VPC configuration (optional). Configuration parameters for the private Virtual Private Cloud (VPC) that contains the resources you are using for this job.
" + "documentation":"The configuration of the Virtual Private Cloud (VPC) that contains the resources that you're using for this job. For more information, see Protect your model customization jobs using a VPC.
" } } }, @@ -1439,6 +1439,10 @@ "shape":"ModelInvocationJobOutputDataConfig", "documentation":"Details about the location of the output of the batch inference job.
" }, + "vpcConfig":{ + "shape":"VpcConfig", + "documentation":"The configuration of the Virtual Private Cloud (VPC) for the data in the batch inference job. For more information, see Protect batch inference jobs using a VPC.
" + }, "timeoutDurationInHours":{ "shape":"ModelInvocationJobTimeoutDurationInHours", "documentation":"The number of hours after which to force the batch inference job to time out.
" @@ -2816,6 +2820,10 @@ "shape":"ModelInvocationJobOutputDataConfig", "documentation":"Details about the location of the output of the batch inference job.
" }, + "vpcConfig":{ + "shape":"VpcConfig", + "documentation":"The configuration of the Virtual Private Cloud (VPC) for the data in the batch inference job. For more information, see Protect batch inference jobs using a VPC.
" + }, "timeoutDurationInHours":{ "shape":"ModelInvocationJobTimeoutDurationInHours", "documentation":"The number of hours after which batch inference job was set to time out.
" @@ -4997,9 +5005,13 @@ "s3Uri":{ "shape":"S3Uri", "documentation":"The S3 location of the input data.
" + }, + "s3BucketOwner":{ + "shape":"AccountId", + "documentation":"The ID of the Amazon Web Services account that owns the S3 bucket containing the input data.
" } }, - "documentation":"Contains the configuration of the S3 location of the output data.
" + "documentation":"Contains the configuration of the S3 location of the input data.
" }, "ModelInvocationJobS3OutputDataConfig":{ "type":"structure", @@ -5012,6 +5024,10 @@ "s3EncryptionKeyId":{ "shape":"KmsKeyId", "documentation":"The unique identifier of the key that encrypts the S3 location of the output data.
" + }, + "s3BucketOwner":{ + "shape":"AccountId", + "documentation":"The ID of the Amazon Web Services account that owns the S3 bucket containing the output data.
" } }, "documentation":"Contains the configuration of the S3 location of the output data.
" @@ -5095,6 +5111,10 @@ "shape":"ModelInvocationJobOutputDataConfig", "documentation":"Details about the location of the output of the batch inference job.
" }, + "vpcConfig":{ + "shape":"VpcConfig", + "documentation":"The configuration of the Virtual Private Cloud (VPC) for the data in the batch inference job. For more information, see Protect batch inference jobs using a VPC.
" + }, "timeoutDurationInHours":{ "shape":"ModelInvocationJobTimeoutDurationInHours", "documentation":"The number of hours after which the batch inference job was set to time out.
" @@ -5753,14 +5773,14 @@ "members":{ "subnetIds":{ "shape":"SubnetIds", - "documentation":"VPC configuration subnets.
" + "documentation":"An array of IDs for each subnet in the VPC to use.
" }, "securityGroupIds":{ "shape":"SecurityGroupIds", - "documentation":"VPC configuration security group Ids.
" + "documentation":"An array of IDs for each security group in the VPC to use.
" } }, - "documentation":"VPC configuration.
" + "documentation":"The configuration of a virtual private cloud (VPC). For more information, see Protect your data using Amazon Virtual Private Cloud and Amazon Web Services PrivateLink.
" } }, "documentation":"Describes the API operations for creating, managing, fine-turning, and evaluating Amazon Bedrock models.
" diff --git a/botocore/data/endpoints.json b/botocore/data/endpoints.json index 63edba279a..14e50ff40c 100644 --- a/botocore/data/endpoints.json +++ b/botocore/data/endpoints.json @@ -7249,6 +7249,12 @@ "tags" : [ "fips" ] } ] }, + "ap-southeast-5" : { + "variants" : [ { + "hostname" : "elasticfilesystem-fips.ap-southeast-5.amazonaws.com", + "tags" : [ "fips" ] + } ] + }, "ca-central-1" : { "variants" : [ { "hostname" : "elasticfilesystem-fips.ca-central-1.amazonaws.com", @@ -7386,6 +7392,13 @@ "deprecated" : true, "hostname" : "elasticfilesystem-fips.ap-southeast-4.amazonaws.com" }, + "fips-ap-southeast-5" : { + "credentialScope" : { + "region" : "ap-southeast-5" + }, + "deprecated" : true, + "hostname" : "elasticfilesystem-fips.ap-southeast-5.amazonaws.com" + }, "fips-ca-central-1" : { "credentialScope" : { "region" : "ca-central-1" @@ -19497,9 +19510,11 @@ "ap-northeast-2" : { }, "ap-northeast-3" : { }, "ap-south-1" : { }, + "ap-south-2" : { }, "ap-southeast-1" : { }, "ap-southeast-2" : { }, "ap-southeast-3" : { }, + "ap-southeast-4" : { }, "ca-central-1" : { "variants" : [ { "hostname" : "ssm-sap-fips.ca-central-1.amazonaws.com", @@ -19507,8 +19522,10 @@ } ] }, "eu-central-1" : { }, + "eu-central-2" : { }, "eu-north-1" : { }, "eu-south-1" : { }, + "eu-south-2" : { }, "eu-west-1" : { }, "eu-west-2" : { }, "eu-west-3" : { }, @@ -19547,6 +19564,8 @@ "deprecated" : true, "hostname" : "ssm-sap-fips.us-west-2.amazonaws.com" }, + "il-central-1" : { }, + "me-central-1" : { }, "me-south-1" : { }, "sa-east-1" : { }, "us-east-1" : { @@ -20453,82 +20472,62 @@ "ap-south-1" : { }, "ap-southeast-1" : { }, "ap-southeast-2" : { }, - "ca-central-1" : { }, - "eu-central-1" : { }, - "eu-west-1" : { }, - "eu-west-2" : { }, - "sa-east-1" : { }, - "transcribestreaming-ca-central-1" : { - "credentialScope" : { - "region" : "ca-central-1" - }, - "deprecated" : true, + "ca-central-1" : { "variants" : [ { "hostname" : "transcribestreaming-fips.ca-central-1.amazonaws.com", "tags" : [ "fips" ] } ] }, - "transcribestreaming-fips-ca-central-1" : { + "eu-central-1" : { }, + "eu-west-1" : { }, + "eu-west-2" : { }, + "fips-ca-central-1" : { "credentialScope" : { "region" : "ca-central-1" }, "deprecated" : true, "hostname" : "transcribestreaming-fips.ca-central-1.amazonaws.com" }, - "transcribestreaming-fips-us-east-1" : { + "fips-us-east-1" : { "credentialScope" : { "region" : "us-east-1" }, "deprecated" : true, "hostname" : "transcribestreaming-fips.us-east-1.amazonaws.com" }, - "transcribestreaming-fips-us-east-2" : { + "fips-us-east-2" : { "credentialScope" : { "region" : "us-east-2" }, "deprecated" : true, "hostname" : "transcribestreaming-fips.us-east-2.amazonaws.com" }, - "transcribestreaming-fips-us-west-2" : { + "fips-us-west-2" : { "credentialScope" : { "region" : "us-west-2" }, "deprecated" : true, "hostname" : "transcribestreaming-fips.us-west-2.amazonaws.com" }, - "transcribestreaming-us-east-1" : { - "credentialScope" : { - "region" : "us-east-1" - }, - "deprecated" : true, + "sa-east-1" : { }, + "us-east-1" : { "variants" : [ { "hostname" : "transcribestreaming-fips.us-east-1.amazonaws.com", "tags" : [ "fips" ] } ] }, - "transcribestreaming-us-east-2" : { - "credentialScope" : { - "region" : "us-east-2" - }, - "deprecated" : true, + "us-east-2" : { "variants" : [ { "hostname" : "transcribestreaming-fips.us-east-2.amazonaws.com", "tags" : [ "fips" ] } ] }, - "transcribestreaming-us-west-2" : { - "credentialScope" : { - "region" : "us-west-2" - }, - "deprecated" : true, + "us-west-2" : { "variants" : [ { "hostname" : "transcribestreaming-fips.us-west-2.amazonaws.com", "tags" : [ "fips" ] } ] - }, - "us-east-1" : { }, - "us-east-2" : { }, - "us-west-2" : { } + } } }, "transfer" : { @@ -28673,8 +28672,32 @@ }, "transcribestreaming" : { "endpoints" : { - "us-gov-east-1" : { }, - "us-gov-west-1" : { } + "fips-us-gov-east-1" : { + "credentialScope" : { + "region" : "us-gov-east-1" + }, + "deprecated" : true, + "hostname" : "transcribestreaming-fips.us-gov-east-1.amazonaws.com" + }, + "fips-us-gov-west-1" : { + "credentialScope" : { + "region" : "us-gov-west-1" + }, + "deprecated" : true, + "hostname" : "transcribestreaming-fips.us-gov-west-1.amazonaws.com" + }, + "us-gov-east-1" : { + "variants" : [ { + "hostname" : "transcribestreaming-fips.us-gov-east-1.amazonaws.com", + "tags" : [ "fips" ] + } ] + }, + "us-gov-west-1" : { + "variants" : [ { + "hostname" : "transcribestreaming-fips.us-gov-west-1.amazonaws.com", + "tags" : [ "fips" ] + } ] + } } }, "transfer" : { diff --git a/botocore/data/iot/2015-05-28/paginators-1.json b/botocore/data/iot/2015-05-28/paginators-1.json index b6549493e7..c9301cee6b 100644 --- a/botocore/data/iot/2015-05-28/paginators-1.json +++ b/botocore/data/iot/2015-05-28/paginators-1.json @@ -355,6 +355,12 @@ "limit_key": "maxResults", "output_token": "nextToken", "result_key": "packageSummaries" + }, + "ListSbomValidationResults": { + "input_token": "nextToken", + "limit_key": "maxResults", + "output_token": "nextToken", + "result_key": "validationResultSummaries" } } } diff --git a/botocore/data/iot/2015-05-28/service-2.json b/botocore/data/iot/2015-05-28/service-2.json index dfd8d6af25..31bbd74646 100644 --- a/botocore/data/iot/2015-05-28/service-2.json +++ b/botocore/data/iot/2015-05-28/service-2.json @@ -4,11 +4,13 @@ "apiVersion":"2015-05-28", "endpointPrefix":"iot", "protocol":"rest-json", + "protocols":["rest-json"], "serviceFullName":"AWS IoT", "serviceId":"IoT", "signatureVersion":"v4", "signingName":"iot", - "uid":"iot-2015-05-28" + "uid":"iot-2015-05-28", + "auth":["aws.auth#sigv4"] }, "operations":{ "AcceptCertificateTransfer":{ @@ -61,6 +63,26 @@ ], "documentation":"Adds a thing to a thing group.
Requires permission to access the AddThingToThingGroup action.
" }, + "AssociateSbomWithPackageVersion":{ + "name":"AssociateSbomWithPackageVersion", + "http":{ + "method":"PUT", + "requestUri":"/packages/{packageName}/versions/{versionName}/sbom", + "responseCode":200 + }, + "input":{"shape":"AssociateSbomWithPackageVersionRequest"}, + "output":{"shape":"AssociateSbomWithPackageVersionResponse"}, + "errors":[ + {"shape":"ThrottlingException"}, + {"shape":"ConflictException"}, + {"shape":"InternalServerException"}, + {"shape":"ValidationException"}, + {"shape":"ServiceQuotaExceededException"}, + {"shape":"ResourceNotFoundException"} + ], + "documentation":"Associates a software bill of materials (SBOM) with a specific software package version.
Requires permission to access the AssociateSbomWithPackageVersion action.
", + "idempotent":true + }, "AssociateTargetsWithJob":{ "name":"AssociateTargetsWithJob", "http":{ @@ -2102,6 +2124,25 @@ ], "documentation":"Disables the rule.
Requires permission to access the DisableTopicRule action.
" }, + "DisassociateSbomFromPackageVersion":{ + "name":"DisassociateSbomFromPackageVersion", + "http":{ + "method":"DELETE", + "requestUri":"/packages/{packageName}/versions/{versionName}/sbom", + "responseCode":200 + }, + "input":{"shape":"DisassociateSbomFromPackageVersionRequest"}, + "output":{"shape":"DisassociateSbomFromPackageVersionResponse"}, + "errors":[ + {"shape":"ThrottlingException"}, + {"shape":"ConflictException"}, + {"shape":"InternalServerException"}, + {"shape":"ValidationException"}, + {"shape":"ResourceNotFoundException"} + ], + "documentation":"Disassociates a software bill of materials (SBOM) from a specific software package version.
Requires permission to access the DisassociateSbomWithPackageVersion action.
", + "idempotent":true + }, "EnableTopicRule":{ "name":"EnableTopicRule", "http":{ @@ -3107,6 +3148,23 @@ ], "documentation":"Lists the role aliases registered in your account.
Requires permission to access the ListRoleAliases action.
" }, + "ListSbomValidationResults":{ + "name":"ListSbomValidationResults", + "http":{ + "method":"GET", + "requestUri":"/packages/{packageName}/versions/{versionName}/sbom-validation-results", + "responseCode":200 + }, + "input":{"shape":"ListSbomValidationResultsRequest"}, + "output":{"shape":"ListSbomValidationResultsResponse"}, + "errors":[ + {"shape":"ThrottlingException"}, + {"shape":"InternalServerException"}, + {"shape":"ValidationException"}, + {"shape":"ResourceNotFoundException"} + ], + "documentation":"The validation results for all software bill of materials (SBOM) attached to a specific software package version.
Requires permission to access the ListSbomValidationResults action.
" + }, "ListScheduledAudits":{ "name":"ListScheduledAudits", "http":{ @@ -4277,6 +4335,7 @@ "output":{"shape":"UpdateStreamResponse"}, "errors":[ {"shape":"InvalidRequestException"}, + {"shape":"LimitExceededException"}, {"shape":"ResourceNotFoundException"}, {"shape":"ThrottlingException"}, {"shape":"UnauthorizedException"}, @@ -4858,6 +4917,54 @@ }, "documentation":"Contains an asset property value (of a single type).
