Client
organizations | R Documentation |
AWS Organizations¶
Description¶
Organizations is a web service that enables you to consolidate your multiple Amazon Web Services accounts into an organization and centrally manage your accounts and their resources.
This guide provides descriptions of the Organizations operations. For more information about using this service, see the Organizations User Guide.
Support and feedback for Organizations
We welcome your feedback. Send your comments to feedback-awsorganizations@amazon.com or post your feedback and questions in the Organizations support forum. For more information about the Amazon Web Services support forums, see Forums Help.
Endpoint to call When using the CLI or the Amazon Web Services SDK
For the current release of Organizations, specify the us-east-1
region
for all Amazon Web Services API and CLI calls made from the commercial
Amazon Web Services Regions outside of China. If calling from one of the
Amazon Web Services Regions in China, then specify cn-northwest-1
. You
can do this in the CLI by using these parameters and commands:
-
Use the following parameter with each command to specify both the endpoint and its region:
--endpoint-url https://organizations.us-east-1.amazonaws.com
(from commercial Amazon Web Services Regions outside of China)or
--endpoint-url https://organizations.cn-northwest-1.amazonaws.com.cn
(from Amazon Web Services Regions in China) -
Use the default endpoint, but configure your default region with this command:
aws configure set default.region us-east-1
(from commercial Amazon Web Services Regions outside of China)or
aws configure set default.region cn-northwest-1
(from Amazon Web Services Regions in China) -
Use the following parameter with each command to specify the endpoint:
--region us-east-1
(from commercial Amazon Web Services Regions outside of China)or
--region cn-northwest-1
(from Amazon Web Services Regions in China)
Recording API Requests
Organizations supports CloudTrail, a service that records Amazon Web Services API calls for your Amazon Web Services account and delivers log files to an Amazon S3 bucket. By using information collected by CloudTrail, you can determine which requests the Organizations service received, who made the request and when, and so on. For more about Organizations and its support for CloudTrail, see Logging Organizations API calls with CloudTrail in the Organizations User Guide. To learn more about CloudTrail, including how to turn it on and find your log files, see the CloudTrail User Guide.
Usage¶
Arguments¶
config
Optional configuration of credentials, endpoint, and/or region.
credentials:
creds:
access_key_id: AWS access key ID
secret_access_key: AWS secret access key
session_token: AWS temporary session token
profile: The name of a profile to use. If not given, then the default profile is used.
anonymous: Set anonymous credentials.
endpoint: The complete URL to use for the constructed client.
region: The AWS Region used in instantiating the client.
close_connection: Immediately close all HTTP connections.
timeout: The time in seconds till a timeout exception is thrown when attempting to make a connection. The default is 60 seconds.
s3_force_path_style: Set this to
true
to force the request to use path-style addressing, i.e.http://s3.amazonaws.com/BUCKET/KEY
.sts_regional_endpoint: Set sts regional endpoint resolver to regional or legacy https://docs.aws.amazon.com/sdkref/latest/guide/feature-sts-regionalized-endpoints.html
credentials
Optional credentials shorthand for the config parameter
creds:
access_key_id: AWS access key ID
secret_access_key: AWS secret access key
session_token: AWS temporary session token
profile: The name of a profile to use. If not given, then the default profile is used.
anonymous: Set anonymous credentials.
endpoint
Optional shorthand for complete URL to use for the constructed client.
region
Optional shorthand for AWS Region used in instantiating the client.
Value¶
A client for the service. You can call the service's operations using
syntax like svc$operation(...)
, where svc
is the name you've
assigned to the client. The available operations are listed in the
Operations section.
