controltower

package
v1.0.1 Latest Latest
Warning

This package is not in the latest version of its module.

Go to latest
Published: Jul 4, 2024 License: Apache-2.0 Imports: 10 Imported by: 0

Documentation

Overview

Package controltower provides the client and types for making API requests to AWS Control Tower.

These interfaces allow you to apply the AWS library of pre-defined controls to your organizational units, programmatically. In this context, controls are the same as AWS Control Tower guardrails.

To call these APIs, you'll need to know:

  • the ControlARN for the control--that is, the guardrail--you are targeting,

  • and the ARN associated with the target organizational unit (OU).

To get the ControlARN for your AWS Control Tower guardrail:

The ControlARN contains the control name which is specified in each guardrail. For a list of control names for Strongly recommended and Elective guardrails, see Resource identifiers for APIs and guardrails (https://docs.aws.amazon.com/controltower/latest/userguide/control-identifiers.html.html) in the Automating tasks section (https://docs.aws.amazon.com/controltower/latest/userguide/automating-tasks.html) of the AWS Control Tower User Guide. Remember that Mandatory guardrails cannot be added or removed.

ARN format: arn:aws:controltower:{REGION}::control/{CONTROL_NAME}

Example:

arn:aws:controltower:us-west-2::control/AWS-GR_AUTOSCALING_LAUNCH_CONFIG_PUBLIC_IP_DISABLED

To get the ARN for an OU:

In the AWS Organizations console, you can find the ARN for the OU on the Organizational unit details page associated with that OU.

OU ARN format:

arn:${Partition}:organizations::${MasterAccountId}:ou/o-${OrganizationId}/ou-${OrganizationalUnitId}

Details and examples

To view the open source resource repository on GitHub, see aws-cloudformation/aws-cloudformation-resource-providers-controltower (https://github.com/aws-cloudformation/aws-cloudformation-resource-providers-controltower)

Recording API Requests

AWS Control Tower supports AWS CloudTrail, a service that records AWS API calls for your AWS account and delivers log files to an Amazon S3 bucket. By using information collected by CloudTrail, you can determine which requests the AWS Control Tower service received, who made the request and when, and so on. For more about AWS Control Tower and its support for CloudTrail, see Logging AWS Control Tower Actions with AWS CloudTrail (https://docs.aws.amazon.com/controltower/latest/userguide/logging-using-cloudtrail.html) in the AWS Control Tower User Guide. To learn more about CloudTrail, including how to turn it on and find your log files, see the AWS CloudTrail User Guide.

See https://docs.aws.amazon.com/goto/WebAPI/controltower-2018-05-10 for more information on this service.

See controltower package documentation for more information. https://docs.aws.amazon.com/sdk-for-go/api/service/controltower/

Using the Client

To contact AWS Control Tower with the SDK use the New function to create a new service client. With that client you can make API requests to the service. These clients are safe to use concurrently.

See the SDK's documentation for more information on how to use the SDK. https://docs.aws.amazon.com/sdk-for-go/api/

See aws.Config documentation for more information on configuring SDK clients. https://docs.aws.amazon.com/sdk-for-go/api/aws/#Config

See the AWS Control Tower client ControlTower for more information on creating client for this service. https://docs.aws.amazon.com/sdk-for-go/api/service/controltower/#New

Index

Constants

View Source
const (
	// ControlOperationStatusSucceeded is a ControlOperationStatus enum value
	ControlOperationStatusSucceeded = "SUCCEEDED"

	// ControlOperationStatusFailed is a ControlOperationStatus enum value
	ControlOperationStatusFailed = "FAILED"

	// ControlOperationStatusInProgress is a ControlOperationStatus enum value
	ControlOperationStatusInProgress = "IN_PROGRESS"
)
View Source
const (
	// ControlOperationTypeEnableControl is a ControlOperationType enum value
	ControlOperationTypeEnableControl = "ENABLE_CONTROL"

	// ControlOperationTypeDisableControl is a ControlOperationType enum value
	ControlOperationTypeDisableControl = "DISABLE_CONTROL"
)
View Source
const (

	// ErrCodeAccessDeniedException for service response error code
	// "AccessDeniedException".
	//
	// User does not have sufficient access to perform this action.
	ErrCodeAccessDeniedException = "AccessDeniedException"

	// ErrCodeConflictException for service response error code
	// "ConflictException".
	//
	// Updating or deleting a resource can cause an inconsistent state.
	ErrCodeConflictException = "ConflictException"

	// ErrCodeInternalServerException for service response error code
	// "InternalServerException".
	//
	// Unexpected error during processing of request.
	ErrCodeInternalServerException = "InternalServerException"

	// ErrCodeResourceNotFoundException for service response error code
	// "ResourceNotFoundException".
	//
	// Request references a resource which does not exist.
	ErrCodeResourceNotFoundException = "ResourceNotFoundException"

	// ErrCodeServiceQuotaExceededException for service response error code
	// "ServiceQuotaExceededException".
	//
	// Request would cause a service quota to be exceeded. The limit is 10 concurrent
	// operations.
	ErrCodeServiceQuotaExceededException = "ServiceQuotaExceededException"

	// ErrCodeThrottlingException for service response error code
	// "ThrottlingException".
	//
	// Request was denied due to request throttling.
	ErrCodeThrottlingException = "ThrottlingException"

	// ErrCodeValidationException for service response error code
	// "ValidationException".
	//
	// The input fails to satisfy the constraints specified by an AWS service.
	ErrCodeValidationException = "ValidationException"
)
View Source
const (
	ServiceName = "ControlTower" // Name of service.
	EndpointsID = "controltower" // ID to lookup a service endpoint with.
	ServiceID   = "ControlTower" // ServiceID is a unique identifier of a specific service.
)

Service information constants

Variables

This section is empty.