" }, + "AssociateSbomWithPackageVersionRequest":{ + "type":"structure", + "required":[ + "packageName", + "versionName", + "sbom" + ], + "members":{ + "packageName":{ + "shape":"PackageName", + "documentation":"The name of the new software package.
", + "location":"uri", + "locationName":"packageName" + }, + "versionName":{ + "shape":"VersionName", + "documentation":"The name of the new package version.
", + "location":"uri", + "locationName":"versionName" + }, + "sbom":{"shape":"Sbom"}, + "clientToken":{ + "shape":"ClientToken", + "documentation":"A unique case-sensitive identifier that you can provide to ensure the idempotency of the request. Don't reuse this client token if a new idempotent request is required.
", + "idempotencyToken":true, + "location":"querystring", + "locationName":"clientToken" + } + } + }, + "AssociateSbomWithPackageVersionResponse":{ + "type":"structure", + "members":{ + "packageName":{ + "shape":"PackageName", + "documentation":"The name of the new software package.
" + }, + "versionName":{ + "shape":"VersionName", + "documentation":"The name of the new package version.
" + }, + "sbom":{"shape":"Sbom"}, + "sbomValidationStatus":{ + "shape":"SbomValidationStatus", + "documentation":"The status of the initial validation for the SBOM against the Software Package Data Exchange (SPDX) and CycloneDX industry standard format.
" + } + } + }, "AssociateTargetsWithJobRequest":{ "type":"structure", "required":[ @@ -5726,6 +5833,7 @@ }, "AwsJobTimeoutInProgressTimeoutInMinutes":{"type":"long"}, "BatchMode":{"type":"boolean"}, + "BeforeSubstitutionFlag":{"type":"boolean"}, "Behavior":{ "type":"structure", "required":["name"], @@ -7558,6 +7666,14 @@ "shape":"ResourceAttributes", "documentation":"Metadata that can be used to define a package version’s configuration. For example, the S3 file location, configuration options that are being sent to the device or fleet.
The combined size of all the attributes on a package version is limited to 3KB.
" }, + "artifact":{ + "shape":"PackageVersionArtifact", + "documentation":"The various build components created during the build process such as libraries and configuration files that make up a software package version.
" + }, + "recipe":{ + "shape":"PackageVersionRecipe", + "documentation":"The inline job document associated with a software package version used for a quick job deployment via IoT Jobs.
" + }, "tags":{ "shape":"TagMap", "documentation":"Metadata that can be used to manage the package version.
" @@ -9684,6 +9800,12 @@ "documentation":"The unique identifier you assigned to this job when it was created.
", "location":"uri", "locationName":"jobId" + }, + "beforeSubstitution":{ + "shape":"BeforeSubstitutionFlag", + "documentation":"A flag that provides a view of the job document before and after the substitution parameters have been resolved with their exact values.
", + "location":"querystring", + "locationName":"beforeSubstitution" } } }, @@ -10664,6 +10786,39 @@ }, "documentation":"The input for the DisableTopicRuleRequest operation.
" }, + "DisassociateSbomFromPackageVersionRequest":{ + "type":"structure", + "required":[ + "packageName", + "versionName" + ], + "members":{ + "packageName":{ + "shape":"PackageName", + "documentation":"The name of the new software package.
", + "location":"uri", + "locationName":"packageName" + }, + "versionName":{ + "shape":"VersionName", + "documentation":"The name of the new package version.
", + "location":"uri", + "locationName":"versionName" + }, + "clientToken":{ + "shape":"ClientToken", + "documentation":"A unique case-sensitive identifier that you can provide to ensure the idempotency of the request. Don't reuse this client token if a new idempotent request is required.
", + "idempotencyToken":true, + "location":"querystring", + "locationName":"clientToken" + } + } + }, + "DisassociateSbomFromPackageVersionResponse":{ + "type":"structure", + "members":{ + } + }, "DisconnectReason":{"type":"string"}, "DocumentParameter":{ "type":"structure", @@ -11397,6 +11552,12 @@ "documentation":"The unique identifier you assigned to this job when it was created.
", "location":"uri", "locationName":"jobId" + }, + "beforeSubstitution":{ + "shape":"BeforeSubstitutionFlag", + "documentation":"A flag that provides a view of the job document before and after the substitution parameters have been resolved with their exact values.
", + "location":"querystring", + "locationName":"beforeSubstitution" } } }, @@ -11549,6 +11710,10 @@ "shape":"ResourceAttributes", "documentation":"Metadata that were added to the package version that can be used to define a package version’s configuration.
" }, + "artifact":{ + "shape":"PackageVersionArtifact", + "documentation":"The various components that make up a software package version.
" + }, "status":{ "shape":"PackageVersionStatus", "documentation":"The status associated to the package version. For more information, see Package version lifecycle.
" @@ -11564,6 +11729,18 @@ "lastModifiedDate":{ "shape":"LastModifiedDate", "documentation":"The date when the package version was last updated.
" + }, + "sbom":{ + "shape":"Sbom", + "documentation":"The software bill of materials for a software package version.
" + }, + "sbomValidationStatus":{ + "shape":"SbomValidationStatus", + "documentation":"The status of the validation for a new software bill of materials added to a software package version.
" + }, + "recipe":{ + "shape":"PackageVersionRecipe", + "documentation":"The inline job document associated with a software package version used for a quick job deployment via IoT Jobs.
" } } }, @@ -14501,6 +14678,58 @@ } } }, + "ListSbomValidationResultsRequest":{ + "type":"structure", + "required":[ + "packageName", + "versionName" + ], + "members":{ + "packageName":{ + "shape":"PackageName", + "documentation":"The name of the new software package.
", + "location":"uri", + "locationName":"packageName" + }, + "versionName":{ + "shape":"VersionName", + "documentation":"The name of the new package version.
", + "location":"uri", + "locationName":"versionName" + }, + "validationResult":{ + "shape":"SbomValidationResult", + "documentation":"The end result of the
", + "location":"querystring", + "locationName":"validationResult" + }, + "maxResults":{ + "shape":"PackageCatalogMaxResults", + "documentation":"The maximum number of results to return at one time.
", + "location":"querystring", + "locationName":"maxResults" + }, + "nextToken":{ + "shape":"NextToken", + "documentation":"A token that can be used to retrieve the next set of results, or null if there are no additional results.
", + "location":"querystring", + "locationName":"nextToken" + } + } + }, + "ListSbomValidationResultsResponse":{ + "type":"structure", + "members":{ + "validationResultSummaries":{ + "shape":"SbomValidationResultSummaryList", + "documentation":"A summary of the validation results for each software bill of materials attached to a software package version.
" + }, + "nextToken":{ + "shape":"NextToken", + "documentation":"A token that can be used to retrieve the next set of results, or null if there are no additional results.
" + } + } + }, "ListScheduledAuditsRequest":{ "type":"structure", "members":{ @@ -16224,7 +16453,19 @@ "min":1, "pattern":"^arn:[!-~]+$" }, + "PackageVersionArtifact":{ + "type":"structure", + "members":{ + "s3Location":{"shape":"S3Location"} + }, + "documentation":"The Amazon S3 location for the artifacts associated with a software package version.
