only the consolidated billing
* features enabled, or that were migrated from a Consolidated Billing account family to Organizations. Calling this
* operation sends a handshake to every invited account in the organization. The feature set change can be finalized
* and the additional features enabled only after all administrators in the invited accounts approve the change by
* accepting the handshake.
*
*
*
* After all invited member accounts accept the handshake, you finalize the feature set change by accepting the
* handshake that contains "Action": "ENABLE_ALL_FEATURES"
. This completes the change.
*
*
* After you enable all features in your organization, the master account in the organization can apply policies on
* all member accounts. These policies can restrict what users and even administrators in those accounts can do. The
* master account can apply policies that prevent accounts from leaving the organization. Ensure that your account
* administrators are aware of this.
*
*
* This operation can be called only from the organization's master account.
*
*
* @return Result of the EnableAllFeatures operation returned by the service.
* @throws AccessDeniedException
* You don't have permissions to perform the requested operation. The user or role that is making the
* request must have at least one IAM permissions policy attached that grants the required permissions. For
* more information, see Access
* Management in the IAM User Guide.
* @throws AWSOrganizationsNotInUseException
* Your account is not a member of an organization. To make this request, you must use the credentials of an
* account that belongs to an organization.
* @throws ConcurrentModificationException
* The target of the operation is currently being modified by a different request. Try again later.
* @throws HandshakeConstraintViolationException
* The requested operation would violate the constraint identified in the reason code.
*
* -
*
* ACCOUNT_NUMBER_LIMIT_EXCEEDED: You attempted to exceed the limit on the number of accounts in an
* organization. Note: deleted and closed accounts still count toward your limit.
*
*
* -
*
* HANDSHAKE_RATE_LIMIT_EXCEEDED: You attempted to exceed the number of handshakes you can send in one day.
*
*
* -
*
* ALREADY_IN_AN_ORGANIZATION: The handshake request is invalid because the invited account is already a
* member of an organization.
*
*
* -
*
* ORGANIZATION_ALREADY_HAS_ALL_FEATURES: The handshake request is invalid because the organization has
* already enabled all features.
*
*
* -
*
* INVITE_DISABLED_DURING_ENABLE_ALL_FEATURES: You cannot issue new invitations to join an organization
* while it is in the process of enabling all features. You can resume inviting accounts after you finalize
* the process when all accounts have agreed to the change.
*
*
* -
*
* PAYMENT_INSTRUMENT_REQUIRED: You cannot complete the operation with an account that does not have a
* payment instrument, such as a credit card, associated with it.
*
*
* -
*
* ORGANIZATION_FROM_DIFFERENT_SELLER_OF_RECORD: The request failed because the account is from a different
* marketplace than the accounts in the organization. For example, accounts with India addresses must be
* associated with the AISPL marketplace. All accounts in an organization must be from the same marketplace.
*
*
* -
*
* ORGANIZATION_MEMBERSHIP_CHANGE_RATE_LIMIT_EXCEEDED: You attempted to change the membership of an account
* too quickly after its previous change.
*
*
* @throws InvalidInputException
* The requested operation failed because you provided invalid values for one or more of the request
* parameters. This exception includes a reason that contains additional information about the violated
* limit:
*
* -
*
* INVALID_PARTY_TYPE_TARGET: You specified the wrong type of entity (account, organization, or email) as a
* party.
*
*
* -
*
* INVALID_SYNTAX_ORGANIZATION_ARN: You specified an invalid ARN for the organization.
*
*
* -
*
* INVALID_SYNTAX_POLICY_ID: You specified an invalid policy ID.
*
*
* -
*
* INVALID_ENUM: You specified a value that is not valid for that parameter.
*
*
* -
*
* INVALID_FULL_NAME_TARGET: You specified a full name that contains invalid characters.
*
*
* -
*
* INVALID_LIST_MEMBER: You provided a list to a parameter that contains at least one invalid value.
*
*
* -
*
* MAX_LENGTH_EXCEEDED: You provided a string parameter that is longer than allowed.
*
*
* -
*
* MAX_VALUE_EXCEEDED: You provided a numeric parameter that has a larger value than allowed.
*
*
* -
*
* MIN_LENGTH_EXCEEDED: You provided a string parameter that is shorter than allowed.
*
*
* -
*
* MIN_VALUE_EXCEEDED: You provided a numeric parameter that has a smaller value than allowed.
*
*
* -
*
* IMMUTABLE_POLICY: You specified a policy that is managed by AWS and cannot be modified.
*
*
* -
*
* INVALID_PATTERN: You provided a value that doesn't match the required pattern.
*
*
* -
*
* INVALID_PATTERN_TARGET_ID: You specified a policy target ID that doesn't match the required pattern.
*
*
* -
*
* INPUT_REQUIRED: You must include a value for all required parameters.
*
*
* -
*
* INVALID_PAGINATION_TOKEN: Get the value for the NextToken parameter from the response to a previous call
* of the operation.
*
*
* -
*
* MAX_FILTER_LIMIT_EXCEEDED: You can specify only one filter parameter for the operation.
*
*
* -
*
* MOVING_ACCOUNT_BETWEEN_DIFFERENT_ROOTS: You can move an account only between entities in the same root.
*
*
* @throws ServiceException
* AWS Organizations can't complete your request because of an internal service error. Try again later.
* @throws TooManyRequestsException
* You've sent too many requests in too short a period of time. The limit helps protect against
* denial-of-service attacks. Try again later.
* @throws SdkBaseException
* Base class for all exceptions that can be thrown by the SDK (both service and client). Can be used for
* catch all scenarios.
* @throws SdkClientException
* If any client side error occurs such as an IO related failure, failure to get credentials, etc.
* @throws OrganizationsException
* Base class for all service exceptions. Unknown exceptions will be thrown as an instance of this type.
* @sample OrganizationsClient.EnableAllFeatures
* @see #enableAllFeatures(EnableAllFeaturesRequest)
* @see AWS API Documentation
*/
default EnableAllFeaturesResponse enableAllFeatures() throws AccessDeniedException, AWSOrganizationsNotInUseException,
ConcurrentModificationException, HandshakeConstraintViolationException, InvalidInputException, ServiceException,
TooManyRequestsException, SdkBaseException, SdkClientException, OrganizationsException {
return enableAllFeatures(EnableAllFeaturesRequest.builder().build());
}
/**
*
* Enables all features in an organization. This enables the use of organization policies that can restrict the
* services and actions that can be called in each account. Until you enable all features, you have access only to
* consolidated billing, and you can't use any of the advanced account administration features that AWS
* Organizations supports. For more information, see Enabling All Features in Your Organization in the AWS Organizations User Guide.
*
*
*
* This operation is required only for organizations that were created explicitly with only the consolidated billing
* features enabled, or that were migrated from a Consolidated Billing account family to Organizations. Calling this
* operation sends a handshake to every invited account in the organization. The feature set change can be finalized
* and the additional features enabled only after all administrators in the invited accounts approve the change by
* accepting the handshake.
*
*
*
* After all invited member accounts accept the handshake, you finalize the feature set change by accepting the
* handshake that contains "Action": "ENABLE_ALL_FEATURES"
. This completes the change.
*
*
* After you enable all features in your organization, the master account in the organization can apply policies on
* all member accounts. These policies can restrict what users and even administrators in those accounts can do. The
* master account can apply policies that prevent accounts from leaving the organization. Ensure that your account
* administrators are aware of this.
*
*
* This operation can be called only from the organization's master account.
*
*
* @param enableAllFeaturesRequest
* @return Result of the EnableAllFeatures operation returned by the service.
* @throws AccessDeniedException
* You don't have permissions to perform the requested operation. The user or role that is making the
* request must have at least one IAM permissions policy attached that grants the required permissions. For
* more information, see Access
* Management in the IAM User Guide.
* @throws AWSOrganizationsNotInUseException
* Your account is not a member of an organization. To make this request, you must use the credentials of an
* account that belongs to an organization.
* @throws ConcurrentModificationException
* The target of the operation is currently being modified by a different request. Try again later.
* @throws HandshakeConstraintViolationException
* The requested operation would violate the constraint identified in the reason code.
*
* -
*
* ACCOUNT_NUMBER_LIMIT_EXCEEDED: You attempted to exceed the limit on the number of accounts in an
* organization. Note: deleted and closed accounts still count toward your limit.
*
*
* -
*
* HANDSHAKE_RATE_LIMIT_EXCEEDED: You attempted to exceed the number of handshakes you can send in one day.
*
*
* -
*
* ALREADY_IN_AN_ORGANIZATION: The handshake request is invalid because the invited account is already a
* member of an organization.
*
*
* -
*
* ORGANIZATION_ALREADY_HAS_ALL_FEATURES: The handshake request is invalid because the organization has
* already enabled all features.
*
*
* -
*
* INVITE_DISABLED_DURING_ENABLE_ALL_FEATURES: You cannot issue new invitations to join an organization
* while it is in the process of enabling all features. You can resume inviting accounts after you finalize
* the process when all accounts have agreed to the change.
*
*
* -
*
* PAYMENT_INSTRUMENT_REQUIRED: You cannot complete the operation with an account that does not have a
* payment instrument, such as a credit card, associated with it.
*
*
* -
*
* ORGANIZATION_FROM_DIFFERENT_SELLER_OF_RECORD: The request failed because the account is from a different
* marketplace than the accounts in the organization. For example, accounts with India addresses must be
* associated with the AISPL marketplace. All accounts in an organization must be from the same marketplace.
*
*
* -
*
* ORGANIZATION_MEMBERSHIP_CHANGE_RATE_LIMIT_EXCEEDED: You attempted to change the membership of an account
* too quickly after its previous change.
*
*
* @throws InvalidInputException
* The requested operation failed because you provided invalid values for one or more of the request
* parameters. This exception includes a reason that contains additional information about the violated
* limit:
*
* -
*
* INVALID_PARTY_TYPE_TARGET: You specified the wrong type of entity (account, organization, or email) as a
* party.
*
*
* -
*
* INVALID_SYNTAX_ORGANIZATION_ARN: You specified an invalid ARN for the organization.
*
*
* -
*
* INVALID_SYNTAX_POLICY_ID: You specified an invalid policy ID.
*
*
* -
*
* INVALID_ENUM: You specified a value that is not valid for that parameter.
*
*
* -
*
* INVALID_FULL_NAME_TARGET: You specified a full name that contains invalid characters.
*
*
* -
*
* INVALID_LIST_MEMBER: You provided a list to a parameter that contains at least one invalid value.
*
*
* -
*
* MAX_LENGTH_EXCEEDED: You provided a string parameter that is longer than allowed.
*
*
* -
*
* MAX_VALUE_EXCEEDED: You provided a numeric parameter that has a larger value than allowed.
*
*
* -
*
* MIN_LENGTH_EXCEEDED: You provided a string parameter that is shorter than allowed.
*
*
* -
*
* MIN_VALUE_EXCEEDED: You provided a numeric parameter that has a smaller value than allowed.
*
*
* -
*
* IMMUTABLE_POLICY: You specified a policy that is managed by AWS and cannot be modified.
*
*
* -
*
* INVALID_PATTERN: You provided a value that doesn't match the required pattern.
*
*
* -
*
* INVALID_PATTERN_TARGET_ID: You specified a policy target ID that doesn't match the required pattern.
*
*
* -
*
* INPUT_REQUIRED: You must include a value for all required parameters.
*
*
* -
*
* INVALID_PAGINATION_TOKEN: Get the value for the NextToken parameter from the response to a previous call
* of the operation.
*
*
* -
*
* MAX_FILTER_LIMIT_EXCEEDED: You can specify only one filter parameter for the operation.
*
*
* -
*
* MOVING_ACCOUNT_BETWEEN_DIFFERENT_ROOTS: You can move an account only between entities in the same root.
*
*
* @throws ServiceException
* AWS Organizations can't complete your request because of an internal service error. Try again later.
* @throws TooManyRequestsException
* You've sent too many requests in too short a period of time. The limit helps protect against
* denial-of-service attacks. Try again later.
* @throws SdkBaseException
* Base class for all exceptions that can be thrown by the SDK (both service and client). Can be used for
* catch all scenarios.
* @throws SdkClientException
* If any client side error occurs such as an IO related failure, failure to get credentials, etc.
* @throws OrganizationsException
* Base class for all service exceptions. Unknown exceptions will be thrown as an instance of this type.
* @sample OrganizationsClient.EnableAllFeatures
* @see AWS API Documentation
*/
default EnableAllFeaturesResponse enableAllFeatures(EnableAllFeaturesRequest enableAllFeaturesRequest)
throws AccessDeniedException, AWSOrganizationsNotInUseException, ConcurrentModificationException,
HandshakeConstraintViolationException, InvalidInputException, ServiceException, TooManyRequestsException,
SdkBaseException, SdkClientException, OrganizationsException {
throw new UnsupportedOperationException();
}
/**
*
* Enables a policy type in a root. After you enable a policy type in a root, you can attach policies of that type
* to the root, any OU, or account in that root. You can undo this by using the DisablePolicyType operation.
*
*
* This operation can be called only from the organization's master account.
*
*
* @param enablePolicyTypeRequest
* @return Result of the EnablePolicyType operation returned by the service.
* @throws AccessDeniedException
* You don't have permissions to perform the requested operation. The user or role that is making the
* request must have at least one IAM permissions policy attached that grants the required permissions. For
* more information, see Access
* Management in the IAM User Guide.
* @throws AWSOrganizationsNotInUseException
* Your account is not a member of an organization. To make this request, you must use the credentials of an
* account that belongs to an organization.
* @throws ConcurrentModificationException
* The target of the operation is currently being modified by a different request. Try again later.
* @throws ConstraintViolationException
* Performing this operation violates a minimum or maximum value limit. For example, attempting to removing
* the last SCP from an OU or root, inviting or creating too many accounts to the organization, or attaching
* too many policies to an account, OU, or root. This exception includes a reason that contains additional
* information about the violated limit:
*
*
* -
*
* ACCOUNT_NUMBER_LIMIT_EXCEEDED: You attempted to exceed the limit on the number of accounts in an
* organization. If you need more accounts, contact AWS Support to request an increase in your limit.
*
*
* Or, The number of invitations that you tried to send would cause you to exceed the limit of accounts in
* your organization. Send fewer invitations, or contact AWS Support to request an increase in the number of
* accounts.
*
*
* Note: deleted and closed accounts still count toward your limit.
*
*
* -
*
* HANDSHAKE_RATE_LIMIT_EXCEEDED: You attempted to exceed the number of handshakes you can send in one day.
*
*
* -
*
* OU_NUMBER_LIMIT_EXCEEDED: You attempted to exceed the number of organizational units you can have in an
* organization.
*
*
* -
*
* OU_DEPTH_LIMIT_EXCEEDED: You attempted to create an organizational unit tree that is too many levels
* deep.
*
*
* -
*
* POLICY_NUMBER_LIMIT_EXCEEDED. You attempted to exceed the number of policies that you can have in an
* organization.
*
*
* -
*
* MAX_POLICY_TYPE_ATTACHMENT_LIMIT_EXCEEDED: You attempted to exceed the number of policies of a certain
* type that can be attached to an entity at one time.
*
*
* -
*
* MIN_POLICY_TYPE_ATTACHMENT_LIMIT_EXCEEDED: You attempted to detach a policy from an entity that would
* cause the entity to have fewer than the minimum number of policies of a certain type required.
*
*
* -
*
* ACCOUNT_CANNOT_LEAVE_WITHOUT_EULA: You attempted to remove an account from the organization that does not
* yet have enough information to exist as a stand-alone account. This account requires you to first agree
* to the End-User License Agreement (EULA).
*
*
* -
*
* ACCOUNT_CANNOT_LEAVE_WITHOUT_PHONE_VERIFICATION: You attempted to remove an account from the organization
* that does not yet have enough information to exist as a stand-alone account. This account requires you to
* first complete phone verification.
*
*
* -
*
* MASTER_ACCOUNT_PAYMENT_INSTRUMENT_REQUIRED: To create an organization with this account, you first must
* associate a payment instrument, such as a credit card, with the account.
*
*
* -
*
* MEMBER_ACCOUNT_PAYMENT_INSTRUMENT_REQUIRED: To complete this operation with this member account, you
* first must associate a payment instrument, such as a credit card, with the account.
*
*
* -
*
* ACCOUNT_CREATION_RATE_LIMIT_EXCEEDED: You attempted to exceed the number of accounts that you can create
* in one day.
*
*
* -
*
* MASTER_ACCOUNT_ADDRESS_DOES_NOT_MATCH_MARKETPLACE: To create an account in this organization, you first
* must migrate the organization's master account to the marketplace that corresponds to the master
* account's address. For example, accounts with India addresses must be associated with the AISPL
* marketplace. All accounts in an organization must be associated with the same marketplace.
