Documentation

Overview

Package organizations provides the client and types for making API requests to AWS Organizations.

AWS Organizations

See https://docs.aws.amazon.com/goto/WebAPI/organizations-2016-11-28 for more information on this service.

See organizations package documentation for more information. https://docs.aws.amazon.com/sdk-for-go/api/service/organizations/

Using the Client

To contact AWS Organizations with the SDK use the New function to create a new service client. With that client you can make API requests to the service. These clients are safe to use concurrently.

See the SDK's documentation for more information on how to use the SDK. https://docs.aws.amazon.com/sdk-for-go/api/

See aws.Config documentation for more information on configuring SDK clients. https://docs.aws.amazon.com/sdk-for-go/api/aws/#Config

See the AWS Organizations client Organizations for more information on creating client for this service. https://docs.aws.amazon.com/sdk-for-go/api/service/organizations/#New

Index

Examples

Constants

View Source
const (
	// AccountJoinedMethodInvited is a AccountJoinedMethod enum value
	AccountJoinedMethodInvited = "INVITED"

	// AccountJoinedMethodCreated is a AccountJoinedMethod enum value
	AccountJoinedMethodCreated = "CREATED"
)
View Source
const (
	// AccountStatusActive is a AccountStatus enum value
	AccountStatusActive = "ACTIVE"

	// AccountStatusSuspended is a AccountStatus enum value
	AccountStatusSuspended = "SUSPENDED"
)
View Source
const (
	// ActionTypeInvite is a ActionType enum value
	ActionTypeInvite = "INVITE"

	// ActionTypeEnableAllFeatures is a ActionType enum value
	ActionTypeEnableAllFeatures = "ENABLE_ALL_FEATURES"

	// ActionTypeApproveAllFeatures is a ActionType enum value
	ActionTypeApproveAllFeatures = "APPROVE_ALL_FEATURES"

	// ActionTypeAddOrganizationsServiceLinkedRole is a ActionType enum value
	ActionTypeAddOrganizationsServiceLinkedRole = "ADD_ORGANIZATIONS_SERVICE_LINKED_ROLE"
)
View Source
const (
	// ChildTypeAccount is a ChildType enum value
	ChildTypeAccount = "ACCOUNT"

	// ChildTypeOrganizationalUnit is a ChildType enum value
	ChildTypeOrganizationalUnit = "ORGANIZATIONAL_UNIT"
)
View Source
const (
	// ConstraintViolationExceptionReasonAccountNumberLimitExceeded is a ConstraintViolationExceptionReason enum value
	ConstraintViolationExceptionReasonAccountNumberLimitExceeded = "ACCOUNT_NUMBER_LIMIT_EXCEEDED"

	// ConstraintViolationExceptionReasonHandshakeRateLimitExceeded is a ConstraintViolationExceptionReason enum value
	ConstraintViolationExceptionReasonHandshakeRateLimitExceeded = "HANDSHAKE_RATE_LIMIT_EXCEEDED"

	// ConstraintViolationExceptionReasonOuNumberLimitExceeded is a ConstraintViolationExceptionReason enum value
	ConstraintViolationExceptionReasonOuNumberLimitExceeded = "OU_NUMBER_LIMIT_EXCEEDED"

	// ConstraintViolationExceptionReasonOuDepthLimitExceeded is a ConstraintViolationExceptionReason enum value
	ConstraintViolationExceptionReasonOuDepthLimitExceeded = "OU_DEPTH_LIMIT_EXCEEDED"

	// ConstraintViolationExceptionReasonPolicyNumberLimitExceeded is a ConstraintViolationExceptionReason enum value
	ConstraintViolationExceptionReasonPolicyNumberLimitExceeded = "POLICY_NUMBER_LIMIT_EXCEEDED"

	// ConstraintViolationExceptionReasonPolicyContentLimitExceeded is a ConstraintViolationExceptionReason enum value
	ConstraintViolationExceptionReasonPolicyContentLimitExceeded = "POLICY_CONTENT_LIMIT_EXCEEDED"

	// ConstraintViolationExceptionReasonMaxPolicyTypeAttachmentLimitExceeded is a ConstraintViolationExceptionReason enum value
	ConstraintViolationExceptionReasonMaxPolicyTypeAttachmentLimitExceeded = "MAX_POLICY_TYPE_ATTACHMENT_LIMIT_EXCEEDED"

	// ConstraintViolationExceptionReasonMinPolicyTypeAttachmentLimitExceeded is a ConstraintViolationExceptionReason enum value
	ConstraintViolationExceptionReasonMinPolicyTypeAttachmentLimitExceeded = "MIN_POLICY_TYPE_ATTACHMENT_LIMIT_EXCEEDED"

	// ConstraintViolationExceptionReasonAccountCannotLeaveOrganization is a ConstraintViolationExceptionReason enum value
	ConstraintViolationExceptionReasonAccountCannotLeaveOrganization = "ACCOUNT_CANNOT_LEAVE_ORGANIZATION"

	// ConstraintViolationExceptionReasonAccountCannotLeaveWithoutEula is a ConstraintViolationExceptionReason enum value
	ConstraintViolationExceptionReasonAccountCannotLeaveWithoutEula = "ACCOUNT_CANNOT_LEAVE_WITHOUT_EULA"

	// ConstraintViolationExceptionReasonAccountCannotLeaveWithoutPhoneVerification is a ConstraintViolationExceptionReason enum value
	ConstraintViolationExceptionReasonAccountCannotLeaveWithoutPhoneVerification = "ACCOUNT_CANNOT_LEAVE_WITHOUT_PHONE_VERIFICATION"

	// ConstraintViolationExceptionReasonMasterAccountPaymentInstrumentRequired is a ConstraintViolationExceptionReason enum value
	ConstraintViolationExceptionReasonMasterAccountPaymentInstrumentRequired = "MASTER_ACCOUNT_PAYMENT_INSTRUMENT_REQUIRED"

	// ConstraintViolationExceptionReasonMemberAccountPaymentInstrumentRequired is a ConstraintViolationExceptionReason enum value
	ConstraintViolationExceptionReasonMemberAccountPaymentInstrumentRequired = "MEMBER_ACCOUNT_PAYMENT_INSTRUMENT_REQUIRED"

	// ConstraintViolationExceptionReasonAccountCreationRateLimitExceeded is a ConstraintViolationExceptionReason enum value
	ConstraintViolationExceptionReasonAccountCreationRateLimitExceeded = "ACCOUNT_CREATION_RATE_LIMIT_EXCEEDED"

	// ConstraintViolationExceptionReasonMasterAccountAddressDoesNotMatchMarketplace is a ConstraintViolationExceptionReason enum value
	ConstraintViolationExceptionReasonMasterAccountAddressDoesNotMatchMarketplace = "MASTER_ACCOUNT_ADDRESS_DOES_NOT_MATCH_MARKETPLACE"

	// ConstraintViolationExceptionReasonMasterAccountMissingContactInfo is a ConstraintViolationExceptionReason enum value
	ConstraintViolationExceptionReasonMasterAccountMissingContactInfo = "MASTER_ACCOUNT_MISSING_CONTACT_INFO"

	// ConstraintViolationExceptionReasonMasterAccountNotGovcloudEnabled is a ConstraintViolationExceptionReason enum value
	ConstraintViolationExceptionReasonMasterAccountNotGovcloudEnabled = "MASTER_ACCOUNT_NOT_GOVCLOUD_ENABLED"

	// ConstraintViolationExceptionReasonOrganizationNotInAllFeaturesMode is a ConstraintViolationExceptionReason enum value
	ConstraintViolationExceptionReasonOrganizationNotInAllFeaturesMode = "ORGANIZATION_NOT_IN_ALL_FEATURES_MODE"

	// ConstraintViolationExceptionReasonCreateOrganizationInBillingModeUnsupportedRegion is a ConstraintViolationExceptionReason enum value
	ConstraintViolationExceptionReasonCreateOrganizationInBillingModeUnsupportedRegion = "CREATE_ORGANIZATION_IN_BILLING_MODE_UNSUPPORTED_REGION"

	// ConstraintViolationExceptionReasonEmailVerificationCodeExpired is a ConstraintViolationExceptionReason enum value
	ConstraintViolationExceptionReasonEmailVerificationCodeExpired = "EMAIL_VERIFICATION_CODE_EXPIRED"

	// ConstraintViolationExceptionReasonWaitPeriodActive is a ConstraintViolationExceptionReason enum value
	ConstraintViolationExceptionReasonWaitPeriodActive = "WAIT_PERIOD_ACTIVE"

	// ConstraintViolationExceptionReasonMaxTagLimitExceeded is a ConstraintViolationExceptionReason enum value
	ConstraintViolationExceptionReasonMaxTagLimitExceeded = "MAX_TAG_LIMIT_EXCEEDED"

	// ConstraintViolationExceptionReasonTagPolicyViolation is a ConstraintViolationExceptionReason enum value
	ConstraintViolationExceptionReasonTagPolicyViolation = "TAG_POLICY_VIOLATION"

	// ConstraintViolationExceptionReasonMaxDelegatedAdministratorsForServiceLimitExceeded is a ConstraintViolationExceptionReason enum value
	ConstraintViolationExceptionReasonMaxDelegatedAdministratorsForServiceLimitExceeded = "MAX_DELEGATED_ADMINISTRATORS_FOR_SERVICE_LIMIT_EXCEEDED"

	// ConstraintViolationExceptionReasonCannotRegisterMasterAsDelegatedAdministrator is a ConstraintViolationExceptionReason enum value
	ConstraintViolationExceptionReasonCannotRegisterMasterAsDelegatedAdministrator = "CANNOT_REGISTER_MASTER_AS_DELEGATED_ADMINISTRATOR"

	// ConstraintViolationExceptionReasonCannotRemoveDelegatedAdministratorFromOrg is a ConstraintViolationExceptionReason enum value
	ConstraintViolationExceptionReasonCannotRemoveDelegatedAdministratorFromOrg = "CANNOT_REMOVE_DELEGATED_ADMINISTRATOR_FROM_ORG"

	// ConstraintViolationExceptionReasonDelegatedAdministratorExistsForThisService is a ConstraintViolationExceptionReason enum value
	ConstraintViolationExceptionReasonDelegatedAdministratorExistsForThisService = "DELEGATED_ADMINISTRATOR_EXISTS_FOR_THIS_SERVICE"

	// ConstraintViolationExceptionReasonMasterAccountMissingBusinessLicense is a ConstraintViolationExceptionReason enum value
	ConstraintViolationExceptionReasonMasterAccountMissingBusinessLicense = "MASTER_ACCOUNT_MISSING_BUSINESS_LICENSE"
)
View Source
const (
	// CreateAccountFailureReasonAccountLimitExceeded is a CreateAccountFailureReason enum value
	CreateAccountFailureReasonAccountLimitExceeded = "ACCOUNT_LIMIT_EXCEEDED"

	// CreateAccountFailureReasonEmailAlreadyExists is a CreateAccountFailureReason enum value
	CreateAccountFailureReasonEmailAlreadyExists = "EMAIL_ALREADY_EXISTS"

	// CreateAccountFailureReasonInvalidAddress is a CreateAccountFailureReason enum value
	CreateAccountFailureReasonInvalidAddress = "INVALID_ADDRESS"