" + }, "PackageVersionErrorReason":{"type":"string"}, + "PackageVersionRecipe":{ + "type":"string", + "max":3072, + "sensitive":true + }, "PackageVersionStatus":{ "type":"string", "enum":[ @@ -17425,6 +17666,62 @@ "type":"string", "min":40 }, + "Sbom":{ + "type":"structure", + "members":{ + "s3Location":{"shape":"S3Location"} + }, + "documentation":"The Amazon S3 location for the software bill of materials associated with a software package version.
" + }, + "SbomValidationErrorCode":{ + "type":"string", + "enum":[ + "INCOMPATIBLE_FORMAT", + "FILE_SIZE_LIMIT_EXCEEDED" + ] + }, + "SbomValidationErrorMessage":{"type":"string"}, + "SbomValidationResult":{ + "type":"string", + "enum":[ + "FAILED", + "SUCCEEDED" + ] + }, + "SbomValidationResultSummary":{ + "type":"structure", + "members":{ + "fileName":{ + "shape":"FileName", + "documentation":"The name of the SBOM file.
" + }, + "validationResult":{ + "shape":"SbomValidationResult", + "documentation":"The end result of the SBOM validation.
" + }, + "errorCode":{ + "shape":"SbomValidationErrorCode", + "documentation":"The errorCode representing the validation failure error if the SBOM validation failed.
The errorMessage representing the validation failure error if the SBOM validation failed.
A summary of the validation results for a specific software bill of materials (SBOM) attached to a software package version.
" + }, + "SbomValidationResultSummaryList":{ + "type":"list", + "member":{"shape":"SbomValidationResultSummary"} + }, + "SbomValidationStatus":{ + "type":"string", + "enum":[ + "IN_PROGRESS", + "FAILED", + "SUCCEEDED" + ] + }, "ScheduledAuditArn":{"type":"string"}, "ScheduledAuditMetadata":{ "type":"structure", @@ -17639,7 +17936,7 @@ "members":{ "enableOCSPCheck":{ "shape":"EnableOCSPCheck", - "documentation":"A Boolean value that indicates whether Online Certificate Status Protocol (OCSP) server certificate check is enabled or not.
For more information, see Configuring OCSP server-certificate stapling in domain configuration from Amazon Web Services IoT Core Developer Guide.
" + "documentation":"A Boolean value that indicates whether Online Certificate Status Protocol (OCSP) server certificate check is enabled or not.
For more information, see Configuring OCSP server-certificate stapling in domain configuration from Amazon Web Services IoT Core Developer Guide.
" } }, "documentation":"The server certificate configuration.
" @@ -20148,10 +20445,18 @@ "shape":"ResourceAttributes", "documentation":"Metadata that can be used to define a package version’s configuration. For example, the Amazon S3 file location, configuration options that are being sent to the device or fleet.
Note: Attributes can be updated only when the package version is in a draft state.
The combined size of all the attributes on a package version is limited to 3KB.
" }, + "artifact":{ + "shape":"PackageVersionArtifact", + "documentation":"The various components that make up a software package version.
" + }, "action":{ "shape":"PackageVersionAction", "documentation":"The status that the package version should be assigned. For more information, see Package version lifecycle.
" }, + "recipe":{ + "shape":"PackageVersionRecipe", + "documentation":"The inline job document associated with a software package version used for a quick job deployment via IoT Jobs.
" + }, "clientToken":{ "shape":"ClientToken", "documentation":"A unique case-sensitive identifier that you can provide to ensure the idempotency of the request. Don't reuse this client token if a new idempotent request is required.
", diff --git a/botocore/data/medialive/2017-10-14/service-2.json b/botocore/data/medialive/2017-10-14/service-2.json index 34f865e256..d95f989ded 100644 --- a/botocore/data/medialive/2017-10-14/service-2.json +++ b/botocore/data/medialive/2017-10-14/service-2.json @@ -26658,7 +26658,6 @@ "documentation": "With the introduction of MediaLive OnPrem, a MediaLive input can now exist in two different places: AWS or\ninside an on-premise datacenter. By default all inputs will continue to be AWS inputs.", "enum": [ "AWS", - "ON_PREMISE", "ON_PREMISES" ] }, diff --git a/botocore/data/organizations/2016-11-28/service-2.json b/botocore/data/organizations/2016-11-28/service-2.json index c51aeb4466..a89d4096d1 100644 --- a/botocore/data/organizations/2016-11-28/service-2.json +++ b/botocore/data/organizations/2016-11-28/service-2.json @@ -102,7 +102,7 @@ {"shape":"TooManyRequestsException"}, {"shape":"UnsupportedAPIEndpointException"} ], - "documentation":"Closes an Amazon Web Services member account within an organization. You can close an account when all features are enabled . You can't close the management account with this API. This is an asynchronous request that Amazon Web Services performs in the background. Because CloseAccount operates asynchronously, it can return a successful completion message even though account closure might still be in progress. You need to wait a few minutes before the account is fully closed. To check the status of the request, do one of the following:
Use the AccountId that you sent in the CloseAccount request to provide as a parameter to the DescribeAccount operation.
While the close account request is in progress, Account status will indicate PENDING_CLOSURE. When the close account request completes, the status will change to SUSPENDED.
Check the CloudTrail log for the CloseAccountResult event that gets published after the account closes successfully. For information on using CloudTrail with Organizations, see Logging and monitoring in Organizations in the Organizations User Guide.
You can close only 10% of member accounts, between 10 and 1000, within a rolling 30 day period. This quota is not bound by a calendar month, but starts when you close an account. After you reach this limit, you can close additional accounts. For more information, see Closing a member account in your organization and Quotas for Organizationsin the Organizations User Guide.
To reinstate a closed account, contact Amazon Web Services Support within the 90-day grace period while the account is in SUSPENDED status.
If the Amazon Web Services account you attempt to close is linked to an Amazon Web Services GovCloud (US) account, the CloseAccount request will close both accounts. To learn important pre-closure details, see Closing an Amazon Web Services GovCloud (US) account in the Amazon Web Services GovCloud User Guide.
Closes an Amazon Web Services member account within an organization. You can close an account when all features are enabled . You can't close the management account with this API. This is an asynchronous request that Amazon Web Services performs in the background. Because CloseAccount operates asynchronously, it can return a successful completion message even though account closure might still be in progress. You need to wait a few minutes before the account is fully closed. To check the status of the request, do one of the following:
Use the AccountId that you sent in the CloseAccount request to provide as a parameter to the DescribeAccount operation.
While the close account request is in progress, Account status will indicate PENDING_CLOSURE. When the close account request completes, the status will change to SUSPENDED.
Check the CloudTrail log for the CloseAccountResult event that gets published after the account closes successfully. For information on using CloudTrail with Organizations, see Logging and monitoring in Organizations in the Organizations User Guide.
You can close only 10% of member accounts, between 10 and 1000, within a rolling 30 day period. This quota is not bound by a calendar month, but starts when you close an account. After you reach this limit, you can't close additional accounts. For more information, see Closing a member account in your organization and Quotas for Organizations in the Organizations User Guide.