*
*
* @throws InvalidInputException
* The requested operation failed because you provided invalid values for one or more of the request
* parameters. This exception includes a reason that contains additional information about the violated
* limit:
*
*
* -
*
* INVALID_PARTY_TYPE_TARGET: You specified the wrong type of entity (account, organization, or email) as a
* party.
*
*
* -
*
* INVALID_SYNTAX_ORGANIZATION_ARN: You specified an invalid ARN for the organization.
*
*
* -
*
* INVALID_SYNTAX_POLICY_ID: You specified an invalid policy ID.
*
*
* -
*
* INVALID_ENUM: You specified a value that is not valid for that parameter.
*
*
* -
*
* INVALID_FULL_NAME_TARGET: You specified a full name that contains invalid characters.
*
*
* -
*
* INVALID_LIST_MEMBER: You provided a list to a parameter that contains at least one invalid value.
*
*
* -
*
* MAX_LENGTH_EXCEEDED: You provided a string parameter that is longer than allowed.
*
*
* -
*
* MAX_VALUE_EXCEEDED: You provided a numeric parameter that has a larger value than allowed.
*
*
* -
*
* MIN_LENGTH_EXCEEDED: You provided a string parameter that is shorter than allowed.
*
*
* -
*
* MIN_VALUE_EXCEEDED: You provided a numeric parameter that has a smaller value than allowed.
*
*
* -
*
* IMMUTABLE_POLICY: You specified a policy that is managed by AWS and cannot be modified.
*
*
* -
*
* INVALID_PATTERN: You provided a value that doesn't match the required pattern.
*
*
* -
*
* INVALID_PATTERN_TARGET_ID: You specified a policy target ID that doesn't match the required pattern.
*
*
* -
*
* INPUT_REQUIRED: You must include a value for all required parameters.
*
*
* -
*
* INVALID_PAGINATION_TOKEN: Get the value for the NextToken parameter from the response to a previous call
* of the operation.
*
*
* -
*
* MAX_FILTER_LIMIT_EXCEEDED: You can specify only one filter parameter for the operation.
*
*
* -
*
* MOVING_ACCOUNT_BETWEEN_DIFFERENT_ROOTS: You can move an account only between entities in the same root.
*
*
* @throws PolicyTypeAlreadyEnabledException
* The specified policy type is already enabled in the specified root.
* @throws RootNotFoundException
* We can't find a root with the RootId that you specified.
* @throws ServiceException
* AWS Organizations can't complete your request because of an internal service error. Try again later.
* @throws TooManyRequestsException
* You've sent too many requests in too short a period of time. The limit helps protect against
* denial-of-service attacks. Try again later.
* @throws PolicyTypeNotAvailableForOrganizationException
* You can't use the specified policy type with the feature set currently enabled for this organization. For
* example, you can enable service control policies (SCPs) only after you enable all features in the
* organization. For more information, see Enabling and Disabling a Policy Type on a Root in the AWS Organizations User Guide.
* @throws SdkBaseException
* Base class for all exceptions that can be thrown by the SDK (both service and client). Can be used for
* catch all scenarios.
* @throws SdkClientException
* If any client side error occurs such as an IO related failure, failure to get credentials, etc.
* @throws OrganizationsException
* Base class for all service exceptions. Unknown exceptions will be thrown as an instance of this type.
* @sample OrganizationsClient.EnablePolicyType
* @see AWS
* API Documentation
*/
default EnablePolicyTypeResponse enablePolicyType(EnablePolicyTypeRequest enablePolicyTypeRequest)
throws AccessDeniedException, AWSOrganizationsNotInUseException, ConcurrentModificationException,
ConstraintViolationException, InvalidInputException, PolicyTypeAlreadyEnabledException, RootNotFoundException,
ServiceException, TooManyRequestsException, PolicyTypeNotAvailableForOrganizationException, SdkBaseException,
SdkClientException, OrganizationsException {
throw new UnsupportedOperationException();
}
/**
*
* Sends an invitation to another account to join your organization as a member account. Organizations sends email
* on your behalf to the email address that is associated with the other account's owner. The invitation is
* implemented as a Handshake whose details are in the response.
*
*
*
* You can invite AWS accounts only from the same reseller as the master account. For example, if your
* organization's master account was created by Amazon Internet Services Pvt. Ltd (AISPL), an AWS reseller in India,
* then you can only invite other AISPL accounts to your organization. You can't combine accounts from AISPL and
* AWS. For more information, see Consolidated Billing in India.
*
*
*
* This operation can be called only from the organization's master account.
*
*
* @param inviteAccountToOrganizationRequest
* @return Result of the InviteAccountToOrganization operation returned by the service.
* @throws AccessDeniedException
* You don't have permissions to perform the requested operation. The user or role that is making the
* request must have at least one IAM permissions policy attached that grants the required permissions. For
* more information, see Access
* Management in the IAM User Guide.
* @throws AWSOrganizationsNotInUseException
* Your account is not a member of an organization. To make this request, you must use the credentials of an
* account that belongs to an organization.
* @throws ConcurrentModificationException
* The target of the operation is currently being modified by a different request. Try again later.
* @throws HandshakeConstraintViolationException
* The requested operation would violate the constraint identified in the reason code.
*
* -
*
* ACCOUNT_NUMBER_LIMIT_EXCEEDED: You attempted to exceed the limit on the number of accounts in an
* organization. Note: deleted and closed accounts still count toward your limit.
*
*
* -
*
* HANDSHAKE_RATE_LIMIT_EXCEEDED: You attempted to exceed the number of handshakes you can send in one day.
*
*
* -
*
* ALREADY_IN_AN_ORGANIZATION: The handshake request is invalid because the invited account is already a
* member of an organization.
*
*
* -
*
* ORGANIZATION_ALREADY_HAS_ALL_FEATURES: The handshake request is invalid because the organization has
* already enabled all features.
*
*
* -
*
* INVITE_DISABLED_DURING_ENABLE_ALL_FEATURES: You cannot issue new invitations to join an organization
* while it is in the process of enabling all features. You can resume inviting accounts after you finalize
* the process when all accounts have agreed to the change.
*
*
* -
*
* PAYMENT_INSTRUMENT_REQUIRED: You cannot complete the operation with an account that does not have a
* payment instrument, such as a credit card, associated with it.
*
*
* -
*
* ORGANIZATION_FROM_DIFFERENT_SELLER_OF_RECORD: The request failed because the account is from a different
* marketplace than the accounts in the organization. For example, accounts with India addresses must be
* associated with the AISPL marketplace. All accounts in an organization must be from the same marketplace.
*
*
* -
*
* ORGANIZATION_MEMBERSHIP_CHANGE_RATE_LIMIT_EXCEEDED: You attempted to change the membership of an account
* too quickly after its previous change.
*
*
* @throws DuplicateHandshakeException
* A handshake with the same action and target already exists. For example, if you invited an account to
* join your organization, the invited account might already have a pending invitation from this
* organization. If you intend to resend an invitation to an account, ensure that existing handshakes that
* might be considered duplicates are canceled or declined.
* @throws InvalidInputException
* The requested operation failed because you provided invalid values for one or more of the request
* parameters. This exception includes a reason that contains additional information about the violated
* limit:
*
* -
*
* INVALID_PARTY_TYPE_TARGET: You specified the wrong type of entity (account, organization, or email) as a
* party.
*
*
* -
*
* INVALID_SYNTAX_ORGANIZATION_ARN: You specified an invalid ARN for the organization.
*
*
* -
*
* INVALID_SYNTAX_POLICY_ID: You specified an invalid policy ID.
*
*
* -
*
* INVALID_ENUM: You specified a value that is not valid for that parameter.
*
*
* -
*
* INVALID_FULL_NAME_TARGET: You specified a full name that contains invalid characters.
*
*
* -
*
* INVALID_LIST_MEMBER: You provided a list to a parameter that contains at least one invalid value.
*
*
* -
*
* MAX_LENGTH_EXCEEDED: You provided a string parameter that is longer than allowed.
*
*
* -
*
* MAX_VALUE_EXCEEDED: You provided a numeric parameter that has a larger value than allowed.
*
*
* -
*
* MIN_LENGTH_EXCEEDED: You provided a string parameter that is shorter than allowed.
*
*
* -
*
* MIN_VALUE_EXCEEDED: You provided a numeric parameter that has a smaller value than allowed.
*
*
* -
*
* IMMUTABLE_POLICY: You specified a policy that is managed by AWS and cannot be modified.
*
*
* -
*
* INVALID_PATTERN: You provided a value that doesn't match the required pattern.
*
*
* -
*
* INVALID_PATTERN_TARGET_ID: You specified a policy target ID that doesn't match the required pattern.
*
*
* -
*
* INPUT_REQUIRED: You must include a value for all required parameters.
*
*
* -
*
* INVALID_PAGINATION_TOKEN: Get the value for the NextToken parameter from the response to a previous call
* of the operation.
*
*
* -
*
* MAX_FILTER_LIMIT_EXCEEDED: You can specify only one filter parameter for the operation.
*
*
* -
*
* MOVING_ACCOUNT_BETWEEN_DIFFERENT_ROOTS: You can move an account only between entities in the same root.
*
*
* @throws FinalizingOrganizationException
* AWS Organizations could not finalize the creation of your organization. Try again later. If this
* persists, contact AWS customer support.
* @throws ServiceException
* AWS Organizations can't complete your request because of an internal service error. Try again later.
* @throws TooManyRequestsException
* You've sent too many requests in too short a period of time. The limit helps protect against
* denial-of-service attacks. Try again later.
* @throws SdkBaseException
* Base class for all exceptions that can be thrown by the SDK (both service and client). Can be used for
* catch all scenarios.
* @throws SdkClientException
* If any client side error occurs such as an IO related failure, failure to get credentials, etc.
* @throws OrganizationsException
* Base class for all service exceptions. Unknown exceptions will be thrown as an instance of this type.
* @sample OrganizationsClient.InviteAccountToOrganization
* @see AWS API Documentation
*/
default InviteAccountToOrganizationResponse inviteAccountToOrganization(
InviteAccountToOrganizationRequest inviteAccountToOrganizationRequest) throws AccessDeniedException,
AWSOrganizationsNotInUseException, ConcurrentModificationException, HandshakeConstraintViolationException,
DuplicateHandshakeException, InvalidInputException, FinalizingOrganizationException, ServiceException,
TooManyRequestsException, SdkBaseException, SdkClientException, OrganizationsException {
throw new UnsupportedOperationException();
}
/**
*
* Removes a member account from its parent organization. This version of the operation is performed by the account
* that wants to leave. To remove a member account as a user in the master account, use
* RemoveAccountFromOrganization instead.
*
*
* This operation can be called only from a member account in the organization.
*
*
*
* -
*
* The master account in an organization with all features enabled can set service control policies (SCPs) that can
* restrict what administrators of member accounts can do, including preventing them from successfully calling
* LeaveOrganization
and leaving the organization.
*
*
* -
*
* If you created the account using the AWS Organizations console, the Organizations API, or the Organizations CLI
* commands, then you cannot remove the account.
*
*
* -
*
* You can leave an organization only after you enable IAM user access to billing in your account. For more
* information, see Activating Access to the Billing and Cost Management Console in the AWS Billing and Cost Management User
* Guide.
*
*
*
*
*
* @return Result of the LeaveOrganization operation returned by the service.
* @throws AccessDeniedException
* You don't have permissions to perform the requested operation. The user or role that is making the
* request must have at least one IAM permissions policy attached that grants the required permissions. For
* more information, see Access
* Management in the IAM User Guide.
* @throws AccountNotFoundException
* We can't find an AWS account with the AccountId that you specified, or the account whose credentials you
* used to make this request is not a member of an organization.
* @throws AWSOrganizationsNotInUseException
* Your account is not a member of an organization. To make this request, you must use the credentials of an
* account that belongs to an organization.
* @throws ConcurrentModificationException
* The target of the operation is currently being modified by a different request. Try again later.
* @throws ConstraintViolationException
* Performing this operation violates a minimum or maximum value limit. For example, attempting to removing
* the last SCP from an OU or root, inviting or creating too many accounts to the organization, or attaching
* too many policies to an account, OU, or root. This exception includes a reason that contains additional
* information about the violated limit:
*
*
* -
*
* ACCOUNT_NUMBER_LIMIT_EXCEEDED: You attempted to exceed the limit on the number of accounts in an
* organization. If you need more accounts, contact AWS Support to request an increase in your limit.
*
*
* Or, The number of invitations that you tried to send would cause you to exceed the limit of accounts in
* your organization. Send fewer invitations, or contact AWS Support to request an increase in the number of
* accounts.
*
*
* Note: deleted and closed accounts still count toward your limit.
*
*
* -
*
* HANDSHAKE_RATE_LIMIT_EXCEEDED: You attempted to exceed the number of handshakes you can send in one day.
*
*
* -
*
* OU_NUMBER_LIMIT_EXCEEDED: You attempted to exceed the number of organizational units you can have in an
* organization.
*
*
* -
*
* OU_DEPTH_LIMIT_EXCEEDED: You attempted to create an organizational unit tree that is too many levels
* deep.
*
*
* -
*
* POLICY_NUMBER_LIMIT_EXCEEDED. You attempted to exceed the number of policies that you can have in an
* organization.
*
*
* -
*
* MAX_POLICY_TYPE_ATTACHMENT_LIMIT_EXCEEDED: You attempted to exceed the number of policies of a certain
* type that can be attached to an entity at one time.
*
*
* -
*
* MIN_POLICY_TYPE_ATTACHMENT_LIMIT_EXCEEDED: You attempted to detach a policy from an entity that would
* cause the entity to have fewer than the minimum number of policies of a certain type required.
*
*
* -
*
* ACCOUNT_CANNOT_LEAVE_WITHOUT_EULA: You attempted to remove an account from the organization that does not
* yet have enough information to exist as a stand-alone account. This account requires you to first agree
* to the End-User License Agreement (EULA).
*
*
* -
*
* ACCOUNT_CANNOT_LEAVE_WITHOUT_PHONE_VERIFICATION: You attempted to remove an account from the organization
* that does not yet have enough information to exist as a stand-alone account. This account requires you to
* first complete phone verification.
*
*
* -
*
* MASTER_ACCOUNT_PAYMENT_INSTRUMENT_REQUIRED: To create an organization with this account, you first must
* associate a payment instrument, such as a credit card, with the account.
*
*
* -
*
* MEMBER_ACCOUNT_PAYMENT_INSTRUMENT_REQUIRED: To complete this operation with this member account, you
* first must associate a payment instrument, such as a credit card, with the account.
*
*
* -
*
* ACCOUNT_CREATION_RATE_LIMIT_EXCEEDED: You attempted to exceed the number of accounts that you can create
* in one day.
*
*
* -
*
* MASTER_ACCOUNT_ADDRESS_DOES_NOT_MATCH_MARKETPLACE: To create an account in this organization, you first
* must migrate the organization's master account to the marketplace that corresponds to the master
* account's address. For example, accounts with India addresses must be associated with the AISPL
* marketplace. All accounts in an organization must be associated with the same marketplace.
*
*
* @throws InvalidInputException
* The requested operation failed because you provided invalid values for one or more of the request
* parameters. This exception includes a reason that contains additional information about the violated
* limit:
*
*
* -
*
* INVALID_PARTY_TYPE_TARGET: You specified the wrong type of entity (account, organization, or email) as a
* party.
*
*
* -
*
* INVALID_SYNTAX_ORGANIZATION_ARN: You specified an invalid ARN for the organization.
*
*
* -
*
* INVALID_SYNTAX_POLICY_ID: You specified an invalid policy ID.
*
*
* -
*
* INVALID_ENUM: You specified a value that is not valid for that parameter.
*
*
* -
*
* INVALID_FULL_NAME_TARGET: You specified a full name that contains invalid characters.
*
*
* -
*
* INVALID_LIST_MEMBER: You provided a list to a parameter that contains at least one invalid value.
*
*
* -
*
* MAX_LENGTH_EXCEEDED: You provided a string parameter that is longer than allowed.
*
*
* -
*
* MAX_VALUE_EXCEEDED: You provided a numeric parameter that has a larger value than allowed.
*
*
* -
*
* MIN_LENGTH_EXCEEDED: You provided a string parameter that is shorter than allowed.
*
*
* -
*
* MIN_VALUE_EXCEEDED: You provided a numeric parameter that has a smaller value than allowed.
*
*
* -
*
* IMMUTABLE_POLICY: You specified a policy that is managed by AWS and cannot be modified.
*
*
* -
*
* INVALID_PATTERN: You provided a value that doesn't match the required pattern.
*
*
* -
*
* INVALID_PATTERN_TARGET_ID: You specified a policy target ID that doesn't match the required pattern.
*
*
* -
*
* INPUT_REQUIRED: You must include a value for all required parameters.