	// CreateAccountFailureReasonInvalidEmail is a CreateAccountFailureReason enum value
	CreateAccountFailureReasonInvalidEmail = "INVALID_EMAIL"

	// CreateAccountFailureReasonConcurrentAccountModification is a CreateAccountFailureReason enum value
	CreateAccountFailureReasonConcurrentAccountModification = "CONCURRENT_ACCOUNT_MODIFICATION"

	// CreateAccountFailureReasonInternalFailure is a CreateAccountFailureReason enum value
	CreateAccountFailureReasonInternalFailure = "INTERNAL_FAILURE"

	// CreateAccountFailureReasonGovcloudAccountAlreadyExists is a CreateAccountFailureReason enum value
	CreateAccountFailureReasonGovcloudAccountAlreadyExists = "GOVCLOUD_ACCOUNT_ALREADY_EXISTS"
)
View Source
const (
	// CreateAccountStateInProgress is a CreateAccountState enum value
	CreateAccountStateInProgress = "IN_PROGRESS"

	// CreateAccountStateSucceeded is a CreateAccountState enum value
	CreateAccountStateSucceeded = "SUCCEEDED"

	// CreateAccountStateFailed is a CreateAccountState enum value
	CreateAccountStateFailed = "FAILED"
)
View Source
const (
	// EffectivePolicyTypeTagPolicy is a EffectivePolicyType enum value
	EffectivePolicyTypeTagPolicy = "TAG_POLICY"

	// EffectivePolicyTypeBackupPolicy is a EffectivePolicyType enum value
	EffectivePolicyTypeBackupPolicy = "BACKUP_POLICY"

	// EffectivePolicyTypeAiservicesOptOutPolicy is a EffectivePolicyType enum value
	EffectivePolicyTypeAiservicesOptOutPolicy = "AISERVICES_OPT_OUT_POLICY"
)
View Source
const (
	// HandshakeConstraintViolationExceptionReasonAccountNumberLimitExceeded is a HandshakeConstraintViolationExceptionReason enum value
	HandshakeConstraintViolationExceptionReasonAccountNumberLimitExceeded = "ACCOUNT_NUMBER_LIMIT_EXCEEDED"

	// HandshakeConstraintViolationExceptionReasonHandshakeRateLimitExceeded is a HandshakeConstraintViolationExceptionReason enum value
	HandshakeConstraintViolationExceptionReasonHandshakeRateLimitExceeded = "HANDSHAKE_RATE_LIMIT_EXCEEDED"

	// HandshakeConstraintViolationExceptionReasonAlreadyInAnOrganization is a HandshakeConstraintViolationExceptionReason enum value
	HandshakeConstraintViolationExceptionReasonAlreadyInAnOrganization = "ALREADY_IN_AN_ORGANIZATION"

	// HandshakeConstraintViolationExceptionReasonOrganizationAlreadyHasAllFeatures is a HandshakeConstraintViolationExceptionReason enum value
	HandshakeConstraintViolationExceptionReasonOrganizationAlreadyHasAllFeatures = "ORGANIZATION_ALREADY_HAS_ALL_FEATURES"

	// HandshakeConstraintViolationExceptionReasonInviteDisabledDuringEnableAllFeatures is a HandshakeConstraintViolationExceptionReason enum value
	HandshakeConstraintViolationExceptionReasonInviteDisabledDuringEnableAllFeatures = "INVITE_DISABLED_DURING_ENABLE_ALL_FEATURES"

	// HandshakeConstraintViolationExceptionReasonPaymentInstrumentRequired is a HandshakeConstraintViolationExceptionReason enum value
	HandshakeConstraintViolationExceptionReasonPaymentInstrumentRequired = "PAYMENT_INSTRUMENT_REQUIRED"

	// HandshakeConstraintViolationExceptionReasonOrganizationFromDifferentSellerOfRecord is a HandshakeConstraintViolationExceptionReason enum value
	HandshakeConstraintViolationExceptionReasonOrganizationFromDifferentSellerOfRecord = "ORGANIZATION_FROM_DIFFERENT_SELLER_OF_RECORD"

	// HandshakeConstraintViolationExceptionReasonOrganizationMembershipChangeRateLimitExceeded is a HandshakeConstraintViolationExceptionReason enum value
	HandshakeConstraintViolationExceptionReasonOrganizationMembershipChangeRateLimitExceeded = "ORGANIZATION_MEMBERSHIP_CHANGE_RATE_LIMIT_EXCEEDED"
)
View Source
const (
	// HandshakePartyTypeAccount is a HandshakePartyType enum value
	HandshakePartyTypeAccount = "ACCOUNT"

	// HandshakePartyTypeOrganization is a HandshakePartyType enum value
	HandshakePartyTypeOrganization = "ORGANIZATION"

	// HandshakePartyTypeEmail is a HandshakePartyType enum value
	HandshakePartyTypeEmail = "EMAIL"
)
View Source
const (
	// HandshakeResourceTypeAccount is a HandshakeResourceType enum value
	HandshakeResourceTypeAccount = "ACCOUNT"

	// HandshakeResourceTypeOrganization is a HandshakeResourceType enum value
	HandshakeResourceTypeOrganization = "ORGANIZATION"

	// HandshakeResourceTypeOrganizationFeatureSet is a HandshakeResourceType enum value
	HandshakeResourceTypeOrganizationFeatureSet = "ORGANIZATION_FEATURE_SET"

	// HandshakeResourceTypeEmail is a HandshakeResourceType enum value
	HandshakeResourceTypeEmail = "EMAIL"

	// HandshakeResourceTypeMasterEmail is a HandshakeResourceType enum value
	HandshakeResourceTypeMasterEmail = "MASTER_EMAIL"

	// HandshakeResourceTypeMasterName is a HandshakeResourceType enum value
	HandshakeResourceTypeMasterName = "MASTER_NAME"

	// HandshakeResourceTypeNotes is a HandshakeResourceType enum value
	HandshakeResourceTypeNotes = "NOTES"

	// HandshakeResourceTypeParentHandshake is a HandshakeResourceType enum value
	HandshakeResourceTypeParentHandshake = "PARENT_HANDSHAKE"
)
View Source
const (
	// HandshakeStateRequested is a HandshakeState enum value
	HandshakeStateRequested = "REQUESTED"

	// HandshakeStateOpen is a HandshakeState enum value
	HandshakeStateOpen = "OPEN"

	// HandshakeStateCanceled is a HandshakeState enum value
	HandshakeStateCanceled = "CANCELED"

	// HandshakeStateAccepted is a HandshakeState enum value
	HandshakeStateAccepted = "ACCEPTED"

	// HandshakeStateDeclined is a HandshakeState enum value
	HandshakeStateDeclined = "DECLINED"

	// HandshakeStateExpired is a HandshakeState enum value
	HandshakeStateExpired = "EXPIRED"
)
View Source
const (
	// IAMUserAccessToBillingAllow is a IAMUserAccessToBilling enum value
	IAMUserAccessToBillingAllow = "ALLOW"

	// IAMUserAccessToBillingDeny is a IAMUserAccessToBilling enum value
	IAMUserAccessToBillingDeny = "DENY"
)
View Source
const (
	// InvalidInputExceptionReasonInvalidPartyTypeTarget is a InvalidInputExceptionReason enum value
	InvalidInputExceptionReasonInvalidPartyTypeTarget = "INVALID_PARTY_TYPE_TARGET"

	// InvalidInputExceptionReasonInvalidSyntaxOrganizationArn is a InvalidInputExceptionReason enum value
	InvalidInputExceptionReasonInvalidSyntaxOrganizationArn = "INVALID_SYNTAX_ORGANIZATION_ARN"

	// InvalidInputExceptionReasonInvalidSyntaxPolicyId is a InvalidInputExceptionReason enum value
	InvalidInputExceptionReasonInvalidSyntaxPolicyId = "INVALID_SYNTAX_POLICY_ID"

	// InvalidInputExceptionReasonInvalidEnum is a InvalidInputExceptionReason enum value
	InvalidInputExceptionReasonInvalidEnum = "INVALID_ENUM"

	// InvalidInputExceptionReasonInvalidEnumPolicyType is a InvalidInputExceptionReason enum value
	InvalidInputExceptionReasonInvalidEnumPolicyType = "INVALID_ENUM_POLICY_TYPE"

	// InvalidInputExceptionReasonInvalidListMember is a InvalidInputExceptionReason enum value
	InvalidInputExceptionReasonInvalidListMember = "INVALID_LIST_MEMBER"

	// InvalidInputExceptionReasonMaxLengthExceeded is a InvalidInputExceptionReason enum value
	InvalidInputExceptionReasonMaxLengthExceeded = "MAX_LENGTH_EXCEEDED"

	// InvalidInputExceptionReasonMaxValueExceeded is a InvalidInputExceptionReason enum value
	InvalidInputExceptionReasonMaxValueExceeded = "MAX_VALUE_EXCEEDED"

	// InvalidInputExceptionReasonMinLengthExceeded is a InvalidInputExceptionReason enum value
	InvalidInputExceptionReasonMinLengthExceeded = "MIN_LENGTH_EXCEEDED"

	// InvalidInputExceptionReasonMinValueExceeded is a InvalidInputExceptionReason enum value
	InvalidInputExceptionReasonMinValueExceeded = "MIN_VALUE_EXCEEDED"

	// InvalidInputExceptionReasonImmutablePolicy is a InvalidInputExceptionReason enum value
	InvalidInputExceptionReasonImmutablePolicy = "IMMUTABLE_POLICY"

	// InvalidInputExceptionReasonInvalidPattern is a InvalidInputExceptionReason enum value
	InvalidInputExceptionReasonInvalidPattern = "INVALID_PATTERN"

	// InvalidInputExceptionReasonInvalidPatternTargetId is a InvalidInputExceptionReason enum value
	InvalidInputExceptionReasonInvalidPatternTargetId = "INVALID_PATTERN_TARGET_ID"

	// InvalidInputExceptionReasonInputRequired is a InvalidInputExceptionReason enum value
	InvalidInputExceptionReasonInputRequired = "INPUT_REQUIRED"

	// InvalidInputExceptionReasonInvalidNextToken is a InvalidInputExceptionReason enum value
	InvalidInputExceptionReasonInvalidNextToken = "INVALID_NEXT_TOKEN"

	// InvalidInputExceptionReasonMaxLimitExceededFilter is a InvalidInputExceptionReason enum value
	InvalidInputExceptionReasonMaxLimitExceededFilter = "MAX_LIMIT_EXCEEDED_FILTER"

	// InvalidInputExceptionReasonMovingAccountBetweenDifferentRoots is a InvalidInputExceptionReason enum value
	InvalidInputExceptionReasonMovingAccountBetweenDifferentRoots = "MOVING_ACCOUNT_BETWEEN_DIFFERENT_ROOTS"

	// InvalidInputExceptionReasonInvalidFullNameTarget is a InvalidInputExceptionReason enum value
	InvalidInputExceptionReasonInvalidFullNameTarget = "INVALID_FULL_NAME_TARGET"

	// InvalidInputExceptionReasonUnrecognizedServicePrincipal is a InvalidInputExceptionReason enum value
	InvalidInputExceptionReasonUnrecognizedServicePrincipal = "UNRECOGNIZED_SERVICE_PRINCIPAL"