To reinstate a closed account, contact Amazon Web Services Support within the 90-day grace period while the account is in SUSPENDED status.
If the Amazon Web Services account you attempt to close is linked to an Amazon Web Services GovCloud (US) account, the CloseAccount request will close both accounts. To learn important pre-closure details, see Closing an Amazon Web Services GovCloud (US) account in the Amazon Web Services GovCloud User Guide.
Creates an Amazon Web Services account that is automatically a member of the organization whose credentials made the request. This is an asynchronous request that Amazon Web Services performs in the background. Because CreateAccount operates asynchronously, it can return a successful completion message even though account initialization might still be in progress. You might need to wait a few minutes before you can successfully access the account. To check the status of the request, do one of the following:
Use the Id value of the CreateAccountStatus response element from this operation to provide as a parameter to the DescribeCreateAccountStatus operation.
Check the CloudTrail log for the CreateAccountResult event. For information on using CloudTrail with Organizations, see Logging and monitoring in Organizations in the Organizations User Guide.
The user who calls the API to create an account must have the organizations:CreateAccount permission. If you enabled all features in the organization, Organizations creates the required service-linked role named AWSServiceRoleForOrganizations. For more information, see Organizations and service-linked roles in the Organizations User Guide.
If the request includes tags, then the requester must have the organizations:TagResource permission.
Organizations preconfigures the new member account with a role (named OrganizationAccountAccessRole by default) that grants users in the management account administrator permissions in the new member account. Principals in the management account can assume the role. Organizations clones the company name and address information for the new account from the organization's management account.
This operation can be called only from the organization's management account.
For more information about creating accounts, see Creating a member account in your organization in the Organizations User Guide.
When you create an account in an organization using the Organizations console, API, or CLI commands, the information required for the account to operate as a standalone account, such as a payment method is not automatically collected. If you must remove an account from your organization later, you can do so only after you provide the missing information. For more information, see Considerations before removing an account from an organization in the Organizations User Guide.
If you get an exception that indicates that you exceeded your account limits for the organization, contact Amazon Web Services Support.
If you get an exception that indicates that the operation failed because your organization is still initializing, wait one hour and then try again. If the error persists, contact Amazon Web Services Support.
Using CreateAccount to create multiple temporary accounts isn't recommended. You can only close an account from the Billing and Cost Management console, and you must be signed in as the root user. For information on the requirements and process for closing an account, see Closing a member account in your organization in the Organizations User Guide.
When you create a member account with this operation, you can choose whether to create the account with the IAM User and Role Access to Billing Information switch enabled. If you enable it, IAM users and roles that have appropriate permissions can view billing information for the account. If you disable it, only the account root user can access billing information. For information about how to disable this switch for an account, see Granting access to your billing information and tools.
Creates an Amazon Web Services account that is automatically a member of the organization whose credentials made the request. This is an asynchronous request that Amazon Web Services performs in the background. Because CreateAccount operates asynchronously, it can return a successful completion message even though account initialization might still be in progress. You might need to wait a few minutes before you can successfully access the account. To check the status of the request, do one of the following:
Use the Id value of the CreateAccountStatus response element from this operation to provide as a parameter to the DescribeCreateAccountStatus operation.
Check the CloudTrail log for the CreateAccountResult event. For information on using CloudTrail with Organizations, see Logging and monitoring in Organizations in the Organizations User Guide.
The user who calls the API to create an account must have the organizations:CreateAccount permission. If you enabled all features in the organization, Organizations creates the required service-linked role named AWSServiceRoleForOrganizations. For more information, see Organizations and service-linked roles in the Organizations User Guide.
If the request includes tags, then the requester must have the organizations:TagResource permission.
Organizations preconfigures the new member account with a role (named OrganizationAccountAccessRole by default) that grants users in the management account administrator permissions in the new member account. Principals in the management account can assume the role. Organizations clones the company name and address information for the new account from the organization's management account.
This operation can be called only from the organization's management account.
For more information about creating accounts, see Creating a member account in your organization in the Organizations User Guide.
When you create an account in an organization using the Organizations console, API, or CLI commands, the information required for the account to operate as a standalone account, such as a payment method is not automatically collected. If you must remove an account from your organization later, you can do so only after you provide the missing information. For more information, see Considerations before removing an account from an organization in the Organizations User Guide.
If you get an exception that indicates that you exceeded your account limits for the organization, contact Amazon Web Services Support.
If you get an exception that indicates that the operation failed because your organization is still initializing, wait one hour and then try again. If the error persists, contact Amazon Web Services Support.
It isn't recommended to use CreateAccount to create multiple temporary accounts, and using the CreateAccount API to close accounts is subject to a 30-day usage quota. For information on the requirements and process for closing an account, see Closing a member account in your organization in the Organizations User Guide.
When you create a member account with this operation, you can choose whether to create the account with the IAM User and Role Access to Billing Information switch enabled. If you enable it, IAM users and roles that have appropriate permissions can view billing information for the account. If you disable it, only the account root user can access billing information. For information about how to disable this switch for an account, see Granting access to your billing information and tools.
Enables the integration of an Amazon Web Services service (the service that is specified by ServicePrincipal) with Organizations. When you enable integration, you allow the specified service to create a service-linked role in all the accounts in your organization. This allows the service to perform operations on your behalf in your organization and its accounts.
We recommend that you enable integration between Organizations and the specified Amazon Web Services service by using the console or commands that are provided by the specified service. Doing so ensures that the service is aware that it can create the resources that are required for the integration. How the service creates those resources in the organization's accounts depends on that service. For more information, see the documentation for the other Amazon Web Services service.
For more information about enabling services to integrate with Organizations, see Using Organizations with other Amazon Web Services services in the Organizations User Guide.
You can only call this operation from the organization's management account and only if the organization has enabled all features.
" + "documentation":"Provides an Amazon Web Services service (the service that is specified by ServicePrincipal) with permissions to view the structure of an organization, create a service-linked role in all the accounts in the organization, and allow the service to perform operations on behalf of the organization and its accounts. Establishing these permissions can be a first step in enabling the integration of an Amazon Web Services service with Organizations.
We recommend that you enable integration between Organizations and the specified Amazon Web Services service by using the console or commands that are provided by the specified service. Doing so ensures that the service is aware that it can create the resources that are required for the integration. How the service creates those resources in the organization's accounts depends on that service. For more information, see the documentation for the other Amazon Web Services service.
For more information about enabling services to integrate with Organizations, see Using Organizations with other Amazon Web Services services in the Organizations User Guide.
You can only call this operation from the organization's management account and only if the organization has enabled all features.
" }, "EnableAllFeatures":{ "name":"EnableAllFeatures", @@ -639,7 +639,7 @@ {"shape":"ServiceException"}, {"shape":"TooManyRequestsException"} ], - "documentation":"Removes a member account from its parent organization. This version of the operation is performed by the account that wants to leave. To remove a member account as a user in the management account, use RemoveAccountFromOrganization instead.
This operation can be called only from a member account in the organization.
