This release includes support for five new APIs and changes to existing APIs that give AWS Organizations customers the ability to use temporary root credentials, targeted to member accounts in the organization.

Author: aws-sdk-dotnet-automation

docgenerator/AWSSDKDocSamples/IdentityManagement.GeneratedSamples.extra.xml

@@ -513,6 +513,82 @@
             </example>
         </value>
     </doc>
+    <doc>
+        <members>
+            <member name="M:Amazon.IdentityManagement.IAmazonIdentityManagementService.DisableOrganizationsRootCredentialsManagement(Amazon.IdentityManagement.Model.DisableOrganizationsRootCredentialsManagementRequest)" />
+            <member name="M:Amazon.IdentityManagement.AmazonIdentityManagementServiceClient.DisableOrganizationsRootCredentialsManagement(Amazon.IdentityManagement.Model.DisableOrganizationsRootCredentialsManagementRequest)" />
+            <member name="T:Amazon.IdentityManagement.Model.DisableOrganizationsRootCredentialsManagementRequest" />
+            <member name="T:Amazon.IdentityManagement.Model.DisableOrganizationsRootCredentialsManagementResponse" />
+        </members>
+        <value>
+            <example>
+                <para>
+                    The following command disables the management of privileged root user credentials across member accounts in your organization.
+                </para>
+                <code
+                    title="To disable the RootCredentialsManagement feature in your organization"
+                    source=".\AWSSDKDocSamples\IdentityManagement\IdentityManagement.GeneratedSamples.cs"
+                    region="to-disable-the-rootcredentialsmanagement-feature-in-your-organization-1730908292211" />
+            </example>
+        </value>
+    </doc>
+    <doc>
+        <members>
+            <member name="M:Amazon.IdentityManagement.IAmazonIdentityManagementService.DisableOrganizationsRootSessions(Amazon.IdentityManagement.Model.DisableOrganizationsRootSessionsRequest)" />
+            <member name="M:Amazon.IdentityManagement.AmazonIdentityManagementServiceClient.DisableOrganizationsRootSessions(Amazon.IdentityManagement.Model.DisableOrganizationsRootSessionsRequest)" />
+            <member name="T:Amazon.IdentityManagement.Model.DisableOrganizationsRootSessionsRequest" />
+            <member name="T:Amazon.IdentityManagement.Model.DisableOrganizationsRootSessionsResponse" />
+        </members>
+        <value>
+            <example>
+                <para>
+                    The following command disables root user sessions for privileged tasks across member accounts in your organization.
+                </para>
+                <code
+                    title="To disable the RootSessions feature in your organization"
+                    source=".\AWSSDKDocSamples\IdentityManagement\IdentityManagement.GeneratedSamples.cs"
+                    region="to-disable-the-rootsessions-feature-in-your-organization-1730908495962" />
+            </example>
+        </value>
+    </doc>
+    <doc>
+        <members>
+            <member name="M:Amazon.IdentityManagement.IAmazonIdentityManagementService.EnableOrganizationsRootCredentialsManagement(Amazon.IdentityManagement.Model.EnableOrganizationsRootCredentialsManagementRequest)" />
+            <member name="M:Amazon.IdentityManagement.AmazonIdentityManagementServiceClient.EnableOrganizationsRootCredentialsManagement(Amazon.IdentityManagement.Model.EnableOrganizationsRootCredentialsManagementRequest)" />
+            <member name="T:Amazon.IdentityManagement.Model.EnableOrganizationsRootCredentialsManagementRequest" />
+            <member name="T:Amazon.IdentityManagement.Model.EnableOrganizationsRootCredentialsManagementResponse" />
+        </members>
+        <value>
+            <example>
+                <para>
+                    The following command enables the management of privileged root user credentials across member accounts in your organization.
+                </para>
+                <code
+                    title="To enable the RootCredentialsManagement feature in your organization"
+                    source=".\AWSSDKDocSamples\IdentityManagement\IdentityManagement.GeneratedSamples.cs"
+                    region="to-enable-the-rootcredentialsmanagement-feature-in-your-organization-1730908602395" />
+            </example>
+        </value>
+    </doc>
+    <doc>
+        <members>
+            <member name="M:Amazon.IdentityManagement.IAmazonIdentityManagementService.EnableOrganizationsRootSessions(Amazon.IdentityManagement.Model.EnableOrganizationsRootSessionsRequest)" />
+            <member name="M:Amazon.IdentityManagement.AmazonIdentityManagementServiceClient.EnableOrganizationsRootSessions(Amazon.IdentityManagement.Model.EnableOrganizationsRootSessionsRequest)" />
+            <member name="T:Amazon.IdentityManagement.Model.EnableOrganizationsRootSessionsRequest" />
+            <member name="T:Amazon.IdentityManagement.Model.EnableOrganizationsRootSessionsResponse" />
+        </members>
+        <value>
+            <example>
+                <para>
+                    The following command allows the management account or delegated administrator to perform privileged tasks on member accounts in your organization.
+                </para>
+                <code
+                    title="To enable the RootSessions feature in your organization"
+                    source=".\AWSSDKDocSamples\IdentityManagement\IdentityManagement.GeneratedSamples.cs"
+                    region="to-enable-the-rootsessions-feature-in-your-organization-1730908736611" />
+            </example>
+        </value>
+    </doc>
     <doc>
         <members>
             <member name="M:Amazon.IdentityManagement.IAmazonIdentityManagementService.GenerateOrganizationsAccessReport(Amazon.IdentityManagement.Model.GenerateOrganizationsAccessReportRequest)" />
@@ -817,6 +893,25 @@
             </example>
         </value>
     </doc>
+    <doc>
+        <members>
+            <member name="M:Amazon.IdentityManagement.IAmazonIdentityManagementService.ListOrganizationsFeatures(Amazon.IdentityManagement.Model.ListOrganizationsFeaturesRequest)" />
+            <member name="M:Amazon.IdentityManagement.AmazonIdentityManagementServiceClient.ListOrganizationsFeatures(Amazon.IdentityManagement.Model.ListOrganizationsFeaturesRequest)" />
+            <member name="T:Amazon.IdentityManagement.Model.ListOrganizationsFeaturesRequest" />
+            <member name="T:Amazon.IdentityManagement.Model.ListOrganizationsFeaturesResponse" />
+        </members>
+        <value>
+            <example>
+                <para>
+                    he following command lists the centralized root access features enabled for your organization.
+                </para>
+                <code
+                    title="To list the centralized root access features enabled for your organization"
+                    source=".\AWSSDKDocSamples\IdentityManagement\IdentityManagement.GeneratedSamples.cs"
+                    region="to-list-the-centralized-root-access-features-enabled-for-your-organization-1730908832557" />
+            </example>
+        </value>
+    </doc>
     <doc>
         <members>
             <member name="M:Amazon.IdentityManagement.IAmazonIdentityManagementService.ListPoliciesGrantingServiceAccess(Amazon.IdentityManagement.Model.ListPoliciesGrantingServiceAccessRequest)" />