	// InvalidInputExceptionReasonInvalidRoleName is a InvalidInputExceptionReason enum value
	InvalidInputExceptionReasonInvalidRoleName = "INVALID_ROLE_NAME"

	// InvalidInputExceptionReasonInvalidSystemTagsParameter is a InvalidInputExceptionReason enum value
	InvalidInputExceptionReasonInvalidSystemTagsParameter = "INVALID_SYSTEM_TAGS_PARAMETER"

	// InvalidInputExceptionReasonTargetNotSupported is a InvalidInputExceptionReason enum value
	InvalidInputExceptionReasonTargetNotSupported = "TARGET_NOT_SUPPORTED"
)
View Source
const (
	// OrganizationFeatureSetAll is a OrganizationFeatureSet enum value
	OrganizationFeatureSetAll = "ALL"

	// OrganizationFeatureSetConsolidatedBilling is a OrganizationFeatureSet enum value
	OrganizationFeatureSetConsolidatedBilling = "CONSOLIDATED_BILLING"
)
View Source
const (
	// ParentTypeRoot is a ParentType enum value
	ParentTypeRoot = "ROOT"

	// ParentTypeOrganizationalUnit is a ParentType enum value
	ParentTypeOrganizationalUnit = "ORGANIZATIONAL_UNIT"
)
View Source
const (
	// PolicyTypeServiceControlPolicy is a PolicyType enum value
	PolicyTypeServiceControlPolicy = "SERVICE_CONTROL_POLICY"

	// PolicyTypeTagPolicy is a PolicyType enum value
	PolicyTypeTagPolicy = "TAG_POLICY"

	// PolicyTypeBackupPolicy is a PolicyType enum value
	PolicyTypeBackupPolicy = "BACKUP_POLICY"

	// PolicyTypeAiservicesOptOutPolicy is a PolicyType enum value
	PolicyTypeAiservicesOptOutPolicy = "AISERVICES_OPT_OUT_POLICY"
)
View Source
const (
	// PolicyTypeStatusEnabled is a PolicyTypeStatus enum value
	PolicyTypeStatusEnabled = "ENABLED"

	// PolicyTypeStatusPendingEnable is a PolicyTypeStatus enum value
	PolicyTypeStatusPendingEnable = "PENDING_ENABLE"

	// PolicyTypeStatusPendingDisable is a PolicyTypeStatus enum value
	PolicyTypeStatusPendingDisable = "PENDING_DISABLE"
)
View Source
const (
	// TargetTypeAccount is a TargetType enum value
	TargetTypeAccount = "ACCOUNT"

	// TargetTypeOrganizationalUnit is a TargetType enum value
	TargetTypeOrganizationalUnit = "ORGANIZATIONAL_UNIT"

	// TargetTypeRoot is a TargetType enum value
	TargetTypeRoot = "ROOT"
)
View Source
const (

	// ErrCodeAWSOrganizationsNotInUseException for service response error code
	// "AWSOrganizationsNotInUseException".
	//
	// Your account isn't a member of an organization. To make this request, you
	// must use the credentials of an account that belongs to an organization.
	ErrCodeAWSOrganizationsNotInUseException = "AWSOrganizationsNotInUseException"

	// ErrCodeAccessDeniedException for service response error code
	// "AccessDeniedException".
	//
	// You don't have permissions to perform the requested operation. The user or
	// role that is making the request must have at least one IAM permissions policy
	// attached that grants the required permissions. For more information, see
	// Access Management (https://docs.aws.amazon.com/IAM/latest/UserGuide/access.html)
	// in the IAM User Guide.
	ErrCodeAccessDeniedException = "AccessDeniedException"

	// ErrCodeAccessDeniedForDependencyException for service response error code
	// "AccessDeniedForDependencyException".
	//
	// The operation that you attempted requires you to have the iam:CreateServiceLinkedRole
	// for organizations.amazonaws.com permission so that AWS Organizations can
	// create the required service-linked role. You don't have that permission.
	ErrCodeAccessDeniedForDependencyException = "AccessDeniedForDependencyException"

	// ErrCodeAccountAlreadyRegisteredException for service response error code
	// "AccountAlreadyRegisteredException".
	//
	// The specified account is already a delegated administrator for this AWS service.
	ErrCodeAccountAlreadyRegisteredException = "AccountAlreadyRegisteredException"

	// ErrCodeAccountNotFoundException for service response error code
	// "AccountNotFoundException".
	//
	// We can't find an AWS account with the AccountId that you specified, or the
	// account whose credentials you used to make this request isn't a member of
	// an organization.
	ErrCodeAccountNotFoundException = "AccountNotFoundException"

	// ErrCodeAccountNotRegisteredException for service response error code
	// "AccountNotRegisteredException".
	//
	// The specified account is not a delegated administrator for this AWS service.
	ErrCodeAccountNotRegisteredException = "AccountNotRegisteredException"

	// ErrCodeAccountOwnerNotVerifiedException for service response error code
	// "AccountOwnerNotVerifiedException".
	//
	// You can't invite an existing account to your organization until you verify
	// that you own the email address associated with the master account. For more
	// information, see Email Address Verification (http://docs.aws.amazon.com/organizations/latest/userguide/orgs_manage_create.html#about-email-verification)
	// in the AWS Organizations User Guide.
	ErrCodeAccountOwnerNotVerifiedException = "AccountOwnerNotVerifiedException"

	// ErrCodeAlreadyInOrganizationException for service response error code
	// "AlreadyInOrganizationException".
	//
	// This account is already a member of an organization. An account can belong
	// to only one organization at a time.
	ErrCodeAlreadyInOrganizationException = "AlreadyInOrganizationException"

	// ErrCodeChildNotFoundException for service response error code
	// "ChildNotFoundException".
	//
	// We can't find an organizational unit (OU) or AWS account with the ChildId
	// that you specified.
	ErrCodeChildNotFoundException = "ChildNotFoundException"

	// ErrCodeConcurrentModificationException for service response error code
	// "ConcurrentModificationException".
	//
	// The target of the operation is currently being modified by a different request.
	// Try again later.
	ErrCodeConcurrentModificationException = "ConcurrentModificationException"

	// ErrCodeConstraintViolationException for service response error code
	// "ConstraintViolationException".
	//
	// Performing this operation violates a minimum or maximum value limit. For
	// example, attempting to remove the last service control policy (SCP) from
	// an OU or root, inviting or creating too many accounts to the organization,
	// or attaching too many policies to an account, OU, or root. This exception
	// includes a reason that contains additional information about the violated
	// limit:
	//
	// Some of the reasons in the following list might not be applicable to this
	// specific API or operation.
	//
	//    * ACCOUNT_CANNOT_LEAVE_ORGANIZAION: You attempted to remove the master
	//    account from the organization. You can't remove the master account. Instead,
	//    after you remove all member accounts, delete the organization itself.
	//
	//    * ACCOUNT_CANNOT_LEAVE_WITHOUT_EULA: You attempted to remove an account
	//    from the organization that doesn't yet have enough information to exist
	//    as a standalone account. This account requires you to first agree to the
	//    AWS Customer Agreement. Follow the steps at Removing a member account
	//    from your organization (http://docs.aws.amazon.com/organizations/latest/userguide/orgs_manage_accounts_remove.html#orgs_manage_accounts_remove-from-master)in
	//    the AWS Organizations User Guide.
	//
	//    * ACCOUNT_CANNOT_LEAVE_WITHOUT_PHONE_VERIFICATION: You attempted to remove
	//    an account from the organization that doesn't yet have enough information
	//    to exist as a standalone account. This account requires you to first complete
	//    phone verification. Follow the steps at Removing a member account from
	//    your organization (http://docs.aws.amazon.com/organizations/latest/userguide/orgs_manage_accounts_remove.html#orgs_manage_accounts_remove-from-master)
	//    in the AWS Organizations User Guide.
	//
	//    * ACCOUNT_CREATION_RATE_LIMIT_EXCEEDED: You attempted to exceed the number
	//    of accounts that you can create in one day.
	//
	//    * ACCOUNT_NUMBER_LIMIT_EXCEEDED: You attempted to exceed the limit on
	//    the number of accounts in an organization. If you need more accounts,
	//    contact AWS Support (https://console.aws.amazon.com/support/home#/) to
	//    request an increase in your limit. Or the number of invitations that you
	//    tried to send would cause you to exceed the limit of accounts in your
	//    organization. Send fewer invitations or contact AWS Support to request
	//    an increase in the number of accounts. Deleted and closed accounts still
	//    count toward your limit. If you get this exception when running a command
	//    immediately after creating the organization, wait one hour and try again.
	//    After an hour, if the command continues to fail with this error, contact
	//    AWS Support (https://console.aws.amazon.com/support/home#/).
	//
	//    * CANNOT_REGISTER_MASTER_AS_DELEGATED_ADMINISTRATOR: You attempted to
	//    register the master account of the organization as a delegated administrator
	//    for an AWS service integrated with Organizations. You can designate only
	//    a member account as a delegated administrator.
	//
	//    * CANNOT_REMOVE_DELEGATED_ADMINISTRATOR_FROM_ORG: You attempted to remove
	//    an account that is registered as a delegated administrator for a service
	//    integrated with your organization. To complete this operation, you must
	//    first deregister this account as a delegated administrator.
	//
	//    * CREATE_ORGANIZATION_IN_BILLING_MODE_UNSUPPORTED_REGION: To create an
	//    organization in the specified region, you must enable all features mode.
	//
	//    * DELEGATED_ADMINISTRATOR_EXISTS_FOR_THIS_SERVICE: You attempted to register
	//    an AWS account as a delegated administrator for an AWS service that already
	//    has a delegated administrator. To complete this operation, you must first
	//    deregister any existing delegated administrators for this service.
	//
	//    * EMAIL_VERIFICATION_CODE_EXPIRED: The email verification code is only
	//    valid for a limited period of time. You must resubmit the request and
	//    generate a new verfication code.
	//
	//    * HANDSHAKE_RATE_LIMIT_EXCEEDED: You attempted to exceed the number of
	//    handshakes that you can send in one day.
	//
	//    * MASTER_ACCOUNT_ADDRESS_DOES_NOT_MATCH_MARKETPLACE: To create an account
	//    in this organization, you first must migrate the organization's master
	//    account to the marketplace that corresponds to the master account's address.
	//    For example, accounts with India addresses must be associated with the
	//    AISPL marketplace. All accounts in an organization must be associated
	//    with the same marketplace.
	//
	//    * MASTER_ACCOUNT_MISSING_BUSINESS_LICENSE: Applies only to the AWS Regions
	//    in China. To create an organization, the master must have an valid business
	//    license. For more information, contact customer support.
	//
	//    * MASTER_ACCOUNT_MISSING_CONTACT_INFO: To complete this operation, you
	//    must first provide a valid contact address and phone number for the master
	//    account. Then try the operation again.
	//
	//    * MASTER_ACCOUNT_NOT_GOVCLOUD_ENABLED: To complete this operation, the
	//    master account must have an associated account in the AWS GovCloud (US-West)
	//    Region. For more information, see AWS Organizations (http://docs.aws.amazon.com/govcloud-us/latest/UserGuide/govcloud-organizations.html)
	//    in the AWS GovCloud User Guide.
	//
	//    * MASTER_ACCOUNT_PAYMENT_INSTRUMENT_REQUIRED: To create an organization
	//    with this master account, you first must associate a valid payment instrument,
	//    such as a credit card, with the account. Follow the steps at To leave
	//    an organization when all required account information has not yet been
	//    provided (http://docs.aws.amazon.com/organizations/latest/userguide/orgs_manage_accounts_remove.html#leave-without-all-info)
	//    in the AWS Organizations User Guide.
	//
	//    * MAX_DELEGATED_ADMINISTRATORS_FOR_SERVICE_LIMIT_EXCEEDED: You attempted
	//    to register more delegated administrators than allowed for the service
	//    principal.
	//
	//    * MAX_POLICY_TYPE_ATTACHMENT_LIMIT_EXCEEDED: You attempted to exceed the
	//    number of policies of a certain type that can be attached to an entity
	//    at one time.
	//
	//    * MAX_TAG_LIMIT_EXCEEDED: You have exceeded the number of tags allowed
	//    on this resource.
	//
	//    * MEMBER_ACCOUNT_PAYMENT_INSTRUMENT_REQUIRED: To complete this operation
	//    with this member account, you first must associate a valid payment instrument,
	//    such as a credit card, with the account. Follow the steps at To leave
	//    an organization when all required account information has not yet been
	//    provided (http://docs.aws.amazon.com/organizations/latest/userguide/orgs_manage_accounts_remove.html#leave-without-all-info)
	//    in the AWS Organizations User Guide.
	//
	//    * MIN_POLICY_TYPE_ATTACHMENT_LIMIT_EXCEEDED: You attempted to detach a
	//    policy from an entity that would cause the entity to have fewer than the
	//    minimum number of policies of a certain type required.
	//
	//    * ORGANIZATION_NOT_IN_ALL_FEATURES_MODE: You attempted to perform an operation
	//    that requires the organization to be configured to support all features.
	//    An organization that supports only consolidated billing features can't
	//    perform this operation.
	//
	//    * OU_DEPTH_LIMIT_EXCEEDED: You attempted to create an OU tree that is
	//    too many levels deep.
	//
	//    * OU_NUMBER_LIMIT_EXCEEDED: You attempted to exceed the number of OUs
	//    that you can have in an organization.
	//
	//    * POLICY_CONTENT_LIMIT_EXCEEDED: You attempted to create a policy that
	//    is larger than the maximum size.
	//
	//    * POLICY_NUMBER_LIMIT_EXCEEDED: You attempted to exceed the number of
	//    policies that you can have in an organization.
	//
	//    * TAG_POLICY_VIOLATION: You attempted to create or update a resource with
	//    tags that are not compliant with the tag policy requirements for this
	//    account.
	ErrCodeConstraintViolationException = "ConstraintViolationException"