Functions

func ControlOperationStatus_Values

func ControlOperationStatus_Values() []string

ControlOperationStatus_Values returns all elements of the ControlOperationStatus enum

func ControlOperationType_Values

func ControlOperationType_Values() []string

ControlOperationType_Values returns all elements of the ControlOperationType enum

Types

type AccessDeniedException

type AccessDeniedException struct {
	RespMetadata protocol.ResponseMetadata `json:"-" xml:"-"`

	Message_ *string `locationName:"message" type:"string"`
	// contains filtered or unexported fields
}

User does not have sufficient access to perform this action.

func (*AccessDeniedException) Code

func (s *AccessDeniedException) Code() string

Code returns the exception type name.

func (*AccessDeniedException) Error

func (s *AccessDeniedException) Error() string

func (AccessDeniedException) GoString

func (s AccessDeniedException) GoString() string

GoString returns the string representation.

API parameter values that are decorated as "sensitive" in the API will not be included in the string output. The member name will be present, but the value will be replaced with "sensitive".

func (*AccessDeniedException) Message

func (s *AccessDeniedException) Message() string

Message returns the exception's message.

func (*AccessDeniedException) OrigErr

func (s *AccessDeniedException) OrigErr() error

OrigErr always returns nil, satisfies awserr.Error interface.

func (*AccessDeniedException) RequestID

func (s *AccessDeniedException) RequestID() string

RequestID returns the service's response RequestID for request.

func (*AccessDeniedException) StatusCode

func (s *AccessDeniedException) StatusCode() int

Status code returns the HTTP status code for the request's response error.

func (AccessDeniedException) String

func (s AccessDeniedException) String() string

String returns the string representation.

API parameter values that are decorated as "sensitive" in the API will not be included in the string output. The member name will be present, but the value will be replaced with "sensitive".

type ConflictException

type ConflictException struct {
	RespMetadata protocol.ResponseMetadata `json:"-" xml:"-"`

	Message_ *string `locationName:"message" type:"string"`
	// contains filtered or unexported fields
}

Updating or deleting a resource can cause an inconsistent state.

func (*ConflictException) Code

func (s *ConflictException) Code() string

Code returns the exception type name.

func (*ConflictException) Error

func (s *ConflictException) Error() string

func (ConflictException) GoString

func (s ConflictException) GoString() string

GoString returns the string representation.

API parameter values that are decorated as "sensitive" in the API will not be included in the string output. The member name will be present, but the value will be replaced with "sensitive".

func (*ConflictException) Message

func (s *ConflictException) Message() string

Message returns the exception's message.

func (*ConflictException) OrigErr

func (s *ConflictException) OrigErr() error

OrigErr always returns nil, satisfies awserr.Error interface.

func (*ConflictException) RequestID

func (s *ConflictException) RequestID() string

RequestID returns the service's response RequestID for request.

func (*ConflictException) StatusCode

func (s *ConflictException) StatusCode() int

Status code returns the HTTP status code for the request's response error.

func (ConflictException) String

func (s ConflictException) String() string

String returns the string representation.

API parameter values that are decorated as "sensitive" in the API will not be included in the string output. The member name will be present, but the value will be replaced with "sensitive".

type ControlOperation

type ControlOperation struct {

	// The time that the operation finished.
	EndTime *time.Time `locationName:"endTime" type:"timestamp" timestampFormat:"iso8601"`

	// One of ENABLE_CONTROL or DISABLE_CONTROL.
	OperationType *string `locationName:"operationType" type:"string" enum:"ControlOperationType"`

	// The time that the operation began.
	StartTime *time.Time `locationName:"startTime" type:"timestamp" timestampFormat:"iso8601"`

	// One of IN_PROGRESS, SUCEEDED, or FAILED.
	Status *string `locationName:"status" type:"string" enum:"ControlOperationStatus"`

	// If the operation result is FAILED, this string contains a message explaining
	// why the operation failed.
	StatusMessage *string `locationName:"statusMessage" type:"string"`
	// contains filtered or unexported fields
}

An operation performed by the control.

func (ControlOperation) GoString

func (s ControlOperation) GoString() string

GoString returns the string representation.

API parameter values that are decorated as "sensitive" in the API will not be included in the string output. The member name will be present, but the value will be replaced with "sensitive".

func (*ControlOperation) SetEndTime

func (s *ControlOperation) SetEndTime(v time.Time) *ControlOperation

SetEndTime sets the EndTime field's value.

func (*ControlOperation) SetOperationType

func (s *ControlOperation) SetOperationType(v string) *ControlOperation

SetOperationType sets the OperationType field's value.

func (*ControlOperation) SetStartTime

func (s *ControlOperation) SetStartTime(v time.Time) *ControlOperation

SetStartTime sets the StartTime field's value.

func (*ControlOperation) SetStatus

func (s *ControlOperation) SetStatus(v string) *ControlOperation

SetStatus sets the Status field's value.

func (*ControlOperation) SetStatusMessage

func (s *ControlOperation) SetStatusMessage(v string) *ControlOperation

SetStatusMessage sets the StatusMessage field's value.

func (ControlOperation) String

func (s ControlOperation) String() string

String returns the string representation.

