1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
|
// Code generated by smithy-go-codegen DO NOT EDIT.
package securityhub
import (
"context"
awsmiddleware "github.com/aws/aws-sdk-go-v2/aws/middleware"
"github.com/aws/aws-sdk-go-v2/aws/signer/v4"
"github.com/aws/aws-sdk-go-v2/service/securityhub/types"
"github.com/aws/smithy-go/middleware"
smithyhttp "github.com/aws/smithy-go/transport/http"
)
// Creates a member association in Security Hub between the specified accounts and
// the account used to make the request, which is the administrator account. If you
// are integrated with Organizations, then the administrator account is designated
// by the organization management account. CreateMembers is always used to add
// accounts that are not organization members. For accounts that are managed using
// Organizations, CreateMembers is only used in the following cases:
//
// * Security
// Hub is not configured to automatically add new organization accounts.
//
// * The
// account was disassociated or deleted in Security Hub.
//
// This action can only be
// used by an account that has Security Hub enabled. To enable Security Hub, you
// can use the EnableSecurityHub operation. For accounts that are not organization
// members, you create the account association and then send an invitation to the
// member account. To send the invitation, you use the InviteMembers operation. If
// the account owner accepts the invitation, the account becomes a member account
// in Security Hub. Accounts that are managed using Organizations do not receive an
// invitation. They automatically become a member account in Security Hub.
//
// * If
// the organization account does not have Security Hub enabled, then Security Hub
// and the default standards are automatically enabled. Note that Security Hub
// cannot be enabled automatically for the organization management account. The
// organization management account must enable Security Hub before the
// administrator account enables it as a member account.
//
// * For organization
// accounts that already have Security Hub enabled, Security Hub does not make any
// other changes to those accounts. It does not change their enabled standards or
// controls.
//
// A permissions policy is added that permits the administrator account
// to view the findings generated in the member account. To remove the association
// between the administrator and member accounts, use the
// DisassociateFromMasterAccount or DisassociateMembers operation.
func (c *Client) CreateMembers(ctx context.Context, params *CreateMembersInput, optFns ...func(*Options)) (*CreateMembersOutput, error) {
if params == nil {
params = &CreateMembersInput{}
}
result, metadata, err := c.invokeOperation(ctx, "CreateMembers", params, optFns, c.addOperationCreateMembersMiddlewares)
if err != nil {
return nil, err
}
out := result.(*CreateMembersOutput)
out.ResultMetadata = metadata
return out, nil
}
type CreateMembersInput struct {
// The list of accounts to associate with the Security Hub administrator account.
// For each account, the list includes the account ID and optionally the email
// address.
//
// This member is required.
AccountDetails []types.AccountDetails
noSmithyDocumentSerde
}
type CreateMembersOutput struct {
// The list of Amazon Web Services accounts that were not processed. For each
// account, the list includes the account ID and the email address.
UnprocessedAccounts []types.Result
// Metadata pertaining to the operation's result.
ResultMetadata middleware.Metadata
noSmithyDocumentSerde
}
func (c *Client) addOperationCreateMembersMiddlewares(stack *middleware.Stack, options Options) (err error) {
err = stack.Serialize.Add(&awsRestjson1_serializeOpCreateMembers{}, middleware.After)
if err != nil {
return err
}
err = stack.Deserialize.Add(&awsRestjson1_deserializeOpCreateMembers{}, middleware.After)
if err != nil {
return err
}
if err = addSetLoggerMiddleware(stack, options); err != nil {
return err
}
if err = awsmiddleware.AddClientRequestIDMiddleware(stack); err != nil {
return err
}
if err = smithyhttp.AddComputeContentLengthMiddleware(stack); err != nil {
return err
}
if err = addResolveEndpointMiddleware(stack, options); err != nil {
return err
}
if err = v4.AddComputePayloadSHA256Middleware(stack); err != nil {
return err
}
if err = addRetryMiddlewares(stack, options); err != nil {
return err
}
if err = addHTTPSignerV4Middleware(stack, options); err != nil {
return err
}
if err = awsmiddleware.AddRawResponseToMetadata(stack); err != nil {
return err
}
if err = awsmiddleware.AddRecordResponseTiming(stack); err != nil {
return err
}
if err = addClientUserAgent(stack); err != nil {
return err
}
if err = smithyhttp.AddErrorCloseResponseBodyMiddleware(stack); err != nil {
return err
}
if err = smithyhttp.AddCloseResponseBodyMiddleware(stack); err != nil {
return err
}
if err = addOpCreateMembersValidationMiddleware(stack); err != nil {
return err
}
if err = stack.Initialize.Add(newServiceMetadataMiddleware_opCreateMembers(options.Region), middleware.Before); err != nil {
return err
}
if err = addRequestIDRetrieverMiddleware(stack); err != nil {
return err
}
if err = addResponseErrorMiddleware(stack); err != nil {
return err
}
if err = addRequestResponseLogging(stack, options); err != nil {
return err
}
return nil
}
func newServiceMetadataMiddleware_opCreateMembers(region string) *awsmiddleware.RegisterServiceMetadata {
return &awsmiddleware.RegisterServiceMetadata{
Region: region,
ServiceID: ServiceID,
SigningName: "securityhub",
OperationName: "CreateMembers",
}
}
|