*
*
* -
*
* INVALID_PAGINATION_TOKEN: Get the value for the NextToken parameter from the response to a previous call
* of the operation.
*
*
* -
*
* MAX_FILTER_LIMIT_EXCEEDED: You can specify only one filter parameter for the operation.
*
*
* -
*
* MOVING_ACCOUNT_BETWEEN_DIFFERENT_ROOTS: You can move an account only between entities in the same root.
*
*
* @throws MasterCannotLeaveOrganizationException
* You can't remove a master account from an organization. If you want the master account to become a member
* account in another organization, you must first delete the current organization of the master account.
* @throws ServiceException
* AWS Organizations can't complete your request because of an internal service error. Try again later.
* @throws TooManyRequestsException
* You've sent too many requests in too short a period of time. The limit helps protect against
* denial-of-service attacks. Try again later.
* @throws SdkBaseException
* Base class for all exceptions that can be thrown by the SDK (both service and client). Can be used for
* catch all scenarios.
* @throws SdkClientException
* If any client side error occurs such as an IO related failure, failure to get credentials, etc.
* @throws OrganizationsException
* Base class for all service exceptions. Unknown exceptions will be thrown as an instance of this type.
* @sample OrganizationsClient.LeaveOrganization
* @see #leaveOrganization(LeaveOrganizationRequest)
* @see AWS API Documentation
*/
default LeaveOrganizationResponse leaveOrganization() throws AccessDeniedException, AccountNotFoundException,
AWSOrganizationsNotInUseException, ConcurrentModificationException, ConstraintViolationException,
InvalidInputException, MasterCannotLeaveOrganizationException, ServiceException, TooManyRequestsException,
SdkBaseException, SdkClientException, OrganizationsException {
return leaveOrganization(LeaveOrganizationRequest.builder().build());
}
/**
*
* Removes a member account from its parent organization. This version of the operation is performed by the account
* that wants to leave. To remove a member account as a user in the master account, use
* RemoveAccountFromOrganization instead.
*
*
* This operation can be called only from a member account in the organization.
*
*
*
* -
*
* The master account in an organization with all features enabled can set service control policies (SCPs) that can
* restrict what administrators of member accounts can do, including preventing them from successfully calling
* LeaveOrganization
and leaving the organization.
*
*
* -
*
* If you created the account using the AWS Organizations console, the Organizations API, or the Organizations CLI
* commands, then you cannot remove the account.
*
*
* -
*
* You can leave an organization only after you enable IAM user access to billing in your account. For more
* information, see Activating Access to the Billing and Cost Management Console in the AWS Billing and Cost Management User
* Guide.
*
*
*
*
*
* @param leaveOrganizationRequest
* @return Result of the LeaveOrganization operation returned by the service.
* @throws AccessDeniedException
* You don't have permissions to perform the requested operation. The user or role that is making the
* request must have at least one IAM permissions policy attached that grants the required permissions. For
* more information, see Access
* Management in the IAM User Guide.
* @throws AccountNotFoundException
* We can't find an AWS account with the AccountId that you specified, or the account whose credentials you
* used to make this request is not a member of an organization.
* @throws AWSOrganizationsNotInUseException
* Your account is not a member of an organization. To make this request, you must use the credentials of an
* account that belongs to an organization.
* @throws ConcurrentModificationException
* The target of the operation is currently being modified by a different request. Try again later.
* @throws ConstraintViolationException
* Performing this operation violates a minimum or maximum value limit. For example, attempting to removing
* the last SCP from an OU or root, inviting or creating too many accounts to the organization, or attaching
* too many policies to an account, OU, or root. This exception includes a reason that contains additional
* information about the violated limit:
*
*
* -
*
* ACCOUNT_NUMBER_LIMIT_EXCEEDED: You attempted to exceed the limit on the number of accounts in an
* organization. If you need more accounts, contact AWS Support to request an increase in your limit.
*
*
* Or, The number of invitations that you tried to send would cause you to exceed the limit of accounts in
* your organization. Send fewer invitations, or contact AWS Support to request an increase in the number of
* accounts.
*
*
* Note: deleted and closed accounts still count toward your limit.
*
*
* -
*
* HANDSHAKE_RATE_LIMIT_EXCEEDED: You attempted to exceed the number of handshakes you can send in one day.
*
*
* -
*
* OU_NUMBER_LIMIT_EXCEEDED: You attempted to exceed the number of organizational units you can have in an
* organization.
*
*
* -
*
* OU_DEPTH_LIMIT_EXCEEDED: You attempted to create an organizational unit tree that is too many levels
* deep.
*
*
* -
*
* POLICY_NUMBER_LIMIT_EXCEEDED. You attempted to exceed the number of policies that you can have in an
* organization.
*
*
* -
*
* MAX_POLICY_TYPE_ATTACHMENT_LIMIT_EXCEEDED: You attempted to exceed the number of policies of a certain
* type that can be attached to an entity at one time.
*
*
* -
*
* MIN_POLICY_TYPE_ATTACHMENT_LIMIT_EXCEEDED: You attempted to detach a policy from an entity that would
* cause the entity to have fewer than the minimum number of policies of a certain type required.
*
*
* -
*
* ACCOUNT_CANNOT_LEAVE_WITHOUT_EULA: You attempted to remove an account from the organization that does not
* yet have enough information to exist as a stand-alone account. This account requires you to first agree
* to the End-User License Agreement (EULA).
*
*
* -
*
* ACCOUNT_CANNOT_LEAVE_WITHOUT_PHONE_VERIFICATION: You attempted to remove an account from the organization
* that does not yet have enough information to exist as a stand-alone account. This account requires you to
* first complete phone verification.
*
*
* -
*
* MASTER_ACCOUNT_PAYMENT_INSTRUMENT_REQUIRED: To create an organization with this account, you first must
* associate a payment instrument, such as a credit card, with the account.
*
*
* -
*
* MEMBER_ACCOUNT_PAYMENT_INSTRUMENT_REQUIRED: To complete this operation with this member account, you
* first must associate a payment instrument, such as a credit card, with the account.
*
*
* -
*
* ACCOUNT_CREATION_RATE_LIMIT_EXCEEDED: You attempted to exceed the number of accounts that you can create
* in one day.
*
*
* -
*
* MASTER_ACCOUNT_ADDRESS_DOES_NOT_MATCH_MARKETPLACE: To create an account in this organization, you first
* must migrate the organization's master account to the marketplace that corresponds to the master
* account's address. For example, accounts with India addresses must be associated with the AISPL
* marketplace. All accounts in an organization must be associated with the same marketplace.
*
*
* @throws InvalidInputException
* The requested operation failed because you provided invalid values for one or more of the request
* parameters. This exception includes a reason that contains additional information about the violated
* limit:
*
*
* -
*
* INVALID_PARTY_TYPE_TARGET: You specified the wrong type of entity (account, organization, or email) as a
* party.
*
*
* -
*
* INVALID_SYNTAX_ORGANIZATION_ARN: You specified an invalid ARN for the organization.
*
*
* -
*
* INVALID_SYNTAX_POLICY_ID: You specified an invalid policy ID.
*
*
* -
*
* INVALID_ENUM: You specified a value that is not valid for that parameter.
*
*
* -
*
* INVALID_FULL_NAME_TARGET: You specified a full name that contains invalid characters.
*
*
* -
*
* INVALID_LIST_MEMBER: You provided a list to a parameter that contains at least one invalid value.
*
*
* -
*
* MAX_LENGTH_EXCEEDED: You provided a string parameter that is longer than allowed.
*
*
* -
*
* MAX_VALUE_EXCEEDED: You provided a numeric parameter that has a larger value than allowed.
*
*
* -
*
* MIN_LENGTH_EXCEEDED: You provided a string parameter that is shorter than allowed.
*
*
* -
*
* MIN_VALUE_EXCEEDED: You provided a numeric parameter that has a smaller value than allowed.
*
*
* -
*
* IMMUTABLE_POLICY: You specified a policy that is managed by AWS and cannot be modified.
*
*
* -
*
* INVALID_PATTERN: You provided a value that doesn't match the required pattern.
*
*
* -
*
* INVALID_PATTERN_TARGET_ID: You specified a policy target ID that doesn't match the required pattern.
*
*
* -
*
* INPUT_REQUIRED: You must include a value for all required parameters.
*
*
* -
*
* INVALID_PAGINATION_TOKEN: Get the value for the NextToken parameter from the response to a previous call
* of the operation.
*
*
* -
*
* MAX_FILTER_LIMIT_EXCEEDED: You can specify only one filter parameter for the operation.
*
*
* -
*
* MOVING_ACCOUNT_BETWEEN_DIFFERENT_ROOTS: You can move an account only between entities in the same root.
*
*
* @throws MasterCannotLeaveOrganizationException
* You can't remove a master account from an organization. If you want the master account to become a member
* account in another organization, you must first delete the current organization of the master account.
* @throws ServiceException
* AWS Organizations can't complete your request because of an internal service error. Try again later.
* @throws TooManyRequestsException
* You've sent too many requests in too short a period of time. The limit helps protect against
* denial-of-service attacks. Try again later.
* @throws SdkBaseException
* Base class for all exceptions that can be thrown by the SDK (both service and client). Can be used for
* catch all scenarios.
* @throws SdkClientException
* If any client side error occurs such as an IO related failure, failure to get credentials, etc.
* @throws OrganizationsException
* Base class for all service exceptions. Unknown exceptions will be thrown as an instance of this type.
* @sample OrganizationsClient.LeaveOrganization
* @see AWS API Documentation
*/
default LeaveOrganizationResponse leaveOrganization(LeaveOrganizationRequest leaveOrganizationRequest)
throws AccessDeniedException, AccountNotFoundException, AWSOrganizationsNotInUseException,
ConcurrentModificationException, ConstraintViolationException, InvalidInputException,
MasterCannotLeaveOrganizationException, ServiceException, TooManyRequestsException, SdkBaseException,
SdkClientException, OrganizationsException {
throw new UnsupportedOperationException();
}
/**
*
* Lists all the accounts in the organization. To request only the accounts in a root or OU, use the
* ListAccountsForParent operation instead.
*
*
* This operation can be called only from the organization's master account.
*
*
* @return Result of the ListAccounts operation returned by the service.
* @throws AccessDeniedException
* You don't have permissions to perform the requested operation. The user or role that is making the
* request must have at least one IAM permissions policy attached that grants the required permissions. For
* more information, see Access
* Management in the IAM User Guide.
* @throws AWSOrganizationsNotInUseException
* Your account is not a member of an organization. To make this request, you must use the credentials of an
* account that belongs to an organization.
* @throws InvalidInputException
* The requested operation failed because you provided invalid values for one or more of the request
* parameters. This exception includes a reason that contains additional information about the violated
* limit:
*
* -
*
* INVALID_PARTY_TYPE_TARGET: You specified the wrong type of entity (account, organization, or email) as a
* party.
*
*
* -
*
* INVALID_SYNTAX_ORGANIZATION_ARN: You specified an invalid ARN for the organization.
*
*
* -
*
* INVALID_SYNTAX_POLICY_ID: You specified an invalid policy ID.
*
*
* -
*
* INVALID_ENUM: You specified a value that is not valid for that parameter.
*
*
* -
*
* INVALID_FULL_NAME_TARGET: You specified a full name that contains invalid characters.
*
*
* -
*
* INVALID_LIST_MEMBER: You provided a list to a parameter that contains at least one invalid value.
*
*
* -
*
* MAX_LENGTH_EXCEEDED: You provided a string parameter that is longer than allowed.
*
*
* -
*
* MAX_VALUE_EXCEEDED: You provided a numeric parameter that has a larger value than allowed.
*
*
* -
*
* MIN_LENGTH_EXCEEDED: You provided a string parameter that is shorter than allowed.
*
*
* -
*
* MIN_VALUE_EXCEEDED: You provided a numeric parameter that has a smaller value than allowed.
*
*
* -
*
* IMMUTABLE_POLICY: You specified a policy that is managed by AWS and cannot be modified.
*
*
* -
*
* INVALID_PATTERN: You provided a value that doesn't match the required pattern.
*
*
* -
*
* INVALID_PATTERN_TARGET_ID: You specified a policy target ID that doesn't match the required pattern.
*
*
* -
*
* INPUT_REQUIRED: You must include a value for all required parameters.
*
*
* -
*
* INVALID_PAGINATION_TOKEN: Get the value for the NextToken parameter from the response to a previous call
* of the operation.
*
*
* -
*
* MAX_FILTER_LIMIT_EXCEEDED: You can specify only one filter parameter for the operation.
*
*
* -
*
* MOVING_ACCOUNT_BETWEEN_DIFFERENT_ROOTS: You can move an account only between entities in the same root.
*
*
* @throws ServiceException
* AWS Organizations can't complete your request because of an internal service error. Try again later.
* @throws TooManyRequestsException
* You've sent too many requests in too short a period of time. The limit helps protect against
* denial-of-service attacks. Try again later.
* @throws SdkBaseException
* Base class for all exceptions that can be thrown by the SDK (both service and client). Can be used for
* catch all scenarios.
* @throws SdkClientException
* If any client side error occurs such as an IO related failure, failure to get credentials, etc.
* @throws OrganizationsException
* Base class for all service exceptions. Unknown exceptions will be thrown as an instance of this type.
* @sample OrganizationsClient.ListAccounts
* @see #listAccounts(ListAccountsRequest)
* @see AWS API
* Documentation
*/
default ListAccountsResponse listAccounts() throws AccessDeniedException, AWSOrganizationsNotInUseException,
InvalidInputException, ServiceException, TooManyRequestsException, SdkBaseException, SdkClientException,
OrganizationsException {
return listAccounts(ListAccountsRequest.builder().build());
}
/**
*
* Lists all the accounts in the organization. To request only the accounts in a root or OU, use the
* ListAccountsForParent operation instead.
*
*
* This operation can be called only from the organization's master account.
*
*
* @param listAccountsRequest
* @return Result of the ListAccounts operation returned by the service.
* @throws AccessDeniedException
* You don't have permissions to perform the requested operation. The user or role that is making the
* request must have at least one IAM permissions policy attached that grants the required permissions. For
* more information, see Access
* Management in the IAM User Guide.
* @throws AWSOrganizationsNotInUseException
* Your account is not a member of an organization. To make this request, you must use the credentials of an
* account that belongs to an organization.
* @throws InvalidInputException
* The requested operation failed because you provided invalid values for one or more of the request
* parameters. This exception includes a reason that contains additional information about the violated
* limit:
*
* -
*
* INVALID_PARTY_TYPE_TARGET: You specified the wrong type of entity (account, organization, or email) as a
* party.
*
*
* -
*
* INVALID_SYNTAX_ORGANIZATION_ARN: You specified an invalid ARN for the organization.
*
*
* -
*
* INVALID_SYNTAX_POLICY_ID: You specified an invalid policy ID.
*
*
* -
*
* INVALID_ENUM: You specified a value that is not valid for that parameter.
*
*
* -
*
* INVALID_FULL_NAME_TARGET: You specified a full name that contains invalid characters.
*
*
* -
*
* INVALID_LIST_MEMBER: You provided a list to a parameter that contains at least one invalid value.
*
*
* -
*
* MAX_LENGTH_EXCEEDED: You provided a string parameter that is longer than allowed.
*
*
* -
*
* MAX_VALUE_EXCEEDED: You provided a numeric parameter that has a larger value than allowed.
*
*
* -
*
* MIN_LENGTH_EXCEEDED: You provided a string parameter that is shorter than allowed.
*
*
* -
*
* MIN_VALUE_EXCEEDED: You provided a numeric parameter that has a smaller value than allowed.
*
*
* -
*
* IMMUTABLE_POLICY: You specified a policy that is managed by AWS and cannot be modified.
*
*
* -
*
* INVALID_PATTERN: You provided a value that doesn't match the required pattern.
*
*
* -
*
* INVALID_PATTERN_TARGET_ID: You specified a policy target ID that doesn't match the required pattern.
*
*
* -
*
* INPUT_REQUIRED: You must include a value for all required parameters.
*
*
* -
*
* INVALID_PAGINATION_TOKEN: Get the value for the NextToken parameter from the response to a previous call
* of the operation.
*
*
* -
*
* MAX_FILTER_LIMIT_EXCEEDED: You can specify only one filter parameter for the operation.
*
*
* -
*
* MOVING_ACCOUNT_BETWEEN_DIFFERENT_ROOTS: You can move an account only between entities in the same root.
*
*
* @throws ServiceException
* AWS Organizations can't complete your request because of an internal service error. Try again later.
* @throws TooManyRequestsException
* You've sent too many requests in too short a period of time. The limit helps protect against
* denial-of-service attacks. Try again later.
* @throws SdkBaseException
* Base class for all exceptions that can be thrown by the SDK (both service and client). Can be used for
* catch all scenarios.