	// ErrCodeCreateAccountStatusNotFoundException for service response error code
	// "CreateAccountStatusNotFoundException".
	//
	// We can't find an create account request with the CreateAccountRequestId that
	// you specified.
	ErrCodeCreateAccountStatusNotFoundException = "CreateAccountStatusNotFoundException"

	// ErrCodeDestinationParentNotFoundException for service response error code
	// "DestinationParentNotFoundException".
	//
	// We can't find the destination container (a root or OU) with the ParentId
	// that you specified.
	ErrCodeDestinationParentNotFoundException = "DestinationParentNotFoundException"

	// ErrCodeDuplicateAccountException for service response error code
	// "DuplicateAccountException".
	//
	// That account is already present in the specified destination.
	ErrCodeDuplicateAccountException = "DuplicateAccountException"

	// ErrCodeDuplicateHandshakeException for service response error code
	// "DuplicateHandshakeException".
	//
	// A handshake with the same action and target already exists. For example,
	// if you invited an account to join your organization, the invited account
	// might already have a pending invitation from this organization. If you intend
	// to resend an invitation to an account, ensure that existing handshakes that
	// might be considered duplicates are canceled or declined.
	ErrCodeDuplicateHandshakeException = "DuplicateHandshakeException"

	// ErrCodeDuplicateOrganizationalUnitException for service response error code
	// "DuplicateOrganizationalUnitException".
	//
	// An OU with the same name already exists.
	ErrCodeDuplicateOrganizationalUnitException = "DuplicateOrganizationalUnitException"

	// ErrCodeDuplicatePolicyAttachmentException for service response error code
	// "DuplicatePolicyAttachmentException".
	//
	// The selected policy is already attached to the specified target.
	ErrCodeDuplicatePolicyAttachmentException = "DuplicatePolicyAttachmentException"

	// ErrCodeDuplicatePolicyException for service response error code
	// "DuplicatePolicyException".
	//
	// A policy with the same name already exists.
	ErrCodeDuplicatePolicyException = "DuplicatePolicyException"

	// ErrCodeEffectivePolicyNotFoundException for service response error code
	// "EffectivePolicyNotFoundException".
	//
	// If you ran this action on the master account, this policy type is not enabled.
	// If you ran the action on a member account, the account doesn't have an effective
	// policy of this type. Contact the administrator of your organization about
	// attaching a policy of this type to the account.
	ErrCodeEffectivePolicyNotFoundException = "EffectivePolicyNotFoundException"

	// ErrCodeFinalizingOrganizationException for service response error code
	// "FinalizingOrganizationException".
	//
	// AWS Organizations couldn't perform the operation because your organization
	// hasn't finished initializing. This can take up to an hour. Try again later.
	// If after one hour you continue to receive this error, contact AWS Support
	// (https://console.aws.amazon.com/support/home#/).
	ErrCodeFinalizingOrganizationException = "FinalizingOrganizationException"

	// ErrCodeHandshakeAlreadyInStateException for service response error code
	// "HandshakeAlreadyInStateException".
	//
	// The specified handshake is already in the requested state. For example, you
	// can't accept a handshake that was already accepted.
	ErrCodeHandshakeAlreadyInStateException = "HandshakeAlreadyInStateException"

	// ErrCodeHandshakeConstraintViolationException for service response error code
	// "HandshakeConstraintViolationException".
	//
	// The requested operation would violate the constraint identified in the reason
	// code.
	//
	// Some of the reasons in the following list might not be applicable to this
	// specific API or operation:
	//
	//    * ACCOUNT_NUMBER_LIMIT_EXCEEDED: You attempted to exceed the limit on
	//    the number of accounts in an organization. Note that deleted and closed
	//    accounts still count toward your limit. If you get this exception immediately
	//    after creating the organization, wait one hour and try again. If after
	//    an hour it continues to fail with this error, contact AWS Support (https://console.aws.amazon.com/support/home#/).
	//
	//    * ALREADY_IN_AN_ORGANIZATION: The handshake request is invalid because
	//    the invited account is already a member of an organization.
	//
	//    * HANDSHAKE_RATE_LIMIT_EXCEEDED: You attempted to exceed the number of
	//    handshakes that you can send in one day.
	//
	//    * INVITE_DISABLED_DURING_ENABLE_ALL_FEATURES: You can't issue new invitations
	//    to join an organization while it's in the process of enabling all features.
	//    You can resume inviting accounts after you finalize the process when all
	//    accounts have agreed to the change.
	//
	//    * ORGANIZATION_ALREADY_HAS_ALL_FEATURES: The handshake request is invalid
	//    because the organization has already enabled all features.
	//
	//    * ORGANIZATION_FROM_DIFFERENT_SELLER_OF_RECORD: The request failed because
	//    the account is from a different marketplace than the accounts in the organization.
	//    For example, accounts with India addresses must be associated with the
	//    AISPL marketplace. All accounts in an organization must be from the same
	//    marketplace.
	//
	//    * ORGANIZATION_MEMBERSHIP_CHANGE_RATE_LIMIT_EXCEEDED: You attempted to
	//    change the membership of an account too quickly after its previous change.
	//
	//    * PAYMENT_INSTRUMENT_REQUIRED: You can't complete the operation with an
	//    account that doesn't have a payment instrument, such as a credit card,
	//    associated with it.
	ErrCodeHandshakeConstraintViolationException = "HandshakeConstraintViolationException"

	// ErrCodeHandshakeNotFoundException for service response error code
	// "HandshakeNotFoundException".
	//
	// We can't find a handshake with the HandshakeId that you specified.
	ErrCodeHandshakeNotFoundException = "HandshakeNotFoundException"

	// ErrCodeInvalidHandshakeTransitionException for service response error code
	// "InvalidHandshakeTransitionException".
	//
	// You can't perform the operation on the handshake in its current state. For
	// example, you can't cancel a handshake that was already accepted or accept
	// a handshake that was already declined.
	ErrCodeInvalidHandshakeTransitionException = "InvalidHandshakeTransitionException"

	// ErrCodeInvalidInputException for service response error code
	// "InvalidInputException".
	//
	// The requested operation failed because you provided invalid values for one
	// or more of the request parameters. This exception includes a reason that
	// contains additional information about the violated limit:
	//
	// Some of the reasons in the following list might not be applicable to this
	// specific API or operation.
	//
	//    * IMMUTABLE_POLICY: You specified a policy that is managed by AWS and
	//    can't be modified.
	//
	//    * INPUT_REQUIRED: You must include a value for all required parameters.
	//
	//    * INVALID_ENUM: You specified an invalid value.
	//
	//    * INVALID_FULL_NAME_TARGET: You specified a full name that contains invalid
	//    characters.
	//
	//    * INVALID_LIST_MEMBER: You provided a list to a parameter that contains
	//    at least one invalid value.
	//
	//    * INVALID_PAGINATION_TOKEN: Get the value for the NextToken parameter
	//    from the response to a previous call of the operation.
	//
	//    * INVALID_PARTY_TYPE_TARGET: You specified the wrong type of entity (account,
	//    organization, or email) as a party.
	//
	//    * INVALID_PATTERN: You provided a value that doesn't match the required
	//    pattern.
	//
	//    * INVALID_PATTERN_TARGET_ID: You specified a policy target ID that doesn't
	//    match the required pattern.
	//
	//    * INVALID_ROLE_NAME: You provided a role name that isn't valid. A role
	//    name can't begin with the reserved prefix AWSServiceRoleFor.
	//
	//    * INVALID_SYNTAX_ORGANIZATION_ARN: You specified an invalid Amazon Resource
	//    Name (ARN) for the organization.
	//
	//    * INVALID_SYNTAX_POLICY_ID: You specified an invalid policy ID.
	//
	//    * INVALID_SYSTEM_TAGS_PARAMETER: You specified a tag key that is a system
	//    tag. You can’t add, edit, or delete system tag keys because they're
	//    reserved for AWS use. System tags don’t count against your tags per
	//    resource limit.
	//
	//    * MAX_FILTER_LIMIT_EXCEEDED: You can specify only one filter parameter
	//    for the operation.
	//
	//    * MAX_LENGTH_EXCEEDED: You provided a string parameter that is longer
	//    than allowed.
	//
	//    * MAX_VALUE_EXCEEDED: You provided a numeric parameter that has a larger
	//    value than allowed.
	//
	//    * MIN_LENGTH_EXCEEDED: You provided a string parameter that is shorter
	//    than allowed.
	//
	//    * MIN_VALUE_EXCEEDED: You provided a numeric parameter that has a smaller
	//    value than allowed.
	//
	//    * MOVING_ACCOUNT_BETWEEN_DIFFERENT_ROOTS: You can move an account only
	//    between entities in the same root.
	ErrCodeInvalidInputException = "InvalidInputException"