API parameter values that are decorated as "sensitive" in the API will not be included in the string output. The member name will be present, but the value will be replaced with "sensitive".

type ControlTower

type ControlTower struct {
	*client.Client
}

ControlTower provides the API operation methods for making requests to AWS Control Tower. See this package's package overview docs for details on the service.

ControlTower methods are safe to use concurrently. It is not safe to modify mutate any of the struct's properties though.

func New

func New(p client.ConfigProvider, cfgs ...*aws.Config) *ControlTower

New creates a new instance of the ControlTower client with a session. If additional configuration is needed for the client instance use the optional aws.Config parameter to add your extra config.

Example:

mySession := session.Must(session.NewSession())

// Create a ControlTower client from just a session.
svc := controltower.New(mySession)

// Create a ControlTower client with additional configuration
svc := controltower.New(mySession, aws.NewConfig().WithRegion("us-west-2"))

func (*ControlTower) DisableControl

func (c *ControlTower) DisableControl(input *DisableControlInput) (*DisableControlOutput, error)

DisableControl API operation for AWS Control Tower.

This API call turns off a control. It starts an asynchronous operation that deletes AWS resources on the specified organizational unit and the accounts it contains. The resources will vary according to the control that you specify.

Returns awserr.Error for service API and SDK errors. Use runtime type assertions with awserr.Error's Code and Message methods to get detailed information about the error.

See the AWS API reference guide for AWS Control Tower's API operation DisableControl for usage and error information.

Returned Error Types:

  • ValidationException The input fails to satisfy the constraints specified by an AWS service.

  • ConflictException Updating or deleting a resource can cause an inconsistent state.

  • ServiceQuotaExceededException Request would cause a service quota to be exceeded. The limit is 10 concurrent operations.

  • InternalServerException Unexpected error during processing of request.

  • AccessDeniedException User does not have sufficient access to perform this action.

  • ThrottlingException Request was denied due to request throttling.

  • ResourceNotFoundException Request references a resource which does not exist.

See also, https://docs.aws.amazon.com/goto/WebAPI/controltower-2018-05-10/DisableControl

func (*ControlTower) DisableControlRequest

func (c *ControlTower) DisableControlRequest(input *DisableControlInput) (req *request.Request, output *DisableControlOutput)

DisableControlRequest generates a "aws/request.Request" representing the client's request for the DisableControl operation. The "output" return value will be populated with the request's response once the request completes successfully.

Use "Send" method on the returned Request to send the API call to the service. the "output" return value is not valid until after Send returns without error.

See DisableControl for more information on using the DisableControl API call, and error handling.

This method is useful when you want to inject custom logic or configuration into the SDK's request lifecycle. Such as custom headers, or retry logic.

// Example sending a request using the DisableControlRequest method.
req, resp := client.DisableControlRequest(params)

err := req.Send()
if err == nil { // resp is now filled
    fmt.Println(resp)
}

See also, https://docs.aws.amazon.com/goto/WebAPI/controltower-2018-05-10/DisableControl

func (*ControlTower) DisableControlWithContext

func (c *ControlTower) DisableControlWithContext(ctx aws.Context, input *DisableControlInput, opts ...request.Option) (*DisableControlOutput, error)

DisableControlWithContext is the same as DisableControl with the addition of the ability to pass a context and additional request options.

See DisableControl for details on how to use this API operation.

The context must be non-nil and will be used for request cancellation. If the context is nil a panic will occur. In the future the SDK may create sub-contexts for http.Requests. See https://golang.org/pkg/context/ for more information on using Contexts.

func (*ControlTower) EnableControl

func (c *ControlTower) EnableControl(input *EnableControlInput) (*EnableControlOutput, error)

EnableControl API operation for AWS Control Tower.

This API call activates a control. It starts an asynchronous operation that creates AWS resources on the specified organizational unit and the accounts it contains. The resources created will vary according to the control that you specify.

Returns awserr.Error for service API and SDK errors. Use runtime type assertions with awserr.Error's Code and Message methods to get detailed information about the error.

See the AWS API reference guide for AWS Control Tower's API operation EnableControl for usage and error information.

Returned Error Types:

  • ValidationException The input fails to satisfy the constraints specified by an AWS service.

  • ConflictException Updating or deleting a resource can cause an inconsistent state.

  • ServiceQuotaExceededException Request would cause a service quota to be exceeded. The limit is 10 concurrent operations.

  • InternalServerException Unexpected error during processing of request.

  • AccessDeniedException User does not have sufficient access to perform this action.

  • ThrottlingException Request was denied due to request throttling.

  • ResourceNotFoundException Request references a resource which does not exist.

See also, https://docs.aws.amazon.com/goto/WebAPI/controltower-2018-05-10/EnableControl

func (*ControlTower) EnableControlRequest

func (c *ControlTower) EnableControlRequest(input *EnableControlInput) (req *request.Request, output *EnableControlOutput)

EnableControlRequest generates a "aws/request.Request" representing the client's request for the EnableControl operation. The "output" return value will be populated with the request's response once the request completes successfully.