docgenerator/AWSSDKDocSamples/IdentityManagement/IdentityManagement.GeneratedSamples.cs

@@ -417,6 +417,66 @@ public void IdentityManagementServiceDeleteVirtualMFADevice()
             #endregion
         }
 
+        public void IdentityManagementServiceDisableOrganizationsRootCredentialsManagement()
+        {
+            #region to-disable-the-rootcredentialsmanagement-feature-in-your-organization-1730908292211
+
+            var client = new AmazonIdentityManagementServiceClient();
+            var response = client.DisableOrganizationsRootCredentialsManagement(new DisableOrganizationsRootCredentialsManagementRequest 
+            {
+            });
+
+            List<string> enabledFeatures = response.EnabledFeatures;
+            string organizationId = response.OrganizationId;
+
+            #endregion
+        }
+
+        public void IdentityManagementServiceDisableOrganizationsRootSessions()
+        {
+            #region to-disable-the-rootsessions-feature-in-your-organization-1730908495962
+
+            var client = new AmazonIdentityManagementServiceClient();
+            var response = client.DisableOrganizationsRootSessions(new DisableOrganizationsRootSessionsRequest 
+            {
+            });
+
+            List<string> enabledFeatures = response.EnabledFeatures;
+            string organizationId = response.OrganizationId;
+
+            #endregion
+        }
+
+        public void IdentityManagementServiceEnableOrganizationsRootCredentialsManagement()
+        {
+            #region to-enable-the-rootcredentialsmanagement-feature-in-your-organization-1730908602395
+
+            var client = new AmazonIdentityManagementServiceClient();
+            var response = client.EnableOrganizationsRootCredentialsManagement(new EnableOrganizationsRootCredentialsManagementRequest 
+            {
+            });
+
+            List<string> enabledFeatures = response.EnabledFeatures;
+            string organizationId = response.OrganizationId;
+
+            #endregion
+        }
+
+        public void IdentityManagementServiceEnableOrganizationsRootSessions()
+        {
+            #region to-enable-the-rootsessions-feature-in-your-organization-1730908736611
+
+            var client = new AmazonIdentityManagementServiceClient();
+            var response = client.EnableOrganizationsRootSessions(new EnableOrganizationsRootSessionsRequest 
+            {
+            });
+
+            List<string> enabledFeatures = response.EnabledFeatures;
+            string organizationId = response.OrganizationId;
+
+            #endregion
+        }
+
         public void IdentityManagementServiceGenerateOrganizationsAccessReport()
         {
             #region generateorganizationsaccessreport-ou
@@ -668,6 +728,21 @@ public void IdentityManagementServiceListGroupsForUser()
             #endregion
         }
 
+        public void IdentityManagementServiceListOrganizationsFeatures()
+        {
+            #region to-list-the-centralized-root-access-features-enabled-for-your-organization-1730908832557
+
+            var client = new AmazonIdentityManagementServiceClient();
+            var response = client.ListOrganizationsFeatures(new ListOrganizationsFeaturesRequest 
+            {
+            });
+
+            List<string> enabledFeatures = response.EnabledFeatures;
+            string organizationId = response.OrganizationId;
+
+            #endregion
+        }
+
         public void IdentityManagementServiceListPoliciesGrantingServiceAccess()
         {
             #region listpoliciesaccess-user-1541698749508