* @throws SdkClientException
* If any client side error occurs such as an IO related failure, failure to get credentials, etc.
* @throws OrganizationsException
* Base class for all service exceptions. Unknown exceptions will be thrown as an instance of this type.
* @sample OrganizationsClient.ListAccounts
* @see AWS API
* Documentation
*/
default ListAccountsResponse listAccounts(ListAccountsRequest listAccountsRequest) throws AccessDeniedException,
AWSOrganizationsNotInUseException, InvalidInputException, ServiceException, TooManyRequestsException,
SdkBaseException, SdkClientException, OrganizationsException {
throw new UnsupportedOperationException();
}
/**
*
* Lists the accounts in an organization that are contained by the specified target root or organizational unit
* (OU). If you specify the root, you get a list of all the accounts that are not in any OU. If you specify an OU,
* you get a list of all the accounts in only that OU, and not in any child OUs. To get a list of all accounts in
* the organization, use the ListAccounts operation.
*
*
* @param listAccountsForParentRequest
* @return Result of the ListAccountsForParent operation returned by the service.
* @throws AccessDeniedException
* You don't have permissions to perform the requested operation. The user or role that is making the
* request must have at least one IAM permissions policy attached that grants the required permissions. For
* more information, see Access
* Management in the IAM User Guide.
* @throws AWSOrganizationsNotInUseException
* Your account is not a member of an organization. To make this request, you must use the credentials of an
* account that belongs to an organization.
* @throws InvalidInputException
* The requested operation failed because you provided invalid values for one or more of the request
* parameters. This exception includes a reason that contains additional information about the violated
* limit:
*
* -
*
* INVALID_PARTY_TYPE_TARGET: You specified the wrong type of entity (account, organization, or email) as a
* party.
*
*
* -
*
* INVALID_SYNTAX_ORGANIZATION_ARN: You specified an invalid ARN for the organization.
*
*
* -
*
* INVALID_SYNTAX_POLICY_ID: You specified an invalid policy ID.
*
*
* -
*
* INVALID_ENUM: You specified a value that is not valid for that parameter.
*
*
* -
*
* INVALID_FULL_NAME_TARGET: You specified a full name that contains invalid characters.
*
*
* -
*
* INVALID_LIST_MEMBER: You provided a list to a parameter that contains at least one invalid value.
*
*
* -
*
* MAX_LENGTH_EXCEEDED: You provided a string parameter that is longer than allowed.
*
*
* -
*
* MAX_VALUE_EXCEEDED: You provided a numeric parameter that has a larger value than allowed.
*
*
* -
*
* MIN_LENGTH_EXCEEDED: You provided a string parameter that is shorter than allowed.
*
*
* -
*
* MIN_VALUE_EXCEEDED: You provided a numeric parameter that has a smaller value than allowed.
*
*
* -
*
* IMMUTABLE_POLICY: You specified a policy that is managed by AWS and cannot be modified.
*
*
* -
*
* INVALID_PATTERN: You provided a value that doesn't match the required pattern.
*
*
* -
*
* INVALID_PATTERN_TARGET_ID: You specified a policy target ID that doesn't match the required pattern.
*
*
* -
*
* INPUT_REQUIRED: You must include a value for all required parameters.
*
*
* -
*
* INVALID_PAGINATION_TOKEN: Get the value for the NextToken parameter from the response to a previous call
* of the operation.
*
*
* -
*
* MAX_FILTER_LIMIT_EXCEEDED: You can specify only one filter parameter for the operation.
*
*
* -
*
* MOVING_ACCOUNT_BETWEEN_DIFFERENT_ROOTS: You can move an account only between entities in the same root.
*
*
* @throws ParentNotFoundException
* We can't find a root or organizational unit (OU) with the ParentId that you specified.
* @throws ServiceException
* AWS Organizations can't complete your request because of an internal service error. Try again later.
* @throws TooManyRequestsException
* You've sent too many requests in too short a period of time. The limit helps protect against
* denial-of-service attacks. Try again later.
* @throws SdkBaseException
* Base class for all exceptions that can be thrown by the SDK (both service and client). Can be used for
* catch all scenarios.
* @throws SdkClientException
* If any client side error occurs such as an IO related failure, failure to get credentials, etc.
* @throws OrganizationsException
* Base class for all service exceptions. Unknown exceptions will be thrown as an instance of this type.
* @sample OrganizationsClient.ListAccountsForParent
* @see AWS API Documentation
*/
default ListAccountsForParentResponse listAccountsForParent(ListAccountsForParentRequest listAccountsForParentRequest)
throws AccessDeniedException, AWSOrganizationsNotInUseException, InvalidInputException, ParentNotFoundException,
ServiceException, TooManyRequestsException, SdkBaseException, SdkClientException, OrganizationsException {
throw new UnsupportedOperationException();
}
/**
*
* Lists all of the OUs or accounts that are contained in the specified parent OU or root. This operation, along
* with ListParents enables you to traverse the tree structure that makes up this root.
*
*
* @param listChildrenRequest
* @return Result of the ListChildren operation returned by the service.
* @throws AccessDeniedException
* You don't have permissions to perform the requested operation. The user or role that is making the
* request must have at least one IAM permissions policy attached that grants the required permissions. For
* more information, see Access
* Management in the IAM User Guide.
* @throws AWSOrganizationsNotInUseException
* Your account is not a member of an organization. To make this request, you must use the credentials of an
* account that belongs to an organization.
* @throws InvalidInputException
* The requested operation failed because you provided invalid values for one or more of the request
* parameters. This exception includes a reason that contains additional information about the violated
* limit:
*
* -
*
* INVALID_PARTY_TYPE_TARGET: You specified the wrong type of entity (account, organization, or email) as a
* party.
*
*
* -
*
* INVALID_SYNTAX_ORGANIZATION_ARN: You specified an invalid ARN for the organization.
*
*
* -
*
* INVALID_SYNTAX_POLICY_ID: You specified an invalid policy ID.
*
*
* -
*
* INVALID_ENUM: You specified a value that is not valid for that parameter.
*
*
* -
*
* INVALID_FULL_NAME_TARGET: You specified a full name that contains invalid characters.
*
*
* -
*
* INVALID_LIST_MEMBER: You provided a list to a parameter that contains at least one invalid value.
*
*
* -
*
* MAX_LENGTH_EXCEEDED: You provided a string parameter that is longer than allowed.
*
*
* -
*
* MAX_VALUE_EXCEEDED: You provided a numeric parameter that has a larger value than allowed.
*
*
* -
*
* MIN_LENGTH_EXCEEDED: You provided a string parameter that is shorter than allowed.
*
*
* -
*
* MIN_VALUE_EXCEEDED: You provided a numeric parameter that has a smaller value than allowed.
*
*
* -
*
* IMMUTABLE_POLICY: You specified a policy that is managed by AWS and cannot be modified.
*
*
* -
*
* INVALID_PATTERN: You provided a value that doesn't match the required pattern.
*
*
* -
*
* INVALID_PATTERN_TARGET_ID: You specified a policy target ID that doesn't match the required pattern.
*
*
* -
*
* INPUT_REQUIRED: You must include a value for all required parameters.
*
*
* -
*
* INVALID_PAGINATION_TOKEN: Get the value for the NextToken parameter from the response to a previous call
* of the operation.
*
*
* -
*
* MAX_FILTER_LIMIT_EXCEEDED: You can specify only one filter parameter for the operation.
*
*
* -
*
* MOVING_ACCOUNT_BETWEEN_DIFFERENT_ROOTS: You can move an account only between entities in the same root.
*
*
* @throws ParentNotFoundException
* We can't find a root or organizational unit (OU) with the ParentId that you specified.
* @throws ServiceException
* AWS Organizations can't complete your request because of an internal service error. Try again later.
* @throws TooManyRequestsException
* You've sent too many requests in too short a period of time. The limit helps protect against
* denial-of-service attacks. Try again later.
* @throws SdkBaseException
* Base class for all exceptions that can be thrown by the SDK (both service and client). Can be used for
* catch all scenarios.
* @throws SdkClientException
* If any client side error occurs such as an IO related failure, failure to get credentials, etc.
* @throws OrganizationsException
* Base class for all service exceptions. Unknown exceptions will be thrown as an instance of this type.
* @sample OrganizationsClient.ListChildren
* @see AWS API
* Documentation
*/
default ListChildrenResponse listChildren(ListChildrenRequest listChildrenRequest) throws AccessDeniedException,
AWSOrganizationsNotInUseException, InvalidInputException, ParentNotFoundException, ServiceException,
TooManyRequestsException, SdkBaseException, SdkClientException, OrganizationsException {
throw new UnsupportedOperationException();
}
/**
*
* Lists the account creation requests that match the specified status that is currently being tracked for the
* organization.
*
*
* This operation can be called only from the organization's master account.
*
*
* @return Result of the ListCreateAccountStatus operation returned by the service.
* @throws AccessDeniedException
* You don't have permissions to perform the requested operation. The user or role that is making the
* request must have at least one IAM permissions policy attached that grants the required permissions. For
* more information, see Access
* Management in the IAM User Guide.
* @throws AWSOrganizationsNotInUseException
* Your account is not a member of an organization. To make this request, you must use the credentials of an
* account that belongs to an organization.
* @throws InvalidInputException
* The requested operation failed because you provided invalid values for one or more of the request
* parameters. This exception includes a reason that contains additional information about the violated
* limit:
*
* -
*
* INVALID_PARTY_TYPE_TARGET: You specified the wrong type of entity (account, organization, or email) as a
* party.
*
*
* -
*
* INVALID_SYNTAX_ORGANIZATION_ARN: You specified an invalid ARN for the organization.
*
*
* -
*
* INVALID_SYNTAX_POLICY_ID: You specified an invalid policy ID.
*
*
* -
*
* INVALID_ENUM: You specified a value that is not valid for that parameter.
*
*
* -
*
* INVALID_FULL_NAME_TARGET: You specified a full name that contains invalid characters.
*
*
* -
*
* INVALID_LIST_MEMBER: You provided a list to a parameter that contains at least one invalid value.
*
*
* -
*
* MAX_LENGTH_EXCEEDED: You provided a string parameter that is longer than allowed.
*
*
* -
*
* MAX_VALUE_EXCEEDED: You provided a numeric parameter that has a larger value than allowed.
*
*
* -
*
* MIN_LENGTH_EXCEEDED: You provided a string parameter that is shorter than allowed.
*
*
* -
*
* MIN_VALUE_EXCEEDED: You provided a numeric parameter that has a smaller value than allowed.
*
*
* -
*
* IMMUTABLE_POLICY: You specified a policy that is managed by AWS and cannot be modified.
*
*
* -
*
* INVALID_PATTERN: You provided a value that doesn't match the required pattern.
*
*
* -
*
* INVALID_PATTERN_TARGET_ID: You specified a policy target ID that doesn't match the required pattern.
*
*
* -
*
* INPUT_REQUIRED: You must include a value for all required parameters.
*
*
* -
*
* INVALID_PAGINATION_TOKEN: Get the value for the NextToken parameter from the response to a previous call
* of the operation.
*
*
* -
*
* MAX_FILTER_LIMIT_EXCEEDED: You can specify only one filter parameter for the operation.
*
*
* -
*
* MOVING_ACCOUNT_BETWEEN_DIFFERENT_ROOTS: You can move an account only between entities in the same root.
*
*
* @throws ServiceException
* AWS Organizations can't complete your request because of an internal service error. Try again later.
* @throws TooManyRequestsException
* You've sent too many requests in too short a period of time. The limit helps protect against
* denial-of-service attacks. Try again later.
* @throws SdkBaseException
* Base class for all exceptions that can be thrown by the SDK (both service and client). Can be used for
* catch all scenarios.
* @throws SdkClientException
* If any client side error occurs such as an IO related failure, failure to get credentials, etc.
* @throws OrganizationsException
* Base class for all service exceptions. Unknown exceptions will be thrown as an instance of this type.
* @sample OrganizationsClient.ListCreateAccountStatus
* @see #listCreateAccountStatus(ListCreateAccountStatusRequest)
* @see AWS API Documentation
*/
default ListCreateAccountStatusResponse listCreateAccountStatus() throws AccessDeniedException,
AWSOrganizationsNotInUseException, InvalidInputException, ServiceException, TooManyRequestsException,
SdkBaseException, SdkClientException, OrganizationsException {
return listCreateAccountStatus(ListCreateAccountStatusRequest.builder().build());
}
/**
*
* Lists the account creation requests that match the specified status that is currently being tracked for the
* organization.
*
*
* This operation can be called only from the organization's master account.
*
*
* @param listCreateAccountStatusRequest
* @return Result of the ListCreateAccountStatus operation returned by the service.
* @throws AccessDeniedException
* You don't have permissions to perform the requested operation. The user or role that is making the
* request must have at least one IAM permissions policy attached that grants the required permissions. For
* more information, see Access
* Management in the IAM User Guide.
* @throws AWSOrganizationsNotInUseException
* Your account is not a member of an organization. To make this request, you must use the credentials of an
* account that belongs to an organization.
* @throws InvalidInputException
* The requested operation failed because you provided invalid values for one or more of the request
* parameters. This exception includes a reason that contains additional information about the violated
* limit:
*
* -
*
* INVALID_PARTY_TYPE_TARGET: You specified the wrong type of entity (account, organization, or email) as a
* party.
*
*
* -
*
* INVALID_SYNTAX_ORGANIZATION_ARN: You specified an invalid ARN for the organization.
*
*
* -
*
* INVALID_SYNTAX_POLICY_ID: You specified an invalid policy ID.
*
*
* -
*
* INVALID_ENUM: You specified a value that is not valid for that parameter.
*
*
* -
*
* INVALID_FULL_NAME_TARGET: You specified a full name that contains invalid characters.
*
*
* -
*
* INVALID_LIST_MEMBER: You provided a list to a parameter that contains at least one invalid value.
*
*
* -
*
* MAX_LENGTH_EXCEEDED: You provided a string parameter that is longer than allowed.
*
*
* -
*
* MAX_VALUE_EXCEEDED: You provided a numeric parameter that has a larger value than allowed.
*
*
* -
*
* MIN_LENGTH_EXCEEDED: You provided a string parameter that is shorter than allowed.
*
*
* -
*
* MIN_VALUE_EXCEEDED: You provided a numeric parameter that has a smaller value than allowed.
*
*
* -
*
* IMMUTABLE_POLICY: You specified a policy that is managed by AWS and cannot be modified.
*
*
* -
*
* INVALID_PATTERN: You provided a value that doesn't match the required pattern.
*
*
* -
*
* INVALID_PATTERN_TARGET_ID: You specified a policy target ID that doesn't match the required pattern.
*
*
* -
*
* INPUT_REQUIRED: You must include a value for all required parameters.
*
*
* -
*
* INVALID_PAGINATION_TOKEN: Get the value for the NextToken parameter from the response to a previous call
* of the operation.
*
*
* -
*
* MAX_FILTER_LIMIT_EXCEEDED: You can specify only one filter parameter for the operation.
*
*
* -
*
* MOVING_ACCOUNT_BETWEEN_DIFFERENT_ROOTS: You can move an account only between entities in the same root.
*
*
* @throws ServiceException
* AWS Organizations can't complete your request because of an internal service error. Try again later.
* @throws TooManyRequestsException
* You've sent too many requests in too short a period of time. The limit helps protect against
* denial-of-service attacks. Try again later.
* @throws SdkBaseException
* Base class for all exceptions that can be thrown by the SDK (both service and client). Can be used for
* catch all scenarios.
* @throws SdkClientException
* If any client side error occurs such as an IO related failure, failure to get credentials, etc.
* @throws OrganizationsException
* Base class for all service exceptions. Unknown exceptions will be thrown as an instance of this type.
* @sample OrganizationsClient.ListCreateAccountStatus
* @see AWS API Documentation
*/
default ListCreateAccountStatusResponse listCreateAccountStatus(ListCreateAccountStatusRequest listCreateAccountStatusRequest)
throws AccessDeniedException, AWSOrganizationsNotInUseException, InvalidInputException, ServiceException,
TooManyRequestsException, SdkBaseException, SdkClientException, OrganizationsException {
throw new UnsupportedOperationException();
}
/**
*
* Lists the current handshakes that are associated with the account of the requesting user.
*
*
* Handshakes that are ACCEPTED, DECLINED, or CANCELED appear in the results of this API for only 30 days after
* changing to that state. After that they are deleted and no longer accessible.
*
*
* This operation can be called from any account in the organization.
*
*
* @return Result of the ListHandshakesForAccount operation returned by the service.
* @throws AccessDeniedException
* You don't have permissions to perform the requested operation. The user or role that is making the
* request must have at least one IAM permissions policy attached that grants the required permissions. For
* more information, see Access
* Management in the IAM User Guide.
* @throws ConcurrentModificationException
* The target of the operation is currently being modified by a different request. Try again later.