Use "Send" method on the returned Request to send the API call to the service. the "output" return value is not valid until after Send returns without error.

See EnableControl for more information on using the EnableControl API call, and error handling.

This method is useful when you want to inject custom logic or configuration into the SDK's request lifecycle. Such as custom headers, or retry logic.

// Example sending a request using the EnableControlRequest method.
req, resp := client.EnableControlRequest(params)

err := req.Send()
if err == nil { // resp is now filled
    fmt.Println(resp)
}

See also, https://docs.aws.amazon.com/goto/WebAPI/controltower-2018-05-10/EnableControl

func (*ControlTower) EnableControlWithContext

func (c *ControlTower) EnableControlWithContext(ctx aws.Context, input *EnableControlInput, opts ...request.Option) (*EnableControlOutput, error)

EnableControlWithContext is the same as EnableControl with the addition of the ability to pass a context and additional request options.

See EnableControl for details on how to use this API operation.

The context must be non-nil and will be used for request cancellation. If the context is nil a panic will occur. In the future the SDK may create sub-contexts for http.Requests. See https://golang.org/pkg/context/ for more information on using Contexts.

func (*ControlTower) GetControlOperation

func (c *ControlTower) GetControlOperation(input *GetControlOperationInput) (*GetControlOperationOutput, error)

GetControlOperation API operation for AWS Control Tower.

Returns the status of a particular EnableControl or DisableControl operation. Displays a message in case of error. Details for an operation are available for 90 days.

Returns awserr.Error for service API and SDK errors. Use runtime type assertions with awserr.Error's Code and Message methods to get detailed information about the error.

See the AWS API reference guide for AWS Control Tower's API operation GetControlOperation for usage and error information.

Returned Error Types:

  • ValidationException The input fails to satisfy the constraints specified by an AWS service.

  • InternalServerException Unexpected error during processing of request.

  • AccessDeniedException User does not have sufficient access to perform this action.

  • ThrottlingException Request was denied due to request throttling.

  • ResourceNotFoundException Request references a resource which does not exist.

See also, https://docs.aws.amazon.com/goto/WebAPI/controltower-2018-05-10/GetControlOperation

func (*ControlTower) GetControlOperationRequest

func (c *ControlTower) GetControlOperationRequest(input *GetControlOperationInput) (req *request.Request, output *GetControlOperationOutput)

GetControlOperationRequest generates a "aws/request.Request" representing the client's request for the GetControlOperation operation. The "output" return value will be populated with the request's response once the request completes successfully.

Use "Send" method on the returned Request to send the API call to the service. the "output" return value is not valid until after Send returns without error.

See GetControlOperation for more information on using the GetControlOperation API call, and error handling.

This method is useful when you want to inject custom logic or configuration into the SDK's request lifecycle. Such as custom headers, or retry logic.

// Example sending a request using the GetControlOperationRequest method.
req, resp := client.GetControlOperationRequest(params)

err := req.Send()
if err == nil { // resp is now filled
    fmt.Println(resp)
}

See also, https://docs.aws.amazon.com/goto/WebAPI/controltower-2018-05-10/GetControlOperation

func (*ControlTower) GetControlOperationWithContext

func (c *ControlTower) GetControlOperationWithContext(ctx aws.Context, input *GetControlOperationInput, opts ...request.Option) (*GetControlOperationOutput, error)

GetControlOperationWithContext is the same as GetControlOperation with the addition of the ability to pass a context and additional request options.

See GetControlOperation for details on how to use this API operation.

The context must be non-nil and will be used for request cancellation. If the context is nil a panic will occur. In the future the SDK may create sub-contexts for http.Requests. See https://golang.org/pkg/context/ for more information on using Contexts.

func (*ControlTower) ListEnabledControls

func (c *ControlTower) ListEnabledControls(input *ListEnabledControlsInput) (*ListEnabledControlsOutput, error)

ListEnabledControls API operation for AWS Control Tower.

Lists the controls enabled by AWS Control Tower on the specified organizational unit and the accounts it contains.

Returns awserr.Error for service API and SDK errors. Use runtime type assertions with awserr.Error's Code and Message methods to get detailed information about the error.

See the AWS API reference guide for AWS Control Tower's API operation ListEnabledControls for usage and error information.

Returned Error Types:

  • ValidationException The input fails to satisfy the constraints specified by an AWS service.

  • InternalServerException Unexpected error during processing of request.

  • AccessDeniedException User does not have sufficient access to perform this action.

  • ThrottlingException Request was denied due to request throttling.

  • ResourceNotFoundException Request references a resource which does not exist.

See also, https://docs.aws.amazon.com/goto/WebAPI/controltower-2018-05-10/ListEnabledControls

func (*ControlTower) ListEnabledControlsPages

func (c *ControlTower) ListEnabledControlsPages(input *ListEnabledControlsInput, fn func(*ListEnabledControlsOutput, bool) bool) error

ListEnabledControlsPages iterates over the pages of a ListEnabledControls operation, calling the "fn" function with the response data for each page. To stop iterating, return false from the fn function.

See ListEnabledControls method for more information on how to use this operation.

Note: This operation can generate multiple requests to a service.