The management account in an organization with all features enabled can set service control policies (SCPs) that can restrict what administrators of member accounts can do. This includes preventing them from successfully calling LeaveOrganization and leaving the organization.
You can leave an organization as a member account only if the account is configured with the information required to operate as a standalone account. When you create an account in an organization using the Organizations console, API, or CLI commands, the information required of standalone accounts is not automatically collected. For each account that you want to make standalone, you must perform the following steps. If any of the steps are already completed for this account, that step doesn't appear.
Choose a support plan
Provide and verify the required contact information
Provide a current payment method
Amazon Web Services uses the payment method to charge for any billable (not free tier) Amazon Web Services activity that occurs while the account isn't attached to an organization. For more information, see Considerations before removing an account from an organization in the Organizations User Guide.
The account that you want to leave must not be a delegated administrator account for any Amazon Web Services service enabled for your organization. If the account is a delegated administrator, you must first change the delegated administrator account to another account that is remaining in the organization.
You can leave an organization only after you enable IAM user access to billing in your account. For more information, see About IAM access to the Billing and Cost Management console in the Amazon Web Services Billing and Cost Management User Guide.
After the account leaves the organization, all tags that were attached to the account object in the organization are deleted. Amazon Web Services accounts outside of an organization do not support tags.
A newly created account has a waiting period before it can be removed from its organization. If you get an error that indicates that a wait period is required, then try again in a few days.
If you are using an organization principal to call LeaveOrganization across multiple accounts, you can only do this up to 5 accounts per second in a single organization.
Removes a member account from its parent organization. This version of the operation is performed by the account that wants to leave. To remove a member account as a user in the management account, use RemoveAccountFromOrganization instead.
This operation can be called only from a member account in the organization.
The management account in an organization with all features enabled can set service control policies (SCPs) that can restrict what administrators of member accounts can do. This includes preventing them from successfully calling LeaveOrganization and leaving the organization.
You can leave an organization as a member account only if the account is configured with the information required to operate as a standalone account. When you create an account in an organization using the Organizations console, API, or CLI commands, the information required of standalone accounts is not automatically collected. For each account that you want to make standalone, you must perform the following steps. If any of the steps are already completed for this account, that step doesn't appear.
Choose a support plan
Provide and verify the required contact information
Provide a current payment method
Amazon Web Services uses the payment method to charge for any billable (not free tier) Amazon Web Services activity that occurs while the account isn't attached to an organization. For more information, see Considerations before removing an account from an organization in the Organizations User Guide.
The account that you want to leave must not be a delegated administrator account for any Amazon Web Services service enabled for your organization. If the account is a delegated administrator, you must first change the delegated administrator account to another account that is remaining in the organization.
You can leave an organization only after you enable IAM user access to billing in your account. For more information, see About IAM access to the Billing and Cost Management console in the Amazon Web Services Billing and Cost Management User Guide.
After the account leaves the organization, all tags that were attached to the account object in the organization are deleted. Amazon Web Services accounts outside of an organization do not support tags.
A newly created account has a waiting period before it can be removed from its organization. You must wait until at least seven days after the account was created. Invited accounts aren't subject to this waiting period.
If you are using an organization principal to call LeaveOrganization across multiple accounts, you can only do this up to 5 accounts per second in a single organization.
Performing this operation violates a minimum or maximum value limit. For example, attempting to remove the last service control policy (SCP) from an OU or root, inviting or creating too many accounts to the organization, or attaching too many policies to an account, OU, or root. This exception includes a reason that contains additional information about the violated limit:
Some of the reasons in the following list might not be applicable to this specific API or operation.
ACCOUNT_CANNOT_LEAVE_ORGANIZATION: You attempted to remove the management account from the organization. You can't remove the management account. Instead, after you remove all member accounts, delete the organization itself.
ACCOUNT_CANNOT_LEAVE_WITHOUT_PHONE_VERIFICATION: You attempted to remove an account from the organization that doesn't yet have enough information to exist as a standalone account. This account requires you to first complete phone verification. Follow the steps at Removing a member account from your organization in the Organizations User Guide.
ACCOUNT_CREATION_RATE_LIMIT_EXCEEDED: You attempted to exceed the number of accounts that you can create in one day.
ACCOUNT_CREATION_NOT_COMPLETE: Your account setup isn't complete or your account isn't fully active. You must complete the account setup before you create an organization.
ACCOUNT_NUMBER_LIMIT_EXCEEDED: You attempted to exceed the limit on the number of accounts in an organization. If you need more accounts, contact Amazon Web Services Support to request an increase in your limit.
Or the number of invitations that you tried to send would cause you to exceed the limit of accounts in your organization. Send fewer invitations or contact Amazon Web Services Support to request an increase in the number of accounts.
Deleted and closed accounts still count toward your limit.
If you get this exception when running a command immediately after creating the organization, wait one hour and try again. After an hour, if the command continues to fail with this error, contact Amazon Web Services Support.
CANNOT_REGISTER_SUSPENDED_ACCOUNT_AS_DELEGATED_ADMINISTRATOR: You cannot register a suspended account as a delegated administrator.
CANNOT_REGISTER_MASTER_AS_DELEGATED_ADMINISTRATOR: You attempted to register the management account of the organization as a delegated administrator for an Amazon Web Services service integrated with Organizations. You can designate only a member account as a delegated administrator.
CANNOT_CLOSE_MANAGEMENT_ACCOUNT: You attempted to close the management account. To close the management account for the organization, you must first either remove or close all member accounts in the organization. Follow standard account closure process using root credentials.
CANNOT_REMOVE_DELEGATED_ADMINISTRATOR_FROM_ORG: You attempted to remove an account that is registered as a delegated administrator for a service integrated with your organization. To complete this operation, you must first deregister this account as a delegated administrator.
CLOSE_ACCOUNT_QUOTA_EXCEEDED: You have exceeded close account quota for the past 30 days.
CLOSE_ACCOUNT_REQUESTS_LIMIT_EXCEEDED: You attempted to exceed the number of accounts that you can close at a time.
CREATE_ORGANIZATION_IN_BILLING_MODE_UNSUPPORTED_REGION: To create an organization in the specified region, you must enable all features mode.
DELEGATED_ADMINISTRATOR_EXISTS_FOR_THIS_SERVICE: You attempted to register an Amazon Web Services account as a delegated administrator for an Amazon Web Services service that already has a delegated administrator. To complete this operation, you must first deregister any existing delegated administrators for this service.
EMAIL_VERIFICATION_CODE_EXPIRED: The email verification code is only valid for a limited period of time. You must resubmit the request and generate a new verfication code.
HANDSHAKE_RATE_LIMIT_EXCEEDED: You attempted to exceed the number of handshakes that you can send in one day.
INVALID_PAYMENT_INSTRUMENT: You cannot remove an account because no supported payment method is associated with the account. Amazon Web Services does not support cards issued by financial institutions in Russia or Belarus. For more information, see Managing your Amazon Web Services payments.
MASTER_ACCOUNT_ADDRESS_DOES_NOT_MATCH_MARKETPLACE: To create an account in this organization, you first must migrate the organization's management account to the marketplace that corresponds to the management account's address. All accounts in an organization must be associated with the same marketplace.