* @throws InvalidInputException
* The requested operation failed because you provided invalid values for one or more of the request
* parameters. This exception includes a reason that contains additional information about the violated
* limit:
*
* -
*
* INVALID_PARTY_TYPE_TARGET: You specified the wrong type of entity (account, organization, or email) as a
* party.
*
*
* -
*
* INVALID_SYNTAX_ORGANIZATION_ARN: You specified an invalid ARN for the organization.
*
*
* -
*
* INVALID_SYNTAX_POLICY_ID: You specified an invalid policy ID.
*
*
* -
*
* INVALID_ENUM: You specified a value that is not valid for that parameter.
*
*
* -
*
* INVALID_FULL_NAME_TARGET: You specified a full name that contains invalid characters.
*
*
* -
*
* INVALID_LIST_MEMBER: You provided a list to a parameter that contains at least one invalid value.
*
*
* -
*
* MAX_LENGTH_EXCEEDED: You provided a string parameter that is longer than allowed.
*
*
* -
*
* MAX_VALUE_EXCEEDED: You provided a numeric parameter that has a larger value than allowed.
*
*
* -
*
* MIN_LENGTH_EXCEEDED: You provided a string parameter that is shorter than allowed.
*
*
* -
*
* MIN_VALUE_EXCEEDED: You provided a numeric parameter that has a smaller value than allowed.
*
*
* -
*
* IMMUTABLE_POLICY: You specified a policy that is managed by AWS and cannot be modified.
*
*
* -
*
* INVALID_PATTERN: You provided a value that doesn't match the required pattern.
*
*
* -
*
* INVALID_PATTERN_TARGET_ID: You specified a policy target ID that doesn't match the required pattern.
*
*
* -
*
* INPUT_REQUIRED: You must include a value for all required parameters.
*
*
* -
*
* INVALID_PAGINATION_TOKEN: Get the value for the NextToken parameter from the response to a previous call
* of the operation.
*
*
* -
*
* MAX_FILTER_LIMIT_EXCEEDED: You can specify only one filter parameter for the operation.
*
*
* -
*
* MOVING_ACCOUNT_BETWEEN_DIFFERENT_ROOTS: You can move an account only between entities in the same root.
*
*
* @throws ServiceException
* AWS Organizations can't complete your request because of an internal service error. Try again later.
* @throws TooManyRequestsException
* You've sent too many requests in too short a period of time. The limit helps protect against
* denial-of-service attacks. Try again later.
* @throws SdkBaseException
* Base class for all exceptions that can be thrown by the SDK (both service and client). Can be used for
* catch all scenarios.
* @throws SdkClientException
* If any client side error occurs such as an IO related failure, failure to get credentials, etc.
* @throws OrganizationsException
* Base class for all service exceptions. Unknown exceptions will be thrown as an instance of this type.
* @sample OrganizationsClient.ListHandshakesForAccount
* @see #listHandshakesForAccount(ListHandshakesForAccountRequest)
* @see AWS API Documentation
*/
default ListHandshakesForAccountResponse listHandshakesForAccount() throws AccessDeniedException,
ConcurrentModificationException, InvalidInputException, ServiceException, TooManyRequestsException, SdkBaseException,
SdkClientException, OrganizationsException {
return listHandshakesForAccount(ListHandshakesForAccountRequest.builder().build());
}
/**
*
* Lists the current handshakes that are associated with the account of the requesting user.
*
*
* Handshakes that are ACCEPTED, DECLINED, or CANCELED appear in the results of this API for only 30 days after
* changing to that state. After that they are deleted and no longer accessible.
*
*
* This operation can be called from any account in the organization.
*
*
* @param listHandshakesForAccountRequest
* @return Result of the ListHandshakesForAccount operation returned by the service.
* @throws AccessDeniedException
* You don't have permissions to perform the requested operation. The user or role that is making the
* request must have at least one IAM permissions policy attached that grants the required permissions. For
* more information, see Access
* Management in the IAM User Guide.
* @throws ConcurrentModificationException
* The target of the operation is currently being modified by a different request. Try again later.
* @throws InvalidInputException
* The requested operation failed because you provided invalid values for one or more of the request
* parameters. This exception includes a reason that contains additional information about the violated
* limit:
*
* -
*
* INVALID_PARTY_TYPE_TARGET: You specified the wrong type of entity (account, organization, or email) as a
* party.
*
*
* -
*
* INVALID_SYNTAX_ORGANIZATION_ARN: You specified an invalid ARN for the organization.
*
*
* -
*
* INVALID_SYNTAX_POLICY_ID: You specified an invalid policy ID.
*
*
* -
*
* INVALID_ENUM: You specified a value that is not valid for that parameter.
*
*
* -
*
* INVALID_FULL_NAME_TARGET: You specified a full name that contains invalid characters.
*
*
* -
*
* INVALID_LIST_MEMBER: You provided a list to a parameter that contains at least one invalid value.
*
*
* -
*
* MAX_LENGTH_EXCEEDED: You provided a string parameter that is longer than allowed.
*
*
* -
*
* MAX_VALUE_EXCEEDED: You provided a numeric parameter that has a larger value than allowed.
*
*
* -
*
* MIN_LENGTH_EXCEEDED: You provided a string parameter that is shorter than allowed.
*
*
* -
*
* MIN_VALUE_EXCEEDED: You provided a numeric parameter that has a smaller value than allowed.
*
*
* -
*
* IMMUTABLE_POLICY: You specified a policy that is managed by AWS and cannot be modified.
*
*
* -
*
* INVALID_PATTERN: You provided a value that doesn't match the required pattern.
*
*
* -
*
* INVALID_PATTERN_TARGET_ID: You specified a policy target ID that doesn't match the required pattern.
*
*
* -
*
* INPUT_REQUIRED: You must include a value for all required parameters.
*
*
* -
*
* INVALID_PAGINATION_TOKEN: Get the value for the NextToken parameter from the response to a previous call
* of the operation.
*
*
* -
*
* MAX_FILTER_LIMIT_EXCEEDED: You can specify only one filter parameter for the operation.
*
*
* -
*
* MOVING_ACCOUNT_BETWEEN_DIFFERENT_ROOTS: You can move an account only between entities in the same root.
*
*
* @throws ServiceException
* AWS Organizations can't complete your request because of an internal service error. Try again later.
* @throws TooManyRequestsException
* You've sent too many requests in too short a period of time. The limit helps protect against
* denial-of-service attacks. Try again later.
* @throws SdkBaseException
* Base class for all exceptions that can be thrown by the SDK (both service and client). Can be used for
* catch all scenarios.
* @throws SdkClientException
* If any client side error occurs such as an IO related failure, failure to get credentials, etc.
* @throws OrganizationsException
* Base class for all service exceptions. Unknown exceptions will be thrown as an instance of this type.
* @sample OrganizationsClient.ListHandshakesForAccount
* @see AWS API Documentation
*/
default ListHandshakesForAccountResponse listHandshakesForAccount(
ListHandshakesForAccountRequest listHandshakesForAccountRequest) throws AccessDeniedException,
ConcurrentModificationException, InvalidInputException, ServiceException, TooManyRequestsException, SdkBaseException,
SdkClientException, OrganizationsException {
throw new UnsupportedOperationException();
}
/**
*
* Lists the handshakes that are associated with the organization that the requesting user is part of. The
* ListHandshakesForOrganization
operation returns a list of handshake structures. Each structure
* contains details and status about a handshake.
*
*
* Handshakes that are ACCEPTED, DECLINED, or CANCELED appear in the results of this API for only 30 days after
* changing to that state. After that they are deleted and no longer accessible.
*
*
* This operation can be called only from the organization's master account.
*
*
* @return Result of the ListHandshakesForOrganization operation returned by the service.
* @throws AccessDeniedException
* You don't have permissions to perform the requested operation. The user or role that is making the
* request must have at least one IAM permissions policy attached that grants the required permissions. For
* more information, see Access
* Management in the IAM User Guide.
* @throws AWSOrganizationsNotInUseException
* Your account is not a member of an organization. To make this request, you must use the credentials of an
* account that belongs to an organization.
* @throws ConcurrentModificationException
* The target of the operation is currently being modified by a different request. Try again later.
* @throws InvalidInputException
* The requested operation failed because you provided invalid values for one or more of the request
* parameters. This exception includes a reason that contains additional information about the violated
* limit:
*
* -
*
* INVALID_PARTY_TYPE_TARGET: You specified the wrong type of entity (account, organization, or email) as a
* party.
*
*
* -
*
* INVALID_SYNTAX_ORGANIZATION_ARN: You specified an invalid ARN for the organization.
*
*
* -
*
* INVALID_SYNTAX_POLICY_ID: You specified an invalid policy ID.
*
*
* -
*
* INVALID_ENUM: You specified a value that is not valid for that parameter.
*
*
* -
*
* INVALID_FULL_NAME_TARGET: You specified a full name that contains invalid characters.
*
*
* -
*
* INVALID_LIST_MEMBER: You provided a list to a parameter that contains at least one invalid value.
*
*
* -
*
* MAX_LENGTH_EXCEEDED: You provided a string parameter that is longer than allowed.
*
*
* -
*
* MAX_VALUE_EXCEEDED: You provided a numeric parameter that has a larger value than allowed.
*
*
* -
*
* MIN_LENGTH_EXCEEDED: You provided a string parameter that is shorter than allowed.
*
*
* -
*
* MIN_VALUE_EXCEEDED: You provided a numeric parameter that has a smaller value than allowed.
*
*
* -
*
* IMMUTABLE_POLICY: You specified a policy that is managed by AWS and cannot be modified.
*
*
* -
*
* INVALID_PATTERN: You provided a value that doesn't match the required pattern.
*
*
* -
*
* INVALID_PATTERN_TARGET_ID: You specified a policy target ID that doesn't match the required pattern.
*
*
* -
*
* INPUT_REQUIRED: You must include a value for all required parameters.
*
*
* -
*
* INVALID_PAGINATION_TOKEN: Get the value for the NextToken parameter from the response to a previous call
* of the operation.
*
*
* -
*
* MAX_FILTER_LIMIT_EXCEEDED: You can specify only one filter parameter for the operation.
*
*
* -
*
* MOVING_ACCOUNT_BETWEEN_DIFFERENT_ROOTS: You can move an account only between entities in the same root.
*
*
* @throws ServiceException
* AWS Organizations can't complete your request because of an internal service error. Try again later.
* @throws TooManyRequestsException
* You've sent too many requests in too short a period of time. The limit helps protect against
* denial-of-service attacks. Try again later.
* @throws SdkBaseException
* Base class for all exceptions that can be thrown by the SDK (both service and client). Can be used for
* catch all scenarios.
* @throws SdkClientException
* If any client side error occurs such as an IO related failure, failure to get credentials, etc.
* @throws OrganizationsException
* Base class for all service exceptions. Unknown exceptions will be thrown as an instance of this type.
* @sample OrganizationsClient.ListHandshakesForOrganization
* @see #listHandshakesForOrganization(ListHandshakesForOrganizationRequest)
* @see AWS API Documentation
*/
default ListHandshakesForOrganizationResponse listHandshakesForOrganization() throws AccessDeniedException,
AWSOrganizationsNotInUseException, ConcurrentModificationException, InvalidInputException, ServiceException,
TooManyRequestsException, SdkBaseException, SdkClientException, OrganizationsException {
return listHandshakesForOrganization(ListHandshakesForOrganizationRequest.builder().build());
}
/**
*
* Lists the handshakes that are associated with the organization that the requesting user is part of. The
* ListHandshakesForOrganization
operation returns a list of handshake structures. Each structure
* contains details and status about a handshake.
*
*
* Handshakes that are ACCEPTED, DECLINED, or CANCELED appear in the results of this API for only 30 days after
* changing to that state. After that they are deleted and no longer accessible.
*
*
* This operation can be called only from the organization's master account.
*
*
* @param listHandshakesForOrganizationRequest
* @return Result of the ListHandshakesForOrganization operation returned by the service.
* @throws AccessDeniedException
* You don't have permissions to perform the requested operation. The user or role that is making the
* request must have at least one IAM permissions policy attached that grants the required permissions. For
* more information, see Access
* Management in the IAM User Guide.
* @throws AWSOrganizationsNotInUseException
* Your account is not a member of an organization. To make this request, you must use the credentials of an
* account that belongs to an organization.
* @throws ConcurrentModificationException
* The target of the operation is currently being modified by a different request. Try again later.
* @throws InvalidInputException
* The requested operation failed because you provided invalid values for one or more of the request
* parameters. This exception includes a reason that contains additional information about the violated
* limit:
*
* -
*
* INVALID_PARTY_TYPE_TARGET: You specified the wrong type of entity (account, organization, or email) as a
* party.
*
*
* -
*
* INVALID_SYNTAX_ORGANIZATION_ARN: You specified an invalid ARN for the organization.
*
*
* -
*
* INVALID_SYNTAX_POLICY_ID: You specified an invalid policy ID.
*
*
* -
*
* INVALID_ENUM: You specified a value that is not valid for that parameter.
*
*
* -
*
* INVALID_FULL_NAME_TARGET: You specified a full name that contains invalid characters.
*
*
* -
*
* INVALID_LIST_MEMBER: You provided a list to a parameter that contains at least one invalid value.
*
*
* -
*
* MAX_LENGTH_EXCEEDED: You provided a string parameter that is longer than allowed.
*
*
* -
*
* MAX_VALUE_EXCEEDED: You provided a numeric parameter that has a larger value than allowed.
*
*
* -
*
* MIN_LENGTH_EXCEEDED: You provided a string parameter that is shorter than allowed.
*
*
* -
*
* MIN_VALUE_EXCEEDED: You provided a numeric parameter that has a smaller value than allowed.
*
*
* -
*
* IMMUTABLE_POLICY: You specified a policy that is managed by AWS and cannot be modified.
*
*
* -
*
* INVALID_PATTERN: You provided a value that doesn't match the required pattern.
*
*
* -
*
* INVALID_PATTERN_TARGET_ID: You specified a policy target ID that doesn't match the required pattern.
*
*
* -
*
* INPUT_REQUIRED: You must include a value for all required parameters.
*
*
* -
*
* INVALID_PAGINATION_TOKEN: Get the value for the NextToken parameter from the response to a previous call
* of the operation.
*
*
* -
*
* MAX_FILTER_LIMIT_EXCEEDED: You can specify only one filter parameter for the operation.
*
*
* -
*
* MOVING_ACCOUNT_BETWEEN_DIFFERENT_ROOTS: You can move an account only between entities in the same root.
*
*
* @throws ServiceException
* AWS Organizations can't complete your request because of an internal service error. Try again later.
* @throws TooManyRequestsException
* You've sent too many requests in too short a period of time. The limit helps protect against
* denial-of-service attacks. Try again later.
* @throws SdkBaseException
* Base class for all exceptions that can be thrown by the SDK (both service and client). Can be used for
* catch all scenarios.
* @throws SdkClientException
* If any client side error occurs such as an IO related failure, failure to get credentials, etc.
* @throws OrganizationsException
* Base class for all service exceptions. Unknown exceptions will be thrown as an instance of this type.
* @sample OrganizationsClient.ListHandshakesForOrganization
* @see AWS API Documentation
*/
default ListHandshakesForOrganizationResponse listHandshakesForOrganization(
ListHandshakesForOrganizationRequest listHandshakesForOrganizationRequest) throws AccessDeniedException,
AWSOrganizationsNotInUseException, ConcurrentModificationException, InvalidInputException, ServiceException,
TooManyRequestsException, SdkBaseException, SdkClientException, OrganizationsException {
throw new UnsupportedOperationException();
}
/**
*
* Lists the organizational units (OUs) in a parent organizational unit or root.
*
*
* This operation can be called only from the organization's master account.
*
*
* @param listOrganizationalUnitsForParentRequest
* @return Result of the ListOrganizationalUnitsForParent operation returned by the service.
* @throws AccessDeniedException
* You don't have permissions to perform the requested operation. The user or role that is making the
* request must have at least one IAM permissions policy attached that grants the required permissions. For
* more information, see Access
* Management in the IAM User Guide.
* @throws AWSOrganizationsNotInUseException
* Your account is not a member of an organization. To make this request, you must use the credentials of an
* account that belongs to an organization.
* @throws InvalidInputException
* The requested operation failed because you provided invalid values for one or more of the request
* parameters. This exception includes a reason that contains additional information about the violated
* limit:
*
* -
*
* INVALID_PARTY_TYPE_TARGET: You specified the wrong type of entity (account, organization, or email) as a
* party.
*
*
* -
*
* INVALID_SYNTAX_ORGANIZATION_ARN: You specified an invalid ARN for the organization.
*
*
* -
*
* INVALID_SYNTAX_POLICY_ID: You specified an invalid policy ID.