	// ErrCodeMalformedPolicyDocumentException for service response error code
	// "MalformedPolicyDocumentException".
	//
	// The provided policy document doesn't meet the requirements of the specified
	// policy type. For example, the syntax might be incorrect. For details about
	// service control policy syntax, see Service Control Policy Syntax (https://docs.aws.amazon.com/organizations/latest/userguide/orgs_reference_scp-syntax.html)
	// in the AWS Organizations User Guide.
	ErrCodeMalformedPolicyDocumentException = "MalformedPolicyDocumentException"

	// ErrCodeMasterCannotLeaveOrganizationException for service response error code
	// "MasterCannotLeaveOrganizationException".
	//
	// You can't remove a master account from an organization. If you want the master
	// account to become a member account in another organization, you must first
	// delete the current organization of the master account.
	ErrCodeMasterCannotLeaveOrganizationException = "MasterCannotLeaveOrganizationException"

	// ErrCodeOrganizationNotEmptyException for service response error code
	// "OrganizationNotEmptyException".
	//
	// The organization isn't empty. To delete an organization, you must first remove
	// all accounts except the master account, delete all OUs, and delete all policies.
	ErrCodeOrganizationNotEmptyException = "OrganizationNotEmptyException"

	// ErrCodeOrganizationalUnitNotEmptyException for service response error code
	// "OrganizationalUnitNotEmptyException".
	//
	// The specified OU is not empty. Move all accounts to another root or to other
	// OUs, remove all child OUs, and try the operation again.
	ErrCodeOrganizationalUnitNotEmptyException = "OrganizationalUnitNotEmptyException"

	// ErrCodeOrganizationalUnitNotFoundException for service response error code
	// "OrganizationalUnitNotFoundException".
	//
	// We can't find an OU with the OrganizationalUnitId that you specified.
	ErrCodeOrganizationalUnitNotFoundException = "OrganizationalUnitNotFoundException"

	// ErrCodeParentNotFoundException for service response error code
	// "ParentNotFoundException".
	//
	// We can't find a root or OU with the ParentId that you specified.
	ErrCodeParentNotFoundException = "ParentNotFoundException"

	// ErrCodePolicyChangesInProgressException for service response error code
	// "PolicyChangesInProgressException".
	//
	// Changes to the effective policy are in progress, and its contents can't be
	// returned. Try the operation again later.
	ErrCodePolicyChangesInProgressException = "PolicyChangesInProgressException"

	// ErrCodePolicyInUseException for service response error code
	// "PolicyInUseException".
	//
	// The policy is attached to one or more entities. You must detach it from all
	// roots, OUs, and accounts before performing this operation.
	ErrCodePolicyInUseException = "PolicyInUseException"

	// ErrCodePolicyNotAttachedException for service response error code
	// "PolicyNotAttachedException".
	//
	// The policy isn't attached to the specified target in the specified root.
	ErrCodePolicyNotAttachedException = "PolicyNotAttachedException"

	// ErrCodePolicyNotFoundException for service response error code
	// "PolicyNotFoundException".
	//
	// We can't find a policy with the PolicyId that you specified.
	ErrCodePolicyNotFoundException = "PolicyNotFoundException"

	// ErrCodePolicyTypeAlreadyEnabledException for service response error code
	// "PolicyTypeAlreadyEnabledException".
	//
	// The specified policy type is already enabled in the specified root.
	ErrCodePolicyTypeAlreadyEnabledException = "PolicyTypeAlreadyEnabledException"

	// ErrCodePolicyTypeNotAvailableForOrganizationException for service response error code
	// "PolicyTypeNotAvailableForOrganizationException".
	//
	// You can't use the specified policy type with the feature set currently enabled
	// for this organization. For example, you can enable SCPs only after you enable
	// all features in the organization. For more information, see Managing AWS
	// Organizations Policies (https://docs.aws.amazon.com/organizations/latest/userguide/orgs_manage_policies.html#enable_policies_on_root)in
	// the AWS Organizations User Guide.
	ErrCodePolicyTypeNotAvailableForOrganizationException = "PolicyTypeNotAvailableForOrganizationException"

	// ErrCodePolicyTypeNotEnabledException for service response error code
	// "PolicyTypeNotEnabledException".
	//
	// The specified policy type isn't currently enabled in this root. You can't
	// attach policies of the specified type to entities in a root until you enable
	// that type in the root. For more information, see Enabling All Features in
	// Your Organization (https://docs.aws.amazon.com/organizations/latest/userguide/orgs_manage_org_support-all-features.html)
	// in the AWS Organizations User Guide.
	ErrCodePolicyTypeNotEnabledException = "PolicyTypeNotEnabledException"

	// ErrCodeRootNotFoundException for service response error code
	// "RootNotFoundException".
	//
	// We can't find a root with the RootId that you specified.
	ErrCodeRootNotFoundException = "RootNotFoundException"

	// ErrCodeServiceException for service response error code
	// "ServiceException".
	//
	// AWS Organizations can't complete your request because of an internal service
	// error. Try again later.
	ErrCodeServiceException = "ServiceException"

	// ErrCodeSourceParentNotFoundException for service response error code
	// "SourceParentNotFoundException".
	//
	// We can't find a source root or OU with the ParentId that you specified.
	ErrCodeSourceParentNotFoundException = "SourceParentNotFoundException"

	// ErrCodeTargetNotFoundException for service response error code
	// "TargetNotFoundException".
	//
	// We can't find a root, OU, or account with the TargetId that you specified.
	ErrCodeTargetNotFoundException = "TargetNotFoundException"

	// ErrCodeTooManyRequestsException for service response error code
	// "TooManyRequestsException".
	//
	// You have sent too many requests in too short a period of time. The quota
	// helps protect against denial-of-service attacks. Try again later.
	//
	// For information about quotas that affect AWS Organizations, see Quotas for
	// AWS Organizations (https://docs.aws.amazon.com/organizations/latest/userguide/orgs_reference_limits.html)in
	// the AWS Organizations User Guide.
	ErrCodeTooManyRequestsException = "TooManyRequestsException"

	// ErrCodeUnsupportedAPIEndpointException for service response error code
	// "UnsupportedAPIEndpointException".
	//
	// This action isn't available in the current AWS Region.
	ErrCodeUnsupportedAPIEndpointException = "UnsupportedAPIEndpointException"
)
View Source
const (
	ServiceName = "organizations" // Name of service.
	EndpointsID = ServiceName     // ID to lookup a service endpoint with.
	ServiceID   = "Organizations" // ServiceID is a unique identifier of a specific service.
)

Service information constants

View Source
const (
	// AccessDeniedForDependencyExceptionReasonAccessDeniedDuringCreateServiceLinkedRole is a AccessDeniedForDependencyExceptionReason enum value
	AccessDeniedForDependencyExceptionReasonAccessDeniedDuringCreateServiceLinkedRole = "ACCESS_DENIED_DURING_CREATE_SERVICE_LINKED_ROLE"
)

Variables

This section is empty.

Functions

This section is empty.

Types

type AWSOrganizationsNotInUseException

type AWSOrganizationsNotInUseException struct {
	RespMetadata protocol.ResponseMetadata `json:"-" xml:"-"`

	Message_ *string `locationName:"Message" type:"string"`
	// contains filtered or unexported fields
}

Your account isn't a member of an organization. To make this request, you must use the credentials of an account that belongs to an organization.

func (*AWSOrganizationsNotInUseException) Code

Code returns the exception type name.

func (*AWSOrganizationsNotInUseException) Error

func (AWSOrganizationsNotInUseException) GoString

GoString returns the string representation

func (*AWSOrganizationsNotInUseException) Message

Message returns the exception's message.

func (*AWSOrganizationsNotInUseException) OrigErr

OrigErr always returns nil, satisfies awserr.Error interface.

func (*AWSOrganizationsNotInUseException) RequestID

RequestID returns the service's response RequestID for request.

func (*AWSOrganizationsNotInUseException) StatusCode

func (s *AWSOrganizationsNotInUseException) StatusCode() int

Status code returns the HTTP status code for the request's response error.

func (AWSOrganizationsNotInUseException) String

String returns the string representation

type AcceptHandshakeInput

type AcceptHandshakeInput struct {

	// The unique identifier (ID) of the handshake that you want to accept.
	//
	// The regex pattern (http://wikipedia.org/wiki/regex) for handshake ID string
	// requires "h-" followed by from 8 to 32 lowercase letters or digits.
	//
	// HandshakeId is a required field
	HandshakeId *string `type:"string" required:"true"`
	// contains filtered or unexported fields
}

func (AcceptHandshakeInput) GoString

func (s AcceptHandshakeInput) GoString() string

GoString returns the string representation

func (*AcceptHandshakeInput) SetHandshakeId

func (s *AcceptHandshakeInput) SetHandshakeId(v string) *AcceptHandshakeInput

SetHandshakeId sets the HandshakeId field's value.

func (AcceptHandshakeInput) String

func (s AcceptHandshakeInput) String() string

String returns the string representation

func (*AcceptHandshakeInput) Validate

func (s *AcceptHandshakeInput) Validate() error

Validate inspects the fields of the type to determine if they are valid.

type AcceptHandshakeOutput

type AcceptHandshakeOutput struct {

	// A structure that contains details about the accepted handshake.
	Handshake *Handshake `type:"structure"`
	// contains filtered or unexported fields
}

func (AcceptHandshakeOutput) GoString

func (s AcceptHandshakeOutput) GoString() string

GoString returns the string representation

func (*AcceptHandshakeOutput) SetHandshake

SetHandshake sets the Handshake field's value.

func (AcceptHandshakeOutput) String

func (s AcceptHandshakeOutput) String() string

String returns the string representation

type AccessDeniedException

type AccessDeniedException struct {
	RespMetadata protocol.ResponseMetadata `json:"-" xml:"-"`

	Message_ *string `locationName:"Message" type:"string"`
	// contains filtered or unexported fields
}

You don't have permissions to perform the requested operation. The user or role that is making the request must have at least one IAM permissions policy attached that grants the required permissions. For more information, see Access Management (https://docs.aws.amazon.com/IAM/latest/UserGuide/access.html) in the IAM User Guide.

func (*AccessDeniedException) Code

func (s *AccessDeniedException) Code() string

Code returns the exception type name.

func (*AccessDeniedException) Error

func (s *AccessDeniedException) Error() string

func (AccessDeniedException) GoString

func (s AccessDeniedException) GoString() string

GoString returns the string representation

func (*AccessDeniedException) Message

func (s *AccessDeniedException) Message() string

Message returns the exception's message.

func (*AccessDeniedException) OrigErr

func (s *AccessDeniedException) OrigErr() error

OrigErr always returns nil, satisfies awserr.Error interface.

func (*AccessDeniedException) RequestID

func (s *AccessDeniedException) RequestID() string

RequestID returns the service's response RequestID for request.

func (*AccessDeniedException) StatusCode

func (s *AccessDeniedException) StatusCode() int

Status code returns the HTTP status code for the request's response error.

func (AccessDeniedException) String

func (s AccessDeniedException) String() string

String returns the string representation

type AccessDeniedForDependencyException

type AccessDeniedForDependencyException struct {
	RespMetadata protocol.ResponseMetadata `json:"-" xml:"-"`

