aws_iam_account

access_keys_per_user_quota

Type: INT32
Provider name: AccessKeysPerUserQuota

account_access_keys_present

Type: INT32
Provider name: AccountAccessKeysPresent

account_id

Type: STRING

account_mfa_enabled

Type: INT32
Provider name: AccountMFAEnabled

account_password_present

Type: INT32
Provider name: AccountPasswordPresent

account_signing_certificates_present

Type: INT32
Provider name: AccountSigningCertificatesPresent

assume_role_policy_size_quota

Type: INT32

attached_policies_per_group_quota

Type: INT32
Provider name: AttachedPoliciesPerGroupQuota

attached_policies_per_role_quota

Type: INT32
Provider name: AttachedPoliciesPerRoleQuota

attached_policies_per_user_quota

Type: INT32
Provider name: AttachedPoliciesPerUserQuota

global_endpoint_token_version

Type: INT32
Provider name: GlobalEndpointTokenVersion

group_policy_size_quota

Type: INT32
Provider name: GroupPolicySizeQuota

groups

Type: INT32
Provider name: Groups

groups_per_user_quota

Type: INT32
Provider name: GroupsPerUserQuota

groups_quota

Type: INT32
Provider name: GroupsQuota

instance_profiles

Type: INT32

instance_profiles_quota

Type: INT32

mfa_devices

Type: INT32
Provider name: MFADevices

mfa_devices_in_use

Type: INT32
Provider name: MFADevicesInUse

organization

Type: STRUCT
Provider name: Organization
Description: A structure that contains information about the organization. The AvailablePolicyTypes part of the response is deprecated, and you shouldn’t use it in your apps. It doesn’t include any policy type supported by Organizations other than SCPs. In the China (Ningxia) Region, no policy type is included. To determine which policy types are enabled in your organization, use the ListRoots operation.

• arn
  Type: STRING
  Provider name: Arn
  Description: The Amazon Resource Name (ARN) of an organization. For more information about ARNs in Organizations, see ARN Formats Supported by Organizations in the Amazon Web Services Service Authorization Reference.
  
• available_policy_types
  Type: UNORDERED_LIST_STRUCT
  Provider name: AvailablePolicyTypes
  Description: Do not use. This field is deprecated and doesn’t provide complete information about the policies in your organization. To determine the policies that are enabled and available for use in your organization, use the ListRoots operation instead.
  
  • status
    Type: STRING
    Provider name: Status
    Description: The status of the policy type as it relates to the associated root. To attach a policy of the specified type to a root or to an OU or account in that root, it must be available in the organization and enabled for that root.
    
  • type
    Type: STRING
    Provider name: Type
    Description: The name of the policy type.
    
• feature_set
  Type: STRING
  Provider name: FeatureSet
  Description: Specifies the functionality that currently is available to the organization. If set to “ALL”, then all features are enabled and policies can be applied to accounts in the organization. If set to “CONSOLIDATED_BILLING”, then only consolidated billing functionality is available. For more information, see Enabling all features in your organization in the Organizations User Guide.
  
• id
  Type: STRING
  Provider name: Id
  Description: The unique identifier (ID) of an organization. The regex pattern for an organization ID string requires “o-” followed by from 10 to 32 lowercase letters or digits.
  
• master_account_arn
  Type: STRING
  Provider name: MasterAccountArn
  Description: The Amazon Resource Name (ARN) of the account that is designated as the management account for the organization. For more information about ARNs in Organizations, see ARN Formats Supported by Organizations in the Amazon Web Services Service Authorization Reference.
  
• master_account_email
  Type: STRING
  Provider name: MasterAccountEmail
  Description: The email address that is associated with the Amazon Web Services account that is designated as the management account for the organization.
  
• master_account_id
  Type: STRING
  Provider name: MasterAccountId
  Description: The unique identifier (ID) of the management account of an organization. The regex pattern for an account ID string requires exactly 12 digits.
  

password_policy

Type: STRUCT
Provider name: PasswordPolicy
Description: A structure that contains details about the account’s password policy.

• allow_users_to_change_password
  Type: BOOLEAN
  Provider name: AllowUsersToChangePassword
  Description: Specifies whether IAM users are allowed to change their own password. Gives IAM users permissions to iam:ChangePassword for only their user and to the iam:GetAccountPasswordPolicy action. This option does not attach a permissions policy to each user, rather the permissions are applied at the account-level for all users by IAM.
  
• expire_passwords
  Type: BOOLEAN
  Provider name: ExpirePasswords
  Description: Indicates whether passwords in the account expire. Returns true if MaxPasswordAge contains a value greater than 0. Returns false if MaxPasswordAge is 0 or not present.
  
• hard_expiry
  Type: BOOLEAN
  Provider name: HardExpiry
  Description: Specifies whether IAM users are prevented from setting a new password via the Amazon Web Services Management Console after their password has expired. The IAM user cannot access the console until an administrator resets the password. IAM users with iam:ChangePassword permission and active access keys can reset their own expired console password using the CLI or API.
  