*
*
* -
*
* INVALID_ENUM: You specified a value that is not valid for that parameter.
*
*
* -
*
* INVALID_FULL_NAME_TARGET: You specified a full name that contains invalid characters.
*
*
* -
*
* INVALID_LIST_MEMBER: You provided a list to a parameter that contains at least one invalid value.
*
*
* -
*
* MAX_LENGTH_EXCEEDED: You provided a string parameter that is longer than allowed.
*
*
* -
*
* MAX_VALUE_EXCEEDED: You provided a numeric parameter that has a larger value than allowed.
*
*
* -
*
* MIN_LENGTH_EXCEEDED: You provided a string parameter that is shorter than allowed.
*
*
* -
*
* MIN_VALUE_EXCEEDED: You provided a numeric parameter that has a smaller value than allowed.
*
*
* -
*
* IMMUTABLE_POLICY: You specified a policy that is managed by AWS and cannot be modified.
*
*
* -
*
* INVALID_PATTERN: You provided a value that doesn't match the required pattern.
*
*
* -
*
* INVALID_PATTERN_TARGET_ID: You specified a policy target ID that doesn't match the required pattern.
*
*
* -
*
* INPUT_REQUIRED: You must include a value for all required parameters.
*
*
* -
*
* INVALID_PAGINATION_TOKEN: Get the value for the NextToken parameter from the response to a previous call
* of the operation.
*
*
* -
*
* MAX_FILTER_LIMIT_EXCEEDED: You can specify only one filter parameter for the operation.
*
*
* -
*
* MOVING_ACCOUNT_BETWEEN_DIFFERENT_ROOTS: You can move an account only between entities in the same root.
*
*
* @throws ParentNotFoundException
* We can't find a root or organizational unit (OU) with the ParentId that you specified.
* @throws ServiceException
* AWS Organizations can't complete your request because of an internal service error. Try again later.
* @throws TooManyRequestsException
* You've sent too many requests in too short a period of time. The limit helps protect against
* denial-of-service attacks. Try again later.
* @throws SdkBaseException
* Base class for all exceptions that can be thrown by the SDK (both service and client). Can be used for
* catch all scenarios.
* @throws SdkClientException
* If any client side error occurs such as an IO related failure, failure to get credentials, etc.
* @throws OrganizationsException
* Base class for all service exceptions. Unknown exceptions will be thrown as an instance of this type.
* @sample OrganizationsClient.ListOrganizationalUnitsForParent
* @see AWS API Documentation
*/
default ListOrganizationalUnitsForParentResponse listOrganizationalUnitsForParent(
ListOrganizationalUnitsForParentRequest listOrganizationalUnitsForParentRequest) throws AccessDeniedException,
AWSOrganizationsNotInUseException, InvalidInputException, ParentNotFoundException, ServiceException,
TooManyRequestsException, SdkBaseException, SdkClientException, OrganizationsException {
throw new UnsupportedOperationException();
}
/**
*
* Lists the root or organizational units (OUs) that serve as the immediate parent of the specified child OU or
* account. This operation, along with ListChildren enables you to traverse the tree structure that makes up
* this root.
*
*
* This operation can be called only from the organization's master account.
*
*
*
* In the current release, a child can have only a single parent.
*
*
*
* @param listParentsRequest
* @return Result of the ListParents operation returned by the service.
* @throws AccessDeniedException
* You don't have permissions to perform the requested operation. The user or role that is making the
* request must have at least one IAM permissions policy attached that grants the required permissions. For
* more information, see Access
* Management in the IAM User Guide.
* @throws AWSOrganizationsNotInUseException
* Your account is not a member of an organization. To make this request, you must use the credentials of an
* account that belongs to an organization.
* @throws ChildNotFoundException
* We can't find an organizational unit (OU) or AWS account with the ChildId that you specified.
* @throws InvalidInputException
* The requested operation failed because you provided invalid values for one or more of the request
* parameters. This exception includes a reason that contains additional information about the violated
* limit:
*
* -
*
* INVALID_PARTY_TYPE_TARGET: You specified the wrong type of entity (account, organization, or email) as a
* party.
*
*
* -
*
* INVALID_SYNTAX_ORGANIZATION_ARN: You specified an invalid ARN for the organization.
*
*
* -
*
* INVALID_SYNTAX_POLICY_ID: You specified an invalid policy ID.
*
*
* -
*
* INVALID_ENUM: You specified a value that is not valid for that parameter.
*
*
* -
*
* INVALID_FULL_NAME_TARGET: You specified a full name that contains invalid characters.
*
*
* -
*
* INVALID_LIST_MEMBER: You provided a list to a parameter that contains at least one invalid value.
*
*
* -
*
* MAX_LENGTH_EXCEEDED: You provided a string parameter that is longer than allowed.
*
*
* -
*
* MAX_VALUE_EXCEEDED: You provided a numeric parameter that has a larger value than allowed.
*
*
* -
*
* MIN_LENGTH_EXCEEDED: You provided a string parameter that is shorter than allowed.
*
*
* -
*
* MIN_VALUE_EXCEEDED: You provided a numeric parameter that has a smaller value than allowed.
*
*
* -
*
* IMMUTABLE_POLICY: You specified a policy that is managed by AWS and cannot be modified.
*
*
* -
*
* INVALID_PATTERN: You provided a value that doesn't match the required pattern.
*
*
* -
*
* INVALID_PATTERN_TARGET_ID: You specified a policy target ID that doesn't match the required pattern.
*
*
* -
*
* INPUT_REQUIRED: You must include a value for all required parameters.
*
*
* -
*
* INVALID_PAGINATION_TOKEN: Get the value for the NextToken parameter from the response to a previous call
* of the operation.
*
*
* -
*
* MAX_FILTER_LIMIT_EXCEEDED: You can specify only one filter parameter for the operation.
*
*
* -
*
* MOVING_ACCOUNT_BETWEEN_DIFFERENT_ROOTS: You can move an account only between entities in the same root.
*
*
* @throws ServiceException
* AWS Organizations can't complete your request because of an internal service error. Try again later.
* @throws TooManyRequestsException
* You've sent too many requests in too short a period of time. The limit helps protect against
* denial-of-service attacks. Try again later.
* @throws SdkBaseException
* Base class for all exceptions that can be thrown by the SDK (both service and client). Can be used for
* catch all scenarios.
* @throws SdkClientException
* If any client side error occurs such as an IO related failure, failure to get credentials, etc.
* @throws OrganizationsException
* Base class for all service exceptions. Unknown exceptions will be thrown as an instance of this type.
* @sample OrganizationsClient.ListParents
* @see AWS API
* Documentation
*/
default ListParentsResponse listParents(ListParentsRequest listParentsRequest) throws AccessDeniedException,
AWSOrganizationsNotInUseException, ChildNotFoundException, InvalidInputException, ServiceException,
TooManyRequestsException, SdkBaseException, SdkClientException, OrganizationsException {
throw new UnsupportedOperationException();
}
/**
*
* Retrieves the list of all policies in an organization of a specified type.
*
*
* This operation can be called only from the organization's master account.
*
*
* @param listPoliciesRequest
* @return Result of the ListPolicies operation returned by the service.
* @throws AccessDeniedException
* You don't have permissions to perform the requested operation. The user or role that is making the
* request must have at least one IAM permissions policy attached that grants the required permissions. For
* more information, see Access
* Management in the IAM User Guide.
* @throws AWSOrganizationsNotInUseException
* Your account is not a member of an organization. To make this request, you must use the credentials of an
* account that belongs to an organization.
* @throws InvalidInputException
* The requested operation failed because you provided invalid values for one or more of the request
* parameters. This exception includes a reason that contains additional information about the violated
* limit:
*
* -
*
* INVALID_PARTY_TYPE_TARGET: You specified the wrong type of entity (account, organization, or email) as a
* party.
*
*
* -
*
* INVALID_SYNTAX_ORGANIZATION_ARN: You specified an invalid ARN for the organization.
*
*
* -
*
* INVALID_SYNTAX_POLICY_ID: You specified an invalid policy ID.
*
*
* -
*
* INVALID_ENUM: You specified a value that is not valid for that parameter.
*
*
* -
*
* INVALID_FULL_NAME_TARGET: You specified a full name that contains invalid characters.
*
*
* -
*
* INVALID_LIST_MEMBER: You provided a list to a parameter that contains at least one invalid value.
*
*
* -
*
* MAX_LENGTH_EXCEEDED: You provided a string parameter that is longer than allowed.
*
*
* -
*
* MAX_VALUE_EXCEEDED: You provided a numeric parameter that has a larger value than allowed.
*
*
* -
*
* MIN_LENGTH_EXCEEDED: You provided a string parameter that is shorter than allowed.
*
*
* -
*
* MIN_VALUE_EXCEEDED: You provided a numeric parameter that has a smaller value than allowed.
*
*
* -
*
* IMMUTABLE_POLICY: You specified a policy that is managed by AWS and cannot be modified.
*
*
* -
*
* INVALID_PATTERN: You provided a value that doesn't match the required pattern.
*
*
* -
*
* INVALID_PATTERN_TARGET_ID: You specified a policy target ID that doesn't match the required pattern.
*
*
* -
*
* INPUT_REQUIRED: You must include a value for all required parameters.
*
*
* -
*
* INVALID_PAGINATION_TOKEN: Get the value for the NextToken parameter from the response to a previous call
* of the operation.
*
*
* -
*
* MAX_FILTER_LIMIT_EXCEEDED: You can specify only one filter parameter for the operation.
*
*
* -
*
* MOVING_ACCOUNT_BETWEEN_DIFFERENT_ROOTS: You can move an account only between entities in the same root.
*
*
* @throws ServiceException
* AWS Organizations can't complete your request because of an internal service error. Try again later.
* @throws TooManyRequestsException
* You've sent too many requests in too short a period of time. The limit helps protect against
* denial-of-service attacks. Try again later.
* @throws SdkBaseException
* Base class for all exceptions that can be thrown by the SDK (both service and client). Can be used for
* catch all scenarios.
* @throws SdkClientException
* If any client side error occurs such as an IO related failure, failure to get credentials, etc.
* @throws OrganizationsException
* Base class for all service exceptions. Unknown exceptions will be thrown as an instance of this type.
* @sample OrganizationsClient.ListPolicies
* @see AWS API
* Documentation
*/
default ListPoliciesResponse listPolicies(ListPoliciesRequest listPoliciesRequest) throws AccessDeniedException,
AWSOrganizationsNotInUseException, InvalidInputException, ServiceException, TooManyRequestsException,
SdkBaseException, SdkClientException, OrganizationsException {
throw new UnsupportedOperationException();
}
/**
*
* Lists the policies that are directly attached to the specified target root, organizational unit (OU), or account.
* You must specify the policy type that you want included in the returned list.
*
*
* This operation can be called only from the organization's master account.
*
*
* @param listPoliciesForTargetRequest
* @return Result of the ListPoliciesForTarget operation returned by the service.
* @throws AccessDeniedException
* You don't have permissions to perform the requested operation. The user or role that is making the
* request must have at least one IAM permissions policy attached that grants the required permissions. For
* more information, see Access
* Management in the IAM User Guide.
* @throws AWSOrganizationsNotInUseException
* Your account is not a member of an organization. To make this request, you must use the credentials of an
* account that belongs to an organization.
* @throws InvalidInputException
* The requested operation failed because you provided invalid values for one or more of the request
* parameters. This exception includes a reason that contains additional information about the violated
* limit:
*
* -
*
* INVALID_PARTY_TYPE_TARGET: You specified the wrong type of entity (account, organization, or email) as a
* party.
*
*
* -
*
* INVALID_SYNTAX_ORGANIZATION_ARN: You specified an invalid ARN for the organization.
*
*
* -
*
* INVALID_SYNTAX_POLICY_ID: You specified an invalid policy ID.
*
*
* -
*
* INVALID_ENUM: You specified a value that is not valid for that parameter.
*
*
* -
*
* INVALID_FULL_NAME_TARGET: You specified a full name that contains invalid characters.
*
*
* -
*
* INVALID_LIST_MEMBER: You provided a list to a parameter that contains at least one invalid value.
*
*
* -
*
* MAX_LENGTH_EXCEEDED: You provided a string parameter that is longer than allowed.
*
*
* -
*
* MAX_VALUE_EXCEEDED: You provided a numeric parameter that has a larger value than allowed.
*
*
* -
*
* MIN_LENGTH_EXCEEDED: You provided a string parameter that is shorter than allowed.
*
*
* -
*
* MIN_VALUE_EXCEEDED: You provided a numeric parameter that has a smaller value than allowed.
*
*
* -
*
* IMMUTABLE_POLICY: You specified a policy that is managed by AWS and cannot be modified.
*
*
* -
*
* INVALID_PATTERN: You provided a value that doesn't match the required pattern.
*
*
* -
*
* INVALID_PATTERN_TARGET_ID: You specified a policy target ID that doesn't match the required pattern.
*
*
* -
*
* INPUT_REQUIRED: You must include a value for all required parameters.
*
*
* -
*
* INVALID_PAGINATION_TOKEN: Get the value for the NextToken parameter from the response to a previous call
* of the operation.
*
*
* -
*
* MAX_FILTER_LIMIT_EXCEEDED: You can specify only one filter parameter for the operation.
*
*
* -
*
* MOVING_ACCOUNT_BETWEEN_DIFFERENT_ROOTS: You can move an account only between entities in the same root.
*
*
* @throws ServiceException
* AWS Organizations can't complete your request because of an internal service error. Try again later.
* @throws TargetNotFoundException
* We can't find a root, OU, or account with the TargetId that you specified.
* @throws TooManyRequestsException
* You've sent too many requests in too short a period of time. The limit helps protect against
* denial-of-service attacks. Try again later.
* @throws SdkBaseException
* Base class for all exceptions that can be thrown by the SDK (both service and client). Can be used for
* catch all scenarios.
* @throws SdkClientException
* If any client side error occurs such as an IO related failure, failure to get credentials, etc.
* @throws OrganizationsException
* Base class for all service exceptions. Unknown exceptions will be thrown as an instance of this type.
* @sample OrganizationsClient.ListPoliciesForTarget
* @see AWS API Documentation
*/
default ListPoliciesForTargetResponse listPoliciesForTarget(ListPoliciesForTargetRequest listPoliciesForTargetRequest)
throws AccessDeniedException, AWSOrganizationsNotInUseException, InvalidInputException, ServiceException,
TargetNotFoundException, TooManyRequestsException, SdkBaseException, SdkClientException, OrganizationsException {
throw new UnsupportedOperationException();
}
/**
*
* Lists the roots that are defined in the current organization.
*
*
* This operation can be called only from the organization's master account.
*
*
* @return Result of the ListRoots operation returned by the service.
* @throws AccessDeniedException
* You don't have permissions to perform the requested operation. The user or role that is making the
* request must have at least one IAM permissions policy attached that grants the required permissions. For
* more information, see Access
* Management in the IAM User Guide.
* @throws AWSOrganizationsNotInUseException
* Your account is not a member of an organization. To make this request, you must use the credentials of an
* account that belongs to an organization.
* @throws InvalidInputException
* The requested operation failed because you provided invalid values for one or more of the request
* parameters. This exception includes a reason that contains additional information about the violated
* limit:
*
* -
*
* INVALID_PARTY_TYPE_TARGET: You specified the wrong type of entity (account, organization, or email) as a
* party.
*
*
* -
*
* INVALID_SYNTAX_ORGANIZATION_ARN: You specified an invalid ARN for the organization.
*
*
* -
*
* INVALID_SYNTAX_POLICY_ID: You specified an invalid policy ID.
*
*
* -
*
* INVALID_ENUM: You specified a value that is not valid for that parameter.
*
*
* -
*
* INVALID_FULL_NAME_TARGET: You specified a full name that contains invalid characters.
*
*
* -
*
* INVALID_LIST_MEMBER: You provided a list to a parameter that contains at least one invalid value.
*
*
* -
*
* MAX_LENGTH_EXCEEDED: You provided a string parameter that is longer than allowed.
*
*
* -
*
* MAX_VALUE_EXCEEDED: You provided a numeric parameter that has a larger value than allowed.
*
*
* -
*
* MIN_LENGTH_EXCEEDED: You provided a string parameter that is shorter than allowed.
*
*
* -
*
* MIN_VALUE_EXCEEDED: You provided a numeric parameter that has a smaller value than allowed.
*
*
* -
*
* IMMUTABLE_POLICY: You specified a policy that is managed by AWS and cannot be modified.
*
*
* -
*
* INVALID_PATTERN: You provided a value that doesn't match the required pattern.
*
*
* -
*
* INVALID_PATTERN_TARGET_ID: You specified a policy target ID that doesn't match the required pattern.
*
*
* -
*
* INPUT_REQUIRED: You must include a value for all required parameters.