	Message_ *string `locationName:"Message" type:"string"`

	Reason *string `type:"string" enum:"AccessDeniedForDependencyExceptionReason"`
	// contains filtered or unexported fields
}

The operation that you attempted requires you to have the iam:CreateServiceLinkedRole for organizations.amazonaws.com permission so that AWS Organizations can create the required service-linked role. You don't have that permission.

func (*AccessDeniedForDependencyException) Code

Code returns the exception type name.

func (*AccessDeniedForDependencyException) Error

func (AccessDeniedForDependencyException) GoString

GoString returns the string representation

func (*AccessDeniedForDependencyException) Message

Message returns the exception's message.

func (*AccessDeniedForDependencyException) OrigErr

OrigErr always returns nil, satisfies awserr.Error interface.

func (*AccessDeniedForDependencyException) RequestID

RequestID returns the service's response RequestID for request.

func (*AccessDeniedForDependencyException) StatusCode

func (s *AccessDeniedForDependencyException) StatusCode() int

Status code returns the HTTP status code for the request's response error.

func (AccessDeniedForDependencyException) String

String returns the string representation

type Account

type Account struct {

	// The Amazon Resource Name (ARN) of the account.
	//
	// For more information about ARNs in Organizations, see ARN Formats Supported
	// by Organizations (https://docs.aws.amazon.com/organizations/latest/userguide/orgs_permissions.html#orgs-permissions-arns)
	// in the AWS Organizations User Guide.
	Arn *string `type:"string"`

	// The email address associated with the AWS account.
	//
	// The regex pattern (http://wikipedia.org/wiki/regex) for this parameter is
	// a string of characters that represents a standard internet email address.
	Email *string `min:"6" type:"string" sensitive:"true"`

	// The unique identifier (ID) of the account.
	//
	// The regex pattern (http://wikipedia.org/wiki/regex) for an account ID string
	// requires exactly 12 digits.
	Id *string `type:"string"`

	// The method by which the account joined the organization.
	JoinedMethod *string `type:"string" enum:"AccountJoinedMethod"`

	// The date the account became a part of the organization.
	JoinedTimestamp *time.Time `type:"timestamp"`

	// The friendly name of the account.
	//
	// The regex pattern (http://wikipedia.org/wiki/regex) that is used to validate
	// this parameter is a string of any of the characters in the ASCII character
	// range.
	Name *string `min:"1" type:"string" sensitive:"true"`

	// The status of the account in the organization.
	Status *string `type:"string" enum:"AccountStatus"`
	// contains filtered or unexported fields
}

Contains information about an AWS account that is a member of an organization.

func (Account) GoString

func (s Account) GoString() string

GoString returns the string representation

func (*Account) SetArn

func (s *Account) SetArn(v string) *Account

SetArn sets the Arn field's value.

func (*Account) SetEmail

func (s *Account) SetEmail(v string) *Account

SetEmail sets the Email field's value.

func (*Account) SetId

func (s *Account) SetId(v string) *Account

SetId sets the Id field's value.

func (*Account) SetJoinedMethod

func (s *Account) SetJoinedMethod(v string) *Account

SetJoinedMethod sets the JoinedMethod field's value.

func (*Account) SetJoinedTimestamp

func (s *Account) SetJoinedTimestamp(v time.Time) *Account

SetJoinedTimestamp sets the JoinedTimestamp field's value.

func (*Account) SetName

func (s *Account) SetName(v string) *Account

SetName sets the Name field's value.

func (*Account) SetStatus

func (s *Account) SetStatus(v string) *Account

SetStatus sets the Status field's value.

func (Account) String

func (s Account) String() string

String returns the string representation

type AccountAlreadyRegisteredException

type AccountAlreadyRegisteredException struct {
	RespMetadata protocol.ResponseMetadata `json:"-" xml:"-"`

	Message_ *string `locationName:"Message" type:"string"`
	// contains filtered or unexported fields
}

The specified account is already a delegated administrator for this AWS service.

func (*AccountAlreadyRegisteredException) Code

Code returns the exception type name.

func (*AccountAlreadyRegisteredException) Error

func (AccountAlreadyRegisteredException) GoString

GoString returns the string representation

func (*AccountAlreadyRegisteredException) Message

Message returns the exception's message.

func (*AccountAlreadyRegisteredException) OrigErr

OrigErr always returns nil, satisfies awserr.Error interface.

func (*AccountAlreadyRegisteredException) RequestID

RequestID returns the service's response RequestID for request.

func (*AccountAlreadyRegisteredException) StatusCode

func (s *AccountAlreadyRegisteredException) StatusCode() int

Status code returns the HTTP status code for the request's response error.

func (AccountAlreadyRegisteredException) String

String returns the string representation

type AccountNotFoundException

type AccountNotFoundException struct {
	RespMetadata protocol.ResponseMetadata `json:"-" xml:"-"`

	Message_ *string `locationName:"Message" type:"string"`
	// contains filtered or unexported fields
}

We can't find an AWS account with the AccountId that you specified, or the account whose credentials you used to make this request isn't a member of an organization.

func (*AccountNotFoundException) Code

func (s *AccountNotFoundException) Code() string

Code returns the exception type name.

func (*AccountNotFoundException) Error

func (s *AccountNotFoundException) Error() string

func (AccountNotFoundException) GoString

func (s AccountNotFoundException) GoString() string

GoString returns the string representation

func (*AccountNotFoundException) Message

func (s *AccountNotFoundException) Message() string

Message returns the exception's message.

func (*AccountNotFoundException) OrigErr

func (s *AccountNotFoundException) OrigErr() error

OrigErr always returns nil, satisfies awserr.Error interface.

func (*AccountNotFoundException) RequestID

func (s *AccountNotFoundException) RequestID() string

RequestID returns the service's response RequestID for request.

func (*AccountNotFoundException) StatusCode

func (s *AccountNotFoundException) StatusCode() int

Status code returns the HTTP status code for the request's response error.

func (AccountNotFoundException) String

func (s AccountNotFoundException) String() string

String returns the string representation

type AccountNotRegisteredException

type AccountNotRegisteredException struct {
	RespMetadata protocol.ResponseMetadata `json:"-" xml:"-"`

	Message_ *string `locationName:"Message" type:"string"`
	// contains filtered or unexported fields
}

The specified account is not a delegated administrator for this AWS service.

func (*AccountNotRegisteredException) Code

Code returns the exception type name.

func (*AccountNotRegisteredException) Error

func (AccountNotRegisteredException) GoString

GoString returns the string representation

func (*AccountNotRegisteredException) Message

Message returns the exception's message.

func (*AccountNotRegisteredException) OrigErr

func (s *AccountNotRegisteredException) OrigErr() error

OrigErr always returns nil, satisfies awserr.Error interface.

func (*AccountNotRegisteredException) RequestID

func (s *AccountNotRegisteredException) RequestID() string

RequestID returns the service's response RequestID for request.

func (*AccountNotRegisteredException) StatusCode

func (s *AccountNotRegisteredException) StatusCode() int

Status code returns the HTTP status code for the request's response error.

func (AccountNotRegisteredException) String

String returns the string representation

type AccountOwnerNotVerifiedException

type AccountOwnerNotVerifiedException struct {
	RespMetadata protocol.ResponseMetadata `json:"-" xml:"-"`

	Message_ *string `locationName:"Message" type:"string"`
	// contains filtered or unexported fields
}

You can't invite an existing account to your organization until you verify that you own the email address associated with the master account. For more information, see Email Address Verification (http://docs.aws.amazon.com/organizations/latest/userguide/orgs_manage_create.html#about-email-verification) in the AWS Organizations User Guide.

func (*AccountOwnerNotVerifiedException) Code

Code returns the exception type name.

func (*AccountOwnerNotVerifiedException) Error

func (AccountOwnerNotVerifiedException) GoString

GoString returns the string representation

func (*AccountOwnerNotVerifiedException) Message

Message returns the exception's message.

func (*AccountOwnerNotVerifiedException) OrigErr

OrigErr always returns nil, satisfies awserr.Error interface.

func (*AccountOwnerNotVerifiedException) RequestID

RequestID returns the service's response RequestID for request.

func (*AccountOwnerNotVerifiedException) StatusCode

func (s *AccountOwnerNotVerifiedException) StatusCode() int

Status code returns the HTTP status code for the request's response error.

func (AccountOwnerNotVerifiedException) String

String returns the string representation

type AlreadyInOrganizationException

type AlreadyInOrganizationException struct {
	RespMetadata protocol.ResponseMetadata `json:"-" xml:"-"`

	Message_ *string `locationName:"Message" type:"string"`
	// contains filtered or unexported fields
}

This account is already a member of an organization. An account can belong to only one organization at a time.

func (*AlreadyInOrganizationException) Code

Code returns the exception type name.

func (*AlreadyInOrganizationException) Error

func (AlreadyInOrganizationException) GoString

GoString returns the string representation

func (*AlreadyInOrganizationException) Message

Message returns the exception's message.

func (*AlreadyInOrganizationException) OrigErr

OrigErr always returns nil, satisfies awserr.Error interface.

func (*AlreadyInOrganizationException) RequestID

func (s *AlreadyInOrganizationException) RequestID() string

RequestID returns the service's response RequestID for request.

func (*AlreadyInOrganizationException) StatusCode

func (s *AlreadyInOrganizationException) StatusCode() int

Status code returns the HTTP status code for the request's response error.

func (AlreadyInOrganizationException) String

String returns the string representation

type AttachPolicyInput

type AttachPolicyInput struct {

	// The unique identifier (ID) of the policy that you want to attach to the target.
	// You can get the ID for the policy by calling the ListPolicies operation.
	//
	// The regex pattern (http://wikipedia.org/wiki/regex) for a policy ID string
	// requires "p-" followed by from 8 to 128 lowercase or uppercase letters, digits,
	// or the underscore character (_).
	//
	// PolicyId is a required field
	PolicyId *string `type:"string" required:"true"`

	// The unique identifier (ID) of the root, OU, or account that you want to attach
	// the policy to. You can get the ID by calling the ListRoots, ListOrganizationalUnitsForParent,
	// or ListAccounts operations.
	//
	// The regex pattern (http://wikipedia.org/wiki/regex) for a target ID string
	// requires one of the following:
	//
	//    * Root - A string that begins with "r-" followed by from 4 to 32 lowercase
	//    letters or digits.
	//
	//    * Account - A string that consists of exactly 12 digits.
	//
	//    * Organizational unit (OU) - A string that begins with "ou-" followed
	//    by from 4 to 32 lowercase letters or digits (the ID of the root that the
	//    OU is in). This string is followed by a second "-" dash and from 8 to
	//    32 additional lowercase letters or digits.
	//
	// TargetId is a required field
	TargetId *string `type:"string" required:"true"`
	// contains filtered or unexported fields
}

func (AttachPolicyInput) GoString

func (s AttachPolicyInput) GoString() string

GoString returns the string representation

func (*AttachPolicyInput) SetPolicyId

func (s *AttachPolicyInput) SetPolicyId(v string) *AttachPolicyInput

SetPolicyId sets the PolicyId field's value.

func (*AttachPolicyInput) SetTargetId

func (s *AttachPolicyInput) SetTargetId(v string) *AttachPolicyInput

SetTargetId sets the TargetId field's value.