• max_password_age
  Type: INT32
  Provider name: MaxPasswordAge
  Description: The number of days that an IAM user password is valid.
  
• minimum_password_length
  Type: INT32
  Provider name: MinimumPasswordLength
  Description: Minimum length to require for IAM user passwords.
  
• password_reuse_prevention
  Type: INT32
  Provider name: PasswordReusePrevention
  Description: Specifies the number of previous passwords that IAM users are prevented from reusing.
  
• require_lowercase_characters
  Type: BOOLEAN
  Provider name: RequireLowercaseCharacters
  Description: Specifies whether IAM user passwords must contain at least one lowercase character (a to z).
  
• require_numbers
  Type: BOOLEAN
  Provider name: RequireNumbers
  Description: Specifies whether IAM user passwords must contain at least one numeric character (0 to 9).
  
• require_symbols
  Type: BOOLEAN
  Provider name: RequireSymbols
  Description: Specifies whether IAM user passwords must contain at least one of the following symbols: ! @ # $ % ^ & * ( ) _ + - = [ ] { } | ‘
  
• require_uppercase_characters
  Type: BOOLEAN
  Provider name: RequireUppercaseCharacters
  Description: Specifies whether IAM user passwords must contain at least one uppercase character (A to Z).
  

password_policy_v2

Type: STRUCT
Provider name: PasswordPolicy

• allow_users_to_change_password
  Type: BOOLEAN
  Provider name: AllowUsersToChangePassword
  Description: Specifies whether IAM users are allowed to change their own password. Gives IAM users permissions to iam:ChangePassword for only their user and to the iam:GetAccountPasswordPolicy action. This option does not attach a permissions policy to each user, rather the permissions are applied at the account-level for all users by IAM.
  
• expire_passwords
  Type: BOOLEAN
  Provider name: ExpirePasswords
  Description: Indicates whether passwords in the account expire. Returns true if MaxPasswordAge contains a value greater than 0. Returns false if MaxPasswordAge is 0 or not present.
  
• hard_expiry
  Type: BOOLEAN
  Provider name: HardExpiry
  Description: Specifies whether IAM users are prevented from setting a new password via the Amazon Web Services Management Console after their password has expired. The IAM user cannot access the console until an administrator resets the password. IAM users with iam:ChangePassword permission and active access keys can reset their own expired console password using the CLI or API.
  
• max_password_age
  Type: INT32
  Provider name: MaxPasswordAge
  Description: The number of days that an IAM user password is valid.
  
• minimum_password_length
  Type: INT32
  Provider name: MinimumPasswordLength
  Description: Minimum length to require for IAM user passwords.
  
• password_reuse_prevention
  Type: INT32
  Provider name: PasswordReusePrevention
  Description: Specifies the number of previous passwords that IAM users are prevented from reusing.
  
• require_lowercase_characters
  Type: BOOLEAN
  Provider name: RequireLowercaseCharacters
  Description: Specifies whether IAM user passwords must contain at least one lowercase character (a to z).
  
• require_numbers
  Type: BOOLEAN
  Provider name: RequireNumbers
  Description: Specifies whether IAM user passwords must contain at least one numeric character (0 to 9).
  
• require_symbols
  Type: BOOLEAN
  Provider name: RequireSymbols
  Description: Specifies whether IAM user passwords must contain at least one of the following symbols: ! @ # $ % ^ & * ( ) _ + - = [ ] { } | ‘
  
• require_uppercase_characters
  Type: BOOLEAN
  Provider name: RequireUppercaseCharacters
  Description: Specifies whether IAM user passwords must contain at least one uppercase character (A to Z).
  

policies

Type: INT32
Provider name: Policies

policies_quota

Type: INT32
Provider name: PoliciesQuota

policy_size_quota

Type: INT32
Provider name: PolicySizeQuota

policy_versions_in_use

Type: INT32
Provider name: PolicyVersionsInUse

policy_versions_in_use_quota

Type: INT32
Provider name: PolicyVersionsInUseQuota

providers

Type: INT32

role_policy_size_quota

Type: INT32

roles

Type: INT32

roles_quota

Type: INT32

server_certificates

Type: INT32
Provider name: ServerCertificates

server_certificates_quota

Type: INT32
Provider name: ServerCertificatesQuota

signing_certificates_per_user_quota

Type: INT32
Provider name: SigningCertificatesPerUserQuota

tags

Type: UNORDERED_LIST_STRING

user_policy_size_quota

Type: INT32
Provider name: UserPolicySizeQuota

users

Type: INT32
Provider name: Users

users_quota

Type: INT32
Provider name: UsersQuota

versions_per_policy_quota

Type: INT32
Provider name: VersionsPerPolicyQuota