| Copyright | (c) 2013-2021 Brendan Hay |
|---|---|
| License | Mozilla Public License, v. 2.0. |
| Maintainer | Brendan Hay <brendan.g.hay+amazonka@gmail.com> |
| Stability | auto-generated |
| Portability | non-portable (GHC extensions) |
| Safe Haskell | None |
Amazonka.Organizations.InviteAccountToOrganization
Description
Sends an invitation to another account to join your organization as a member account. AWS Organizations sends email on your behalf to the email address that is associated with the other account's owner. The invitation is implemented as a Handshake whose details are in the response.
- You can invite AWS accounts only from the same seller as the management account. For example, if your organization's management account was created by Amazon Internet Services Pvt. Ltd (AISPL), an AWS seller in India, you can invite only other AISPL accounts to your organization. You can't combine accounts from AISPL and AWS or from any other AWS seller. For more information, see Consolidated Billing in India.
- If you receive an exception that indicates that you exceeded your account limits for the organization or that the operation failed because your organization is still initializing, wait one hour and then try again. If the error persists after an hour, contact AWS Support.
If the request includes tags, then the requester must have the
organizations:TagResource permission.
This operation can be called only from the organization's management account.
Synopsis
- data InviteAccountToOrganization = InviteAccountToOrganization' {}
- newInviteAccountToOrganization :: HandshakeParty -> InviteAccountToOrganization
- inviteAccountToOrganization_notes :: Lens' InviteAccountToOrganization (Maybe Text)
- inviteAccountToOrganization_tags :: Lens' InviteAccountToOrganization (Maybe [Tag])
- inviteAccountToOrganization_target :: Lens' InviteAccountToOrganization HandshakeParty
- data InviteAccountToOrganizationResponse = InviteAccountToOrganizationResponse' {
- handshake :: Maybe Handshake
- httpStatus :: Int
- newInviteAccountToOrganizationResponse :: Int -> InviteAccountToOrganizationResponse
- inviteAccountToOrganizationResponse_handshake :: Lens' InviteAccountToOrganizationResponse (Maybe Handshake)
- inviteAccountToOrganizationResponse_httpStatus :: Lens' InviteAccountToOrganizationResponse Int
Creating a Request
data InviteAccountToOrganization Source #
See: newInviteAccountToOrganization smart constructor.
Constructors
| InviteAccountToOrganization' | |
Fields
| |
Instances
newInviteAccountToOrganization Source #
Create a value of InviteAccountToOrganization with all optional fields omitted.
Use generic-lens or optics to modify other optional fields.
The following record fields are available, with the corresponding lenses provided for backwards compatibility:
$sel:notes:InviteAccountToOrganization', inviteAccountToOrganization_notes - Additional information that you want to include in the generated email
to the recipient account owner.
$sel:tags:InviteAccountToOrganization', inviteAccountToOrganization_tags - A list of tags that you want to attach to the account when it becomes a
member of the organization. For each tag in the list, you must specify
both a tag key and a value. You can set the value to an empty string,
but you can't set it to null. For more information about tagging, see
Tagging AWS Organizations resources
in the AWS Organizations User Guide.
Any tags in the request are checked for compliance with any applicable tag policies when the request is made. The request is rejected if the tags in the request don't match the requirements of the policy at that time. Tag policy compliance is not checked again when the invitation is accepted and the tags are actually attached to the account. That means that if the tag policy changes between the invitation and the acceptance, then that tags could potentially be non-compliant.
If any one of the tags is invalid or if you exceed the allowed number of tags for an account, then the entire request fails and invitations are not sent.
$sel:target:InviteAccountToOrganization', inviteAccountToOrganization_target - The identifier (ID) of the AWS account that you want to invite to join
your organization. This is a JSON object that contains the following
elements:
{ "Type": "ACCOUNT", "Id": "< account id number >" }If you use the AWS CLI, you can submit this as a single string, similar to the following example:
--target Id=123456789012,Type=ACCOUNT
If you specify "Type": "ACCOUNT", you must provide the AWS account
ID number as the Id. If you specify "Type": "EMAIL", you must
specify the email address that is associated with the account.
--target Id=diego@example.com,Type=EMAIL
Request Lenses
inviteAccountToOrganization_notes :: Lens' InviteAccountToOrganization (Maybe Text) Source #
Additional information that you want to include in the generated email to the recipient account owner.
inviteAccountToOrganization_tags :: Lens' InviteAccountToOrganization (Maybe [Tag]) Source #
A list of tags that you want to attach to the account when it becomes a
member of the organization. For each tag in the list, you must specify
both a tag key and a value. You can set the value to an empty string,
but you can't set it to null. For more information about tagging, see
Tagging AWS Organizations resources
in the AWS Organizations User Guide.
Any tags in the request are checked for compliance with any applicable tag policies when the request is made. The request is rejected if the tags in the request don't match the requirements of the policy at that time. Tag policy compliance is not checked again when the invitation is accepted and the tags are actually attached to the account. That means that if the tag policy changes between the invitation and the acceptance, then that tags could potentially be non-compliant.
If any one of the tags is invalid or if you exceed the allowed number of tags for an account, then the entire request fails and invitations are not sent.
inviteAccountToOrganization_target :: Lens' InviteAccountToOrganization HandshakeParty Source #
The identifier (ID) of the AWS account that you want to invite to join your organization. This is a JSON object that contains the following elements:
{ "Type": "ACCOUNT", "Id": "< account id number >" }If you use the AWS CLI, you can submit this as a single string, similar to the following example:
--target Id=123456789012,Type=ACCOUNT
If you specify "Type": "ACCOUNT", you must provide the AWS account
ID number as the Id. If you specify "Type": "EMAIL", you must
specify the email address that is associated with the account.
--target Id=diego@example.com,Type=EMAIL
Destructuring the Response
data InviteAccountToOrganizationResponse Source #
See: newInviteAccountToOrganizationResponse smart constructor.
Constructors
| InviteAccountToOrganizationResponse' | |
Fields
| |
Instances
newInviteAccountToOrganizationResponse Source #
Arguments
| :: Int | |
| -> InviteAccountToOrganizationResponse |
Create a value of InviteAccountToOrganizationResponse with all optional fields omitted.
Use generic-lens or optics to modify other optional fields.
The following record fields are available, with the corresponding lenses provided for backwards compatibility:
$sel:handshake:InviteAccountToOrganizationResponse', inviteAccountToOrganizationResponse_handshake - A structure that contains details about the handshake that is created to
support this invitation request.
$sel:httpStatus:InviteAccountToOrganizationResponse', inviteAccountToOrganizationResponse_httpStatus - The response's http status code.
Response Lenses
inviteAccountToOrganizationResponse_handshake :: Lens' InviteAccountToOrganizationResponse (Maybe Handshake) Source #
A structure that contains details about the handshake that is created to support this invitation request.
inviteAccountToOrganizationResponse_httpStatus :: Lens' InviteAccountToOrganizationResponse Int Source #
The response's http status code.