func (AttachPolicyInput) String

func (s AttachPolicyInput) String() string

String returns the string representation

func (*AttachPolicyInput) Validate

func (s *AttachPolicyInput) Validate() error

Validate inspects the fields of the type to determine if they are valid.

type AttachPolicyOutput

type AttachPolicyOutput struct {
	// contains filtered or unexported fields
}

func (AttachPolicyOutput) GoString

func (s AttachPolicyOutput) GoString() string

GoString returns the string representation

func (AttachPolicyOutput) String

func (s AttachPolicyOutput) String() string

String returns the string representation

type CancelHandshakeInput

type CancelHandshakeInput struct {

	// The unique identifier (ID) of the handshake that you want to cancel. You
	// can get the ID from the ListHandshakesForOrganization operation.
	//
	// The regex pattern (http://wikipedia.org/wiki/regex) for handshake ID string
	// requires "h-" followed by from 8 to 32 lowercase letters or digits.
	//
	// HandshakeId is a required field
	HandshakeId *string `type:"string" required:"true"`
	// contains filtered or unexported fields
}

func (CancelHandshakeInput) GoString

func (s CancelHandshakeInput) GoString() string

GoString returns the string representation

func (*CancelHandshakeInput) SetHandshakeId

func (s *CancelHandshakeInput) SetHandshakeId(v string) *CancelHandshakeInput

SetHandshakeId sets the HandshakeId field's value.

func (CancelHandshakeInput) String

func (s CancelHandshakeInput) String() string

String returns the string representation

func (*CancelHandshakeInput) Validate

func (s *CancelHandshakeInput) Validate() error

Validate inspects the fields of the type to determine if they are valid.

type CancelHandshakeOutput

type CancelHandshakeOutput struct {

	// A structure that contains details about the handshake that you canceled.
	Handshake *Handshake `type:"structure"`
	// contains filtered or unexported fields
}

func (CancelHandshakeOutput) GoString

func (s CancelHandshakeOutput) GoString() string

GoString returns the string representation

func (*CancelHandshakeOutput) SetHandshake

SetHandshake sets the Handshake field's value.

func (CancelHandshakeOutput) String

func (s CancelHandshakeOutput) String() string

String returns the string representation

type Child

type Child struct {

	// The unique identifier (ID) of this child entity.
	//
	// The regex pattern (http://wikipedia.org/wiki/regex) for a child ID string
	// requires one of the following:
	//
	//    * Account: A string that consists of exactly 12 digits.
	//
	//    * Organizational unit (OU): A string that begins with "ou-" followed by
	//    from 4 to 32 lower-case letters or digits (the ID of the root that contains
	//    the OU). This string is followed by a second "-" dash and from 8 to 32
	//    additional lower-case letters or digits.
	Id *string `type:"string"`

	// The type of this child entity.
	Type *string `type:"string" enum:"ChildType"`
	// contains filtered or unexported fields
}

Contains a list of child entities, either OUs or accounts.

func (Child) GoString

func (s Child) GoString() string

GoString returns the string representation

func (*Child) SetId

func (s *Child) SetId(v string) *Child

SetId sets the Id field's value.

func (*Child) SetType

func (s *Child) SetType(v string) *Child

SetType sets the Type field's value.

func (Child) String

func (s Child) String() string

String returns the string representation

type ChildNotFoundException

type ChildNotFoundException struct {
	RespMetadata protocol.ResponseMetadata `json:"-" xml:"-"`

	Message_ *string `locationName:"Message" type:"string"`
	// contains filtered or unexported fields
}

We can't find an organizational unit (OU) or AWS account with the ChildId that you specified.

func (*ChildNotFoundException) Code

func (s *ChildNotFoundException) Code() string

Code returns the exception type name.

func (*ChildNotFoundException) Error

func (s *ChildNotFoundException) Error() string

func (ChildNotFoundException) GoString

func (s ChildNotFoundException) GoString() string

GoString returns the string representation

func (*ChildNotFoundException) Message

func (s *ChildNotFoundException) Message() string

Message returns the exception's message.

func (*ChildNotFoundException) OrigErr

func (s *ChildNotFoundException) OrigErr() error

OrigErr always returns nil, satisfies awserr.Error interface.

func (*ChildNotFoundException) RequestID

func (s *ChildNotFoundException) RequestID() string

RequestID returns the service's response RequestID for request.

func (*ChildNotFoundException) StatusCode

func (s *ChildNotFoundException) StatusCode() int

Status code returns the HTTP status code for the request's response error.

func (ChildNotFoundException) String

func (s ChildNotFoundException) String() string

String returns the string representation

type ConcurrentModificationException

type ConcurrentModificationException struct {
	RespMetadata protocol.ResponseMetadata `json:"-" xml:"-"`

	Message_ *string `locationName:"Message" type:"string"`
	// contains filtered or unexported fields
}

The target of the operation is currently being modified by a different request. Try again later.

func (*ConcurrentModificationException) Code

Code returns the exception type name.

func (*ConcurrentModificationException) Error

func (ConcurrentModificationException) GoString

GoString returns the string representation

func (*ConcurrentModificationException) Message

Message returns the exception's message.

func (*ConcurrentModificationException) OrigErr

OrigErr always returns nil, satisfies awserr.Error interface.

func (*ConcurrentModificationException) RequestID

func (s *ConcurrentModificationException) RequestID() string

RequestID returns the service's response RequestID for request.

func (*ConcurrentModificationException) StatusCode

func (s *ConcurrentModificationException) StatusCode() int

Status code returns the HTTP status code for the request's response error.

func (ConcurrentModificationException) String

String returns the string representation

type ConstraintViolationException

type ConstraintViolationException struct {
	RespMetadata protocol.ResponseMetadata `json:"-" xml:"-"`

	Message_ *string `locationName:"Message" type:"string"`

	Reason *string `type:"string" enum:"ConstraintViolationExceptionReason"`
	// contains filtered or unexported fields
}

Performing this operation violates a minimum or maximum value limit. For example, attempting to remove the last service control policy (SCP) from an OU or root, inviting or creating too many accounts to the organization, or attaching too many policies to an account, OU, or root. This exception includes a reason that contains additional information about the violated limit:

Some of the reasons in the following list might not be applicable to this specific API or operation.

* ACCOUNT_CANNOT_LEAVE_ORGANIZAION: You attempted to remove the master
account from the organization. You can't remove the master account. Instead,
after you remove all member accounts, delete the organization itself.

* ACCOUNT_CANNOT_LEAVE_WITHOUT_EULA: You attempted to remove an account
from the organization that doesn't yet have enough information to exist
as a standalone account. This account requires you to first agree to the
AWS Customer Agreement. Follow the steps at Removing a member account
from your organization (http://docs.aws.amazon.com/organizations/latest/userguide/orgs_manage_accounts_remove.html#orgs_manage_accounts_remove-from-master)in
the AWS Organizations User Guide.

* ACCOUNT_CANNOT_LEAVE_WITHOUT_PHONE_VERIFICATION: You attempted to remove
an account from the organization that doesn't yet have enough information
to exist as a standalone account. This account requires you to first complete
phone verification. Follow the steps at Removing a member account from
your organization (http://docs.aws.amazon.com/organizations/latest/userguide/orgs_manage_accounts_remove.html#orgs_manage_accounts_remove-from-master)
in the AWS Organizations User Guide.

* ACCOUNT_CREATION_RATE_LIMIT_EXCEEDED: You attempted to exceed the number
of accounts that you can create in one day.

* ACCOUNT_NUMBER_LIMIT_EXCEEDED: You attempted to exceed the limit on
the number of accounts in an organization. If you need more accounts,
contact AWS Support (https://console.aws.amazon.com/support/home#/) to
request an increase in your limit. Or the number of invitations that you
tried to send would cause you to exceed the limit of accounts in your
organization. Send fewer invitations or contact AWS Support to request
an increase in the number of accounts. Deleted and closed accounts still
count toward your limit. If you get this exception when running a command
immediately after creating the organization, wait one hour and try again.
After an hour, if the command continues to fail with this error, contact
AWS Support (https://console.aws.amazon.com/support/home#/).

* CANNOT_REGISTER_MASTER_AS_DELEGATED_ADMINISTRATOR: You attempted to
register the master account of the organization as a delegated administrator
for an AWS service integrated with Organizations. You can designate only
a member account as a delegated administrator.

* CANNOT_REMOVE_DELEGATED_ADMINISTRATOR_FROM_ORG: You attempted to remove
an account that is registered as a delegated administrator for a service
integrated with your organization. To complete this operation, you must
first deregister this account as a delegated administrator.

* CREATE_ORGANIZATION_IN_BILLING_MODE_UNSUPPORTED_REGION: To create an
organization in the specified region, you must enable all features mode.

* DELEGATED_ADMINISTRATOR_EXISTS_FOR_THIS_SERVICE: You attempted to register
an AWS account as a delegated administrator for an AWS service that already
has a delegated administrator. To complete this operation, you must first
deregister any existing delegated administrators for this service.

* EMAIL_VERIFICATION_CODE_EXPIRED: The email verification code is only
valid for a limited period of time. You must resubmit the request and
generate a new verfication code.

* HANDSHAKE_RATE_LIMIT_EXCEEDED: You attempted to exceed the number of
handshakes that you can send in one day.

* MASTER_ACCOUNT_ADDRESS_DOES_NOT_MATCH_MARKETPLACE: To create an account
in this organization, you first must migrate the organization's master
account to the marketplace that corresponds to the master account's address.
For example, accounts with India addresses must be associated with the
AISPL marketplace. All accounts in an organization must be associated
with the same marketplace.

* MASTER_ACCOUNT_MISSING_BUSINESS_LICENSE: Applies only to the AWS Regions
in China. To create an organization, the master must have an valid business
license. For more information, contact customer support.

* MASTER_ACCOUNT_MISSING_CONTACT_INFO: To complete this operation, you
must first provide a valid contact address and phone number for the master
account. Then try the operation again.

* MASTER_ACCOUNT_NOT_GOVCLOUD_ENABLED: To complete this operation, the
master account must have an associated account in the AWS GovCloud (US-West)
Region. For more information, see AWS Organizations (http://docs.aws.amazon.com/govcloud-us/latest/UserGuide/govcloud-organizations.html)
in the AWS GovCloud User Guide.

* MASTER_ACCOUNT_PAYMENT_INSTRUMENT_REQUIRED: To create an organization
with this master account, you first must associate a valid payment instrument,
such as a credit card, with the account. Follow the steps at To leave
an organization when all required account information has not yet been
provided (http://docs.aws.amazon.com/organizations/latest/userguide/orgs_manage_accounts_remove.html#leave-without-all-info)
in the AWS Organizations User Guide.

* MAX_DELEGATED_ADMINISTRATORS_FOR_SERVICE_LIMIT_EXCEEDED: You attempted
to register more delegated administrators than allowed for the service
principal.

* MAX_POLICY_TYPE_ATTACHMENT_LIMIT_EXCEEDED: You attempted to exceed the
number of policies of a certain type that can be attached to an entity
at one time.

* MAX_TAG_LIMIT_EXCEEDED: You have exceeded the number of tags allowed
on this resource.