*
*
* -
*
* INVALID_PAGINATION_TOKEN: Get the value for the NextToken parameter from the response to a previous call
* of the operation.
*
*
* -
*
* MAX_FILTER_LIMIT_EXCEEDED: You can specify only one filter parameter for the operation.
*
*
* -
*
* MOVING_ACCOUNT_BETWEEN_DIFFERENT_ROOTS: You can move an account only between entities in the same root.
*
*
* @throws ServiceException
* AWS Organizations can't complete your request because of an internal service error. Try again later.
* @throws TooManyRequestsException
* You've sent too many requests in too short a period of time. The limit helps protect against
* denial-of-service attacks. Try again later.
* @throws SdkBaseException
* Base class for all exceptions that can be thrown by the SDK (both service and client). Can be used for
* catch all scenarios.
* @throws SdkClientException
* If any client side error occurs such as an IO related failure, failure to get credentials, etc.
* @throws OrganizationsException
* Base class for all service exceptions. Unknown exceptions will be thrown as an instance of this type.
* @sample OrganizationsClient.ListRoots
* @see #listRoots(ListRootsRequest)
* @see AWS API
* Documentation
*/
default ListRootsResponse listRoots() throws AccessDeniedException, AWSOrganizationsNotInUseException, InvalidInputException,
ServiceException, TooManyRequestsException, SdkBaseException, SdkClientException, OrganizationsException {
return listRoots(ListRootsRequest.builder().build());
}
/**
*
* Lists the roots that are defined in the current organization.
*
*
* This operation can be called only from the organization's master account.
*
*
* @param listRootsRequest
* @return Result of the ListRoots operation returned by the service.
* @throws AccessDeniedException
* You don't have permissions to perform the requested operation. The user or role that is making the
* request must have at least one IAM permissions policy attached that grants the required permissions. For
* more information, see Access
* Management in the IAM User Guide.
* @throws AWSOrganizationsNotInUseException
* Your account is not a member of an organization. To make this request, you must use the credentials of an
* account that belongs to an organization.
* @throws InvalidInputException
* The requested operation failed because you provided invalid values for one or more of the request
* parameters. This exception includes a reason that contains additional information about the violated
* limit:
*
* -
*
* INVALID_PARTY_TYPE_TARGET: You specified the wrong type of entity (account, organization, or email) as a
* party.
*
*
* -
*
* INVALID_SYNTAX_ORGANIZATION_ARN: You specified an invalid ARN for the organization.
*
*
* -
*
* INVALID_SYNTAX_POLICY_ID: You specified an invalid policy ID.
*
*
* -
*
* INVALID_ENUM: You specified a value that is not valid for that parameter.
*
*
* -
*
* INVALID_FULL_NAME_TARGET: You specified a full name that contains invalid characters.
*
*
* -
*
* INVALID_LIST_MEMBER: You provided a list to a parameter that contains at least one invalid value.
*
*
* -
*
* MAX_LENGTH_EXCEEDED: You provided a string parameter that is longer than allowed.
*
*
* -
*
* MAX_VALUE_EXCEEDED: You provided a numeric parameter that has a larger value than allowed.
*
*
* -
*
* MIN_LENGTH_EXCEEDED: You provided a string parameter that is shorter than allowed.
*
*
* -
*
* MIN_VALUE_EXCEEDED: You provided a numeric parameter that has a smaller value than allowed.
*
*
* -
*
* IMMUTABLE_POLICY: You specified a policy that is managed by AWS and cannot be modified.
*
*
* -
*
* INVALID_PATTERN: You provided a value that doesn't match the required pattern.
*
*
* -
*
* INVALID_PATTERN_TARGET_ID: You specified a policy target ID that doesn't match the required pattern.
*
*
* -
*
* INPUT_REQUIRED: You must include a value for all required parameters.
*
*
* -
*
* INVALID_PAGINATION_TOKEN: Get the value for the NextToken parameter from the response to a previous call
* of the operation.
*
*
* -
*
* MAX_FILTER_LIMIT_EXCEEDED: You can specify only one filter parameter for the operation.
*
*
* -
*
* MOVING_ACCOUNT_BETWEEN_DIFFERENT_ROOTS: You can move an account only between entities in the same root.
*
*
* @throws ServiceException
* AWS Organizations can't complete your request because of an internal service error. Try again later.
* @throws TooManyRequestsException
* You've sent too many requests in too short a period of time. The limit helps protect against
* denial-of-service attacks. Try again later.
* @throws SdkBaseException
* Base class for all exceptions that can be thrown by the SDK (both service and client). Can be used for
* catch all scenarios.
* @throws SdkClientException
* If any client side error occurs such as an IO related failure, failure to get credentials, etc.
* @throws OrganizationsException
* Base class for all service exceptions. Unknown exceptions will be thrown as an instance of this type.
* @sample OrganizationsClient.ListRoots
* @see AWS API
* Documentation
*/
default ListRootsResponse listRoots(ListRootsRequest listRootsRequest) throws AccessDeniedException,
AWSOrganizationsNotInUseException, InvalidInputException, ServiceException, TooManyRequestsException,
SdkBaseException, SdkClientException, OrganizationsException {
throw new UnsupportedOperationException();
}
/**
*
* Lists all the roots, OUs, and accounts to which the specified policy is attached.
*
*
* This operation can be called only from the organization's master account.
*
*
* @param listTargetsForPolicyRequest
* @return Result of the ListTargetsForPolicy operation returned by the service.
* @throws AccessDeniedException
* You don't have permissions to perform the requested operation. The user or role that is making the
* request must have at least one IAM permissions policy attached that grants the required permissions. For
* more information, see Access
* Management in the IAM User Guide.
* @throws AWSOrganizationsNotInUseException
* Your account is not a member of an organization. To make this request, you must use the credentials of an
* account that belongs to an organization.
* @throws InvalidInputException
* The requested operation failed because you provided invalid values for one or more of the request
* parameters. This exception includes a reason that contains additional information about the violated
* limit:
*
* -
*
* INVALID_PARTY_TYPE_TARGET: You specified the wrong type of entity (account, organization, or email) as a
* party.
*
*
* -
*
* INVALID_SYNTAX_ORGANIZATION_ARN: You specified an invalid ARN for the organization.
*
*
* -
*
* INVALID_SYNTAX_POLICY_ID: You specified an invalid policy ID.
*
*
* -
*
* INVALID_ENUM: You specified a value that is not valid for that parameter.
*
*
* -
*
* INVALID_FULL_NAME_TARGET: You specified a full name that contains invalid characters.
*
*
* -
*
* INVALID_LIST_MEMBER: You provided a list to a parameter that contains at least one invalid value.
*
*
* -
*
* MAX_LENGTH_EXCEEDED: You provided a string parameter that is longer than allowed.
*
*
* -
*
* MAX_VALUE_EXCEEDED: You provided a numeric parameter that has a larger value than allowed.
*
*
* -
*
* MIN_LENGTH_EXCEEDED: You provided a string parameter that is shorter than allowed.
*
*
* -
*
* MIN_VALUE_EXCEEDED: You provided a numeric parameter that has a smaller value than allowed.
*
*
* -
*
* IMMUTABLE_POLICY: You specified a policy that is managed by AWS and cannot be modified.
*
*
* -
*
* INVALID_PATTERN: You provided a value that doesn't match the required pattern.
*
*
* -
*
* INVALID_PATTERN_TARGET_ID: You specified a policy target ID that doesn't match the required pattern.
*
*
* -
*
* INPUT_REQUIRED: You must include a value for all required parameters.
*
*
* -
*
* INVALID_PAGINATION_TOKEN: Get the value for the NextToken parameter from the response to a previous call
* of the operation.
*
*
* -
*
* MAX_FILTER_LIMIT_EXCEEDED: You can specify only one filter parameter for the operation.
*
*
* -
*
* MOVING_ACCOUNT_BETWEEN_DIFFERENT_ROOTS: You can move an account only between entities in the same root.
*
*
* @throws PolicyNotFoundException
* We can't find a policy with the PolicyId that you specified.
* @throws ServiceException
* AWS Organizations can't complete your request because of an internal service error. Try again later.
* @throws TooManyRequestsException
* You've sent too many requests in too short a period of time. The limit helps protect against
* denial-of-service attacks. Try again later.
* @throws SdkBaseException
* Base class for all exceptions that can be thrown by the SDK (both service and client). Can be used for
* catch all scenarios.
* @throws SdkClientException
* If any client side error occurs such as an IO related failure, failure to get credentials, etc.
* @throws OrganizationsException
* Base class for all service exceptions. Unknown exceptions will be thrown as an instance of this type.
* @sample OrganizationsClient.ListTargetsForPolicy
* @see AWS API Documentation
*/
default ListTargetsForPolicyResponse listTargetsForPolicy(ListTargetsForPolicyRequest listTargetsForPolicyRequest)
throws AccessDeniedException, AWSOrganizationsNotInUseException, InvalidInputException, PolicyNotFoundException,
ServiceException, TooManyRequestsException, SdkBaseException, SdkClientException, OrganizationsException {
throw new UnsupportedOperationException();
}
/**
*
* Moves an account from its current source parent root or OU to the specified destination parent root or OU.
*
*
* This operation can be called only from the organization's master account.
*
*
* @param moveAccountRequest
* @return Result of the MoveAccount operation returned by the service.
* @throws AccessDeniedException
* You don't have permissions to perform the requested operation. The user or role that is making the
* request must have at least one IAM permissions policy attached that grants the required permissions. For
* more information, see Access
* Management in the IAM User Guide.
* @throws InvalidInputException
* The requested operation failed because you provided invalid values for one or more of the request
* parameters. This exception includes a reason that contains additional information about the violated
* limit:
*
* -
*
* INVALID_PARTY_TYPE_TARGET: You specified the wrong type of entity (account, organization, or email) as a
* party.
*
*
* -
*
* INVALID_SYNTAX_ORGANIZATION_ARN: You specified an invalid ARN for the organization.
*
*
* -
*
* INVALID_SYNTAX_POLICY_ID: You specified an invalid policy ID.
*
*
* -
*
* INVALID_ENUM: You specified a value that is not valid for that parameter.
*
*
* -
*
* INVALID_FULL_NAME_TARGET: You specified a full name that contains invalid characters.
*
*
* -
*
* INVALID_LIST_MEMBER: You provided a list to a parameter that contains at least one invalid value.
*
*
* -
*
* MAX_LENGTH_EXCEEDED: You provided a string parameter that is longer than allowed.
*
*
* -
*
* MAX_VALUE_EXCEEDED: You provided a numeric parameter that has a larger value than allowed.
*
*
* -
*
* MIN_LENGTH_EXCEEDED: You provided a string parameter that is shorter than allowed.
*
*
* -
*
* MIN_VALUE_EXCEEDED: You provided a numeric parameter that has a smaller value than allowed.
*
*
* -
*
* IMMUTABLE_POLICY: You specified a policy that is managed by AWS and cannot be modified.
*
*
* -
*
* INVALID_PATTERN: You provided a value that doesn't match the required pattern.
*
*
* -
*
* INVALID_PATTERN_TARGET_ID: You specified a policy target ID that doesn't match the required pattern.
*
*
* -
*
* INPUT_REQUIRED: You must include a value for all required parameters.
*
*
* -
*
* INVALID_PAGINATION_TOKEN: Get the value for the NextToken parameter from the response to a previous call
* of the operation.
*
*
* -
*
* MAX_FILTER_LIMIT_EXCEEDED: You can specify only one filter parameter for the operation.
*
*
* -
*
* MOVING_ACCOUNT_BETWEEN_DIFFERENT_ROOTS: You can move an account only between entities in the same root.
*
*
* @throws SourceParentNotFoundException
* We can't find a source root or OU with the ParentId that you specified.
* @throws DestinationParentNotFoundException
* We can't find the destination container (a root or OU) with the ParentId that you specified.
* @throws DuplicateAccountException
* That account is already present in the specified destination.
* @throws AccountNotFoundException
* We can't find an AWS account with the AccountId that you specified, or the account whose credentials you
* used to make this request is not a member of an organization.
* @throws TooManyRequestsException
* You've sent too many requests in too short a period of time. The limit helps protect against
* denial-of-service attacks. Try again later.
* @throws ConcurrentModificationException
* The target of the operation is currently being modified by a different request. Try again later.
* @throws AWSOrganizationsNotInUseException
* Your account is not a member of an organization. To make this request, you must use the credentials of an
* account that belongs to an organization.
* @throws ServiceException
* AWS Organizations can't complete your request because of an internal service error. Try again later.
* @throws SdkBaseException
* Base class for all exceptions that can be thrown by the SDK (both service and client). Can be used for
* catch all scenarios.
* @throws SdkClientException
* If any client side error occurs such as an IO related failure, failure to get credentials, etc.
* @throws OrganizationsException
* Base class for all service exceptions. Unknown exceptions will be thrown as an instance of this type.
* @sample OrganizationsClient.MoveAccount
* @see AWS API
* Documentation
*/
default MoveAccountResponse moveAccount(MoveAccountRequest moveAccountRequest) throws AccessDeniedException,
InvalidInputException, SourceParentNotFoundException, DestinationParentNotFoundException, DuplicateAccountException,
AccountNotFoundException, TooManyRequestsException, ConcurrentModificationException,
AWSOrganizationsNotInUseException, ServiceException, SdkBaseException, SdkClientException, OrganizationsException {
throw new UnsupportedOperationException();
}
/**
*
* Removes the specified account from the organization.
*
*
* The removed account becomes a stand-alone account that is not a member of any organization. It is no longer
* subject to any policies and is responsible for its own bill payments. The organization's master account is no
* longer charged for any expenses accrued by the member account after it is removed from the organization.
*
*
* This operation can be called only from the organization's master account. Member accounts can remove themselves
* with LeaveOrganization instead.
*
*
*
* -
*
* You can remove only accounts that were created outside your organization and invited to join. If you created the
* account using the AWS Organizations console, the Organizations API, or the Organizations CLI commands, then you
* cannot remove the account.
*
*
* -
*
* You can remove a member account only after you enable IAM user access to billing in the member account. For more
* information, see Activating Access to the Billing and Cost Management Console in the AWS Billing and Cost Management User
* Guide.
*
*
*
*
*
* @param removeAccountFromOrganizationRequest
* @return Result of the RemoveAccountFromOrganization operation returned by the service.
* @throws AccessDeniedException
* You don't have permissions to perform the requested operation. The user or role that is making the
* request must have at least one IAM permissions policy attached that grants the required permissions. For
* more information, see Access
* Management in the IAM User Guide.
* @throws AccountNotFoundException
* We can't find an AWS account with the AccountId that you specified, or the account whose credentials you
* used to make this request is not a member of an organization.
* @throws AWSOrganizationsNotInUseException
* Your account is not a member of an organization. To make this request, you must use the credentials of an
* account that belongs to an organization.
* @throws ConcurrentModificationException
* The target of the operation is currently being modified by a different request. Try again later.
* @throws ConstraintViolationException
* Performing this operation violates a minimum or maximum value limit. For example, attempting to removing
* the last SCP from an OU or root, inviting or creating too many accounts to the organization, or attaching
* too many policies to an account, OU, or root. This exception includes a reason that contains additional
* information about the violated limit:
*
*
* -
*
* ACCOUNT_NUMBER_LIMIT_EXCEEDED: You attempted to exceed the limit on the number of accounts in an
* organization. If you need more accounts, contact AWS Support to request an increase in your limit.
*
*
* Or, The number of invitations that you tried to send would cause you to exceed the limit of accounts in
* your organization. Send fewer invitations, or contact AWS Support to request an increase in the number of
* accounts.
*
*
* Note: deleted and closed accounts still count toward your limit.
*
*
* -
*
* HANDSHAKE_RATE_LIMIT_EXCEEDED: You attempted to exceed the number of handshakes you can send in one day.
*
*
* -
*
* OU_NUMBER_LIMIT_EXCEEDED: You attempted to exceed the number of organizational units you can have in an
* organization.
*
*
* -
*
* OU_DEPTH_LIMIT_EXCEEDED: You attempted to create an organizational unit tree that is too many levels
* deep.
*
*
* -
*
* POLICY_NUMBER_LIMIT_EXCEEDED. You attempted to exceed the number of policies that you can have in an
* organization.
*
*
* -
*
* MAX_POLICY_TYPE_ATTACHMENT_LIMIT_EXCEEDED: You attempted to exceed the number of policies of a certain
* type that can be attached to an entity at one time.
*
*
* -
*
* MIN_POLICY_TYPE_ATTACHMENT_LIMIT_EXCEEDED: You attempted to detach a policy from an entity that would
* cause the entity to have fewer than the minimum number of policies of a certain type required.
*
*
* -
*
* ACCOUNT_CANNOT_LEAVE_WITHOUT_EULA: You attempted to remove an account from the organization that does not
* yet have enough information to exist as a stand-alone account. This account requires you to first agree
* to the End-User License Agreement (EULA).