Service syntax¶
svc <- organizations(
config = list(
credentials = list(
creds = list(
access_key_id = "string",
secret_access_key = "string",
session_token = "string"
),
profile = "string",
anonymous = "logical"
),
endpoint = "string",
region = "string",
close_connection = "logical",
timeout = "numeric",
s3_force_path_style = "logical",
sts_regional_endpoint = "string"
),
credentials = list(
creds = list(
access_key_id = "string",
secret_access_key = "string",
session_token = "string"
),
profile = "string",
anonymous = "logical"
),
endpoint = "string",
region = "string"
)
Operations¶
- accept_handshake
- Sends a response to the originator of a handshake agreeing to the action proposed by the handshake request
- attach_policy
- Attaches a policy to a root, an organizational unit (OU), or an individual account
- cancel_handshake
- Cancels a handshake
- close_account
- Closes an Amazon Web Services member account within an organization
- create_account
- Creates an Amazon Web Services account that is automatically a member of the organization whose credentials made the request
- create_gov_cloud_account
- This action is available if all of the following are true:
- create_organization
- Creates an Amazon Web Services organization
- create_organizational_unit
- Creates an organizational unit (OU) within a root or parent OU
- create_policy
- Creates a policy of a specified type that you can attach to a root, an organizational unit (OU), or an individual Amazon Web Services account
- decline_handshake
- Declines a handshake request
- delete_organization
- Deletes the organization
- delete_organizational_unit
- Deletes an organizational unit (OU) from a root or another OU
- delete_policy
- Deletes the specified policy from your organization
- delete_resource_policy
- Deletes the resource policy from your organization
- deregister_delegated_administrator
- Removes the specified member Amazon Web Services account as a delegated administrator for the specified Amazon Web Services service
- describe_account
- Retrieves Organizations-related information about the specified account
- describe_create_account_status
- Retrieves the current status of an asynchronous request to create an account
- describe_effective_policy
- Returns the contents of the effective policy for specified policy type and account
- describe_handshake
- Retrieves information about a previously requested handshake
- describe_organization
- Retrieves information about the organization that the user's account belongs to
- describe_organizational_unit
- Retrieves information about an organizational unit (OU)
- describe_policy
- Retrieves information about a policy
- describe_resource_policy
- Retrieves information about a resource policy
- detach_policy
- Detaches a policy from a target root, organizational unit (OU), or account
- disable_aws_service_access
- Disables the integration of an Amazon Web Services service (the service that is specified by ServicePrincipal) with Organizations
- disable_policy_type
- Disables an organizational policy type in a root
- enable_all_features
- Enables all features in an organization
- enable_aws_service_access
- Enables the integration of an Amazon Web Services service (the service that is specified by ServicePrincipal) with Organizations
- enable_policy_type
- Enables a policy type in a root
- invite_account_to_organization
- Sends an invitation to another account to join your organization as a member account
- leave_organization
- Removes a member account from its parent organization
- list_accounts
- Lists all the accounts in the organization
- list_accounts_for_parent
- Lists the accounts in an organization that are contained by the specified target root or organizational unit (OU)
- Returns a list of the Amazon Web Services services that you enabled to integrate with your organization
- list_children
- Lists all of the organizational units (OUs) or accounts that are contained in the specified parent OU or root
- list_create_account_status
- Lists the account creation requests that match the specified status that is currently being tracked for the organization
- list_delegated_administrators
- Lists the Amazon Web Services accounts that are designated as delegated administrators in this organization
- list_delegated_services_for_account
- List the Amazon Web Services services for which the specified account is a delegated administrator
- list_handshakes_for_account
- Lists the current handshakes that are associated with the account of the requesting user
- list_handshakes_for_organization
- Lists the handshakes that are associated with the organization that the requesting user is part of
- list_organizational_units_for_parent
- Lists the organizational units (OUs) in a parent organizational unit or root
- list_parents
- Lists the root or organizational units (OUs) that serve as the immediate parent of the specified child OU or account
- list_policies
- Retrieves the list of all policies in an organization of a specified type
- list_policies_for_target
- Lists the policies that are directly attached to the specified target root, organizational unit (OU), or account
- list_roots
- Lists the roots that are defined in the current organization
- list_tags_for_resource
- Lists tags that are attached to the specified resource
- list_targets_for_policy
- Lists all the roots, organizational units (OUs), and accounts that the specified policy is attached to
- move_account
- Moves an account from its current source parent root or organizational unit (OU) to the specified destination parent root or OU
- put_resource_policy
- Creates or updates a resource policy
- register_delegated_administrator
- Enables the specified member account to administer the Organizations features of the specified Amazon Web Services service
- remove_account_from_organization
- Removes the specified account from the organization
- tag_resource
- Adds one or more tags to the specified resource
- untag_resource
- Removes any tags with the specified keys from the specified resource
- update_organizational_unit
- Renames the specified organizational unit (OU)
- update_policy
- Updates an existing policy with a new name, description, or content
Examples¶
## Not run:
svc <- organizations()
# Bill is the owner of an organization, and he invites Juan's account
# (222222222222) to join his organization. The following example shows
# Juan's account accepting the handshake and thus agreeing to the
# invitation.
svc$accept_handshake(
HandshakeId = "h-examplehandshakeid111"
)
## End(Not run)