MASTER_ACCOUNT_MISSING_BUSINESS_LICENSE: Applies only to the Amazon Web Services Regions in China. To create an organization, the master must have a valid business license. For more information, contact customer support.
MASTER_ACCOUNT_MISSING_CONTACT_INFO: To complete this operation, you must first provide a valid contact address and phone number for the management account. Then try the operation again.
MASTER_ACCOUNT_NOT_GOVCLOUD_ENABLED: To complete this operation, the management account must have an associated account in the Amazon Web Services GovCloud (US-West) Region. For more information, see Organizations in the Amazon Web Services GovCloud User Guide.
MASTER_ACCOUNT_PAYMENT_INSTRUMENT_REQUIRED: To create an organization with this management account, you first must associate a valid payment instrument, such as a credit card, with the account. For more information, see Considerations before removing an account from an organization in the Organizations User Guide.
MAX_DELEGATED_ADMINISTRATORS_FOR_SERVICE_LIMIT_EXCEEDED: You attempted to register more delegated administrators than allowed for the service principal.
MAX_POLICY_TYPE_ATTACHMENT_LIMIT_EXCEEDED: You attempted to exceed the number of policies of a certain type that can be attached to an entity at one time.
MAX_TAG_LIMIT_EXCEEDED: You have exceeded the number of tags allowed on this resource.
MEMBER_ACCOUNT_PAYMENT_INSTRUMENT_REQUIRED: To complete this operation with this member account, you first must associate a valid payment instrument, such as a credit card, with the account. For more information, see Considerations before removing an account from an organization in the Organizations User Guide.
MIN_POLICY_TYPE_ATTACHMENT_LIMIT_EXCEEDED: You attempted to detach a policy from an entity that would cause the entity to have fewer than the minimum number of policies of a certain type required.
ORGANIZATION_NOT_IN_ALL_FEATURES_MODE: You attempted to perform an operation that requires the organization to be configured to support all features. An organization that supports only consolidated billing features can't perform this operation.
OU_DEPTH_LIMIT_EXCEEDED: You attempted to create an OU tree that is too many levels deep.
OU_NUMBER_LIMIT_EXCEEDED: You attempted to exceed the number of OUs that you can have in an organization.
POLICY_CONTENT_LIMIT_EXCEEDED: You attempted to create a policy that is larger than the maximum size.
POLICY_NUMBER_LIMIT_EXCEEDED: You attempted to exceed the number of policies that you can have in an organization.
SERVICE_ACCESS_NOT_ENABLED: You attempted to register a delegated administrator before you enabled service access. Call the EnableAWSServiceAccess API first.
TAG_POLICY_VIOLATION: You attempted to create or update a resource with tags that are not compliant with the tag policy requirements for this account.
WAIT_PERIOD_ACTIVE: After you create an Amazon Web Services account, there is a waiting period before you can remove it from the organization. If you get an error that indicates that a wait period is required, try again in a few days.
Performing this operation violates a minimum or maximum value limit. For example, attempting to remove the last service control policy (SCP) from an OU or root, inviting or creating too many accounts to the organization, or attaching too many policies to an account, OU, or root. This exception includes a reason that contains additional information about the violated limit:
Some of the reasons in the following list might not be applicable to this specific API or operation.
ACCOUNT_CANNOT_LEAVE_ORGANIZATION: You attempted to remove the management account from the organization. You can't remove the management account. Instead, after you remove all member accounts, delete the organization itself.
ACCOUNT_CANNOT_LEAVE_WITHOUT_PHONE_VERIFICATION: You attempted to remove an account from the organization that doesn't yet have enough information to exist as a standalone account. This account requires you to first complete phone verification. Follow the steps at Removing a member account from your organization in the Organizations User Guide.
ACCOUNT_CREATION_RATE_LIMIT_EXCEEDED: You attempted to exceed the number of accounts that you can create in one day.
ACCOUNT_CREATION_NOT_COMPLETE: Your account setup isn't complete or your account isn't fully active. You must complete the account setup before you create an organization.
ACCOUNT_NUMBER_LIMIT_EXCEEDED: You attempted to exceed the limit on the number of accounts in an organization. If you need more accounts, contact Amazon Web Services Support to request an increase in your limit.
Or the number of invitations that you tried to send would cause you to exceed the limit of accounts in your organization. Send fewer invitations or contact Amazon Web Services Support to request an increase in the number of accounts.
Deleted and closed accounts still count toward your limit.
If you get this exception when running a command immediately after creating the organization, wait one hour and try again. After an hour, if the command continues to fail with this error, contact Amazon Web Services Support.
CANNOT_REGISTER_SUSPENDED_ACCOUNT_AS_DELEGATED_ADMINISTRATOR: You cannot register a suspended account as a delegated administrator.
CANNOT_REGISTER_MASTER_AS_DELEGATED_ADMINISTRATOR: You attempted to register the management account of the organization as a delegated administrator for an Amazon Web Services service integrated with Organizations. You can designate only a member account as a delegated administrator.
CANNOT_CLOSE_MANAGEMENT_ACCOUNT: You attempted to close the management account. To close the management account for the organization, you must first either remove or close all member accounts in the organization. Follow standard account closure process using root credentials.
CANNOT_REMOVE_DELEGATED_ADMINISTRATOR_FROM_ORG: You attempted to remove an account that is registered as a delegated administrator for a service integrated with your organization. To complete this operation, you must first deregister this account as a delegated administrator.
CLOSE_ACCOUNT_QUOTA_EXCEEDED: You have exceeded close account quota for the past 30 days.
CLOSE_ACCOUNT_REQUESTS_LIMIT_EXCEEDED: You attempted to exceed the number of accounts that you can close at a time.
CREATE_ORGANIZATION_IN_BILLING_MODE_UNSUPPORTED_REGION: To create an organization in the specified region, you must enable all features mode.
DELEGATED_ADMINISTRATOR_EXISTS_FOR_THIS_SERVICE: You attempted to register an Amazon Web Services account as a delegated administrator for an Amazon Web Services service that already has a delegated administrator. To complete this operation, you must first deregister any existing delegated administrators for this service.
EMAIL_VERIFICATION_CODE_EXPIRED: The email verification code is only valid for a limited period of time. You must resubmit the request and generate a new verfication code.
HANDSHAKE_RATE_LIMIT_EXCEEDED: You attempted to exceed the number of handshakes that you can send in one day.
INVALID_PAYMENT_INSTRUMENT: You cannot remove an account because no supported payment method is associated with the account. Amazon Web Services does not support cards issued by financial institutions in Russia or Belarus. For more information, see Managing your Amazon Web Services payments.
MASTER_ACCOUNT_ADDRESS_DOES_NOT_MATCH_MARKETPLACE: To create an account in this organization, you first must migrate the organization's management account to the marketplace that corresponds to the management account's address. All accounts in an organization must be associated with the same marketplace.
MASTER_ACCOUNT_MISSING_BUSINESS_LICENSE: Applies only to the Amazon Web Services Regions in China. To create an organization, the master must have a valid business license. For more information, contact customer support.
MASTER_ACCOUNT_MISSING_CONTACT_INFO: To complete this operation, you must first provide a valid contact address and phone number for the management account. Then try the operation again.