// Example iterating over at most 3 pages of a ListEnabledControls operation.
pageNum := 0
err := client.ListEnabledControlsPages(params,
    func(page *controltower.ListEnabledControlsOutput, lastPage bool) bool {
        pageNum++
        fmt.Println(page)
        return pageNum <= 3
    })

func (*ControlTower) ListEnabledControlsPagesWithContext

func (c *ControlTower) ListEnabledControlsPagesWithContext(ctx aws.Context, input *ListEnabledControlsInput, fn func(*ListEnabledControlsOutput, bool) bool, opts ...request.Option) error

ListEnabledControlsPagesWithContext same as ListEnabledControlsPages except it takes a Context and allows setting request options on the pages.

The context must be non-nil and will be used for request cancellation. If the context is nil a panic will occur. In the future the SDK may create sub-contexts for http.Requests. See https://golang.org/pkg/context/ for more information on using Contexts.

func (*ControlTower) ListEnabledControlsRequest

func (c *ControlTower) ListEnabledControlsRequest(input *ListEnabledControlsInput) (req *request.Request, output *ListEnabledControlsOutput)

ListEnabledControlsRequest generates a "aws/request.Request" representing the client's request for the ListEnabledControls operation. The "output" return value will be populated with the request's response once the request completes successfully.

Use "Send" method on the returned Request to send the API call to the service. the "output" return value is not valid until after Send returns without error.

See ListEnabledControls for more information on using the ListEnabledControls API call, and error handling.

This method is useful when you want to inject custom logic or configuration into the SDK's request lifecycle. Such as custom headers, or retry logic.

// Example sending a request using the ListEnabledControlsRequest method.
req, resp := client.ListEnabledControlsRequest(params)

err := req.Send()
if err == nil { // resp is now filled
    fmt.Println(resp)
}

See also, https://docs.aws.amazon.com/goto/WebAPI/controltower-2018-05-10/ListEnabledControls

func (*ControlTower) ListEnabledControlsWithContext

func (c *ControlTower) ListEnabledControlsWithContext(ctx aws.Context, input *ListEnabledControlsInput, opts ...request.Option) (*ListEnabledControlsOutput, error)

ListEnabledControlsWithContext is the same as ListEnabledControls with the addition of the ability to pass a context and additional request options.

See ListEnabledControls for details on how to use this API operation.

The context must be non-nil and will be used for request cancellation. If the context is nil a panic will occur. In the future the SDK may create sub-contexts for http.Requests. See https://golang.org/pkg/context/ for more information on using Contexts.

type DisableControlInput

type DisableControlInput struct {

	// The ARN of the control. Only Strongly recommended and Elective controls are
	// permitted, with the exception of the Region deny guardrail.
	//
	// ControlIdentifier is a required field
	ControlIdentifier *string `locationName:"controlIdentifier" min:"20" type:"string" required:"true"`

	// The ARN of the organizational unit.
	//
	// TargetIdentifier is a required field
	TargetIdentifier *string `locationName:"targetIdentifier" min:"20" type:"string" required:"true"`
	// contains filtered or unexported fields
}

func (DisableControlInput) GoString

func (s DisableControlInput) GoString() string

GoString returns the string representation.

API parameter values that are decorated as "sensitive" in the API will not be included in the string output. The member name will be present, but the value will be replaced with "sensitive".

func (*DisableControlInput) SetControlIdentifier

func (s *DisableControlInput) SetControlIdentifier(v string) *DisableControlInput

SetControlIdentifier sets the ControlIdentifier field's value.

func (*DisableControlInput) SetTargetIdentifier

func (s *DisableControlInput) SetTargetIdentifier(v string) *DisableControlInput

SetTargetIdentifier sets the TargetIdentifier field's value.

func (DisableControlInput) String

func (s DisableControlInput) String() string

String returns the string representation.

API parameter values that are decorated as "sensitive" in the API will not be included in the string output. The member name will be present, but the value will be replaced with "sensitive".

func (*DisableControlInput) Validate

func (s *DisableControlInput) Validate() error

Validate inspects the fields of the type to determine if they are valid.

type DisableControlOutput

type DisableControlOutput struct {

	// The ID of the asynchronous operation, which is used to track status. The
	// operation is available for 90 days.
	//
	// OperationIdentifier is a required field
	OperationIdentifier *string `locationName:"operationIdentifier" min:"36" type:"string" required:"true"`
	// contains filtered or unexported fields
}

func (DisableControlOutput) GoString

func (s DisableControlOutput) GoString() string

GoString returns the string representation.

API parameter values that are decorated as "sensitive" in the API will not be included in the string output. The member name will be present, but the value will be replaced with "sensitive".

func (*DisableControlOutput) SetOperationIdentifier

func (s *DisableControlOutput) SetOperationIdentifier(v string) *DisableControlOutput

SetOperationIdentifier sets the OperationIdentifier field's value.

func (DisableControlOutput) String

func (s DisableControlOutput) String() string

String returns the string representation.

API parameter values that are decorated as "sensitive" in the API will not be included in the string output. The member name will be present, but the value will be replaced with "sensitive".

type EnableControlInput

type EnableControlInput struct {

	// The ARN of the control. Only Strongly recommended and Elective controls are
	// permitted, with the exception of the Region deny guardrail.
	//
	// ControlIdentifier is a required field
	ControlIdentifier *string `locationName:"controlIdentifier" min:"20" type:"string" required:"true"`

	// The ARN of the organizational unit.
	//
	// TargetIdentifier is a required field
	TargetIdentifier *string `locationName:"targetIdentifier" min:"20" type:"string" required:"true"`
	// contains filtered or unexported fields
}

func (EnableControlInput) GoString

func (s EnableControlInput) GoString() string

GoString returns the string representation.