*
*
* -
*
* ACCOUNT_CANNOT_LEAVE_WITHOUT_PHONE_VERIFICATION: You attempted to remove an account from the organization
* that does not yet have enough information to exist as a stand-alone account. This account requires you to
* first complete phone verification.
*
*
* -
*
* MASTER_ACCOUNT_PAYMENT_INSTRUMENT_REQUIRED: To create an organization with this account, you first must
* associate a payment instrument, such as a credit card, with the account.
*
*
* -
*
* MEMBER_ACCOUNT_PAYMENT_INSTRUMENT_REQUIRED: To complete this operation with this member account, you
* first must associate a payment instrument, such as a credit card, with the account.
*
*
* -
*
* ACCOUNT_CREATION_RATE_LIMIT_EXCEEDED: You attempted to exceed the number of accounts that you can create
* in one day.
*
*
* -
*
* MASTER_ACCOUNT_ADDRESS_DOES_NOT_MATCH_MARKETPLACE: To create an account in this organization, you first
* must migrate the organization's master account to the marketplace that corresponds to the master
* account's address. For example, accounts with India addresses must be associated with the AISPL
* marketplace. All accounts in an organization must be associated with the same marketplace.
*
*
* @throws InvalidInputException
* The requested operation failed because you provided invalid values for one or more of the request
* parameters. This exception includes a reason that contains additional information about the violated
* limit:
*
*
* -
*
* INVALID_PARTY_TYPE_TARGET: You specified the wrong type of entity (account, organization, or email) as a
* party.
*
*
* -
*
* INVALID_SYNTAX_ORGANIZATION_ARN: You specified an invalid ARN for the organization.
*
*
* -
*
* INVALID_SYNTAX_POLICY_ID: You specified an invalid policy ID.
*
*
* -
*
* INVALID_ENUM: You specified a value that is not valid for that parameter.
*
*
* -
*
* INVALID_FULL_NAME_TARGET: You specified a full name that contains invalid characters.
*
*
* -
*
* INVALID_LIST_MEMBER: You provided a list to a parameter that contains at least one invalid value.
*
*
* -
*
* MAX_LENGTH_EXCEEDED: You provided a string parameter that is longer than allowed.
*
*
* -
*
* MAX_VALUE_EXCEEDED: You provided a numeric parameter that has a larger value than allowed.
*
*
* -
*
* MIN_LENGTH_EXCEEDED: You provided a string parameter that is shorter than allowed.
*
*
* -
*
* MIN_VALUE_EXCEEDED: You provided a numeric parameter that has a smaller value than allowed.
*
*
* -
*
* IMMUTABLE_POLICY: You specified a policy that is managed by AWS and cannot be modified.
*
*
* -
*
* INVALID_PATTERN: You provided a value that doesn't match the required pattern.
*
*
* -
*
* INVALID_PATTERN_TARGET_ID: You specified a policy target ID that doesn't match the required pattern.
*
*
* -
*
* INPUT_REQUIRED: You must include a value for all required parameters.
*
*
* -
*
* INVALID_PAGINATION_TOKEN: Get the value for the NextToken parameter from the response to a previous call
* of the operation.
*
*
* -
*
* MAX_FILTER_LIMIT_EXCEEDED: You can specify only one filter parameter for the operation.
*
*
* -
*
* MOVING_ACCOUNT_BETWEEN_DIFFERENT_ROOTS: You can move an account only between entities in the same root.
*
*
* @throws MasterCannotLeaveOrganizationException
* You can't remove a master account from an organization. If you want the master account to become a member
* account in another organization, you must first delete the current organization of the master account.
* @throws ServiceException
* AWS Organizations can't complete your request because of an internal service error. Try again later.
* @throws TooManyRequestsException
* You've sent too many requests in too short a period of time. The limit helps protect against
* denial-of-service attacks. Try again later.
* @throws SdkBaseException
* Base class for all exceptions that can be thrown by the SDK (both service and client). Can be used for
* catch all scenarios.
* @throws SdkClientException
* If any client side error occurs such as an IO related failure, failure to get credentials, etc.
* @throws OrganizationsException
* Base class for all service exceptions. Unknown exceptions will be thrown as an instance of this type.
* @sample OrganizationsClient.RemoveAccountFromOrganization
* @see AWS API Documentation
*/
default RemoveAccountFromOrganizationResponse removeAccountFromOrganization(
RemoveAccountFromOrganizationRequest removeAccountFromOrganizationRequest) throws AccessDeniedException,
AccountNotFoundException, AWSOrganizationsNotInUseException, ConcurrentModificationException,
ConstraintViolationException, InvalidInputException, MasterCannotLeaveOrganizationException, ServiceException,
TooManyRequestsException, SdkBaseException, SdkClientException, OrganizationsException {
throw new UnsupportedOperationException();
}
/**
*
* Renames the specified organizational unit (OU). The ID and ARN do not change. The child OUs and accounts remain
* in place, and any attached policies of the OU remain attached.
*
*
* This operation can be called only from the organization's master account.
*
*
* @param updateOrganizationalUnitRequest
* @return Result of the UpdateOrganizationalUnit operation returned by the service.
* @throws AccessDeniedException
* You don't have permissions to perform the requested operation. The user or role that is making the
* request must have at least one IAM permissions policy attached that grants the required permissions. For
* more information, see Access
* Management in the IAM User Guide.
* @throws AWSOrganizationsNotInUseException
* Your account is not a member of an organization. To make this request, you must use the credentials of an
* account that belongs to an organization.
* @throws ConcurrentModificationException
* The target of the operation is currently being modified by a different request. Try again later.
* @throws DuplicateOrganizationalUnitException
* An organizational unit (OU) with the same name already exists.
* @throws InvalidInputException
* The requested operation failed because you provided invalid values for one or more of the request
* parameters. This exception includes a reason that contains additional information about the violated
* limit:
*
* -
*
* INVALID_PARTY_TYPE_TARGET: You specified the wrong type of entity (account, organization, or email) as a
* party.
*
*
* -
*
* INVALID_SYNTAX_ORGANIZATION_ARN: You specified an invalid ARN for the organization.
*
*
* -
*
* INVALID_SYNTAX_POLICY_ID: You specified an invalid policy ID.
*
*
* -
*
* INVALID_ENUM: You specified a value that is not valid for that parameter.
*
*
* -
*
* INVALID_FULL_NAME_TARGET: You specified a full name that contains invalid characters.
*
*
* -
*
* INVALID_LIST_MEMBER: You provided a list to a parameter that contains at least one invalid value.
*
*
* -
*
* MAX_LENGTH_EXCEEDED: You provided a string parameter that is longer than allowed.
*
*
* -
*
* MAX_VALUE_EXCEEDED: You provided a numeric parameter that has a larger value than allowed.
*
*
* -
*
* MIN_LENGTH_EXCEEDED: You provided a string parameter that is shorter than allowed.
*
*
* -
*
* MIN_VALUE_EXCEEDED: You provided a numeric parameter that has a smaller value than allowed.
*
*
* -
*
* IMMUTABLE_POLICY: You specified a policy that is managed by AWS and cannot be modified.
*
*
* -
*
* INVALID_PATTERN: You provided a value that doesn't match the required pattern.
*
*
* -
*
* INVALID_PATTERN_TARGET_ID: You specified a policy target ID that doesn't match the required pattern.
*
*
* -
*
* INPUT_REQUIRED: You must include a value for all required parameters.
*
*
* -
*
* INVALID_PAGINATION_TOKEN: Get the value for the NextToken parameter from the response to a previous call
* of the operation.
*
*
* -
*
* MAX_FILTER_LIMIT_EXCEEDED: You can specify only one filter parameter for the operation.
*
*
* -
*
* MOVING_ACCOUNT_BETWEEN_DIFFERENT_ROOTS: You can move an account only between entities in the same root.
*
*
* @throws OrganizationalUnitNotFoundException
* We can't find an organizational unit (OU) with the OrganizationalUnitId that you specified.
* @throws ServiceException
* AWS Organizations can't complete your request because of an internal service error. Try again later.
* @throws TooManyRequestsException
* You've sent too many requests in too short a period of time. The limit helps protect against
* denial-of-service attacks. Try again later.
* @throws SdkBaseException
* Base class for all exceptions that can be thrown by the SDK (both service and client). Can be used for
* catch all scenarios.
* @throws SdkClientException
* If any client side error occurs such as an IO related failure, failure to get credentials, etc.
* @throws OrganizationsException
* Base class for all service exceptions. Unknown exceptions will be thrown as an instance of this type.
* @sample OrganizationsClient.UpdateOrganizationalUnit
* @see AWS API Documentation
*/
default UpdateOrganizationalUnitResponse updateOrganizationalUnit(
UpdateOrganizationalUnitRequest updateOrganizationalUnitRequest) throws AccessDeniedException,
AWSOrganizationsNotInUseException, ConcurrentModificationException, DuplicateOrganizationalUnitException,
InvalidInputException, OrganizationalUnitNotFoundException, ServiceException, TooManyRequestsException,
SdkBaseException, SdkClientException, OrganizationsException {
throw new UnsupportedOperationException();
}
/**
*
* Updates an existing policy with a new name, description, or content. If any parameter is not supplied, that value
* remains unchanged. Note that you cannot change a policy's type.
*
*
* This operation can be called only from the organization's master account.
*
*
* @param updatePolicyRequest
* @return Result of the UpdatePolicy operation returned by the service.
* @throws AccessDeniedException
* You don't have permissions to perform the requested operation. The user or role that is making the
* request must have at least one IAM permissions policy attached that grants the required permissions. For
* more information, see Access
* Management in the IAM User Guide.
* @throws AWSOrganizationsNotInUseException
* Your account is not a member of an organization. To make this request, you must use the credentials of an
* account that belongs to an organization.
* @throws ConcurrentModificationException
* The target of the operation is currently being modified by a different request. Try again later.
* @throws ConstraintViolationException
* Performing this operation violates a minimum or maximum value limit. For example, attempting to removing
* the last SCP from an OU or root, inviting or creating too many accounts to the organization, or attaching
* too many policies to an account, OU, or root. This exception includes a reason that contains additional
* information about the violated limit:
*
*
* -
*
* ACCOUNT_NUMBER_LIMIT_EXCEEDED: You attempted to exceed the limit on the number of accounts in an
* organization. If you need more accounts, contact AWS Support to request an increase in your limit.
*
*
* Or, The number of invitations that you tried to send would cause you to exceed the limit of accounts in
* your organization. Send fewer invitations, or contact AWS Support to request an increase in the number of
* accounts.
*
*
* Note: deleted and closed accounts still count toward your limit.
*
*
* -
*
* HANDSHAKE_RATE_LIMIT_EXCEEDED: You attempted to exceed the number of handshakes you can send in one day.
*
*
* -
*
* OU_NUMBER_LIMIT_EXCEEDED: You attempted to exceed the number of organizational units you can have in an
* organization.
*
*
* -
*
* OU_DEPTH_LIMIT_EXCEEDED: You attempted to create an organizational unit tree that is too many levels
* deep.
*
*
* -
*
* POLICY_NUMBER_LIMIT_EXCEEDED. You attempted to exceed the number of policies that you can have in an
* organization.
*
*
* -
*
* MAX_POLICY_TYPE_ATTACHMENT_LIMIT_EXCEEDED: You attempted to exceed the number of policies of a certain
* type that can be attached to an entity at one time.
*
*
* -
*
* MIN_POLICY_TYPE_ATTACHMENT_LIMIT_EXCEEDED: You attempted to detach a policy from an entity that would
* cause the entity to have fewer than the minimum number of policies of a certain type required.
*
*
* -
*
* ACCOUNT_CANNOT_LEAVE_WITHOUT_EULA: You attempted to remove an account from the organization that does not
* yet have enough information to exist as a stand-alone account. This account requires you to first agree
* to the End-User License Agreement (EULA).
*
*
* -
*
* ACCOUNT_CANNOT_LEAVE_WITHOUT_PHONE_VERIFICATION: You attempted to remove an account from the organization
* that does not yet have enough information to exist as a stand-alone account. This account requires you to
* first complete phone verification.
*
*
* -
*
* MASTER_ACCOUNT_PAYMENT_INSTRUMENT_REQUIRED: To create an organization with this account, you first must
* associate a payment instrument, such as a credit card, with the account.
*
*
* -
*
* MEMBER_ACCOUNT_PAYMENT_INSTRUMENT_REQUIRED: To complete this operation with this member account, you
* first must associate a payment instrument, such as a credit card, with the account.
*
*
* -
*
* ACCOUNT_CREATION_RATE_LIMIT_EXCEEDED: You attempted to exceed the number of accounts that you can create
* in one day.
*
*
* -
*
* MASTER_ACCOUNT_ADDRESS_DOES_NOT_MATCH_MARKETPLACE: To create an account in this organization, you first
* must migrate the organization's master account to the marketplace that corresponds to the master
* account's address. For example, accounts with India addresses must be associated with the AISPL
* marketplace. All accounts in an organization must be associated with the same marketplace.
*
*
* @throws DuplicatePolicyException
* A policy with the same name already exists.
* @throws InvalidInputException
* The requested operation failed because you provided invalid values for one or more of the request
* parameters. This exception includes a reason that contains additional information about the violated
* limit:
*
*
* -
*
* INVALID_PARTY_TYPE_TARGET: You specified the wrong type of entity (account, organization, or email) as a
* party.
*
*
* -
*
* INVALID_SYNTAX_ORGANIZATION_ARN: You specified an invalid ARN for the organization.
*
*
* -
*
* INVALID_SYNTAX_POLICY_ID: You specified an invalid policy ID.
*
*
* -
*
* INVALID_ENUM: You specified a value that is not valid for that parameter.
*
*
* -
*
* INVALID_FULL_NAME_TARGET: You specified a full name that contains invalid characters.
*
*
* -
*
* INVALID_LIST_MEMBER: You provided a list to a parameter that contains at least one invalid value.
*
*
* -
*
* MAX_LENGTH_EXCEEDED: You provided a string parameter that is longer than allowed.
*
*
* -
*
* MAX_VALUE_EXCEEDED: You provided a numeric parameter that has a larger value than allowed.
*
*
* -
*
* MIN_LENGTH_EXCEEDED: You provided a string parameter that is shorter than allowed.
*
*
* -
*
* MIN_VALUE_EXCEEDED: You provided a numeric parameter that has a smaller value than allowed.
*
*
* -
*
* IMMUTABLE_POLICY: You specified a policy that is managed by AWS and cannot be modified.
*
*
* -
*
* INVALID_PATTERN: You provided a value that doesn't match the required pattern.
*
*
* -
*
* INVALID_PATTERN_TARGET_ID: You specified a policy target ID that doesn't match the required pattern.
*
*
* -
*
* INPUT_REQUIRED: You must include a value for all required parameters.
*
*
* -
*
* INVALID_PAGINATION_TOKEN: Get the value for the NextToken parameter from the response to a previous call
* of the operation.
*
*
* -
*
* MAX_FILTER_LIMIT_EXCEEDED: You can specify only one filter parameter for the operation.
*
*
* -
*
* MOVING_ACCOUNT_BETWEEN_DIFFERENT_ROOTS: You can move an account only between entities in the same root.
*
*
* @throws MalformedPolicyDocumentException
* The provided policy document does not meet the requirements of the specified policy type. For example,
* the syntax might be incorrect. For details about service control policy syntax, see Service
* Control Policy Syntax in the AWS Organizations User Guide.
* @throws PolicyNotFoundException
* We can't find a policy with the PolicyId that you specified.
* @throws ServiceException
* AWS Organizations can't complete your request because of an internal service error. Try again later.
* @throws TooManyRequestsException
* You've sent too many requests in too short a period of time. The limit helps protect against
* denial-of-service attacks. Try again later.
* @throws SdkBaseException
* Base class for all exceptions that can be thrown by the SDK (both service and client). Can be used for
* catch all scenarios.
* @throws SdkClientException
* If any client side error occurs such as an IO related failure, failure to get credentials, etc.
* @throws OrganizationsException
* Base class for all service exceptions. Unknown exceptions will be thrown as an instance of this type.
* @sample OrganizationsClient.UpdatePolicy
* @see AWS API
* Documentation
*/
default UpdatePolicyResponse updatePolicy(UpdatePolicyRequest updatePolicyRequest) throws AccessDeniedException,
AWSOrganizationsNotInUseException, ConcurrentModificationException, ConstraintViolationException,
DuplicatePolicyException, InvalidInputException, MalformedPolicyDocumentException, PolicyNotFoundException,
ServiceException, TooManyRequestsException, SdkBaseException, SdkClientException, OrganizationsException {
throw new UnsupportedOperationException();
}
static ServiceMetadata serviceMetadata() {
return ServiceMetadata.of("organizations");
}
}