MASTER_ACCOUNT_NOT_GOVCLOUD_ENABLED: To complete this operation, the management account must have an associated account in the Amazon Web Services GovCloud (US-West) Region. For more information, see Organizations in the Amazon Web Services GovCloud User Guide.
MASTER_ACCOUNT_PAYMENT_INSTRUMENT_REQUIRED: To create an organization with this management account, you first must associate a valid payment instrument, such as a credit card, with the account. For more information, see Considerations before removing an account from an organization in the Organizations User Guide.
MAX_DELEGATED_ADMINISTRATORS_FOR_SERVICE_LIMIT_EXCEEDED: You attempted to register more delegated administrators than allowed for the service principal.
MAX_POLICY_TYPE_ATTACHMENT_LIMIT_EXCEEDED: You attempted to exceed the number of policies of a certain type that can be attached to an entity at one time.
MAX_TAG_LIMIT_EXCEEDED: You have exceeded the number of tags allowed on this resource.
MEMBER_ACCOUNT_PAYMENT_INSTRUMENT_REQUIRED: To complete this operation with this member account, you first must associate a valid payment instrument, such as a credit card, with the account. For more information, see Considerations before removing an account from an organization in the Organizations User Guide.
MIN_POLICY_TYPE_ATTACHMENT_LIMIT_EXCEEDED: You attempted to detach a policy from an entity that would cause the entity to have fewer than the minimum number of policies of a certain type required.
ORGANIZATION_NOT_IN_ALL_FEATURES_MODE: You attempted to perform an operation that requires the organization to be configured to support all features. An organization that supports only consolidated billing features can't perform this operation.
OU_DEPTH_LIMIT_EXCEEDED: You attempted to create an OU tree that is too many levels deep.
OU_NUMBER_LIMIT_EXCEEDED: You attempted to exceed the number of OUs that you can have in an organization.
POLICY_CONTENT_LIMIT_EXCEEDED: You attempted to create a policy that is larger than the maximum size.
POLICY_NUMBER_LIMIT_EXCEEDED: You attempted to exceed the number of policies that you can have in an organization.
SERVICE_ACCESS_NOT_ENABLED: You attempted to register a delegated administrator before you enabled service access. Call the EnableAWSServiceAccess API first.
TAG_POLICY_VIOLATION: You attempted to create or update a resource with tags that are not compliant with the tag policy requirements for this account.
WAIT_PERIOD_ACTIVE: After you create an Amazon Web Services account, you must wait until at least seven days after the account was created. Invited accounts aren't subject to this waiting period.
A structure that contains information about the organization.
The AvailablePolicyTypes part of the response is deprecated, and you shouldn't use it in your apps. It doesn't include any policy type supported by Organizations other than SCPs. To determine which policy types are enabled in your organization, use the ListRoots operation.
A structure that contains information about the organization.
The AvailablePolicyTypes part of the response is deprecated, and you shouldn't use it in your apps. It doesn't include any policy type supported by Organizations other than SCPs. In the China (Ningxia) Region, no policy type is included. To determine which policy types are enabled in your organization, use the ListRoots operation.
Connector for SCEP (Preview) is in preview release for Amazon Web Services Private Certificate Authority and is subject to change.
Connector for SCEP (Preview) creates a connector between Amazon Web Services Private CA and your SCEP-enabled clients and devices. For more information, see Connector for SCEP in the Amazon Web Services Private CA User Guide.
" + "documentation":"Connector for SCEP creates a connector between Amazon Web Services Private CA and your SCEP-enabled clients and devices. For more information, see Connector for SCEP in the Amazon Web Services Private CA User Guide.
" } diff --git a/botocore/data/rds/2014-10-31/service-2.json b/botocore/data/rds/2014-10-31/service-2.json index e21f1c0a86..a3ae53f176 100644 --- a/botocore/data/rds/2014-10-31/service-2.json +++ b/botocore/data/rds/2014-10-31/service-2.json @@ -1874,7 +1874,7 @@ {"shape":"TenantDatabaseNotFoundFault"}, {"shape":"DBSnapshotTenantDatabaseNotFoundFault"} ], - "documentation":"Lists all tags on an Amazon RDS resource.
For an overview on tagging an Amazon RDS resource, see Tagging Amazon RDS Resources in the Amazon RDS User Guide.
" + "documentation":"Lists all tags on an Amazon RDS resource.
For an overview on tagging an Amazon RDS resource, see Tagging Amazon RDS Resources in the Amazon RDS User Guide or Tagging Amazon Aurora and Amazon RDS Resources in the Amazon Aurora User Guide.
" }, "ModifyActivityStream":{ "name":"ModifyActivityStream", @@ -2528,7 +2528,7 @@ {"shape":"TenantDatabaseNotFoundFault"}, {"shape":"DBSnapshotTenantDatabaseNotFoundFault"} ], - "documentation":"Removes metadata tags from an Amazon RDS resource.
For an overview on tagging an Amazon RDS resource, see Tagging Amazon RDS Resources in the Amazon RDS User Guide.
" + "documentation":"Removes metadata tags from an Amazon RDS resource.
For an overview on tagging an Amazon RDS resource, see Tagging Amazon RDS Resources in the Amazon RDS User Guide or Tagging Amazon Aurora and Amazon RDS Resources in the Amazon Aurora User Guide.
" }, "ResetDBClusterParameterGroup":{ "name":"ResetDBClusterParameterGroup", @@ -3208,7 +3208,7 @@ }, "ApplyAction":{ "shape":"String", - "documentation":"The pending maintenance action to apply to this resource.
Valid Values:
ca-certificate-rotation
db-upgrade
hardware-maintenance
os-upgrade
system-update
For more information about these actions, see Maintenance actions for Amazon Aurora or Maintenance actions for Amazon RDS.
" + "documentation":"The pending maintenance action to apply to this resource.
Valid Values: system-update, db-upgrade, hardware-maintenance, ca-certificate-rotation
Specifies whether to enable storage encryption for the new global database cluster.
Constraints:
Can't be specified if SourceDBClusterIdentifier is specified. In this case, Amazon Aurora uses the setting from the source DB cluster.
Tags to assign to the global cluster.
" } } }, @@ -11103,7 +11107,8 @@ "FailoverState":{ "shape":"FailoverState", "documentation":"A data object containing all properties for the current state of an in-process or pending switchover or failover process for this global cluster (Aurora global database). This object is empty unless the SwitchoverGlobalCluster or FailoverGlobalCluster operation was called on this global cluster.
A data type representing an Aurora global database.
", "wrapper":true @@ -13805,7 +13810,7 @@ "members":{ "Action":{ "shape":"String", - "documentation":"The type of pending maintenance action that is available for the resource.
For more information about maintenance actions, see Maintaining a DB instance.
Valid Values:
ca-certificate-rotation
db-upgrade
hardware-maintenance
os-upgrade
system-update
For more information about these actions, see Maintenance actions for Amazon Aurora or Maintenance actions for Amazon RDS.
" + "documentation":"The type of pending maintenance action that is available for the resource.
For more information about maintenance actions, see Maintaining a DB instance.
Valid Values: system-update | db-upgrade | hardware-maintenance | ca-certificate-rotation