API parameter values that are decorated as "sensitive" in the API will not be included in the string output. The member name will be present, but the value will be replaced with "sensitive".

func (*EnableControlInput) SetControlIdentifier

func (s *EnableControlInput) SetControlIdentifier(v string) *EnableControlInput

SetControlIdentifier sets the ControlIdentifier field's value.

func (*EnableControlInput) SetTargetIdentifier

func (s *EnableControlInput) SetTargetIdentifier(v string) *EnableControlInput

SetTargetIdentifier sets the TargetIdentifier field's value.

func (EnableControlInput) String

func (s EnableControlInput) String() string

String returns the string representation.

API parameter values that are decorated as "sensitive" in the API will not be included in the string output. The member name will be present, but the value will be replaced with "sensitive".

func (*EnableControlInput) Validate

func (s *EnableControlInput) Validate() error

Validate inspects the fields of the type to determine if they are valid.

type EnableControlOutput

type EnableControlOutput struct {

	// The ID of the asynchronous operation, which is used to track status. The
	// operation is available for 90 days.
	//
	// OperationIdentifier is a required field
	OperationIdentifier *string `locationName:"operationIdentifier" min:"36" type:"string" required:"true"`
	// contains filtered or unexported fields
}

func (EnableControlOutput) GoString

func (s EnableControlOutput) GoString() string

GoString returns the string representation.

API parameter values that are decorated as "sensitive" in the API will not be included in the string output. The member name will be present, but the value will be replaced with "sensitive".

func (*EnableControlOutput) SetOperationIdentifier

func (s *EnableControlOutput) SetOperationIdentifier(v string) *EnableControlOutput

SetOperationIdentifier sets the OperationIdentifier field's value.

func (EnableControlOutput) String

func (s EnableControlOutput) String() string

String returns the string representation.

API parameter values that are decorated as "sensitive" in the API will not be included in the string output. The member name will be present, but the value will be replaced with "sensitive".

type EnabledControlSummary

type EnabledControlSummary struct {

	// The ARN of the control. Only Strongly recommended and Elective controls are
	// permitted, with the exception of the Region deny guardrail.
	ControlIdentifier *string `locationName:"controlIdentifier" min:"20" type:"string"`
	// contains filtered or unexported fields
}

A summary of enabled controls.

func (EnabledControlSummary) GoString

func (s EnabledControlSummary) GoString() string

GoString returns the string representation.

API parameter values that are decorated as "sensitive" in the API will not be included in the string output. The member name will be present, but the value will be replaced with "sensitive".

func (*EnabledControlSummary) SetControlIdentifier

func (s *EnabledControlSummary) SetControlIdentifier(v string) *EnabledControlSummary

SetControlIdentifier sets the ControlIdentifier field's value.

func (EnabledControlSummary) String

func (s EnabledControlSummary) String() string

String returns the string representation.

API parameter values that are decorated as "sensitive" in the API will not be included in the string output. The member name will be present, but the value will be replaced with "sensitive".

type GetControlOperationInput

type GetControlOperationInput struct {

	// The ID of the asynchronous operation, which is used to track status. The
	// operation is available for 90 days.
	//
	// OperationIdentifier is a required field
	OperationIdentifier *string `locationName:"operationIdentifier" min:"36" type:"string" required:"true"`
	// contains filtered or unexported fields
}

func (GetControlOperationInput) GoString

func (s GetControlOperationInput) GoString() string

GoString returns the string representation.

API parameter values that are decorated as "sensitive" in the API will not be included in the string output. The member name will be present, but the value will be replaced with "sensitive".

func (*GetControlOperationInput) SetOperationIdentifier

func (s *GetControlOperationInput) SetOperationIdentifier(v string) *GetControlOperationInput

SetOperationIdentifier sets the OperationIdentifier field's value.

func (GetControlOperationInput) String

func (s GetControlOperationInput) String() string

String returns the string representation.

API parameter values that are decorated as "sensitive" in the API will not be included in the string output. The member name will be present, but the value will be replaced with "sensitive".

func (*GetControlOperationInput) Validate

func (s *GetControlOperationInput) Validate() error

Validate inspects the fields of the type to determine if they are valid.

type GetControlOperationOutput

type GetControlOperationOutput struct {

	// An operation performed by the control.
	//
	// ControlOperation is a required field
	ControlOperation *ControlOperation `locationName:"controlOperation" type:"structure" required:"true"`
	// contains filtered or unexported fields
}

func (GetControlOperationOutput) GoString

func (s GetControlOperationOutput) GoString() string

GoString returns the string representation.

API parameter values that are decorated as "sensitive" in the API will not be included in the string output. The member name will be present, but the value will be replaced with "sensitive".

func (*GetControlOperationOutput) SetControlOperation

SetControlOperation sets the ControlOperation field's value.

func (GetControlOperationOutput) String

func (s GetControlOperationOutput) String() string

String returns the string representation.