* MEMBER_ACCOUNT_PAYMENT_INSTRUMENT_REQUIRED: To complete this operation
with this member account, you first must associate a valid payment instrument,
such as a credit card, with the account. Follow the steps at To leave
an organization when all required account information has not yet been
provided (http://docs.aws.amazon.com/organizations/latest/userguide/orgs_manage_accounts_remove.html#leave-without-all-info)
in the AWS Organizations User Guide.

* MIN_POLICY_TYPE_ATTACHMENT_LIMIT_EXCEEDED: You attempted to detach a
policy from an entity that would cause the entity to have fewer than the
minimum number of policies of a certain type required.

* ORGANIZATION_NOT_IN_ALL_FEATURES_MODE: You attempted to perform an operation
that requires the organization to be configured to support all features.
An organization that supports only consolidated billing features can't
perform this operation.

* OU_DEPTH_LIMIT_EXCEEDED: You attempted to create an OU tree that is
too many levels deep.

* OU_NUMBER_LIMIT_EXCEEDED: You attempted to exceed the number of OUs
that you can have in an organization.

* POLICY_CONTENT_LIMIT_EXCEEDED: You attempted to create a policy that
is larger than the maximum size.

* POLICY_NUMBER_LIMIT_EXCEEDED: You attempted to exceed the number of
policies that you can have in an organization.

* TAG_POLICY_VIOLATION: You attempted to create or update a resource with
tags that are not compliant with the tag policy requirements for this
account.

func (*ConstraintViolationException) Code

Code returns the exception type name.

func (*ConstraintViolationException) Error

func (ConstraintViolationException) GoString

func (s ConstraintViolationException) GoString() string

GoString returns the string representation

func (*ConstraintViolationException) Message

func (s *ConstraintViolationException) Message() string

Message returns the exception's message.

func (*ConstraintViolationException) OrigErr

func (s *ConstraintViolationException) OrigErr() error

OrigErr always returns nil, satisfies awserr.Error interface.

func (*ConstraintViolationException) RequestID

func (s *ConstraintViolationException) RequestID() string

RequestID returns the service's response RequestID for request.

func (*ConstraintViolationException) StatusCode

func (s *ConstraintViolationException) StatusCode() int

Status code returns the HTTP status code for the request's response error.

func (ConstraintViolationException) String

String returns the string representation

type CreateAccountInput

type CreateAccountInput struct {

	// The friendly name of the member account.
	//
	// AccountName is a required field
	AccountName *string `min:"1" type:"string" required:"true" sensitive:"true"`

	// The email address of the owner to assign to the new member account. This
	// email address must not already be associated with another AWS account. You
	// must use a valid email address to complete account creation. You can't access
	// the root user of the account or remove an account that was created with an
	// invalid email address.
	//
	// Email is a required field
	Email *string `min:"6" type:"string" required:"true" sensitive:"true"`

	// If set to ALLOW, the new account enables IAM users to access account billing
	// information if they have the required permissions. If set to DENY, only the
	// root user of the new account can access account billing information. For
	// more information, see Activating Access to the Billing and Cost Management
	// Console (https://docs.aws.amazon.com/awsaccountbilling/latest/aboutv2/grantaccess.html#ControllingAccessWebsite-Activate)
	// in the AWS Billing and Cost Management User Guide.
	//
	// If you don't specify this parameter, the value defaults to ALLOW, and IAM
	// users and roles with the required permissions can access billing information
	// for the new account.
	IamUserAccessToBilling *string `type:"string" enum:"IAMUserAccessToBilling"`

	// (Optional)
	//
	// The name of an IAM role that AWS Organizations automatically preconfigures
	// in the new member account. This role trusts the master account, allowing
	// users in the master account to assume the role, as permitted by the master
	// account administrator. The role has administrator permissions in the new
	// member account.
	//
	// If you don't specify this parameter, the role name defaults to OrganizationAccountAccessRole.
	//
	// For more information about how to use this role to access the member account,
	// see the following links:
	//
	//    * Accessing and Administering the Member Accounts in Your Organization
	//    (https://docs.aws.amazon.com/organizations/latest/userguide/orgs_manage_accounts_access.html#orgs_manage_accounts_create-cross-account-role)
	//    in the AWS Organizations User Guide
	//
	//    * Steps 2 and 3 in Tutorial: Delegate Access Across AWS Accounts Using
	//    IAM Roles (https://docs.aws.amazon.com/IAM/latest/UserGuide/tutorial_cross-account-with-roles.html)
	//    in the IAM User Guide
	//
	// The regex pattern (http://wikipedia.org/wiki/regex) that is used to validate
	// this parameter. The pattern can include uppercase letters, lowercase letters,
	// digits with no spaces, and any of the following characters: =,.@-
	RoleName *string `type:"string"`
	// contains filtered or unexported fields
}

func (CreateAccountInput) GoString

func (s CreateAccountInput) GoString() string

GoString returns the string representation

func (*CreateAccountInput) SetAccountName

func (s *CreateAccountInput) SetAccountName(v string) *CreateAccountInput

SetAccountName sets the AccountName field's value.

func (*CreateAccountInput) SetEmail

SetEmail sets the Email field's value.

func (*CreateAccountInput) SetIamUserAccessToBilling

func (s *CreateAccountInput) SetIamUserAccessToBilling(v string) *CreateAccountInput

SetIamUserAccessToBilling sets the IamUserAccessToBilling field's value.

func (*CreateAccountInput) SetRoleName

func (s *CreateAccountInput) SetRoleName(v string) *CreateAccountInput

SetRoleName sets the RoleName field's value.

func (CreateAccountInput) String

func (s CreateAccountInput) String() string

String returns the string representation

func (*CreateAccountInput) Validate

func (s *CreateAccountInput) Validate() error

Validate inspects the fields of the type to determine if they are valid.

type CreateAccountOutput

type CreateAccountOutput struct {

	// A structure that contains details about the request to create an account.
	// This response structure might not be fully populated when you first receive
	// it because account creation is an asynchronous process. You can pass the
	// returned CreateAccountStatus ID as a parameter to DescribeCreateAccountStatus
	// to get status about the progress of the request at later times. You can also
	// check the AWS CloudTrail log for the CreateAccountResult event. For more
	// information, see Monitoring the Activity in Your Organization (http://docs.aws.amazon.com/organizations/latest/userguide/orgs_monitoring.html)
	// in the AWS Organizations User Guide.
	CreateAccountStatus *CreateAccountStatus `type:"structure"`
	// contains filtered or unexported fields
}

func (CreateAccountOutput) GoString

func (s CreateAccountOutput) GoString() string

GoString returns the string representation

func (*CreateAccountOutput) SetCreateAccountStatus

func (s *CreateAccountOutput) SetCreateAccountStatus(v *CreateAccountStatus) *CreateAccountOutput

SetCreateAccountStatus sets the CreateAccountStatus field's value.

func (CreateAccountOutput) String

func (s CreateAccountOutput) String() string

String returns the string representation

type CreateAccountStatus

type CreateAccountStatus struct {

	// If the account was created successfully, the unique identifier (ID) of the
	// new account.
	//
	// The regex pattern (http://wikipedia.org/wiki/regex) for an account ID string
	// requires exactly 12 digits.
	AccountId *string `type:"string"`

	// The account name given to the account when it was created.
	AccountName *string `min:"1" type:"string" sensitive:"true"`

	// The date and time that the account was created and the request completed.
	CompletedTimestamp *time.Time `type:"timestamp"`

	// If the request failed, a description of the reason for the failure.
	//
	//    * ACCOUNT_LIMIT_EXCEEDED: The account could not be created because you
	//    have reached the limit on the number of accounts in your organization.
	//
	//    * EMAIL_ALREADY_EXISTS: The account could not be created because another
	//    AWS account with that email address already exists.
	//
	//    * GOVCLOUD_ACCOUNT_ALREADY_EXISTS: The account in the AWS GovCloud (US)
	//    Region could not be created because this Region already includes an account
	//    with that email address.
	//
	//    * INVALID_ADDRESS: The account could not be created because the address
	//    you provided is not valid.
	//
	//    * INVALID_EMAIL: The account could not be created because the email address
	//    you provided is not valid.
	//
	//    * INTERNAL_FAILURE: The account could not be created because of an internal
	//    failure. Try again later. If the problem persists, contact Customer Support.
	FailureReason *string `type:"string" enum:"CreateAccountFailureReason"`

	// If the account was created successfully, the unique identifier (ID) of the
	// new account in the AWS GovCloud (US) Region.
	GovCloudAccountId *string `type:"string"`

	// The unique identifier (ID) that references this request. You get this value
	// from the response of the initial CreateAccount request to create the account.
	//
	// The regex pattern (http://wikipedia.org/wiki/regex) for a create account
	// request ID string requires "car-" followed by from 8 to 32 lower-case letters
	// or digits.
	Id *string `type:"string"`

	// The date and time that the request was made for the account creation.
	RequestedTimestamp *time.Time `type:"timestamp"`

	// The status of the request.
	State *string `type:"string" enum:"CreateAccountState"`
	// contains filtered or unexported fields
}

Contains the status about a CreateAccount or CreateGovCloudAccount request to create an AWS account or an AWS GovCloud (US) account in an organization.

func (CreateAccountStatus) GoString

func (s CreateAccountStatus) GoString() string

GoString returns the string representation

func (*CreateAccountStatus) SetAccountId

func (s *CreateAccountStatus) SetAccountId(v string) *CreateAccountStatus

SetAccountId sets the AccountId field's value.

func (*CreateAccountStatus) SetAccountName

func (s *CreateAccountStatus) SetAccountName(v string) *CreateAccountStatus

SetAccountName sets the AccountName field's value.

func (*CreateAccountStatus) SetCompletedTimestamp

func (s *CreateAccountStatus) SetCompletedTimestamp(v time.Time) *CreateAccountStatus

SetCompletedTimestamp sets the CompletedTimestamp field's value.

func (*CreateAccountStatus) SetFailureReason

func (s *CreateAccountStatus) SetFailureReason(v string) *CreateAccountStatus

SetFailureReason sets the FailureReason field's value.

func (*CreateAccountStatus) SetGovCloudAccountId

func (s *CreateAccountStatus) SetGovCloudAccountId(v string) *CreateAccountStatus

SetGovCloudAccountId sets the GovCloudAccountId field's value.

func (*CreateAccountStatus) SetId

SetId sets the Id field's value.

func (*CreateAccountStatus) SetRequestedTimestamp

func (s *CreateAccountStatus) SetRequestedTimestamp(v time.Time) *CreateAccountStatus

SetRequestedTimestamp sets the RequestedTimestamp field's value.

func (*CreateAccountStatus) SetState

SetState sets the State field's value.

func (CreateAccountStatus) String

func (s CreateAccountStatus) String() string

String returns the string representation

type CreateAccountStatusNotFoundException

type CreateAccountStatusNotFoundException struct {
	RespMetadata protocol.ResponseMetadata `json:"-" xml:"-"`

	Message_ *string `locationName:"Message" type:"string"`
	// contains filtered or unexported fields
}

We can't find an create account request with the CreateAccountRequestId that you specified.

func (*CreateAccountStatusNotFoundException) Code

Code returns the exception type name.

func (*CreateAccountStatusNotFoundException) Error

func (CreateAccountStatusNotFoundException) GoString

GoString returns the string representation

func (*CreateAccountStatusNotFoundException) Message

Message returns the exception's message.

func (*CreateAccountStatusNotFoundException) OrigErr