API parameter values that are decorated as "sensitive" in the API will not be included in the string output. The member name will be present, but the value will be replaced with "sensitive".

type InternalServerException

type InternalServerException struct {
	RespMetadata protocol.ResponseMetadata `json:"-" xml:"-"`

	Message_ *string `locationName:"message" type:"string"`
	// contains filtered or unexported fields
}

Unexpected error during processing of request.

func (*InternalServerException) Code

func (s *InternalServerException) Code() string

Code returns the exception type name.

func (*InternalServerException) Error

func (s *InternalServerException) Error() string

func (InternalServerException) GoString

func (s InternalServerException) GoString() string

GoString returns the string representation.

API parameter values that are decorated as "sensitive" in the API will not be included in the string output. The member name will be present, but the value will be replaced with "sensitive".

func (*InternalServerException) Message

func (s *InternalServerException) Message() string

Message returns the exception's message.

func (*InternalServerException) OrigErr

func (s *InternalServerException) OrigErr() error

OrigErr always returns nil, satisfies awserr.Error interface.

func (*InternalServerException) RequestID

func (s *InternalServerException) RequestID() string

RequestID returns the service's response RequestID for request.

func (*InternalServerException) StatusCode

func (s *InternalServerException) StatusCode() int

Status code returns the HTTP status code for the request's response error.

func (InternalServerException) String

func (s InternalServerException) String() string

String returns the string representation.

API parameter values that are decorated as "sensitive" in the API will not be included in the string output. The member name will be present, but the value will be replaced with "sensitive".

type ListEnabledControlsInput

type ListEnabledControlsInput struct {

	// How many results to return per API call.
	MaxResults *int64 `locationName:"maxResults" min:"1" type:"integer"`

	// The token to continue the list from a previous API call with the same parameters.
	NextToken *string `locationName:"nextToken" type:"string"`

	// The ARN of the organizational unit.
	//
	// TargetIdentifier is a required field
	TargetIdentifier *string `locationName:"targetIdentifier" min:"20" type:"string" required:"true"`
	// contains filtered or unexported fields
}

func (ListEnabledControlsInput) GoString

func (s ListEnabledControlsInput) GoString() string

GoString returns the string representation.

API parameter values that are decorated as "sensitive" in the API will not be included in the string output. The member name will be present, but the value will be replaced with "sensitive".

func (*ListEnabledControlsInput) SetMaxResults

SetMaxResults sets the MaxResults field's value.

func (*ListEnabledControlsInput) SetNextToken

SetNextToken sets the NextToken field's value.

func (*ListEnabledControlsInput) SetTargetIdentifier

func (s *ListEnabledControlsInput) SetTargetIdentifier(v string) *ListEnabledControlsInput

SetTargetIdentifier sets the TargetIdentifier field's value.

func (ListEnabledControlsInput) String

func (s ListEnabledControlsInput) String() string

String returns the string representation.

API parameter values that are decorated as "sensitive" in the API will not be included in the string output. The member name will be present, but the value will be replaced with "sensitive".

func (*ListEnabledControlsInput) Validate

func (s *ListEnabledControlsInput) Validate() error

Validate inspects the fields of the type to determine if they are valid.

type ListEnabledControlsOutput

type ListEnabledControlsOutput struct {

	// Lists the controls enabled by AWS Control Tower on the specified organizational
	// unit and the accounts it contains.
	//
	// EnabledControls is a required field
	EnabledControls []*EnabledControlSummary `locationName:"enabledControls" type:"list" required:"true"`

	// Retrieves the next page of results. If the string is empty, the current response
	// is the end of the results.
	NextToken *string `locationName:"nextToken" type:"string"`
	// contains filtered or unexported fields
}

func (ListEnabledControlsOutput) GoString

func (s ListEnabledControlsOutput) GoString() string

GoString returns the string representation.

API parameter values that are decorated as "sensitive" in the API will not be included in the string output. The member name will be present, but the value will be replaced with "sensitive".

func (*ListEnabledControlsOutput) SetEnabledControls

SetEnabledControls sets the EnabledControls field's value.

func (*ListEnabledControlsOutput) SetNextToken

SetNextToken sets the NextToken field's value.

func (ListEnabledControlsOutput) String

func (s ListEnabledControlsOutput) String() string

String returns the string representation.

API parameter values that are decorated as "sensitive" in the API will not be included in the string output. The member name will be present, but the value will be replaced with "sensitive".

type ResourceNotFoundException

type ResourceNotFoundException struct {
	RespMetadata protocol.ResponseMetadata `json:"-" xml:"-"`

	Message_ *string `locationName:"message" type:"string"`
	// contains filtered or unexported fields
}

Request references a resource which does not exist.

func (*ResourceNotFoundException) Code

Code returns the exception type name.

func (*ResourceNotFoundException) Error

func (s *ResourceNotFoundException) Error() string

func (ResourceNotFoundException) GoString

func (s ResourceNotFoundException) GoString() string

GoString returns the string representation.

API parameter values that are decorated as "sensitive" in the API will not be included in the string output. The member name will be present, but the value will be replaced with "sensitive".

func (*ResourceNotFoundException) Message

func (s *ResourceNotFoundException) Message() string

Message returns the exception's message.

func (*ResourceNotFoundException) OrigErr

func (s *ResourceNotFoundException) OrigErr() error

OrigErr always returns nil, satisfies awserr.Error interface.

func (*ResourceNotFoundException) RequestID

func (s *ResourceNotFoundException) RequestID() string

RequestID returns the service's response RequestID for request.

func (*ResourceNotFoundException) StatusCode

func (s *ResourceNotFoundException) StatusCode() int

Status code returns the HTTP status code for the request's response error.

func (ResourceNotFoundException) String

func (s ResourceNotFoundException) String() string

String returns the string representation.

API parameter values that are decorated as "sensitive" in the API will not be included in the string output. The member name will be present, but the value will be replaced with "sensitive".

type ServiceQuotaExceededException

type ServiceQuotaExceededException struct {
	RespMetadata protocol.ResponseMetadata `json:"-" xml:"-"`

	Message_ *string `locationName:"message" type:"string"`
	// contains filtered or unexported fields
}

Request would cause a service quota to be exceeded. The limit is 10 concurrent operations.

func (*ServiceQuotaExceededException) Code

Code returns the exception type name.

func (*ServiceQuotaExceededException) Error

func (ServiceQuotaExceededException) GoString

GoString returns the string representation.

API parameter values that are decorated as "sensitive" in the API will not be included in the string output. The member name will be present, but the value will be replaced with "sensitive".

func (*ServiceQuotaExceededException) Message

Message returns the exception's message.

func (*ServiceQuotaExceededException) OrigErr

func (s *ServiceQuotaExceededException) OrigErr() error

OrigErr always returns nil, satisfies awserr.Error interface.

func (*ServiceQuotaExceededException) RequestID

func (s *ServiceQuotaExceededException) RequestID() string

RequestID returns the service's response RequestID for request.

func (*ServiceQuotaExceededException) StatusCode

func (s *ServiceQuotaExceededException) StatusCode() int

Status code returns the HTTP status code for the request's response error.

func (ServiceQuotaExceededException) String

String returns the string representation.

API parameter values that are decorated as "sensitive" in the API will not be included in the string output. The member name will be present, but the value will be replaced with "sensitive".

type ThrottlingException

type ThrottlingException struct {
	RespMetadata protocol.ResponseMetadata `json:"-" xml:"-"`

	Message_ *string `locationName:"message" type:"string"`

	// The ID of the service quota that was exceeded.
	QuotaCode *string `locationName:"quotaCode" type:"string"`

	// The number of seconds the caller should wait before retrying.
	RetryAfterSeconds *int64 `location:"header" locationName:"Retry-After" type:"integer"`

	// The ID of the service that is associated with the error.
	ServiceCode *string `locationName:"serviceCode" type:"string"`
	// contains filtered or unexported fields
}

Request was denied due to request throttling.

func (*ThrottlingException) Code

func (s *ThrottlingException) Code() string

Code returns the exception type name.

func (*ThrottlingException) Error

func (s *ThrottlingException) Error() string

func (ThrottlingException) GoString

func (s ThrottlingException) GoString() string

GoString returns the string representation.

API parameter values that are decorated as "sensitive" in the API will not be included in the string output. The member name will be present, but the value will be replaced with "sensitive".

func (*ThrottlingException) Message

func (s *ThrottlingException) Message() string

Message returns the exception's message.

func (*ThrottlingException) OrigErr

func (s *ThrottlingException) OrigErr() error

OrigErr always returns nil, satisfies awserr.Error interface.

func (*ThrottlingException) RequestID

func (s *ThrottlingException) RequestID() string

RequestID returns the service's response RequestID for request.

func (*ThrottlingException) StatusCode

func (s *ThrottlingException) StatusCode() int

Status code returns the HTTP status code for the request's response error.

func (ThrottlingException) String

func (s ThrottlingException) String() string

String returns the string representation.

API parameter values that are decorated as "sensitive" in the API will not be included in the string output. The member name will be present, but the value will be replaced with "sensitive".

type ValidationException

type ValidationException struct {
	RespMetadata protocol.ResponseMetadata `json:"-" xml:"-"`

	Message_ *string `locationName:"message" type:"string"`
	// contains filtered or unexported fields
}

The input fails to satisfy the constraints specified by an AWS service.

func (*ValidationException) Code

func (s *ValidationException) Code() string

Code returns the exception type name.

func (*ValidationException) Error

func (s *ValidationException) Error() string

func (ValidationException) GoString

func (s ValidationException) GoString() string

GoString returns the string representation.

API parameter values that are decorated as "sensitive" in the API will not be included in the string output. The member name will be present, but the value will be replaced with "sensitive".

func (*ValidationException) Message

func (s *ValidationException) Message() string

Message returns the exception's message.

func (*ValidationException) OrigErr

func (s *ValidationException) OrigErr() error

OrigErr always returns nil, satisfies awserr.Error interface.

func (*ValidationException) RequestID

func (s *ValidationException) RequestID() string

RequestID returns the service's response RequestID for request.

func (*ValidationException) StatusCode

func (s *ValidationException) StatusCode() int

Status code returns the HTTP status code for the request's response error.

func (ValidationException) String

func (s ValidationException) String() string

String returns the string representation.

API parameter values that are decorated as "sensitive" in the API will not be included in the string output. The member name will be present, but the value will be replaced with "sensitive".

Directories

Path Synopsis
Package controltoweriface provides an interface to enable mocking the AWS Control Tower service client for testing your code.
Package controltoweriface provides an interface to enable mocking the AWS Control Tower service client for testing your code.

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL